cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2015
Ran by Papa (administrator) on YANNICK on 19-04-2015 08:40:22
Running from C:\Users\Papa\Desktop
Loaded Profiles: Papa (Available profiles: Papa)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\WINDOWS\AutoKMS\AutoKMS.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\rundll32.exe
() C:\Program Files\shopperz\grunt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CC Corporation) C:\Program Files (x86)\IGS\CCL.exe
() C:\Users\Papa\AppData\Local\C190CF30-1429428342-11E2-AD21-F80F41B4DD61\insv610E.tmp
() C:\Program Files\shopperz\csrcc.exe
(Microsoft Corporation) C:\WINDOWS\System32\dasHost.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(Infonaut) C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe
() C:\Users\Papa\AppData\Roaming\C190CF30-1429325648-11E2-AD21-F80F41B4DD61\nszB248.tmp
() C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
() C:\Users\Papa\AppData\Local\C190CF30-1429424463-11E2-AD21-F80F41B4DD61\insm3C9.tmp
() C:\Program Files\shopperz\nseven.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Users\Papa\AppData\Roaming\C190CF30-1429325648-11E2-AD21-F80F41B4DD61\jnshFD3E.tmp
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
() C:\Program Files (x86)\version92BlockAndSurf\J4BlockAndSurfJ52.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Users\Papa\AppData\Local\gmsd_fr_448\upgmsd_fr_448.exe
() C:\Program Files (x86)\version92BlockAndSurf\BlockAndSurf.exe
() C:\Program Files\shopperz\wrex.exe
() C:\Program Files\shopperz\wrex64.exe
(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(XTab system) C:\Program Files (x86)\XTab\HPNotify.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Microsoft Corporation) C:\WINDOWS\Speech\Common\sapisvr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Microsoft Corporation) C:\WINDOWS\System32\cmd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\gmsd_fr_448\gmsd_fr_448.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SoftBrain Technologies Ltd.) C:\Users\Papa\AppData\Local\SmartWeb\SmartWebHelper.exe
(SoftBrain Technologies Ltd.) C:\Users\Papa\AppData\Local\SmartWeb\SmartWebApp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
() C:\Program Files (x86)\Optimizer Pro 3.82\OptProSmartScan.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13642968 2013-08-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\wrex.exe [430456 2015-03-25] ()
HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\wrex64.exe [461176 2015-03-25] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296520 2015-02-26] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM-x32\...\Run: [gmsd_fr_448] => C:\Program Files (x86)\gmsd_fr_448\gmsd_fr_448.exe [3982792 2015-04-18] ()
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Papa\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
HKLM-x32\...\RunOnce: [network_smb_zetorrents] => C:\Users\Papa\AppData\Local\Temp\\BI_RunOnce.exe [198144 2015-04-02] () <===== ATTENTION
HKLM-x32\...\RunOnce: [upgmsd_fr_448.exe] => C:\Users\Papa\AppData\Local\gmsd_fr_448\upgmsd_fr_448.exe [3305928 2015-04-18] ()
HKU\S-1-5-21-3278474854-2576320049-58371344-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-3278474854-2576320049-58371344-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872672 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3278474854-2576320049-58371344-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-3278474854-2576320049-58371344-1001\...\Run: [GoogleChromeAutoLaunch_7F763EB573C2B0A36DE735829F38FC5C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866120 2015-04-13] (Google Inc.)
HKU\S-1-5-21-3278474854-2576320049-58371344-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro 3.82\OptProLauncher.exe [148008 2015-04-17] ()
HKU\S-1-5-21-3278474854-2576320049-58371344-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3278474854-2576320049-58371344-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-04-13] (Glarysoft Ltd)
AppInit_DLLs-x32: C:\PROGRA~3\{872C6~1\1170~1.1\raci.dll => C:\ProgramData\{872C6FEF-D7AE-BE69-6628-CEEBB6AA1D65}\1.17.0.1\raci.dll [778752 2015-04-19] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{b422a46f-27cb-fd45-b422-2a46f27c91bc}\hqghumeaylnlf.exe (PC Utilities Software Limited)
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
ShortcutTarget: SmartWeb.lnk -> C:\Users\Papa\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows 7 Starter Fr Crack [FS].lnk
ShortcutTarget: Windows 7 Starter Fr Crack [FS].lnk -> C:\ProgramData\{151d4fe3-8f08-0a04-151d-d4fe38f03f8e}\Windows 7 Starter Fr Crack [FS].exe (No File)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk * sh4native Sh4Removal
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:4086;https=127.0.0.1:4086
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09&q={searchTerms}
HKU\S-1-5-21-3278474854-2576320049-58371344-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09
HKU\S-1-5-21-3278474854-2576320049-58371344-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09
URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKU\S-1-5-21-3278474854-2576320049-58371344-1001 - (No Name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
SearchScopes: HKLM -> {589B893E-773C-4941-88C2-0DCC718E621C} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3278474854-2576320049-58371344-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09&ts=1429421255&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3278474854-2576320049-58371344-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09&ts=1429421255&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3278474854-2576320049-58371344-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09&ts=1429421255&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3278474854-2576320049-58371344-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09&ts=1429421255&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3278474854-2576320049-58371344-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09&ts=1429421255&type=default&q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-27] (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff64.dll [2015-03-25] ()
BHO: BlockAndSurf -> {8DFCBB1F-7748-D3A8-5954-2EB586A62236} -> C:\Program Files (x86)\version92BlockAndSurf\192_x64.dll [2015-04-19] ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-04-02] (Thinknice Co. Limited)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff32.dll [2015-03-25] ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-14] (Oracle Corporation)
BHO-x32: BlockAndSurf -> {8DFCBB1F-7748-D3A8-5954-2EB586A62236} -> C:\Program Files (x86)\version92BlockAndSurf\192.dll [2015-04-19] ()
BHO-x32: No Name -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-14] (Oracle Corporation)
Toolbar: HKLM-x32 - Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll [2004-12-02] (Copernic Technologies Inc.)
Handler-x32: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll [2004-12-02] (Copernic Technologies Inc.)
Handler-x32: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll [2004-12-02] (Copernic Technologies Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\CCL.dll [341696] (CC Corporation)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\CCL.dll [341696] (CC Corporation)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\CCL.dll [341696] (CC Corporation)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\CCL.dll [341696] (CC Corporation)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\CCL.dll [341696] (CC Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\dx5hkgbo.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09
FF DefaultSearchEngine: istartsurf
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1429421142&from=face&uid=ST2000DM001-1CH164_Z1E75S09XXXXZ1E75S09
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2014-06-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-09-25] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-02-26] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-02-26] (RealPlayer Cloud)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-01-22] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2006-09-26] (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-09-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2015-02-26] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2015-02-26] (RealPlayer Cloud)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml [2015-04-19]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\luckysearches.xml [2015-04-19]
FF Extension: No Name - C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\dx5hkgbo.default\Extensions\quick_searchff@gmail.com [2015-04-19]
FF Extension: No Name - C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\dx5hkgbo.default\Extensions\{091b6afa-55ed-d744-2edb-3f53f48efa6f} [2015-04-18]
FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF Extension: shopperz - C:\Program Files\shopperz\Firefox [2015-04-19]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-02-26]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\dx5hkgbo.default\extensions\quick_searchff@gmail.com
FF HKU\S-1-5-21-3278474854-2576320049-58371344-1001\...\Firefox\Extensions: [{114EDD6D-25DD-366E-1C7F-FC8629951D0C}] - C:\Program Files (x86)\version92BlockAndSurf\192.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\version92BlockAndSurf\192.xpi [2015-04-19]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x64\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\pdf.dll No File
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Profile: C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-21]
CHR Extension: (Adblock Plus) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-30]
CHR Extension: (RealPlayer Cloud) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\damemajnpodbdjndboidpmfpjlabocje [2014-11-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-21]
CHR Extension: (SaLePlues) - C:\ProgramData\golnliojkkmmpkepkoefpbenmnggoonk\ []
CHR Profile: C:\Users\Papa\AppData\Local\Google\Chrome\User Data\profile.ak.fbcdn.net
CHR Extension: (Video Resumer) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\profile.ak.fbcdn.net\Extensions\bongjkoajofkfpofginnhecihgaeldpe [2014-09-25]
CHR Extension: (Boxore) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\profile.ak.fbcdn.net\Extensions\engaigpbgdjjmanonjcjkcmomgibneba [2014-09-08]
CHR Extension: (GGooSave) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\profile.ak.fbcdn.net\Extensions\ipnohimahdmiahggljmfnojoiadggeok [2014-09-19]
CHR Extension: (NiextCOup) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\profile.ak.fbcdn.net\Extensions\ngiefihebbeogeocabdkkbdjhljocilb [2014-10-04]
CHR Extension: (No Name) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\profile.ak.fbcdn.net\Extensions\nlpkikcnenpfpchgiigicelehfknciec [2014-06-21]
CHR Extension: (SaLePlues) - C:\ProgramData\golnliojkkmmpkepkoefpbenmnggoonk\ []
CHR Extension: (GGooSave) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\profile.ak.fbcdn.net\Extensions\ipnohimahdmiahggljmfnojoiadggeok\3.0 [2014-09-19]
CHR Extension: (NiextCOup) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\profile.ak.fbcdn.net\Extensions\ngiefihebbeogeocabdkkbdjhljocilb\1.0 [2014-10-04]
CHR HKU\S-1-5-21-3278474854-2576320049-58371344-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Papa\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-06-21]
CHR HKU\S-1-5-21-3278474854-2576320049-58371344-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3278474854-2576320049-58371344-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 4dd73181; c:\Program Files (x86)\Optimizer Pro 3.82\OptProMon.dll [1752104 2015-04-19] ()
R2 70F4EEDB-1367-4b4f-8247-3133551A7415; C:\Program Files\shopperz\grunt.exe [282488 2015-03-25] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-06-30] (Microsoft Corporation)
R2 CCL; C:\Program Files (x86)\IGS\CCL.exe [1873960 2015-04-16] (CC Corporation) [File not signed]
R2 coqilygi; C:\Users\Papa\AppData\Local\C190CF30-1429428342-11E2-AD21-F80F41B4DD61\insv610E.tmp [107520 2015-04-19] () [File not signed]
R2 csrcc; C:\Program Files\shopperz\csrcc.exe [1446264 2015-03-25] ()
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-27] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-04-02] (XTab system)
R2 insvc_1.10.0.14; C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe [278600 2015-04-10] (Infonaut)
R2 jerugyci; C:\Users\Papa\AppData\Roaming\C190CF30-1429325648-11E2-AD21-F80F41B4DD61\nszB248.tmp [252416 2015-04-19] () [File not signed]
R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [525312 2013-02-26] () [File not signed]
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2820424 2014-10-15] (CybelSoft)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2015-02-26] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 rywekyki; C:\Users\Papa\AppData\Local\C190CF30-1429424463-11E2-AD21-F80F41B4DD61\insm3C9.tmp [112128 2015-04-19] () [File not signed]
R2 shopperz Updater; C:\Program Files\shopperz\nseven.exe [170360 2015-03-25] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [493712 2015-04-19] (SysTool PasSame LIMITED)
R2 zorevige; C:\Users\Papa\AppData\Roaming\C190CF30-1429325648-11E2-AD21-F80F41B4DD61\jnshFD3E.tmp [226304 2015-04-18] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [60376 2015-01-06] (Cherimoya Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-04-19] (Glarysoft Ltd)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 kinonivd; C:\Windows\system32\DRIVERS\kinonivd.sys [2782848 2013-02-26] (Windows (R) Win 7 DDK provider)
S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-19] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [38504 2013-05-24] (Windows (R) Codename Longhorn DDK provider)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R2 webTinstMKTN84; C:\WINDOWS\system32\Drivers\webTinstMKTN84.sys [50216 2015-04-19] ()
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-19 08:40 - 2015-04-19 08:42 - 00037662 _____ () C:\Users\Papa\Desktop\FRST.txt
2015-04-19 08:40 - 2015-04-19 08:41 - 00000000 ____D () C:\FRST
2015-04-19 08:38 - 2015-04-19 08:33 - 02098176 _____ (Farbar) C:\Users\Papa\Desktop\FRST64.exe
2015-04-19 07:59 - 2015-04-19 07:59 - 00530988 _____ () C:\Users\Papa\Desktop\cc_20150419_075857.reg
2015-04-19 07:43 - 2015-04-19 08:31 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2015-04-19 07:43 - 2015-04-19 08:31 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2015-04-19 07:43 - 2015-04-19 08:11 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2015-04-19 07:43 - 2015-04-19 07:43 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2015-04-19 07:43 - 2015-04-19 07:43 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2015-04-19 07:43 - 2015-04-19 07:43 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2015-04-19 07:42 - 2015-04-19 07:43 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2015-04-19 07:42 - 2015-04-19 07:41 - 00613255 _____ (CMI Limited) C:\Users\Papa\AppData\Local\nsvC49D.tmp
2015-04-19 07:41 - 2015-04-19 07:41 - 00000000 __SHD () C:\Users\Papa\AppData\Roaming\AnyProtectEx
2015-04-19 07:36 - 2015-04-19 07:36 - 00000000 ____D () C:\Users\Papa\AppData\Local\Macromedia
2015-04-19 07:29 - 2015-04-19 08:35 - 00002299 _____ () C:\WINDOWS\patsearch.bin
2015-04-19 07:29 - 2015-04-19 08:35 - 00000458 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2015-04-19 07:29 - 2015-04-19 07:29 - 00003096 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2015-04-19 07:28 - 2015-04-19 07:28 - 00000000 ____D () C:\Program Files (x86)\version92BlockAndSurf
2015-04-19 07:27 - 2015-04-19 07:27 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-04-19 07:27 - 2015-04-19 07:27 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-04-19 07:27 - 2015-04-19 07:27 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-04-19 07:26 - 2015-04-19 07:26 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\istartsurf
2015-04-19 07:26 - 2015-04-19 07:26 - 00000000 ____D () C:\Program Files (x86)\IGS
2015-04-19 07:24 - 2015-04-19 07:24 - 00004028 _____ () C:\WINDOWS\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-04-19 07:24 - 2015-04-19 07:24 - 00003618 _____ () C:\WINDOWS\System32\Tasks\gtaUpt
2015-04-19 07:24 - 2015-04-19 07:24 - 00000000 ____D () C:\Users\Papa\AppData\Local\SmartWeb
2015-04-19 07:24 - 2015-04-19 07:24 - 00000000 ____D () C:\Program Files\shopperz
2015-04-19 07:24 - 2015-01-06 12:38 - 00060376 _____ (Cherimoya Ltd) C:\WINDOWS\system32\Drivers\cherimoya.sys
2015-04-19 07:23 - 2015-04-19 08:38 - 00000000 ____D () C:\Users\Papa\AppData\Local\gmsd_fr_448
2015-04-19 07:23 - 2015-04-19 07:23 - 00000000 ____D () C:\Program Files (x86)\gmsd_fr_448
2015-04-19 07:21 - 2015-04-19 08:36 - 00000346 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2015-04-19 07:21 - 2015-04-19 08:36 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-04-19 07:21 - 2015-04-19 07:21 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2015-04-19 07:21 - 2015-04-19 07:21 - 00002968 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2015-04-19 07:21 - 2015-04-19 07:21 - 00002618 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2015-04-19 07:21 - 2015-04-19 07:21 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-04-19 07:21 - 2015-04-19 07:21 - 00001096 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-04-19 07:21 - 2015-04-19 07:21 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\GlarySoft
2015-04-19 07:21 - 2015-04-19 07:21 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\DiskDefrag
2015-04-19 07:21 - 2015-04-19 07:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-04-19 07:20 - 2015-04-19 07:20 - 15058608 _____ () C:\Users\Papa\Downloads\gu5setup [1].exe
2015-04-19 07:16 - 2015-04-19 07:16 - 00002786 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-04-19 07:15 - 2015-04-19 07:16 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-19 07:14 - 2015-04-19 07:14 - 05344528 _____ (Piriform Ltd) C:\Users\Papa\Downloads\ccsetup504 [1].exe
2015-04-19 07:13 - 2015-04-19 07:13 - 00001133 _____ () C:\Users\Papa\Desktop\Continue Live Installation.lnk
2015-04-19 07:08 - 2015-04-19 07:08 - 00000000 ____D () C:\Users\Papa\Documents\Optimizer Pro
2015-04-19 07:07 - 2015-04-19 07:07 - 00003248 _____ () C:\WINDOWS\System32\Tasks\Optimizer Pro Schedule
2015-04-19 07:07 - 2015-04-19 07:07 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\Optimizer Pro
2015-04-19 07:06 - 2015-04-19 07:06 - 00001115 _____ () C:\Users\Papa\Desktop\Optimizer Pro.lnk
2015-04-19 07:04 - 2015-04-19 07:06 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.82
2015-04-19 06:54 - 2015-04-19 08:36 - 00000000 ____D () C:\ProgramData\{b422a46f-27cb-fd45-b422-2a46f27c91bc}
2015-04-19 06:31 - 2015-04-19 06:31 - 00613255 _____ (CMI Limited) C:\Users\Papa\AppData\Local\nsu5332.tmp
2015-04-19 06:25 - 2015-04-19 08:35 - 00000446 _____ () C:\WINDOWS\Tasks\SpeedCheck Update.job
2015-04-19 06:25 - 2015-04-19 06:25 - 00004104 _____ () C:\WINDOWS\System32\Tasks\Taplika raci
2015-04-19 06:25 - 2015-04-19 06:25 - 00003084 _____ () C:\WINDOWS\System32\Tasks\SpeedCheck Update
2015-04-19 06:25 - 2015-04-19 06:25 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-04-19 06:25 - 2015-04-19 06:25 - 00000000 ____D () C:\ProgramData\{872C6FEF-D7AE-BE69-6628-CEEBB6AA1D65}
2015-04-19 06:25 - 2015-04-19 06:24 - 00050216 _____ () C:\WINDOWS\system32\Drivers\webTinstMKTN84.sys
2015-04-19 06:22 - 2015-04-19 08:35 - 00001350 _____ () C:\WINDOWS\Tasks\YZKIEG.job
2015-04-19 06:22 - 2015-04-19 08:31 - 00008664 _____ () C:\WINDOWS\SysWOW64\CCLOff.ini
2015-04-19 06:22 - 2015-04-19 08:31 - 00008664 _____ () C:\WINDOWS\system32\CCLOff.ini
2015-04-19 06:22 - 2015-04-19 06:22 - 01562112 _____ (Cinema PlusV18.04) C:\Users\Papa\AppData\Roaming\YZKIEG.exe
2015-04-19 06:22 - 2015-04-19 06:22 - 00004354 _____ () C:\WINDOWS\System32\Tasks\YZKIEG
2015-04-19 06:22 - 2015-04-16 09:20 - 00341696 _____ (CC Corporation) C:\WINDOWS\SysWOW64\CCL.dll
2015-04-19 06:21 - 2015-04-19 08:35 - 00001348 _____ () C:\WINDOWS\Tasks\FAHUT.job
2015-04-19 06:21 - 2015-04-19 06:21 - 01792000 _____ (Cinema PlusV18.04) C:\Users\Papa\AppData\Roaming\FAHUT.exe
2015-04-19 06:21 - 2015-04-19 06:21 - 00004350 _____ () C:\WINDOWS\System32\Tasks\FAHUT
2015-04-19 06:21 - 2015-04-19 06:21 - 00000000 ____D () C:\Users\Papa\AppData\Local\C190CF30-1429424463-11E2-AD21-F80F41B4DD61
2015-04-19 06:21 - 2015-04-19 06:21 - 00000000 ____D () C:\Program Files (x86)\76dd3e01-1d8e-4c68-847c-84ff5f01dd48
2015-04-19 06:20 - 2015-04-19 06:20 - 00000000 ____D () C:\Program Files (x86)\Cinema PlusV18.04-ntf
2015-04-19 06:18 - 2015-04-19 06:18 - 00000000 ____D () C:\Program Files (x86)\Infonaut_1.10.0.14
2015-04-19 05:43 - 2015-04-19 05:53 - 00000000 ____D () C:\Users\Papa\Desktop\Film DIvers Nico
2015-04-19 04:59 - 2015-04-19 04:59 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\C190CF30-1429412375-11E2-AD21-F80F41B4DD61
2015-04-19 03:18 - 2015-04-19 03:23 - 00000000 ____D () C:\Users\Papa\Desktop\samsung n140
2015-04-18 11:33 - 2015-04-18 11:33 - 00458752 _____ () C:\WINDOWS\system32\ExtraInfo.txt.tmp
2015-04-18 06:55 - 2015-04-18 06:55 - 00003980 _____ () C:\WINDOWS\System32\Tasks\LaunchPreSignup
2015-04-18 06:33 - 2015-04-18 11:33 - 00532876 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2015-04-18 06:32 - 2015-04-18 06:32 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2015-04-18 06:32 - 2015-04-18 06:32 - 00000000 ____D () C:\Users\Papa\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2015-04-18 05:33 - 2015-04-18 05:33 - 00004272 _____ () C:\WINDOWS\System32\Tasks\WinFixUpdater
2015-04-18 05:30 - 2015-04-18 05:30 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\C190CF30-1429327855-11E2-AD21-F80F41B4DD61
2015-04-18 05:30 - 2015-04-18 05:30 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\C190CF30-1429327801-11E2-AD21-F80F41B4DD61
2015-04-18 05:29 - 2015-04-18 05:32 - 00000111 _____ () C:\WINDOWS\winfix.ini
2015-04-18 05:03 - 2015-04-18 05:03 - 00000177 _____ () C:\WINDOWS\SysWOW64\SetupComponents.exe
2015-04-18 04:58 - 2015-04-18 04:58 - 00000000 ____D () C:\Users\Papa\AppData\Local\C190CF30-1429333100-11E2-AD21-F80F41B4DD61
2015-04-18 04:55 - 2015-04-18 04:56 - 00000000 ____D () C:\Users\Papa\AppData\Local\C190CF30-1429332958-11E2-AD21-F80F41B4DD61
2015-04-18 04:54 - 2015-04-19 05:40 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\C190CF30-1429325648-11E2-AD21-F80F41B4DD61
2015-04-18 04:53 - 2015-04-19 07:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-04-18 04:53 - 2015-04-19 06:49 - 00000000 ____D () C:\ProgramData\FLFxlnlQepK
2015-04-18 04:52 - 2015-04-18 04:52 - 00003552 _____ () C:\WINDOWS\System32\Tasks\ZTAYK
2015-04-18 04:51 - 2015-04-18 07:12 - 00000000 ____D () C:\ProgramData\{bb64f584-dfb8-de22-bb64-4f584dfbd613}
2015-04-18 04:51 - 2015-04-18 05:03 - 00000000 ____D () C:\ProgramData\{2cd06833-caab-2b17-2cd0-06833caaa0cf}
2015-04-18 04:51 - 2015-04-18 04:51 - 00000000 ____D () C:\Users\Papa\AppData\Local\Software
2015-04-18 04:51 - 2015-04-18 04:51 - 00000000 ____D () C:\ProgramData\f9576352f4924706a17f4c29b6389752
2015-04-18 04:51 - 2015-04-18 04:51 - 00000000 ____D () C:\ProgramData\dc5808b1c5b34ca8aaf49424d85f1328
2015-04-18 04:51 - 2015-04-18 04:51 - 00000000 ____D () C:\Program Files (x86)\Software
2015-04-18 04:42 - 2015-04-18 04:42 - 00000000 ____D () C:\ProgramData\12567167709552154736
2015-04-18 04:40 - 2015-04-18 04:40 - 00000000 ____D () C:\ProgramData\golnliojkkmmpkepkoefpbenmnggoonk
2015-04-18 04:39 - 2015-04-18 07:12 - 00000000 ____D () C:\ProgramData\{151d4fe3-8f08-0a04-151d-d4fe38f03f8e}
2015-04-18 04:38 - 2015-04-18 07:12 - 00000000 ____D () C:\ProgramData\{f75b54b2-78f1-c6b8-f75b-b54b278f52c9}
2015-04-18 02:34 - 2015-04-18 02:35 - 2528509952 _____ () C:\Users\Papa\Desktop\Windows 7.iso
2015-04-18 01:48 - 2015-04-18 01:49 - 00000000 ____D () C:\Users\Papa\AppData\Local\Apps\Outil de téléchargement USB DVD Windows 7
2015-04-18 01:48 - 2015-04-18 01:48 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outil de téléchargement USB DVD Windows 7
2015-04-18 00:35 - 2015-04-18 00:43 - 00000000 ____D () C:\Users\Papa\Desktop\Disc
2015-04-17 18:00 - 2015-04-17 20:33 - 00001037 _____ () C:\Users\Public\Desktop\ISO to USB.lnk
2015-04-17 18:00 - 2015-04-17 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB
2015-04-17 18:00 - 2015-04-17 20:33 - 00000000 ____D () C:\Program Files (x86)\ISO to USB
2015-04-15 16:08 - 2014-10-31 06:50 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2015-04-15 16:08 - 2014-10-31 05:30 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2015-04-15 16:08 - 2014-10-31 05:23 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-04-15 16:08 - 2014-10-31 05:22 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2015-04-15 16:08 - 2014-10-31 05:18 - 04840960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-04-15 16:08 - 2014-10-31 05:09 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-04-15 16:08 - 2014-10-31 04:12 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2015-04-15 03:42 - 2015-04-19 07:03 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-15 03:42 - 2015-04-15 03:42 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-15 03:42 - 2015-04-15 03:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-15 03:42 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-15 03:42 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-15 03:40 - 2015-04-15 03:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-04-15 03:40 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-15 03:24 - 2015-04-15 03:57 - 00000000 ____D () C:\Program Files\PeerBlock
2015-04-15 03:24 - 2015-04-15 03:24 - 00001752 _____ () C:\Users\Papa\Desktop\PeerBlock.lnk
2015-04-15 03:24 - 2015-04-15 03:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
2015-04-15 00:38 - 2015-04-15 00:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 00:38 - 2015-04-15 00:38 - 00000000 ____D () C:\Users\Papa\AppData\Local\Skype
2015-04-15 00:38 - 2015-04-15 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-14 21:27 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-14 21:25 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-14 21:22 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-14 21:22 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-14 21:22 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-14 21:22 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-14 21:22 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-14 21:22 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-14 21:22 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-14 21:22 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-14 21:22 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-14 21:22 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-14 21:22 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-14 21:22 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-14 21:21 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-14 21:20 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-14 21:20 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-14 21:20 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-14 21:20 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-14 21:20 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-14 21:20 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-14 21:20 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-14 21:20 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-14 21:20 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-14 21:20 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-14 21:20 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-14 21:20 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-14 21:20 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-14 21:20 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-14 21:20 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-14 21:20 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-14 21:20 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-14 21:20 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-14 21:18 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-14 21:18 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-14 21:18 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-14 21:18 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-14 21:18 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-14 21:18 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-14 21:18 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-14 21:18 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-14 21:16 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-14 21:16 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-14 21:16 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-14 21:16 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-14 21:16 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-14 21:16 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-14 21:16 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-14 21:16 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-14 21:16 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-14 21:16 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-14 21:16 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-14 21:16 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-14 21:16 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-14 21:16 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-14 21:16 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-14 21:16 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-14 21:16 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-14 21:16 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-14 21:16 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-14 21:16 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-14 21:16 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-14 21:16 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-14 21:16 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-14 21:16 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-14 21:16 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-14 21:16 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-14 21:16 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-14 21:16 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-14 21:16 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-14 19:15 - 2015-04-14 19:28 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-14 19:15 - 2015-04-14 19:15 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-14 19:00 - 2015-04-14 19:00 - 02217984 _____ () C:\Users\Papa\Desktop\adwcleaner_4.201.exe
2015-04-14 18:23 - 2015-04-14 18:23 - 00001086 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-04-14 18:23 - 2015-04-14 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-04-14 18:15 - 2015-04-14 18:15 - 00000899 _____ () C:\Users\Papa\Desktop\Images - Raccourci.lnk
2015-04-14 16:41 - 2015-04-14 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-14 16:41 - 2015-04-14 16:40 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-04-14 16:40 - 2015-04-14 16:40 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-14 16:40 - 2015-04-14 16:40 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-14 14:34 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-04-14 14:30 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 14617288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-04-14 14:30 - 2015-04-09 02:58 - 02935416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435012.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435012.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-04-14 14:30 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-04-10 01:36 - 2015-04-10 01:36 - 00000000 ____D () C:\Program Files\VideoLAN
2015-04-03 15:55 - 2015-04-03 15:55 - 00089909 _____ () C:\Users\Papa\Desktop\Madonna et autres.xspf
2015-03-26 21:14 - 2015-03-26 21:14 - 00005542 _____ () C:\Users\Papa\AppData\Roaming\FAHUT
2015-03-26 21:14 - 2015-03-26 21:14 - 00004185 _____ () C:\Users\Papa\AppData\Roaming\YZKIEG
2015-03-25 10:43 - 2015-03-04 23:24 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-25 10:43 - 2015-03-04 23:24 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-25 10:28 - 2015-03-25 10:28 - 00039962 _____ () C:\Users\Papa\Desktop\madonna playlist.xspf
2015-03-22 04:09 - 2015-03-13 21:41 - 01896136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434788.dll
2015-03-22 04:09 - 2015-03-13 21:41 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434788.dll
2015-03-22 04:09 - 2015-03-13 21:41 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-03-22 04:09 - 2015-03-13 21:41 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-03-22 03:53 - 2014-11-22 12:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-03-22 03:53 - 2014-11-22 12:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-19 08:40 - 2014-06-21 07:44 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3278474854-2576320049-58371344-1001
2015-04-19 08:38 - 2014-03-18 12:06 - 02025010 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-19 08:38 - 2014-03-18 11:26 - 00885074 _____ () C:\WINDOWS\system32\perfh00C.dat
2015-04-19 08:38 - 2014-03-18 11:26 - 00191800 _____ () C:\WINDOWS\system32\perfc00C.dat
2015-04-19 08:36 - 2014-06-29 23:42 - 01580785 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-19 08:36 - 2014-06-21 13:11 - 00000000 ___RD () C:\Users\Papa\Google Drive
2015-04-19 08:35 - 2014-06-27 21:34 - 00000000 __RDO () C:\Users\Papa\OneDrive
2015-04-19 08:35 - 2014-06-21 08:00 - 00001088 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-19 08:31 - 2014-06-29 23:42 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-19 08:31 - 2013-08-22 16:46 - 00001530 _____ () C:\WINDOWS\setupact.log
2015-04-19 08:31 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-19 08:30 - 2014-03-18 03:51 - 00125578 _____ () C:\WINDOWS\PFRO.log
2015-04-19 08:19 - 2014-06-21 08:00 - 00001092 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-19 08:14 - 2014-06-21 13:12 - 00000352 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2015-04-19 08:04 - 2014-07-03 02:29 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-19 08:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-19 07:29 - 2014-09-19 00:51 - 00000632 __RSH () C:\ProgramData\ntuser.pol
2015-04-19 07:25 - 2014-06-21 13:08 - 00001283 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-19 07:25 - 2014-06-21 13:08 - 00001271 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-19 07:25 - 2014-06-21 07:38 - 00001223 _____ () C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-19 07:16 - 2015-01-30 19:24 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-19 07:10 - 2014-10-28 18:13 - 00003758 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2015-04-19 07:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-19 06:49 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PLA
2015-04-19 06:48 - 2014-11-19 22:40 - 00000000 ____D () C:\AdwCleaner
2015-04-19 06:47 - 2014-11-30 00:38 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-19 06:21 - 2014-06-22 07:49 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-19 06:20 - 2014-08-30 04:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-19 05:55 - 2014-07-14 10:59 - 00000000 ____D () C:\Users\Papa\Desktop\divers Yannick
2015-04-19 05:50 - 2015-01-08 22:24 - 00000000 ____D () C:\Users\Papa\Desktop\Album Récent
2015-04-19 05:48 - 2015-03-16 03:03 - 00000000 ____D () C:\Users\Papa\Desktop\Aide financière centre d'action sociale Mme couderc
2015-04-19 03:57 - 2014-06-21 13:48 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\vlc
2015-04-19 03:15 - 2014-06-21 07:48 - 00003928 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EC4ED354-1892-4F12-BCBC-48D97FC5555B}
2015-04-18 09:28 - 2014-06-29 23:49 - 00002614 _____ () C:\WINDOWS\diagwrn.xml
2015-04-18 09:28 - 2014-06-29 23:49 - 00001908 _____ () C:\WINDOWS\diagerr.xml
2015-04-18 09:28 - 2013-08-22 16:46 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-04-18 07:20 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-18 05:18 - 2013-09-17 12:04 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-04-18 05:01 - 2014-06-21 12:54 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-04-18 04:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2015-04-18 04:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-04-18 04:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2015-04-18 03:33 - 2014-06-21 12:54 - 00001175 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-04-18 03:33 - 2014-06-21 12:54 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-04-18 02:33 - 2014-06-21 11:20 - 02102784 ___SH () C:\Users\Papa\Desktop\Thumbs.db
2015-04-16 21:26 - 2014-06-21 17:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-16 21:09 - 2014-06-21 17:01 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-16 21:06 - 2014-09-21 01:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 12:59 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-16 09:45 - 2014-07-14 10:45 - 00000000 ____D () C:\Users\Papa\AppData\Local\Deployment
2015-04-16 09:43 - 2014-06-21 11:35 - 00000000 ____D () C:\Users\Papa\Desktop\Nicolas
2015-04-15 05:05 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 03:42 - 2014-06-21 13:25 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\Malwarebytes
2015-04-15 02:04 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-15 02:03 - 2014-12-12 05:29 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 02:03 - 2014-07-16 20:29 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-15 01:02 - 2014-10-28 17:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-04-15 00:39 - 2014-06-21 13:44 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\Skype
2015-04-15 00:38 - 2014-06-21 13:44 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-15 00:38 - 2014-06-21 13:44 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 00:31 - 2013-08-22 15:25 - 00000301 _____ () C:\WINDOWS\win.ini
2015-04-14 19:27 - 2013-08-22 17:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-04-14 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-04-14 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-14 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-14 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-14 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-14 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-14 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-14 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-14 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-14 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-14 19:14 - 2014-03-18 11:41 - 00000000 __SHD () C:\WINDOWS\BitLockerDiscoveryVolumeContents
2015-04-14 19:14 - 2014-03-18 11:41 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-14 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sppui
2015-04-14 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-04-14 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-04-14 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2015-04-14 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME
2015-04-14 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-04-14 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-04-14 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-04-14 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-14 19:14 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-04-14 19:14 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-04-14 19:14 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-04-14 19:13 - 2013-08-22 17:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2015-04-14 19:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-04-14 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-04-14 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-04-14 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sppui
2015-04-14 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-04-14 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-04-14 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-04-14 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-04-14 19:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-04-14 19:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-04-14 19:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-04-14 19:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-04-14 19:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-04-14 19:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-04-14 19:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-04-14 19:06 - 2014-06-21 13:50 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\Azureus
2015-04-14 19:06 - 2014-06-21 13:05 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\Apple Computer
2015-04-14 19:04 - 2014-07-03 02:29 - 00003890 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-14 18:48 - 2014-06-21 11:52 - 00000000 ____D () C:\Users\Papa\Documents\factures
2015-04-14 18:38 - 2014-06-21 11:52 - 00000000 ____D () C:\Users\Papa\Documents\Logiciel
2015-04-14 18:22 - 2014-06-21 13:47 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-04-14 18:05 - 2015-01-08 23:08 - 00000000 ____D () C:\Users\Papa\Desktop\Nico Musique
2015-04-14 17:04 - 2014-07-10 14:41 - 00835584 ___SH () C:\Users\Papa\Downloads\Thumbs.db
2015-04-14 16:38 - 2014-06-28 00:50 - 00000000 ____D () C:\ProgramData\Samsung
2015-04-14 16:38 - 2014-06-21 13:23 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\Samsung
2015-04-14 16:38 - 2014-06-21 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-04-14 16:38 - 2014-06-21 13:22 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-04-14 16:38 - 2014-02-24 01:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-14 16:33 - 2014-10-04 17:26 - 00000000 ____D () C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP
2015-04-14 16:30 - 2014-10-04 12:00 - 00000000 ____D () C:\Program Files (x86)\CDex
2015-04-14 14:35 - 2014-06-23 15:53 - 00000000 ____D () C:\temp
2015-04-14 14:34 - 2014-06-29 23:41 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-14 12:56 - 2014-06-21 16:44 - 00001397 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-04-09 02:58 - 2014-06-21 16:35 - 17176128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2014-06-21 16:35 - 12689592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2014-06-21 16:35 - 03317344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-04-09 02:58 - 2014-06-21 16:35 - 00029329 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-04-09 02:58 - 2014-02-24 01:46 - 00078480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-04-09 02:58 - 2014-02-24 01:46 - 00066704 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-04-08 23:30 - 2014-06-29 23:42 - 06841488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-04-08 23:30 - 2014-06-29 23:42 - 03478344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-04-08 23:30 - 2014-06-29 23:42 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-04-08 23:30 - 2014-06-29 23:42 - 00936264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-04-08 23:30 - 2014-06-29 23:42 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-04-08 23:30 - 2014-06-29 23:42 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-04-08 20:52 - 2014-06-21 13:50 - 00000000 ____D () C:\Program Files\Vuze
2015-04-08 19:52 - 2014-06-29 23:42 - 04336074 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-04-06 17:08 - 2014-06-21 11:49 - 00000000 ____D () C:\Users\Papa\AppData\Local\Windows Live
2015-04-06 00:00 - 2013-08-22 17:36 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-04-06 00:00 - 2013-08-22 17:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-03-28 05:44 - 2014-06-21 16:40 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-03-28 05:44 - 2014-06-21 16:40 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-03-28 05:43 - 2014-06-21 16:40 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-06-21 16:40 - 01570672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-03-28 01:37 - 2014-06-21 13:45 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\uTorrent
2015-03-25 10:42 - 2013-08-22 16:44 - 00483256 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-25 10:34 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-25 10:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-25 10:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-22 04:14 - 2014-06-29 23:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-22 04:12 - 2014-06-29 23:41 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

==================== Files in the root of some directories =======

2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\Papa\AppData\Roaming\FAHUT
2015-04-19 06:21 - 2015-04-19 06:21 - 1792000 _____ (Cinema PlusV18.04) C:\Users\Papa\AppData\Roaming\FAHUT.exe
2014-06-22 07:13 - 2014-06-22 07:17 - 0000334 _____ () C:\Users\Papa\AppData\Roaming\WinInstallFlashLog.ini
2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\Papa\AppData\Roaming\YZKIEG
2015-04-19 06:22 - 2015-04-19 06:22 - 1562112 _____ (Cinema PlusV18.04) C:\Users\Papa\AppData\Roaming\YZKIEG.exe
2015-04-19 06:31 - 2015-04-19 06:31 - 0613255 _____ (CMI Limited) C:\Users\Papa\AppData\Local\nsu5332.tmp
2015-04-19 07:42 - 2015-04-19 07:41 - 0613255 _____ (CMI Limited) C:\Users\Papa\AppData\Local\nsvC49D.tmp
2014-06-24 02:49 - 2014-06-24 19:44 - 0000003 _____ () C:\Users\Papa\AppData\Local\proxy.log
2014-06-29 23:41 - 2014-06-29 23:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Papa\AppData\Local\Temp\\BI_RunOnce.exe


Some content of TEMP:
====================
C:\Users\Papa\AppData\Local\Temp\209.exe
C:\Users\Papa\AppData\Local\Temp\3006.exe
C:\Users\Papa\AppData\Local\Temp\58DC77EB-3556-90B1-4518-ABACA7F04469.exe
C:\Users\Papa\AppData\Local\Temp\7914.exe
C:\Users\Papa\AppData\Local\Temp\95E8ADE0-2114-FEFA-3914-76D54ADAB933.dll
C:\Users\Papa\AppData\Local\Temp\95E8ADE0-2114-FEFA-3914-76D54ADAB933.exe
C:\Users\Papa\AppData\Local\Temp\97CBE9e8.exe
C:\Users\Papa\AppData\Local\Temp\AFE236BE-141A-0CA9-1191-40E04F70471F.exe
C:\Users\Papa\AppData\Local\Temp\B4AB4F10-9586-AA4D-FC07-8B980982B933.dll
C:\Users\Papa\AppData\Local\Temp\B4AB4F10-9586-AA4D-FC07-8B980982B933.exe
C:\Users\Papa\AppData\Local\Temp\BI_RunOnce.exe
C:\Users\Papa\AppData\Local\Temp\D9AB56.exe
C:\Users\Papa\AppData\Local\Temp\DCAdC1.exe
C:\Users\Papa\AppData\Local\Temp\ebhcabfbdfbgg.exe
C:\Users\Papa\AppData\Local\Temp\Execute2App.exe
C:\Users\Papa\AppData\Local\Temp\ICReinstall_RealPlayer_inst.exe
C:\Users\Papa\AppData\Local\Temp\jue79AD.exe
C:\Users\Papa\AppData\Local\Temp\jueA2D2.exe
C:\Users\Papa\AppData\Local\Temp\lowproc.exe
C:\Users\Papa\AppData\Local\Temp\msvcp90.dll
C:\Users\Papa\AppData\Local\Temp\msvcr90.dll
C:\Users\Papa\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Papa\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Papa\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Papa\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Papa\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Papa\AppData\Local\Temp\nvStInst.exe
C:\Users\Papa\AppData\Local\Temp\optprosetup.exe
C:\Users\Papa\AppData\Local\Temp\Quarantine.exe
C:\Users\Papa\AppData\Local\Temp\setup.exe
C:\Users\Papa\AppData\Local\Temp\Setupfile.exe
C:\Users\Papa\AppData\Local\Temp\Setup_45317.exe
C:\Users\Papa\AppData\Local\Temp\sqlite3.dll
C:\Users\Papa\AppData\Local\Temp\stubhelper.dll
C:\Users\Papa\AppData\Local\Temp\supoptsetup.exe
C:\Users\Papa\AppData\Local\Temp\Torrent windows 7 32 bits edition integrale fr iso__10924_i1500070611_il1560556.exe
C:\Users\Papa\AppData\Local\Temp\Uninstall.exe
C:\Users\Papa\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Papa\AppData\Local\Temp\WinFixPro.exe
C:\Users\Papa\AppData\Local\Temp\WinFixProPackage.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-19 02:15

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité