RÃ©sultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
ExÃ©cutÃ© par SAMSUNG (administrateur) sur DESKTOP-HCG9OND (04-11-2018 15:52:04)
ExÃ©cutÃ© depuis C:\Users\SAMSUNG\Desktop
Profils chargÃ©s: SAMSUNG (Profils disponibles: SAMSUNG)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Langue: FranÃ§ais (France)
Internet Explorer Version 11 (Navigateur par dÃ©faut: "C:\Program Files\Firefox Nightly\firefox.exe" -osint -url "%1")
Mode d'amorÃ§age: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le processus sera arrÃªtÃ©. Le fichier ne sera pas dÃ©placÃ©.)

(Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
() C:\Windows\System32\PanelManagerSvc.exe
(Samsung Electronics Co.,Ltd.) C:\Windows\System32\RCDService.exe
() C:\Windows\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiService.exe
() C:\Program Files (x86)\Samsung\Air Command\SamsungPenService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120832.inf_amd64_2ded2fe16badb11a\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120832.inf_amd64_2ded2fe16badb11a\IntelCpHDCPSvc.exe
(Samsung Electronics) C:\Windows\System32\GripResetService.exe
(Remo Software) C:\ProgramData\RSG\rsgmpsp.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemService.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 2019\Nero BackItUp\NBService.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
(Hasleo Software) C:\Program Files\Hasleo\BitLocker Anywhere\bin\BitlockerAnywhereService.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120832.inf_amd64_2ded2fe16badb11a\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\WlSarService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Program Files\Samsung\PanelManager\PanelManager.exe
() C:\Windows\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiAgent.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120832.inf_amd64_2ded2fe16badb11a\igfxEM.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120832.inf_amd64_2ded2fe16badb11a\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungOSD\OSD.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\EP64.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Ashampoo GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe
() C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemManager.exe
(AntGROUP) C:\Program Files (x86)\Ant Download Manager\antMR.exe
(AntGROUP) C:\Program Files (x86)\Ant Download Manager\AntDM.exe
(Remo Software) C:\ProgramData\RSG\rsgpsrsdk.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(Remo Software) C:\ProgramData\RSG\rsgpsrsdk.exe
(Remo Software) C:\ProgramData\RSG\rsgpsrsdk.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 2019\Nero BackItUp\BackItUp.exe
(Nero AG) C:\Program Files (x86)\Nero\Transfer\Transfer.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam8\YouCamService8.exe
(Zemana Ltd.) C:\Program Files (x86)\AntiLogger\AntiLogger.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe

==================== Registre (Avec liste blanche) ===========================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, l'Ã©lÃ©ment de Registre sera restaurÃ© Ã  la valeur par dÃ©faut ou supprimÃ©. Le fichier ne sera pas dÃ©placÃ©.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [OSD] => C:\Program Files\Samsung\SamsungOSD\OSD.exe [3377136 2017-02-01] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18383328 2017-10-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_RUNEP] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-11] (Realtek Semiconductor)
HKLM\...\Run: [PrintDisp] => C:\WINDOWS\system32\PrintDisp.exe [581256 2018-03-05] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2372800 2014-11-26] (Microsoft Corp.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare)
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2019\Nero BackItup\BackItUp.exe [1170712 2018-08-07] (Nero AG)
HKLM-x32\...\Run: [DriveSpan] => C:\Program Files (x86)\Nero\Transfer\Transfer.exe [138520 2018-08-29] (Nero AG)
HKLM-x32\...\Run: [YouCam Service8] => C:\Program Files (x86)\CyberLink\YouCam8\YouCamService8.exe [405176 2018-09-27] (CyberLink Corp.)
HKLM-x32\...\Run: [AntiLogger] => C:\Program Files (x86)\AntiLogger\AntiLogger.exe [14682024 2014-12-31] (Zemana Ltd.)
HKU\S-1-5-21-669436471-1359685987-3400120946-1001\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe [7439264 2017-04-11] (Ashampoo GmbH & Co. KG)
HKU\S-1-5-21-669436471-1359685987-3400120946-1001\...\Run: [SharewareOnSale Notifier] => C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe [1008816 2018-10-09] ()
HKU\S-1-5-21-669436471-1359685987-3400120946-1001\...\Run: [antMR] => C:\Program Files (x86)\Ant Download Manager\antMR.exe [175104 2018-01-11] (AntGROUP)
HKU\S-1-5-21-669436471-1359685987-3400120946-1001\...\Run: [AntDM] => C:\Program Files (x86)\Ant Download Manager\AntDM.exe [10648576 2018-10-29] (AntGROUP)
HKU\S-1-5-21-669436471-1359685987-3400120946-1001\...\MountPoints2: {17bb96d9-d844-11e8-8106-685acf6a7e41} - "F:\HiSuiteDownLoader.exe" 
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94664 2014-12-30] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [86400 2014-12-30] (Zemana Ltd.)

==================== Internet (Avec liste blanche) ====================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, s'il s'agit d'un Ã©lÃ©ment du Registre, il sera supprimÃ© ou restaurÃ© Ã  la valeur par dÃ©faut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-669436471-1359685987-3400120946-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung17win10.msn.com/?pc=SMTE
HKU\S-1-5-21-669436471-1359685987-3400120946-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung17win10.msn.com/?pc=SMTE
SearchScopes: HKU\S-1-5-21-669436471-1359685987-3400120946-1001 -> DefaultScope {7B5E17A5-1DFB-4269-9519-177F01849132} URL = 
SearchScopes: HKU\S-1-5-21-669436471-1359685987-3400120946-1001 -> {7B5E17A5-1DFB-4269-9519-177F01849132} URL = 
BHO: Ant Download Manager BHO -> {8ABC6AE5-74BD-4c73-BB34-44526792D2AE} -> C:\Program Files (x86)\Ant Download Manager\antIE\antIE64.dll [2018-10-17] (AntGROUP)
BHO-x32: Ant Download Manager BHO -> {8ABC6AE5-74BD-4c73-BB34-44526792D2AE} -> C:\Program Files (x86)\Ant Download Manager\antIE\antIE.dll [2018-10-17] (AntGROUP)

FireFox:
========
FF DefaultProfile: i0qm6x9u.default
FF ProfilePath: C:\Users\SAMSUNG\AppData\Roaming\Mozilla\Firefox\Profiles\i0qm6x9u.default [2018-11-04]
FF Homepage: Mozilla\Firefox\Profiles\i0qm6x9u.default -> moz-extension://577530a0-9cfc-4961-a80a-11d75587081e/newtab/newtab.html
FF HomepageOverride: Mozilla\Firefox\Profiles\i0qm6x9u.default -> Enabled: web@10722358-d56d-4f5e-a89c-d4534d7c5565
FF NewTabOverride: Mozilla\Firefox\Profiles\i0qm6x9u.default -> Enabled: web@10722358-d56d-4f5e-a89c-d4534d7c5565
FF Extension: (MonConvertisseur) - C:\Users\SAMSUNG\AppData\Roaming\Mozilla\Firefox\Profiles\i0qm6x9u.default\Extensions\web@10722358-d56d-4f5e-a89c-d4534d7c5565.xpi [2018-11-01]
FF HKU\S-1-5-21-669436471-1359685987-3400120946-1001\...\Firefox\Extensions: [antff@antdownloadmanager.com] - C:\Program Files (x86)\Ant Download Manager\antFF\antFF2.xpi
FF Extension: (antFF2) - C:\Program Files (x86)\Ant Download Manager\antFF\antFF2.xpi [2018-10-21]
FF HKU\S-1-5-21-669436471-1359685987-3400120946-1001\...\Waterfox\Extensions: [antff@antdownloadmanager.com] - C:\Program Files (x86)\Ant Download Manager\antFF\antFF2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-31] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-31] ()
StartMenuInternet: Firefox-6F193CCC56814779 - C:\Program Files\Firefox Nightly\firefox.exe

Chrome: 
=======
CHR HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dalgiebmfcjackkbjfbfmlnflbdfbekj] - C:\Program Files (x86)\Ant Download Manager\antCH\antCH.crx [2018-11-02]

==================== Services (Avec liste blanche) ====================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [421800 2017-11-08] (Windows (R) Win 7 DDK provider)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corp.)
R2 BitlockerAnywhere; C:\Program Files\Hasleo\BitLocker Anywhere\bin\BitlockerAnywhereService.exe [1666048 2018-10-22] (Hasleo Software) [Fichier non signÃ©]
R2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [Fichier non signÃ©]
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2218032 2016-12-15] (Intel Corporation)
R2 Grip sensor Reset service; C:\windows\system32\GripResetService.exe [21504 2017-01-13] (Samsung Electronics) [Fichier non signÃ©]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-20] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-20] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-10-26] (Intel Corporation)
S2 MdmLdrSvc; C:\WINDOWS\System32\MdmLdrSvc.exe [448616 2017-11-13] (Samsung Electronics Co.,Ltd.)
R2 NeroBackItUpBackgroundService2019; C:\Program Files (x86)\Nero\Nero 2019\Nero BackItUp\NBService.exe [287000 2018-08-07] (Nero AG)
R2 PanelManagerSvc; C:\WINDOWS\system32\PanelManagerSvc.exe [384464 2017-05-11] ()
R2 RCD; C:\WINDOWS\System32\RCDService.exe [471144 2017-11-13] (Samsung Electronics Co.,Ltd.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [628920 2018-09-03] (CyberLink)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RSGService; C:\ProgramData\rsg\rsgmpsp.exe [32768 2018-10-05] (Remo Software)
R2 SafiService; C:\WINDOWS\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiService.exe [62568 2017-10-09] ()
R2 Samsung Pen Service; C:\Program Files (x86)\Samsung\Air Command\SamsungPenService.exe [51832 2017-09-28] ()
R2 Samsung System Service; C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemService.exe [172632 2017-08-29] (Samsung Electronics Co., Ltd.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-26] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-26] (Microsoft Corporation)
R2 WlSarService; C:\windows\system32\WlSarService.exe [55808 2017-05-19] (Samsung Electronics Co., Ltd.) [Fichier non signÃ©]

===================== Pilotes (Avec liste blanche) ======================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
R1 AntiLog32; C:\WINDOWS\system32\drivers\AntiLog64.sys [49752 2018-11-01] (Zemana Ltd.)
R3 AppNodeEnum; C:\WINDOWS\System32\drivers\AppNodeEnum.sys [26976 2017-08-30] ()
S2 Aspi32; C:\Windows\SysWow64\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec) [Fichier non signÃ©]
R3 BcmGnssBus; C:\WINDOWS\System32\drivers\BcmGnssBus.sys [130696 2017-01-16] (Broadcom Corporation)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [70544 2017-11-08] (Qualcomm)
R3 clwvd8; C:\WINDOWS\system32\DRIVERS\clwvd8.sys [61056 2018-08-23] (CyberLink Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [72576 2016-12-15] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [67968 2016-12-15] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [355200 2016-12-15] (Intel Corporation)
S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-10-25] (Intel Corporation)
R3 IMX241; C:\WINDOWS\System32\drivers\imx241.sys [154528 2017-03-19] (Intel Corporation)
R3 IMX258; C:\WINDOWS\System32\drivers\imx258.sys [167840 2017-03-19] (Intel Corporation)
R3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-30] (Zemana Ltd.)
S3 MdmIf; C:\WINDOWS\System32\Drivers\MdmIf.sys [38816 2017-11-13] (Samsung Electronics Co., Ltd.)
S3 ModemCtrl; C:\WINDOWS\System32\drivers\ModemCtrl.sys [44480 2017-11-13] (Samsung Electronics Co., Ltd.)
R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [28664 2008-03-17] ()
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 PenS2Helper; C:\WINDOWS\System32\drivers\PenS2Helper.sys [45808 2017-09-28] ()
S3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [348672 2018-04-12] (Realtek )
R1 SafiDrv; C:\WINDOWS\System32\drivers\SafiDrv.sys [43136 2017-10-09] (Samsung Electronics Co.,Ltd.)
R1 SAMOPanel; C:\WINDOWS\System32\drivers\SAMOPanel.sys [137168 2017-05-11] (Samsung Electronics Co.,Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 TchS2Helper; C:\WINDOWS\System32\drivers\TchS2Helper.sys [30840 2017-02-02] ()
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [42000 2016-10-31] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-10-26] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [328696 2018-10-26] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-26] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)


==================== Un mois - CrÃ©Ã©s - fichiers et dossiers ========

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2018-11-04 15:49 - 2018-11-04 15:49 - 002414592 _____ (Farbar) C:\Users\SAMSUNG\Desktop\FRST64.exe
2018-11-04 15:49 - 2018-11-04 15:49 - 002414592 _____ (Farbar) C:\Users\SAMSUNG\Desktop\FRST64 (1).exe
2018-11-03 13:51 - 2018-11-03 13:50 - 000002140 _____ C:\Users\SAMSUNG\Desktop\ZHPFixReport.txt
2018-11-03 13:50 - 2018-11-03 13:50 - 003061760 _____ (Nicolas Coolman) C:\Users\SAMSUNG\Downloads\ZHPFix.exe
2018-11-03 13:50 - 2018-11-03 13:50 - 000000000 ____D C:\Users\SAMSUNG\Downloads\Quarantine
2018-11-03 13:49 - 2018-11-03 13:49 - 000000000 ___DC C:\Users\SAMSUNG\Documents\BCU Backup 2018-11-03_13-49-22
2018-11-03 13:48 - 2018-11-03 13:48 - 000000000 ____D C:\ProgramData\McAfee
2018-11-03 13:45 - 2018-11-03 13:45 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\Marcin_Szeniak
2018-11-03 13:43 - 2018-11-03 13:52 - 000000000 ____D C:\Users\SAMSUNG\Downloads\BCUninstaller_4.11_portable(3)
2018-11-03 13:42 - 2018-11-03 13:42 - 006080319 _____ C:\Users\SAMSUNG\Downloads\BCUninstaller_4.11_portable.zip
2018-11-03 13:42 - 2018-11-03 13:42 - 006080319 _____ C:\Users\SAMSUNG\Downloads\BCUninstaller_4.11_portable(3).zip
2018-11-03 13:42 - 2018-11-03 13:42 - 006080319 _____ C:\Users\SAMSUNG\Downloads\BCUninstaller_4.11_portable(2).zip
2018-11-03 13:42 - 2018-11-03 13:42 - 006080319 _____ C:\Users\SAMSUNG\Downloads\BCUninstaller_4.11_portable(1).zip
2018-11-03 13:42 - 2018-11-03 13:42 - 005169744 _____ (Marcin Szeniak ) C:\Users\SAMSUNG\Downloads\BCUninstaller_4.11_setup.exe
2018-11-03 13:41 - 2018-11-03 13:41 - 000608344 _____ C:\Users\SAMSUNG\Downloads\MCPR.exe
2018-11-03 13:41 - 2018-11-03 13:41 - 000608344 _____ C:\Users\SAMSUNG\Desktop\MCPR.exe
2018-11-03 13:41 - 2018-11-03 13:41 - 000002980 _____ C:\WINDOWS\System32\Tasks\McAfee Cleanup
2018-11-03 13:41 - 2018-11-03 13:41 - 000000794 _____ C:\WINDOWS\Tasks\McAfee Cleanup.job
2018-11-02 14:36 - 2018-11-03 15:28 - 000277798 _____ C:\Users\SAMSUNG\Desktop\ZHPDiag.txt
2018-11-02 14:32 - 2018-11-03 15:28 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\ZHP
2018-11-02 14:32 - 2018-11-03 15:23 - 000000867 _____ C:\Users\SAMSUNG\Desktop\ZHPDiag.lnk
2018-11-02 14:32 - 2018-11-02 14:32 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\ZHP
2018-11-02 14:30 - 2018-11-02 14:31 - 003174784 _____ C:\Users\SAMSUNG\Desktop\ZHPDiag3.exe
2018-11-02 09:35 - 2018-11-02 09:35 - 000000128 ___SH C:\WINDOWS\system32\yabfvmrapvnyvidy.tbl
2018-11-02 09:35 - 2018-11-02 09:35 - 000000128 ___SH C:\WINDOWS\system32\gvcjiahsrpjqcchg.dat
2018-11-02 09:35 - 2018-11-02 09:35 - 000000000 ____D C:\Users\SAMSUNG\Downloads\HasleoBitLockerAnywhereHome46-dn29sv
2018-11-02 09:35 - 2018-11-02 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo BitLocker Anywhere
2018-11-02 09:35 - 2018-11-02 09:35 - 000000000 ____D C:\Program Files\Hasleo
2018-11-02 09:34 - 2018-11-02 09:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2018-11-02 09:34 - 2018-11-02 09:34 - 000000000 ____D C:\Program Files (x86)\WinPcap
2018-11-02 09:33 - 2018-11-04 06:19 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\AntDM
2018-11-02 09:33 - 2018-11-02 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ant Download Manager
2018-11-02 09:33 - 2018-11-02 09:33 - 000000000 ____D C:\Program Files (x86)\Ant Download Manager
2018-11-02 09:33 - 2018-01-24 12:40 - 000583240 _____ (The curl library, hxxps://curl.haxx.se/) C:\WINDOWS\system32\LIBCURL.DLL
2018-11-02 09:33 - 2013-10-04 23:58 - 005634720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc120u.dll
2018-11-02 09:32 - 2018-11-02 09:32 - 042608746 _____ C:\Users\SAMSUNG\Downloads\HasleoBitLockerAnywhereHome46-dn29sv.zip
2018-11-02 09:30 - 2018-11-02 09:30 - 029873879 _____ (AntGROUP, Inc. ) C:\Users\SAMSUNG\Documents\Ant Download Manager PRO.exe
2018-11-02 09:29 - 2018-11-02 09:29 - 002440552 _____ C:\Users\SAMSUNG\Documents\SharewareOnSale_Giveaway_Ant_Download_Manager_PRO_hub.exe
2018-11-02 09:28 - 2018-11-02 09:28 - 002440552 _____ C:\Users\SAMSUNG\Downloads\SharewareOnSale_Giveaway_Ant_Download_Manager_PRO_hub.exe
2018-11-01 21:55 - 2018-11-01 21:56 - 005726616 _____ (SosVirus) C:\Users\SAMSUNG\Downloads\adsfix_V5_04.09.18.1(1).exe
2018-11-01 18:46 - 2018-11-01 18:46 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\FolderColorize
2018-11-01 18:46 - 2018-11-01 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Colorizer
2018-11-01 18:46 - 2018-11-01 18:46 - 000000000 ____D C:\Program Files\Folder Colorizer
2018-11-01 18:44 - 2018-11-01 18:44 - 001396040 _____ (Softorino ) C:\Users\SAMSUNG\Downloads\folder-colorizer-1-3-3-en-win.exe
2018-11-01 18:41 - 2018-11-01 18:41 - 000000000 ____D C:\ProgramData\Softorino
2018-11-01 18:41 - 2018-11-01 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Task ForceQuit Pro 2
2018-11-01 18:41 - 2018-11-01 18:41 - 000000000 ____D C:\Program Files\Task ForceQuit Pro 2
2018-11-01 18:19 - 2018-11-01 18:19 - 002590240 _____ C:\Users\SAMSUNG\Downloads\SharewareOnSale_Giveaway_Task_ForceQuit_Pro_2_hub.exe
2018-11-01 18:07 - 2018-11-01 18:07 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\CrashRpt
2018-11-01 18:07 - 2018-11-01 18:07 - 000000000 ____D C:\Users\Public\Documents\CyberLink
2018-11-01 18:07 - 2018-11-01 18:07 - 000000000 ____D C:\ProgramData\simplitec
2018-11-01 15:02 - 2018-11-01 15:02 - 000036489 _____ C:\Users\SAMSUNG\Desktop\AdsFix_01_11_2018_15_02_38.txt
2018-11-01 13:35 - 2018-11-01 15:02 - 000036489 _____ C:\AdsFix_01_11_2018_15_02_38.txt
2018-11-01 13:33 - 2018-11-01 13:34 - 005726616 _____ (SosVirus) C:\Users\SAMSUNG\Downloads\adsfix_V5_04.09.18.1.exe
2018-11-01 13:29 - 2018-11-03 13:49 - 000000000 ____D C:\Program Files\AVAST Software
2018-11-01 13:29 - 2018-11-01 13:29 - 000004252 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1541075383
2018-11-01 13:29 - 2018-11-01 13:29 - 000001370 _____ C:\Users\SAMSUNG\Desktop\Navigateur Opera.lnk
2018-11-01 13:29 - 2018-11-01 13:29 - 000001370 _____ C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2018-11-01 13:29 - 2018-11-01 13:29 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\Opera Software
2018-11-01 13:29 - 2018-11-01 13:29 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\Opera Software
2018-11-01 13:28 - 2018-11-03 13:49 - 000000000 ____D C:\ProgramData\AVAST Software
2018-11-01 13:25 - 2018-11-01 18:26 - 366404999 _____ (Studio V5 ) C:\Users\SAMSUNG\Downloads\fr-logomaker4-web-trial.exe
2018-11-01 13:25 - 2018-11-01 18:14 - 441817728 _____ (Serif (Europe) Ltd., support@serif.co.uk) C:\Users\SAMSUNG\Downloads\DrawPlusX8-FR-TR.exe
2018-11-01 13:24 - 2018-11-01 13:24 - 015800960 _____ (Stellar Information Systems Ltd ) C:\Users\SAMSUNG\Downloads\StellarPhoenixOutlookPSTRepair_AQFR.exe
2018-11-01 13:24 - 2018-11-01 13:24 - 000001028 _____ C:\Users\SAMSUNG\Desktop\Stellar Phoenix Outlook PST Repair.lnk
2018-11-01 13:24 - 2018-11-01 13:24 - 000000068 _____ C:\WINDOWS\Crypkey.ini
2018-11-01 13:24 - 2018-11-01 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Outlook PST Repair
2018-11-01 13:24 - 2018-11-01 13:24 - 000000000 ____D C:\Program Files\Stellar Phoenix Outlook PST Repair
2018-11-01 13:24 - 2008-05-08 00:29 - 000122880 _____ (CrypKey (Canada) Ltd.) C:\WINDOWS\system32\Crypserv.exe
2018-11-01 13:24 - 2008-03-17 18:12 - 000028664 _____ C:\WINDOWS\system32\Ckldrv.sys
2018-11-01 13:24 - 1999-06-18 21:49 - 000165888 _____ (Kenonic Controls) C:\WINDOWS\Ckconfig.exe
2018-11-01 13:24 - 1996-05-03 17:21 - 000027648 ____R C:\WINDOWS\Setup_ck.exe
2018-11-01 13:24 - 1996-05-03 15:36 - 000018432 _____ C:\WINDOWS\Setup_ck.dll
2018-11-01 13:24 - 1995-07-04 18:33 - 000011776 _____ C:\WINDOWS\Ckrfresh.exe
2018-11-01 13:23 - 2018-11-01 18:32 - 631779000 _____ (Flexera Software, Inc.) C:\Users\SAMSUNG\Downloads\Video_Explosion_Ultimate_Setup.exe
2018-11-01 13:23 - 2018-11-01 18:28 - 1259953248 _____ (Serif (Europe) Ltd., support@serif.co.uk) C:\Users\SAMSUNG\Downloads\ESDTRL-PPX9-PagePlusX9-FR-AQ.exe
2018-11-01 13:23 - 2018-11-01 13:35 - 000004132 _____ C:\WINDOWS\System32\Tasks\ActiveMessenger-SystemMechanic
2018-11-01 13:23 - 2018-11-01 13:23 - 000004224 _____ C:\WINDOWS\System32\Tasks\ActiveSync-SystemMechanic
2018-11-01 13:23 - 2018-11-01 13:23 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\Downloaded Installations
2018-11-01 13:21 - 2018-11-01 13:27 - 245984552 _____ (Serif (Europe) Ltd., support@serif.co.uk) C:\Users\SAMSUNG\Downloads\ESDTRL-PhotoPlusX8-FR-MA.exe
2018-11-01 13:21 - 2018-11-01 13:21 - 004863376 _____ C:\Users\SAMSUNG\Downloads\SCUDownloader.exe
2018-11-01 13:20 - 2018-11-01 13:20 - 014740016 _____ (Zemana Ltd. ) C:\Users\SAMSUNG\Downloads\Zemana_AntiLogger_AQFR.exe
2018-11-01 13:20 - 2018-11-01 13:20 - 000049752 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\AntiLog64.sys
2018-11-01 13:20 - 2018-11-01 13:20 - 000000982 _____ C:\Users\Public\Desktop\AntiLogger.lnk
2018-11-01 13:20 - 2018-11-01 13:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ZALSDK_uninst
2018-11-01 13:20 - 2018-11-01 13:20 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\Zemana
2018-11-01 13:20 - 2018-11-01 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiLogger
2018-11-01 13:20 - 2018-11-01 13:20 - 000000000 ____D C:\Program Files (x86)\KeyCryptSDK
2018-11-01 13:20 - 2018-11-01 13:20 - 000000000 ____D C:\Program Files (x86)\AntiLogger
2018-11-01 13:20 - 2014-12-30 13:31 - 007039960 _____ (Zemana Ltd.) C:\WINDOWS\SysWOW64\ZALSDKCore.dll
2018-11-01 13:20 - 2014-12-30 13:31 - 000076520 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\KeyCrypt64.sys
2018-11-01 13:17 - 2018-11-01 13:17 - 002174384 _____ (Solvusoft ) C:\Users\SAMSUNG\Downloads\Setup_RocketPC_2018.exe
2018-11-01 13:15 - 2018-11-01 13:15 - 000002105 _____ C:\Users\Public\Desktop\Digital Video Duplicator.lnk
2018-11-01 13:15 - 2018-11-01 13:15 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
2018-11-01 13:15 - 2018-11-01 13:15 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Morgan Stream Switcher
2018-11-01 13:15 - 2018-11-01 13:15 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter
2018-11-01 13:15 - 2018-11-01 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD
2018-11-01 13:15 - 2018-11-01 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Video Duplicator
2018-11-01 13:15 - 2018-11-01 13:15 - 000000000 ____D C:\Program Files (x86)\XviD
2018-11-01 13:15 - 2018-11-01 13:15 - 000000000 ____D C:\Program Files (x86)\WinASPI
2018-11-01 13:15 - 2018-11-01 13:15 - 000000000 ____D C:\Program Files (x86)\Morgan
2018-11-01 13:15 - 2018-11-01 13:15 - 000000000 ____D C:\Program Files (x86)\Gabest
2018-11-01 13:15 - 2018-11-01 13:15 - 000000000 ____D C:\Program Files (x86)\AC3Filter
2018-11-01 13:15 - 2003-04-02 23:17 - 000172032 _____ () C:\WINDOWS\SysWOW64\ac3filter.cpl
2018-11-01 13:15 - 2002-11-08 15:18 - 000051712 _____ (Morgan Multimedia) C:\WINDOWS\SysWOW64\MMSwitch.ax
2018-11-01 13:14 - 2018-11-01 13:14 - 000000000 ____D C:\ProgramData\BVRP Software
2018-11-01 13:14 - 2018-11-01 13:14 - 000000000 ____D C:\Program Files (x86)\LiveUpdate
2018-11-01 13:14 - 2018-11-01 13:14 - 000000000 ____D C:\Program Files (x86)\Digital Video Duplicator
2018-11-01 13:14 - 2003-03-19 06:20 - 001060864 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2018-11-01 13:14 - 2003-03-19 06:12 - 001047552 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll
2018-11-01 13:14 - 2003-03-19 05:14 - 000499712 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2018-11-01 13:14 - 2003-02-21 13:42 - 000348160 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2018-11-01 13:14 - 1998-06-18 00:00 - 000089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2018-11-01 13:13 - 2018-11-01 13:13 - 061197060 _____ (Avanquest Software ) C:\Users\SAMSUNG\Downloads\digital-video-duplicator_1_16766.exe
2018-10-31 14:17 - 2018-10-31 14:17 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\McAfee_Inc
2018-10-31 14:12 - 2018-10-31 14:12 - 000004754 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-31 14:12 - 2018-10-31 14:12 - 000004584 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-10-31 14:11 - 2018-10-31 14:14 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\Adobe
2018-10-31 13:48 - 2018-10-31 13:48 - 000000000 ___HD C:\OneDriveTemp
2018-10-25 14:56 - 2018-10-25 14:57 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\CyberLink
2018-10-25 13:16 - 2018-10-25 13:16 - 000259584 _____ (OldTimer Tools) C:\Users\SAMSUNG\Downloads\OTH.exe
2018-10-25 13:14 - 2018-10-25 13:12 - 000011459 _____ C:\Users\SAMSUNG\Documents\lfs hyper & uefm avec vestiges uefm obsolÃ¨tes info.txt
2018-10-25 13:09 - 2018-11-04 15:51 - 000000000 ____D C:\Users\SAMSUNG\AppData\LocalLow\Mozilla
2018-10-25 13:09 - 2018-11-04 15:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Nightly.lnk
2018-10-25 13:09 - 2018-11-04 15:46 - 000000000 ____D C:\Program Files\Firefox Nightly
2018-10-25 13:09 - 2018-11-04 05:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-25 13:09 - 2018-10-25 13:12 - 000000000 ____D C:\ProgramData\Mozilla
2018-10-25 13:09 - 2018-10-25 13:09 - 000000993 _____ C:\Users\Public\Desktop\Firefox Nightly.lnk
2018-10-25 13:09 - 2018-10-25 13:09 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\Mozilla
2018-10-25 13:09 - 2018-10-25 13:09 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\Mozilla
2018-10-25 13:00 - 2018-10-25 13:01 - 045955760 _____ (Mozilla) C:\Users\SAMSUNG\Downloads\firefox-65.0a1.fr.win64.installer.exe
2018-10-25 12:37 - 2018-10-25 12:37 - 000001018 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk
2018-10-25 12:36 - 2018-10-25 12:36 - 000000000 ____D C:\Users\SAMSUNG\Documents\YouCam
2018-10-25 11:21 - 2018-11-01 18:09 - 000001203 _____ C:\Users\Public\Desktop\Ashampoo Video Optimizer Pro.lnk
2018-10-25 11:21 - 2018-10-25 11:21 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\Ashampoo
2018-10-25 11:21 - 2018-10-25 11:21 - 000000000 ____D C:\ProgramData\Oracle
2018-10-25 11:21 - 2018-10-25 11:21 - 000000000 ____D C:\Program Files\Ashampoo
2018-10-25 11:21 - 2018-10-25 11:21 - 000000000 _____ C:\Users\SAMSUNG\Ashampoo Video Optimizer Pro.tmp
2018-10-25 11:16 - 2018-10-25 11:16 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 8.lnk
2018-10-25 11:16 - 2018-10-25 11:16 - 000001970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 8 Mirror.lnk
2018-10-25 11:16 - 2018-08-23 18:56 - 000061056 _____ (CyberLink Corporation) C:\WINDOWS\system32\Drivers\clwvd8.sys
2018-10-25 11:11 - 2018-10-25 11:14 - 092712216 _____ (Ashampoo GmbH & Co. KG ) C:\Users\SAMSUNG\Downloads\ashampoo_video_optimizer_pro_1.0.0_sm.exe
2018-10-25 11:10 - 2018-10-25 11:13 - 305486616 _____ C:\Users\SAMSUNG\Downloads\YouCam_8.0.0925.0a_Essential_Essential_YUC180820-01.exe
2018-10-25 11:09 - 2018-10-25 11:09 - 001174200 _____ (CyberLink) C:\Users\SAMSUNG\Downloads\CyberLink_YouCam_Downloader.exe
2018-10-13 18:52 - 2018-10-13 18:53 - 000000000 ____D C:\Users\SAMSUNG\Documents\FAT16
2018-10-11 14:16 - 2018-10-11 14:16 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-10-10 12:45 - 2018-10-10 12:45 - 000002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 10 (64-bit).lnk
2018-10-10 12:44 - 2018-10-10 12:44 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\NeroLauncher
2018-10-10 12:44 - 2018-10-10 12:44 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\cache
2018-10-10 12:23 - 2018-10-16 13:44 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\Nero
2018-10-10 12:22 - 2018-10-10 12:22 - 000000000 ____D C:\WINDOWS\System32\Tasks\Nero
2018-10-10 12:21 - 2018-10-10 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2019
2018-10-10 12:21 - 2018-10-10 12:21 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 17 (64-bit).lnk
2018-10-10 12:20 - 2018-10-10 12:20 - 000002120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink ColorDirector 7 (64-bit).lnk
2018-10-10 12:18 - 2018-10-10 12:18 - 000002124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink AudioDirector 9 (64-bit).lnk
2018-10-10 06:22 - 2018-10-10 06:22 - 000329800 _____ (Adlice Software) C:\Users\SAMSUNG\Downloads\WhyIGotInfected.exe
2018-10-10 06:21 - 2018-10-10 08:00 - 000000000 ____D C:\ProgramData\Wondershare
2018-10-10 06:21 - 2018-10-10 06:21 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\Wondershare
2018-10-10 06:21 - 2018-10-10 06:21 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2018-10-10 06:21 - 2018-10-10 06:21 - 000000000 ____D C:\Program Files\Wondershare
2018-10-10 06:21 - 2018-10-10 06:21 - 000000000 ____D C:\Program Files\Common Files\Wondershare
2018-10-10 06:21 - 2018-10-10 06:21 - 000000000 ____D C:\Program Files (x86)\Wondershare
2018-10-10 06:21 - 2018-04-20 18:35 - 001250304 _____ (CineForm Inc.) C:\WINDOWS\system32\CFDecode64.ax
2018-10-10 06:20 - 2018-10-10 06:20 - 000292424 _____ (Adlice Software) C:\Users\SAMSUNG\Downloads\WhyIGotInfected-WIGI-_2.1.0.0.exe
2018-10-10 06:18 - 2018-10-10 06:20 - 019475696 _____ (Wondershare Software Co., Ltd. ) C:\Users\SAMSUNG\Downloads\tidymymusic-bing_full1701.exe
2018-10-10 06:17 - 2018-10-10 06:17 - 001038440 _____ C:\Users\SAMSUNG\Downloads\filmora_setup_full1084 (1).exe
2018-10-10 04:55 - 2018-09-20 10:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-10 04:55 - 2018-09-20 10:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 04:55 - 2018-09-20 10:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 04:55 - 2018-09-20 10:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 04:55 - 2018-09-20 10:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 04:55 - 2018-09-20 09:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 04:55 - 2018-09-20 09:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-10 04:55 - 2018-09-20 09:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 04:55 - 2018-09-20 09:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 04:55 - 2018-09-20 05:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 04:55 - 2018-09-20 05:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-10 04:55 - 2018-09-20 05:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 04:55 - 2018-09-20 05:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 04:55 - 2018-09-20 05:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-10 04:55 - 2018-09-20 05:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 04:55 - 2018-09-20 05:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-10 04:55 - 2018-09-20 05:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-10 04:55 - 2018-09-20 05:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-10 04:55 - 2018-09-20 05:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-10 04:55 - 2018-09-20 05:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 04:55 - 2018-09-20 05:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 04:55 - 2018-09-20 05:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-10 04:55 - 2018-09-20 05:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 04:55 - 2018-09-20 05:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 04:55 - 2018-09-20 05:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 04:55 - 2018-09-20 05:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-10 04:55 - 2018-09-20 05:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 04:55 - 2018-09-20 04:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 04:55 - 2018-09-20 04:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 04:55 - 2018-09-20 04:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 04:55 - 2018-09-20 04:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 04:55 - 2018-09-20 04:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-10 04:55 - 2018-09-20 04:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-10 04:55 - 2018-09-20 04:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 04:55 - 2018-09-20 04:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 04:55 - 2018-09-20 04:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 04:55 - 2018-09-20 04:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-10 04:55 - 2018-09-20 04:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 04:55 - 2018-09-20 04:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-10 04:54 - 2018-09-20 10:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 04:54 - 2018-09-20 10:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 04:54 - 2018-09-20 10:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 04:54 - 2018-09-20 10:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 04:54 - 2018-09-20 10:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 04:54 - 2018-09-20 10:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 04:54 - 2018-09-20 09:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-10 04:54 - 2018-09-20 09:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 04:54 - 2018-09-20 09:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 04:54 - 2018-09-20 09:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-10 04:54 - 2018-09-20 07:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 04:54 - 2018-09-20 06:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 04:54 - 2018-09-20 05:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 04:54 - 2018-09-20 05:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-10 04:54 - 2018-09-20 05:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-10 04:54 - 2018-09-20 05:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-10 04:54 - 2018-09-20 05:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-10 04:54 - 2018-09-20 05:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 04:54 - 2018-09-20 05:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 04:54 - 2018-09-20 05:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-10 04:54 - 2018-09-20 05:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-10 04:54 - 2018-09-20 05:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-10 04:54 - 2018-09-20 05:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-10 04:54 - 2018-09-20 05:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 04:54 - 2018-09-20 05:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 04:54 - 2018-09-20 05:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-10 04:54 - 2018-09-20 05:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 04:54 - 2018-09-20 05:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-10 04:54 - 2018-09-20 05:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-10 04:54 - 2018-09-20 05:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 04:54 - 2018-09-20 05:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 04:54 - 2018-09-20 05:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-10 04:54 - 2018-09-20 05:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 04:54 - 2018-09-20 05:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 04:54 - 2018-09-20 05:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 04:54 - 2018-09-20 05:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 04:54 - 2018-09-20 04:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-10 04:54 - 2018-09-20 04:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-10 04:54 - 2018-09-20 04:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 04:54 - 2018-09-20 04:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 04:54 - 2018-09-20 04:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 04:54 - 2018-09-20 04:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 04:54 - 2018-09-20 04:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 04:54 - 2018-09-20 04:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 04:54 - 2018-09-20 03:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-10 04:54 - 2018-09-20 02:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-09 17:52 - 2018-10-25 12:35 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2018-10-09 13:14 - 2018-10-12 04:33 - 000049536 _____ C:\Users\SAMSUNG\Desktop\Look_my_hardware.txt
2018-10-09 13:13 - 2018-10-12 04:33 - 000000000 ____D C:\Look_my_hardware
2018-10-09 13:13 - 2018-10-09 13:13 - 001239464 _____ (SosVirus) C:\Users\SAMSUNG\Desktop\look-my-hardware_2_26.04.17.1.exe
2018-10-09 11:28 - 2018-10-09 11:28 - 000000000 ____D C:\Users\SAMSUNG\.QtWebEngineProcess
2018-10-09 11:24 - 2018-10-09 11:24 - 000000000 ____D C:\Users\SAMSUNG\Downloads\EXE
2018-10-09 06:32 - 2018-10-09 06:32 - 000000000 ____D C:\WINDOWS\Ashampoo PDF
2018-10-09 06:32 - 2018-10-09 06:32 - 000000000 ____D C:\ProgramData\Temp
2018-10-09 06:32 - 2018-10-09 06:32 - 000000000 ____D C:\ActMask
2018-10-09 06:32 - 2018-09-03 11:54 - 004492800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wordpad.exe
2018-10-09 06:32 - 2018-03-05 10:31 - 000581256 ____R (ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\WINDOWS\system32\PrintDisp.exe
2018-10-09 06:32 - 2017-03-25 10:01 - 000411272 _____ (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\WINDOWS\SysWOW64\SetPrinter.exe
2018-10-09 06:32 - 2017-03-25 10:01 - 000411272 _____ (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\WINDOWS\system32\SetPrinter.exe
2018-10-09 06:32 - 2015-10-01 06:46 - 000130184 _____ (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\WINDOWS\system32\PrintCtrl.exe
2018-10-09 06:32 - 2015-07-16 13:35 - 000929792 _____ (ActMask hxxp://www.all2pdf.com) C:\WINDOWS\SysWOW64\SaveTo.dll
2018-10-09 06:32 - 2014-04-16 18:21 - 000036488 _____ (ActMask Co., Ltd - hxxp:\\WWW.ALL2PDF.COM) C:\WINDOWS\system32\SaveToEx30.dll
2018-10-09 06:32 - 2013-12-07 21:25 - 004454128 _____ (DynaForms GmbH) C:\WINDOWS\SysWOW64\CPDF4.dll
2018-10-09 06:32 - 2013-11-03 19:18 - 001181152 _____ (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\WINDOWS\system32\PrtClient.exe
2018-10-09 06:32 - 2013-11-03 19:00 - 000532448 _____ (ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\WINDOWS\system32\PrtPass.exe
2018-10-09 06:32 - 2008-01-19 07:36 - 001391616 _____ C:\WINDOWS\SysWOW64\ActPDF.dll
2018-10-09 06:31 - 2018-10-09 06:31 - 000000000 ____D C:\ProgramData\Aspell
2018-10-09 06:31 - 2018-10-09 06:31 - 000000000 ____D C:\ProgramData\Ashampoo PDF
2018-10-09 05:24 - 2018-11-03 13:49 - 000000000 ____D C:\ProgramData\Nero
2018-10-09 05:24 - 2018-11-03 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2018-10-09 05:24 - 2018-11-03 13:48 - 000000000 ____D C:\Program Files (x86)\Nero
2018-10-09 05:24 - 2010-05-26 10:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2018-10-09 05:24 - 2010-05-26 10:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2018-10-09 05:24 - 2010-05-26 10:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2018-10-09 05:24 - 2010-05-26 10:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2018-10-09 05:24 - 2010-05-26 10:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2018-10-09 04:29 - 2018-10-09 04:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eassos System Restore
2018-10-09 04:29 - 2018-10-09 04:29 - 000000000 ____D C:\Program Files\Eassos System Restore
2018-10-09 04:15 - 2018-10-09 04:15 - 000000000 ____D C:\ProgramData\SharewareOnSale Notifier
2018-10-09 04:12 - 2018-10-09 04:13 - 000000000 ____D C:\la vie aprÃ¨s lfs ultra, anti-tfl & 100% sÃ©curisÃ© finalis
2018-10-09 01:50 - 2018-11-03 13:52 - 000041470 _____ C:\WINDOWS\system32\IMX258_REAR.aiqd
2018-10-09 01:50 - 2018-11-03 13:52 - 000041470 _____ C:\WINDOWS\system32\IMX241_FRONT.aiqd
2018-10-07 16:25 - 2018-10-07 16:25 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\PotPlayerMini64
2018-10-07 16:25 - 2018-10-07 16:25 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\Daum
2018-10-07 16:23 - 2018-10-07 16:23 - 000000000 ____D C:\Program Files\DAUM
2018-10-07 16:21 - 2018-10-07 16:22 - 022416064 _____ (Kakao) C:\Users\SAMSUNG\Downloads\potplayer-1-7-3344.exe
2018-10-07 06:47 - 2018-10-07 16:24 - 000001024 ___RH C:\Users\Public\Documents\NTILiveUpdateV9.dll
2018-10-07 06:47 - 2018-10-07 16:24 - 000000000 ____D C:\ProgramData\NTI Launcher
2018-10-07 06:47 - 2018-10-07 06:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker Express
2018-10-07 06:47 - 2018-10-07 06:47 - 000000000 ____D C:\ProgramData\FLEXnet
2018-10-07 06:47 - 2018-10-07 06:47 - 000000000 ____D C:\Program Files (x86)\NTI
2018-10-07 06:47 - 2010-07-09 10:51 - 000017408 _____ (NTI Corporation) C:\WINDOWS\system32\Drivers\UBHelper.sys
2018-10-07 06:47 - 2010-04-20 09:35 - 000018432 _____ (NTI Corporation) C:\WINDOWS\system32\Drivers\NTIDrvr.sys
2018-10-07 06:31 - 2018-10-07 16:24 - 000001024 ___RH C:\Users\Public\Documents\NTIMMV9P.dll
2018-10-07 06:31 - 2018-10-07 06:31 - 000001024 ___RH C:\Users\Public\Documents\NTIMMV9REGET.dll
2018-10-07 02:14 - 2018-10-07 06:26 - 078864656 _____ (NTI Corporation) C:\Users\SAMSUNG\Downloads\NTI_Media_Maker_9.0.1.9107_Express_Trial (1).exe
2018-10-07 02:05 - 2018-10-07 02:13 - 030267560 _____ (NTI Corporation) C:\Users\SAMSUNG\Downloads\NTI_Media_Maker_9.0.1.9107_Express_Trial.exe.03m03yu.partial
2018-10-06 18:01 - 2018-10-25 14:58 - 000000000 ____D C:\Users\Public\CyberLink
2018-10-06 18:01 - 2018-10-25 12:35 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\Cyberlink
2018-10-06 18:00 - 2018-10-25 11:16 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2018-10-06 18:00 - 2018-10-25 11:15 - 000000000 ____D C:\Program Files (x86)\CyberLink
2018-10-06 17:58 - 2018-10-25 11:15 - 000000000 ____D C:\ProgramData\install_clap
2018-10-06 17:58 - 2018-10-25 11:15 - 000000000 ____D C:\ProgramData\install_backup
2018-10-06 17:58 - 2018-10-25 11:15 - 000000000 ____D C:\ProgramData\CLSK
2018-10-06 17:58 - 2018-10-10 12:44 - 000000000 ____D C:\Program Files\CyberLink
2018-10-06 10:22 - 2018-10-25 14:56 - 000000000 ___HD C:\ProgramData\CyberLink
2018-10-06 10:21 - 2018-10-06 10:22 - 001174128 _____ (CyberLink) C:\Users\SAMSUNG\Downloads\CyberLink_PhotoDirector_Downloader.exe
2018-10-06 08:27 - 2018-10-06 09:36 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\TeraCopy
2018-10-06 08:27 - 2018-10-06 08:27 - 004575312 _____ (Code Sector ) C:\Users\SAMSUNG\Downloads\teracopy.exe
2018-10-06 08:27 - 2018-10-06 08:27 - 000001725 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TeraCopy.lnk
2018-10-06 08:27 - 2018-10-06 08:27 - 000000000 ____D C:\Program Files\TeraCopy
2018-10-06 07:52 - 2018-11-01 18:09 - 000000221 _____ C:\Users\Public\Desktop\Ashampoo Deals.url
2018-10-06 07:52 - 2018-10-25 11:21 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\Ashampoo
2018-10-06 07:51 - 2018-11-01 18:09 - 000000000 ____D C:\ProgramData\Ashampoo
2018-10-06 07:51 - 2018-10-09 06:31 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2018-10-06 07:50 - 2018-10-06 07:50 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\DBG
2018-10-06 07:49 - 2018-10-06 07:51 - 058232776 _____ (Ashampoo GmbH & Co. KG ) C:\Users\SAMSUNG\Downloads\ashampoo_snap_9_9.0.6_sm.exe
2018-10-06 07:47 - 2018-10-06 15:48 - 000000000 ____D C:\WINDOWS\Minidump
2018-10-06 07:47 - 2018-10-06 07:47 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\SafiAgent
2018-10-06 07:47 - 2018-10-06 07:47 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\PanelManager
2018-10-06 07:47 - 2018-10-06 07:47 - 000000000 ____D C:\ProgramData\ToastGenerator
2018-10-06 07:42 - 2018-11-03 13:55 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\D3DSCache
2018-10-05 13:02 - 2018-11-04 00:09 - 000000000 ____D C:\ProgramData\RSG
2018-10-05 13:01 - 2018-10-27 23:04 - 000000000 ____D C:\Program Files\Remo Repair MOV 2.0
2018-10-05 13:01 - 2018-10-05 13:04 - 000000000 ____D C:\Program Files\Remo ONE
2018-10-05 13:01 - 2018-10-05 13:01 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\Remo
2018-10-05 12:59 - 2018-10-06 07:31 - 000000000 ____D C:\Users\SAMSUNG\Documents\don pour garder lfs ultra, anti-tfl & 100% sÃ©curisÃ© finalisÃ©s - octobre 2018

==================== Un mois - ModifiÃ©s - fichiers et dossiers ========

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2018-11-04 15:52 - 2018-09-25 13:14 - 000018015 _____ C:\Users\SAMSUNG\Desktop\FRST.txt
2018-11-04 15:52 - 2018-09-25 13:13 - 000000000 ____D C:\FRST
2018-11-04 15:46 - 2018-10-03 12:50 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-04 15:46 - 2018-09-03 01:08 - 000000000 ___RD C:\Users\SAMSUNG\OneDrive
2018-11-04 15:46 - 2018-09-03 01:06 - 000000000 __SHD C:\Users\SAMSUNG\IntelGraphicsProfiles
2018-11-04 14:33 - 2018-10-03 12:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-03 23:52 - 2018-10-03 12:46 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-03 14:00 - 2018-10-03 12:56 - 000798182 _____ C:\WINDOWS\system32\perfh00C.dat
2018-11-03 14:00 - 2018-10-03 12:56 - 000154454 _____ C:\WINDOWS\system32\perfc00C.dat
2018-11-03 14:00 - 2018-10-03 12:49 - 000000000 ____D C:\WINDOWS\INF
2018-11-03 14:00 - 2018-10-03 12:17 - 001766590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-03 13:52 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-03 13:52 - 2018-10-03 12:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-03 13:52 - 2018-10-03 12:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-03 13:52 - 2018-10-03 12:02 - 000252320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-03 08:41 - 2018-10-03 18:35 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\PlaceholderTileLogoFolder
2018-11-02 23:51 - 2018-10-03 12:50 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-02 11:29 - 2018-09-16 04:53 - 000000000 ___RD C:\Users\SAMSUNG\Desktop\lfs hyper & uefm suite 2018.30
2018-11-02 09:37 - 2018-10-03 12:11 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\VirtualStore
2018-11-01 21:48 - 2018-10-03 12:11 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\ConnectedDevicesPlatform
2018-11-01 18:09 - 2018-09-15 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2018-11-01 15:02 - 2018-09-21 16:27 - 000000000 ____D C:\AdsFix
2018-11-01 14:59 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\System
2018-11-01 13:35 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\Web
2018-11-01 13:35 - 2018-09-22 03:58 - 000001223 _____ C:\Users\SAMSUNG\Desktop\AdsFix_Donate.lnk
2018-11-01 13:34 - 2018-09-22 03:55 - 005726616 _____ (SosVirus) C:\Users\SAMSUNG\Desktop\adsfix_V5_04.09.18.1.exe
2018-11-01 13:23 - 2017-12-07 06:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-10-31 14:13 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-10-31 14:12 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-31 13:48 - 2018-10-03 12:16 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-669436471-1359685987-3400120946-1001
2018-10-31 13:48 - 2018-10-03 12:09 - 000002407 _____ C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-26 10:55 - 2018-10-03 12:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-10-25 11:26 - 2018-10-04 07:12 - 000559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-10-25 11:21 - 2018-10-03 12:09 - 000000000 ____D C:\Users\SAMSUNG
2018-10-25 11:01 - 2018-10-03 12:28 - 000000000 ____D C:\ProgramData\Packages
2018-10-18 08:18 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-10-10 16:36 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-10 16:36 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-10 12:44 - 2018-10-03 18:54 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\Nero
2018-10-10 07:59 - 2018-10-03 05:20 - 000000000 ____D C:\Users\SAMSUNG\Documents\Wondershare Filmora
2018-10-10 06:21 - 2018-10-03 05:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-10-10 06:21 - 2018-10-03 05:10 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2018-10-10 04:58 - 2018-10-04 07:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-10 04:57 - 2018-10-04 07:14 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-09 16:09 - 2018-10-03 12:57 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-10-09 16:09 - 2018-10-03 12:53 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2018-10-09 16:09 - 2018-10-03 12:53 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2018-10-09 16:09 - 2018-10-03 12:53 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-10-09 16:09 - 2018-10-03 12:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-10-09 16:09 - 2018-10-03 12:53 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-10-09 16:09 - 2018-10-03 12:53 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-10-09 16:09 - 2018-10-03 12:53 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-10-09 16:09 - 2018-10-03 12:53 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\com
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-10-09 16:09 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ___SD C:\WINDOWS\system32\dsc
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\system32\com
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\IME
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ____D C:\WINDOWS\Help
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ____D C:\Program Files\Windows Defender
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ____D C:\Program Files\Common Files\system
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-10-09 16:08 - 2018-10-03 12:50 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-09 16:08 - 2018-10-03 12:45 - 000000000 ____D C:\WINDOWS\servicing
2018-10-09 05:23 - 2017-12-07 07:00 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-06 17:58 - 2018-10-03 12:50 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-10-05 13:01 - 2018-09-17 05:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair MOV

Certains fichiers dans TEMP:
====================
2018-11-04 15:46 - 2018-04-12 00:35 - 000607840 _____ (Microsoft Corporation) C:\Users\SAMSUNG\AppData\Local\Temp\kernel32.dll

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas Ã  la vÃ©rification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\explorer.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\services.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\User32.dll => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signÃ© numÃ©riquement

LastRegBack: 2018-10-03 12:02

==================== Fin de FRST.txt ============================