Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017 Exécuté par MOHAMED (administrateur) sur MOHAMED-PC (23-08-2017 21:03:42) Exécuté depuis C:\Users\MOHAMED\Desktop Profils chargés: MOHAMED (Profils disponibles: MOHAMED) Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Opera) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe () C:\ProgramData\DatacardService\HWDeviceService.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Atheros Communications, Inc.) C:\Program Files\Jumpstart\jswpbapi.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.227\WsAppService.exe (Wondershare) C:\Program Files\Wondershare\Wondershare dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe (ESET) C:\Program Files\ESET\ESET Security\egui.exe (ZhangKong Soft) C:\Program Files\zksoft\marswifi\zkservice.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Wondershare) C:\Program Files\Wondershare\Wondershare dr.fone toolkit for Android\Addins\AndroidBackupRestore\BackupRemind.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [SMΔRT-Protection] => C:\Program Files\Smadav\SMΔRTP.exe rts HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) HKLM\...\Run: [USB Security] => C:\Program Files\USB Disk Security\USBGuard.exe [687336 2013-06-20] (Zbshareware Lab) HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7658200 2017-06-30] (Piriform Ltd) HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner.exe [7658200 2017-06-30] (Piriform Ltd) HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3417496 2011-08-29] (Tonec Inc.) HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\Policies\Explorer\DisallowRun: [1] Mshta.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\Policies\Explorer\DisallowRun: [2] powershell.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {00692115-87fb-11e7-a315-001e37f62b45} - F:\AutoRun.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {0ef310b8-80d1-11e7-a62d-001e101f21c1} - F:\autorun.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {189ec8c9-75d0-11e7-bd2d-001e37f62b45} - F:\AutoRun.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {6bbf5f6b-6d34-11e7-9e1b-001e37f62b45} - I:\DTLplus_Launcher.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {77e079a6-697f-11e7-b285-001e37f62b45} - F:\AutoRun.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {77e079b2-697f-11e7-b285-001e37f62b45} - F:\AutoRun.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {77e079b7-697f-11e7-b285-001e37f62b45} - F:\AutoRun.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {77e079f7-697f-11e7-b285-001e37f62b45} - F:\AutoRun.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {8b78d205-0108-11dd-a935-001e101f859f} - I:\Startme.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {a2d5bbe8-7f40-11e7-b932-001e101fb4df} - F:\AutoRun.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {e877acdf-7539-11e7-bf55-001e101f7fb6} - F:\AutoRun.exe HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\MountPoints2: {f74cfb6f-819c-11e7-af50-001e37f62b45} - F:\AutoRun.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2017-07-19] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupRemind.lnk [2017-07-22] ShortcutTarget: BackupRemind.lnk -> C:\Program Files\Wondershare\Wondershare dr.fone toolkit for Android\Addins\AndroidBackupRestore\BackupRemind.exe (Wondershare) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SPDriverInstall.lnk [2017-07-24] ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (Pas de fichier) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.191.1 114.114.114.114 Tcpip\..\Interfaces\{717D33B7-C107-4E21-A391-66F0F02B37AF}: [NameServer] 192.168.50.58 192.168.60.55 Tcpip\..\Interfaces\{EB622824-1486-4EA1-BB55-800DE3206801}: [DhcpNameServer] 192.168.191.1 114.114.114.114 Tcpip\..\Interfaces\{EBE8806A-ED39-4BE8-A128-2DB210B448DF}: [NameServer] 41.214.140.5 8.8.8.8 Internet Explorer: ================== URLSearchHook: [S-1-5-21-2153692777-2605391807-3086849292-1000] ATTENTION => URLSearchHook par défaut est absent BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2011-08-01] (Internet Download Manager, Tonec Inc.) BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) FireFox: ======== FF HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MOHAMED\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\MOHAMED\AppData\Roaming\IDM\idmmzcc5 [2017-07-23] [non signé] FF HKU\S-1-5-21-2153692777-2605391807-3086849292-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MOHAMED\AppData\Roaming\IDM\idmmzcc5 FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [lkemddiljapcmhicklfpcbpfffahfbja] - C:\Users\MOHAMED\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx [2017-08-17] Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\MOHAMED\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-07-19] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2069936 2017-08-02] (ESET) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () R2 jswpbapi; C:\Program Files\Jumpstart\jswpbapi.exe [188416 2008-09-26] (Atheros Communications, Inc.) [Fichier non signé] S3 jswpsapi; C:\Program Files\Jumpstart\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [Fichier non signé] S2 Modem HDM EC156. RunOuc; C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe [657504 2012-11-12] () R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [374112 2010-11-11] (Ralink Technology, Corp.) R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare) R2 WsDrvInst; C:\Program Files\Wondershare\Wondershare dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [118048 2017-06-22] (Wondershare) R2 zkservice; C:\Program Files\zksoft\marswifi\zkservice.exe [412424 2017-07-25] (ZhangKong Soft) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [113512 2017-08-02] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [90656 2017-05-04] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [139384 2017-05-04] (ESET) R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43920 2017-05-04] (ESET) R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [69304 2017-05-04] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52680 2017-05-04] (ESET) R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [86504 2017-05-04] (ESET) S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [96000 2012-08-20] (Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-08-20] (Huawei Technologies Co., Ltd.) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [203776 2012-10-31] (Huawei Technologies Co., Ltd.) R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82168 2013-11-21] (EZB Systems, Inc.) S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1174880 2010-12-28] (Ralink Technology Corp.) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [184192 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr)) R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [104096 2015-09-08] (BigNox Corporation) S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [109824 2014-11-24] (MBB) R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [203424 2015-09-08] (BigNox Corporation) R1 zknetdrv; C:\Windows\System32\DRIVERS\zknetdrv.sys [30472 2017-07-16] (ZK Internet) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-23 21:03 - 2017-08-23 21:04 - 000011809 _____ C:\Users\MOHAMED\Desktop\FRST.txt 2017-08-23 21:03 - 2017-08-23 21:03 - 000000000 ____D C:\FRST 2017-08-23 21:01 - 2017-08-23 21:02 - 001792512 _____ (Farbar) C:\Users\MOHAMED\Desktop\FRST.exe 2017-08-23 13:32 - 2017-08-23 13:32 - 000001005 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2017-08-22 21:44 - 2017-08-22 21:44 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\AWSToolkit 2017-08-22 21:42 - 2017-08-22 21:42 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\One Click Root 2017-08-22 21:42 - 2017-08-22 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One Click Root 2017-08-22 21:42 - 2017-08-22 21:42 - 000000000 ____D C:\Program Files\One Click Root 2017-08-22 21:36 - 2017-08-22 21:36 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\IsolatedStorage 2017-08-22 21:29 - 2017-08-23 12:59 - 000000000 ____D C:\Program Files\Internet Mobile 2017-08-22 21:29 - 2017-08-22 21:30 - 000000000 ____D C:\ProgramData\Internet Mobile 2017-08-22 17:51 - 2017-08-23 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KingRoot 2017-08-22 17:51 - 2017-08-23 12:59 - 000000000 ____D C:\Program Files\KingRoot 2017-08-22 17:51 - 2017-08-22 17:51 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\KingRoot 2017-08-19 12:12 - 2017-08-19 12:12 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\Adobe 2017-08-19 12:10 - 2017-08-20 16:31 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\CrashDumps 2017-08-19 12:10 - 2017-08-19 12:10 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\Deployment 2017-08-19 12:10 - 2017-08-19 12:10 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\Apps\2.0 2017-08-19 11:57 - 2017-08-22 14:45 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\Audacity 2017-08-19 11:57 - 2017-08-22 14:45 - 000000000 ____D C:\Program Files\Audacity 2017-08-19 00:48 - 2017-08-19 00:50 - 006238687 _____ C:\Users\MOHAMED\Downloads\ماحيلة المأسور - عبدالله المهداوي.3gp 2017-08-17 13:15 - 2017-08-17 13:15 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\Zbshareware Lab 2017-08-17 13:14 - 2017-08-23 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security 2017-08-17 13:14 - 2017-08-17 13:14 - 000001032 _____ C:\Users\Public\Desktop\USB Disk Security.lnk 2017-08-17 13:14 - 2017-08-17 13:14 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\Google 2017-08-17 13:14 - 2017-08-17 13:14 - 000000000 ____D C:\Program Files\USB Disk Security 2017-08-17 12:26 - 2017-08-17 12:26 - 000000461 _____ C:\DelFix.txt 2017-08-17 12:17 - 2017-08-23 12:59 - 000000000 ____D C:\Program Files\Common Files\Adobe 2017-08-17 12:17 - 2017-08-17 12:17 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2017-08-17 12:17 - 2017-08-17 12:17 - 000001989 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2017-08-17 12:17 - 2017-08-17 12:17 - 000000000 ____D C:\Program Files\Adobe 2017-08-17 12:16 - 2017-08-17 12:17 - 000000000 ____D C:\ProgramData\Adobe 2017-08-17 12:13 - 2017-08-23 14:46 - 000000000 ____D C:\Users\MOHAMED\Desktop\Scan-PC 2017-08-16 23:28 - 2017-08-23 13:33 - 000024688 _____ C:\Windows\system32\Drivers\TrueSight.sys 2017-08-16 23:26 - 2017-08-23 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2017-08-16 23:26 - 2017-08-23 13:32 - 000000000 ____D C:\Program Files\RogueKiller 2017-08-16 23:26 - 2017-08-16 23:27 - 000000000 ____D C:\ProgramData\RogueKiller 2017-08-15 22:42 - 2017-08-23 12:59 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\ZHP 2017-08-15 22:42 - 2017-08-17 10:37 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\ZHP 2017-08-15 19:36 - 2017-08-23 13:07 - 000000000 ____D C:\Program Files\SMADAV 2017-08-15 19:36 - 2017-08-23 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus 2017-08-15 19:36 - 2017-08-15 19:36 - 000000000 __SHD C:\[Smad-Cage] 2017-08-15 19:36 - 2017-08-15 19:36 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\Smadav 2017-08-15 18:22 - 2017-08-15 18:22 - 000000000 ____D C:\Program Files\Z3X 2017-08-15 13:14 - 2017-08-15 13:14 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\Shuame 2017-08-15 13:13 - 2017-08-15 19:02 - 000000000 ____D C:\Program Files\Shuame 2017-08-15 13:13 - 2017-08-15 13:19 - 000000000 ____D C:\ProgramData\Shuame 2017-08-15 11:37 - 2017-08-15 11:37 - 000000000 ____D C:\Users\MOHAMED\SPFlashToolLog 2017-08-15 11:36 - 2014-04-11 10:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys 2017-08-13 22:53 - 2017-08-13 22:53 - 002090212 _____ C:\Users\MOHAMED\Downloads\1254247_542152079171999_7836_n.mp4 2017-08-12 21:11 - 2014-06-16 07:01 - 000184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudserd.sys 2017-08-12 21:11 - 2014-06-16 07:01 - 000184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2017-08-12 21:11 - 2014-06-16 07:01 - 000089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2017-08-12 21:09 - 2017-08-23 12:57 - 000000000 ____D C:\Program Files\Samsung 2017-08-12 21:08 - 2017-08-12 21:08 - 000000000 ____D C:\ProgramData\Samsung 2017-08-11 17:11 - 2017-08-11 17:12 - 000000525 _____ C:\Users\MOHAMED\Desktop\les cours.txt 2017-08-09 18:35 - 2017-07-29 15:50 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2017-08-09 18:35 - 2017-07-21 15:26 - 000518144 _____ C:\Windows\system32\msjetoledb40.dll 2017-08-09 18:35 - 2017-07-21 15:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll 2017-08-09 18:35 - 2017-07-21 15:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll 2017-08-09 18:35 - 2017-07-21 15:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll 2017-08-09 18:35 - 2017-07-15 18:52 - 000346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-08-09 18:35 - 2017-07-14 16:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2017-08-09 18:35 - 2017-07-14 16:10 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2017-08-09 18:35 - 2017-07-14 16:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll 2017-08-09 18:35 - 2017-07-14 16:10 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2017-08-09 18:35 - 2017-07-14 16:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2017-08-09 18:35 - 2017-07-14 16:10 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2017-08-09 18:35 - 2017-07-14 16:10 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2017-08-09 18:35 - 2017-07-14 16:10 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2017-08-09 18:35 - 2017-07-14 16:10 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2017-08-09 18:35 - 2017-07-14 16:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2017-08-09 18:35 - 2017-07-14 16:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2017-08-09 18:35 - 2017-07-14 16:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2017-08-09 18:35 - 2017-07-14 15:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2017-08-09 18:35 - 2017-07-14 15:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2017-08-09 18:35 - 2017-07-14 15:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2017-08-09 18:35 - 2017-07-14 15:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2017-08-09 18:35 - 2017-07-14 04:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-08-09 18:35 - 2017-07-14 04:00 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-08-09 18:35 - 2017-07-14 03:54 - 020270080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-08-09 18:35 - 2017-07-14 03:48 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-08-09 18:35 - 2017-07-14 03:48 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-08-09 18:35 - 2017-07-14 03:48 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-08-09 18:35 - 2017-07-14 03:48 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-08-09 18:35 - 2017-07-14 03:47 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-08-09 18:35 - 2017-07-14 03:44 - 002290176 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-08-09 18:35 - 2017-07-14 03:42 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-08-09 18:35 - 2017-07-14 03:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-08-09 18:35 - 2017-07-14 03:39 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-08-09 18:35 - 2017-07-14 03:38 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-08-09 18:35 - 2017-07-14 03:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-08-09 18:35 - 2017-07-14 03:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-08-09 18:35 - 2017-07-14 03:38 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-08-09 18:35 - 2017-07-14 03:33 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-08-09 18:35 - 2017-07-14 03:30 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-08-09 18:35 - 2017-07-14 03:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-08-09 18:35 - 2017-07-14 03:25 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-08-09 18:35 - 2017-07-14 03:25 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2017-08-09 18:35 - 2017-07-14 03:23 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-08-09 18:35 - 2017-07-14 03:22 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-08-09 18:35 - 2017-07-14 03:21 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-08-09 18:35 - 2017-07-14 03:20 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-08-09 18:35 - 2017-07-14 03:17 - 004546048 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-08-09 18:35 - 2017-07-14 03:13 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-08-09 18:35 - 2017-07-14 03:12 - 000693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-08-09 18:35 - 2017-07-14 03:12 - 000689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-08-09 18:35 - 2017-07-14 03:11 - 002057216 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-08-09 18:35 - 2017-07-14 03:11 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-08-09 18:35 - 2017-07-14 03:09 - 013663744 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-08-09 18:35 - 2017-07-14 02:53 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-08-09 18:35 - 2017-07-14 02:50 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-08-09 18:35 - 2017-07-14 02:48 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-08-09 18:35 - 2017-07-08 16:19 - 000250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2017-08-09 18:35 - 2017-07-08 15:51 - 002402816 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-08-09 18:35 - 2017-07-07 16:15 - 004001000 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2017-08-09 18:35 - 2017-07-07 16:15 - 003945192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-08-09 18:35 - 2017-07-07 16:15 - 000296680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys 2017-08-09 18:35 - 2017-07-07 16:15 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-08-09 18:35 - 2017-07-07 16:15 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-08-09 18:35 - 2017-07-07 16:13 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2017-08-09 18:35 - 2017-07-07 16:11 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2017-08-09 18:35 - 2017-07-07 16:10 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-08-09 18:35 - 2017-07-07 16:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-08-09 18:35 - 2017-07-07 16:10 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2017-08-09 18:35 - 2017-07-07 16:10 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-08-09 18:35 - 2017-07-07 16:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2017-08-09 18:35 - 2017-07-07 16:10 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-08-09 18:35 - 2017-07-07 16:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-08-09 18:35 - 2017-07-07 16:10 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2017-08-09 18:35 - 2017-07-07 16:10 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2017-08-09 18:35 - 2017-07-07 16:10 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2017-08-09 18:35 - 2017-07-07 16:10 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2017-08-09 18:35 - 2017-07-07 15:52 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2017-08-09 18:35 - 2017-07-07 15:52 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2017-08-09 18:35 - 2017-07-07 15:52 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2017-08-09 18:35 - 2017-07-07 15:52 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2017-08-09 18:35 - 2017-07-07 15:51 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2017-08-09 18:35 - 2017-07-07 15:50 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2017-08-09 18:35 - 2017-07-07 15:48 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-08-09 18:35 - 2017-07-07 15:48 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-08-09 18:35 - 2017-07-07 15:48 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-08-09 18:35 - 2017-07-07 15:47 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2017-08-09 18:35 - 2017-07-07 15:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2017-08-09 18:35 - 2017-07-07 15:47 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2017-08-09 18:35 - 2017-07-07 15:47 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 000641536 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll 2017-08-09 18:35 - 2017-07-01 14:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll 2017-08-08 21:15 - 2017-08-08 21:15 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2017-08-07 23:47 - 2017-08-17 19:10 - 000000000 ____D C:\Users\MOHAMED\Downloads\Resepteur 2017-08-06 20:36 - 2017-08-06 21:13 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\Apple Computer 2017-08-06 20:36 - 2017-08-06 20:36 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\Apple Computer 2017-08-06 20:35 - 2017-08-06 20:35 - 000000000 ____D C:\ProgramData\Apple Computer 2017-08-06 20:34 - 2017-08-06 20:34 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\Apple 2017-08-06 20:33 - 2017-08-07 13:29 - 000000000 ____D C:\ProgramData\Apple 2017-08-06 20:33 - 2017-08-07 13:27 - 000000000 ____D C:\Program Files\Common Files\Apple 2017-08-06 18:38 - 2017-08-06 18:41 - 000000000 ____D C:\Users\MOHAMED\Desktop\Travaille 2017-08-05 20:17 - 2017-08-05 20:17 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf 2017-08-05 19:08 - 2017-08-05 19:08 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\ESET 2017-08-05 12:48 - 2017-08-05 12:48 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 8 2017-08-05 12:46 - 2017-08-05 12:46 - 000000000 __RHD C:\MSOCache 2017-08-04 22:58 - 2017-08-06 19:47 - 000000000 ____D C:\Users\MOHAMED\Desktop\ABDELMJID 2017-08-02 11:11 - 2017-08-22 23:08 - 000000000 ____D C:\Users\MOHAMED\Desktop\Apps-Indroid 2017-08-01 21:18 - 2017-08-01 21:18 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ssadadb_01005.Wdf 2017-07-31 21:42 - 2017-07-31 21:42 - 000000969 _____ C:\Users\Public\Desktop\UltraISO.lnk 2017-07-31 21:42 - 2017-07-31 21:42 - 000000000 ____D C:\Users\MOHAMED\Documents\My ISO Files 2017-07-31 21:42 - 2017-07-31 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO 2017-07-31 21:42 - 2017-07-31 21:42 - 000000000 ____D C:\Program Files\UltraISO 2017-07-31 21:42 - 2017-07-31 21:42 - 000000000 ____D C:\Program Files\Common Files\EZB Systems 2017-07-31 17:29 - 2017-07-31 17:29 - 000000017 _____ C:\Users\MOHAMED\AppData\Local\resmon.resmoncfg 2017-07-31 12:31 - 2017-07-31 12:31 - 001214155 _____ C:\Users\MOHAMED\Downloads\comboiptv-Fresh.rar 2017-07-30 17:11 - 2017-07-30 17:11 - 000000000 ____D C:\Users\MOHAMED\Desktop\Iptv panel 2017-07-29 13:52 - 2017-07-29 13:52 - 000000000 ____D C:\ProgramData\Mediatek 2017-07-29 12:17 - 2017-07-31 17:01 - 000000000 ____D C:\Users\MOHAMED\Downloads\Iptv combo list collection 2017-07-28 18:27 - 2017-07-28 18:29 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk 2017-07-28 18:27 - 2017-07-28 18:27 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\ElevatedDiagnostics 2017-07-28 18:26 - 2017-07-28 18:29 - 000000000 ____D C:\Windows\WindowsMobile 2017-07-26 13:26 - 2017-07-26 13:26 - 000000382 _____ C:\Windows\ODBC.INI 2017-07-26 13:26 - 2003-06-19 01:31 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\mdimon.dll 2017-07-26 13:25 - 2017-08-05 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2017-07-26 13:25 - 2017-07-26 13:25 - 000002665 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Nouveau document Office.lnk 2017-07-26 13:25 - 2017-07-26 13:25 - 000002661 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Ouvrir un document Office.lnk 2017-07-26 13:24 - 2017-07-26 13:24 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2017-07-26 13:23 - 2017-08-05 12:53 - 000000000 ____D C:\Program Files\Microsoft Works 2017-07-26 13:23 - 2017-08-05 12:52 - 000000000 ____D C:\Windows\SHELLNEW 2017-07-26 13:23 - 2017-08-05 12:52 - 000000000 ____D C:\Program Files\Microsoft Office 2017-07-26 13:23 - 2017-07-26 13:23 - 000000000 ____D C:\Windows\PCHEALTH 2017-07-26 13:23 - 2017-07-26 13:23 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 2017-07-25 19:11 - 2015-09-08 09:16 - 000104096 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2017-07-25 19:09 - 2017-07-25 19:46 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\Nox 2017-07-25 18:24 - 2017-07-25 18:24 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\Microsoft Help 2017-07-24 12:58 - 2017-07-25 12:11 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\BlueStacksFriends 2017-07-24 12:58 - 2017-07-25 12:10 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\BlueStacksFriends 2017-07-24 12:52 - 2017-07-24 12:52 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\BluestacksCN 2017-07-24 12:40 - 2017-07-24 12:40 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\CEF ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-23 21:03 - 2017-07-23 01:30 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\DMCache 2017-08-23 20:04 - 2017-07-15 18:07 - 001667292 _____ C:\Windows\system32\PerfStringBackup.INI 2017-08-23 20:04 - 2009-07-14 09:39 - 000747154 _____ C:\Windows\system32\perfh00C.dat 2017-08-23 20:04 - 2009-07-14 09:39 - 000149646 _____ C:\Windows\system32\perfc00C.dat 2017-08-23 20:04 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf 2017-08-23 20:03 - 2017-07-15 21:29 - 000000000 ____D C:\ProgramData\DatacardService 2017-08-23 13:12 - 2009-07-14 05:34 - 000014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-08-23 13:12 - 2009-07-14 05:34 - 000014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-08-23 13:08 - 2017-07-23 01:30 - 000000000 ____D C:\Users\MOHAMED\Downloads\Compressed 2017-08-23 13:07 - 2017-07-20 20:17 - 000000000 ____D C:\ProgramData\TEMP 2017-08-23 13:03 - 2017-07-15 18:54 - 000000000 ____D C:\Users\MOHAMED 2017-08-23 13:03 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-08-23 12:59 - 2017-07-16 20:30 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\vlc 2017-08-23 12:59 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\NDF 2017-08-23 12:59 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\registration 2017-08-23 12:58 - 2017-07-23 01:30 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\IDM 2017-08-23 12:57 - 2017-07-15 18:22 - 000000000 ____D C:\Program Files\ESET 2017-08-22 14:45 - 2009-07-14 10:00 - 000000000 ___RD C:\Users\Public\Recorded TV 2017-08-22 12:26 - 2017-07-15 23:17 - 000000000 ____D C:\Windows\Minidump 2017-08-19 12:12 - 2017-07-21 09:18 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\Adobe 2017-08-19 12:12 - 2017-07-20 16:10 - 000000000 ____D C:\Users\MOHAMED\AppData\LocalLow\Adobe 2017-08-17 11:25 - 2017-07-15 18:37 - 000000000 ____D C:\Program Files\Opera 2017-08-16 19:48 - 2017-07-23 20:40 - 000000000 ____D C:\Users\MOHAMED\Desktop\Portable 2017-08-15 23:25 - 2009-07-14 05:33 - 000411888 _____ C:\Windows\system32\FNTCACHE.DAT 2017-08-15 19:01 - 2017-07-15 18:59 - 000110488 _____ C:\Users\MOHAMED\AppData\Local\GDIPFONTCACHEV1.DAT 2017-08-15 12:53 - 2017-07-22 16:19 - 000000000 ____D C:\ProgramData\SP_FT_Logs 2017-08-15 12:44 - 2017-07-22 10:11 - 000000000 ____D C:\Users\Public\Documents\Wondershare 2017-08-11 13:05 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache 2017-08-09 19:18 - 2017-07-19 16:53 - 000000000 ____D C:\Windows\system32\MRT 2017-08-09 19:16 - 2017-07-19 16:52 - 137505280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-08-05 12:52 - 2009-07-14 05:52 - 000000000 ____D C:\Program Files\MSBuild 2017-08-05 12:52 - 2009-07-14 03:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-08-05 12:47 - 2009-07-14 03:04 - 000000499 _____ C:\Windows\win.ini 2017-08-02 18:20 - 2017-05-04 14:18 - 000113512 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys 2017-07-26 13:24 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\IME 2017-07-26 13:23 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\Help 2017-07-26 13:23 - 2009-07-14 03:37 - 000000000 ____D C:\Program Files\Common Files\System 2017-07-26 13:21 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system 2017-07-25 19:45 - 2017-07-20 18:59 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\Nox 2017-07-25 19:26 - 2017-07-16 18:07 - 000001936 _____ C:\Users\Public\Desktop\Mars WiFi.lnk 2017-07-25 19:10 - 2017-07-20 19:01 - 000000000 ____D C:\Program Files\DIFX 2017-07-25 19:05 - 2017-07-23 20:41 - 000000000 ____D C:\ProgramData\BlueStacks 2017-07-25 19:04 - 2017-07-23 20:41 - 000000000 ____D C:\Users\MOHAMED\AppData\Local\Bluestacks 2017-07-24 12:07 - 2017-07-22 10:18 - 000000000 ____D C:\Users\MOHAMED\AppData\Roaming\Wondershare 2017-07-24 00:03 - 2017-07-22 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SP Driver ==================== Fichiers à la racine de certains dossiers ======= 2017-07-31 17:29 - 2017-07-31 17:29 - 000000017 _____ () C:\Users\MOHAMED\AppData\Local\resmon.resmoncfg Certains fichiers dans TEMP: ==================== 2017-08-23 13:32 - 2017-07-07 16:13 - 001310528 _____ (Microsoft Corporation) C:\Users\MOHAMED\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-08-22 15:35 ==================== Fin de FRST.txt ============================