Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
Exécuté par rever (administrateur) sur DESKTOP-EUJRMEJ (06-03-2017 18:09:28)
Exécuté depuis C:\Users\rever\Desktop
Profils chargés: rever (Profils disponibles: defaultuser0 & rever)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgentUserBroker.exe
(Spotify Ltd) C:\Users\rever\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\WINDOWS\System32\browser_broker.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-17] (Microsoft Corporation)
HKU\S-1-5-21-1164751834-1112494924-2906029714-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-1164751834-1112494924-2906029714-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4005944 2017-02-13] (Tonec Inc.)
HKU\S-1-5-21-1164751834-1112494924-2906029714-1001\...\Run: [Spotify Web Helper] => C:\Users\rever\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-17] (Spotify Ltd)
HKU\S-1-5-21-1164751834-1112494924-2906029714-1001\...\RunOnce: [Uninstall C:\Users\rever\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\rever\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\amd64"
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
BootExecute: 

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\wlidNSP.dll [43520 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [43520 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\WINDOWS\system32\wlidnsp.dll [66048 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [66048 2016-07-16] (Microsoft Corporation)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61
Tcpip\..\Interfaces\{21d25070-9945-423d-abd5-a2a0b0428d76}: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr/?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.fr/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.fr/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1164751834-1112494924-2906029714-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1164751834-1112494924-2906029714-1001 -> DefaultScope {1E642EAE-BC07-46B3-AC6F-A23835BB21EE} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1164751834-1112494924-2906029714-1001 -> {1E642EAE-BC07-46B3-AC6F-A23835BB21EE} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  Pas de fichier
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  Pas de fichier
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -  Pas de fichier
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -  Pas de fichier

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-1164751834-1112494924-2906029714-1001 -> hxxp://google.ch/
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.11.0.0_neutral__c1wakc4j0nefm [2017-02-17]
Edge Extension: (Pin It Button) -> EdgeExtension_PinterestPinItButton_xnkra2w3aecd0 => C:\Program Files\WindowsApps\Pinterest.PinItButton_1.39.5.0_neutral__xnkra2w3aecd0 [2016-12-17]
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.16.0_neutral__8wekyb3d8bbwe [2016-12-17]

FireFox:
========
FF ProfilePath: C:\Users\rever\AppData\Roaming\Mozilla\Firefox\Profiles\dnj6vgg2.default-1485540091079 [2017-03-06]
FF Homepage: Mozilla\Firefox\Profiles\dnj6vgg2.default-1485540091079 -> hxxps://www.google.ch/
FF Extension: (Pin It button) - C:\Users\rever\AppData\Roaming\Mozilla\Firefox\Profiles\dnj6vgg2.default-1485540091079\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2017-03-06]
FF Extension: (S3.Google Translator) - C:\Users\rever\AppData\Roaming\Mozilla\Firefox\Profiles\dnj6vgg2.default-1485540091079\Extensions\s3google@translator.xpi [2017-03-04]
FF Extension: (Adblock Plus) - C:\Users\rever\AppData\Roaming\Mozilla\Firefox\Profiles\dnj6vgg2.default-1485540091079\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-02]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\rever\AppData\Roaming\Mozilla\Firefox\Profiles\dnj6vgg2.default-1485540091079\features\{0ddc12a8-95b6-46f7-86c6-2501c2371a80}\disableSHA1rollout@mozilla.org.xpi [2017-03-03]
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF HKU\S-1-5-21-1164751834-1112494924-2906029714-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1164751834-1112494924-2906029714-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1164751834-1112494924-2906029714-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\rever\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\rever\AppData\Roaming\IDM\idmmzcc5 [2017-03-06] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-23] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\rever\AppData\Local\Google\Chrome\User Data\Default [2017-03-06]
CHR Extension: (Google Slides) - C:\Users\rever\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-23]
CHR Extension: (Google Docs) - C:\Users\rever\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-23]
CHR Extension: (Google Drive) - C:\Users\rever\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-23]
CHR Extension: (YouTube) - C:\Users\rever\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-23]
CHR Extension: (Google Sheets) - C:\Users\rever\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\rever\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-24]
CHR Extension: (IDM Integration Module) - C:\Users\rever\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-02-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\rever\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-23]
CHR Extension: (Gmail) - C:\Users\rever\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-23]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-02-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
S2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "%ProgramData%\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
S4 ZAMSvc; "C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /service [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (AnvSoft Inc.)
S3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [159360 2016-08-10] (Zemana Ltd.)
R3 MEIx64; C:\WINDOWS\System32\drivers\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaewu.inf_amd64_8baa9d083edacf87\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-01-03] (Zemana Ltd.)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-03-06 18:09 - 2017-03-06 18:10 - 00016316 _____ C:\Users\rever\Desktop\FRST.txt
2017-03-06 18:05 - 2017-03-06 18:09 - 00000000 ____D C:\FRST
2017-03-06 18:02 - 2017-03-06 18:02 - 02423808 _____ (Farbar) C:\Users\rever\Desktop\FRST64.exe
2017-03-06 17:12 - 2017-03-06 17:20 - 905986974 ____R C:\Users\rever\Downloads\La nuit de Varennes .Ettore Scola.1981.MULTI.HDRip.1080p.H264.AAC.CUSTOM-Candia06  .mkv
2017-03-06 17:11 - 2017-03-06 18:04 - 00000000 ____D C:\Users\rever\AppData\LocalLow\uTorrent
2017-03-06 17:11 - 2017-03-06 17:11 - 00397187 _____ C:\Users\rever\Downloads\La nuit de Varennes .Ettore Scola.1981.MULTI.HDRip.1080p.H264.AAC.CUSTOM-Candia06  .mkv.torrent
2017-03-06 16:48 - 2017-03-06 16:48 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636244156911336473
2017-03-06 16:34 - 2017-03-06 16:34 - 00000240 _____ C:\Users\rever\.swfinfo
2017-03-06 16:28 - 2017-03-06 17:11 - 00000000 ____D C:\Users\rever\Documents\VSO Downloader
2017-03-06 16:28 - 2017-03-06 16:31 - 00000000 ____D C:\ProgramData\VSO
2017-03-06 16:28 - 2017-03-06 16:28 - 00001317 _____ C:\Users\rever\Desktop\VSO Downloader 5.lnk
2017-03-06 16:28 - 2017-03-06 16:28 - 00000000 ____D C:\Users\rever\AppData\Roaming\VSO
2017-03-06 16:28 - 2017-03-06 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2017-03-06 16:28 - 2017-03-06 16:28 - 00000000 ____D C:\Program Files\WinPcap
2017-03-06 16:28 - 2017-03-06 16:28 - 00000000 ____D C:\Program Files (x86)\VSO
2017-03-06 16:26 - 2017-03-06 16:26 - 00014468 _____ C:\Users\rever\Downloads\VSO Downloader Ultimate 5.0.1.26.torrent
2017-03-06 16:26 - 2017-03-06 16:26 - 00000000 ____D C:\Users\rever\Downloads\VSO Downloader Ultimate 5.0.1.26
2017-03-06 15:36 - 2017-03-06 15:36 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636244113763690250
2017-03-06 15:19 - 2017-03-06 15:25 - 723627725 _____ C:\Users\rever\Downloads\MEN - Undercover Stripper Part 1 - Manuel Skye, Skyy Knox.mp4
2017-03-06 15:18 - 2017-03-06 15:18 - 00014153 _____ C:\Users\rever\Downloads\[gay-torrents.org] MEN - Undercover Stripper Part 1 - Manuel Skye, Skyy Knox.torrent
2017-03-06 15:09 - 2017-03-06 15:09 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636244097838167364
2017-03-06 15:05 - 2017-03-06 15:05 - 24097975 _____ C:\Users\rever\Desktop\Sheila - Quel tempérament de feu (1977).mp4
2017-03-06 13:38 - 2017-03-06 13:39 - 00000000 ____D C:\Users\rever\Downloads\Taboo.UK.S01E07.FASTSUB.VOSTFR.720p.HDTV.x264.AC3-GOBO2S
2017-03-06 13:38 - 2017-03-06 13:38 - 00018859 _____ C:\Users\rever\Downloads\Taboo.UK.S01E07.FASTSUB.VOSTFR.720p.HDTV.x264.AC3-GOBO2S.torrent
2017-03-05 02:42 - 2017-03-05 02:46 - 551578600 ____R C:\Users\rever\Downloads\Gianni Maggio and Italo.mp4
2017-03-05 02:42 - 2017-03-05 02:42 - 00010839 _____ C:\Users\rever\Downloads\[gay-torrents.org] Tim Tales - Gianni Maggio and Italo.torrent
2017-03-05 01:36 - 2017-03-05 01:52 - 00000000 ____D C:\Users\rever\Downloads\MyStraightBuddy.com Siterip
2017-03-05 01:33 - 2017-03-05 01:33 - 00469880 _____ C:\Users\rever\Downloads\MyStraightBuddy Complete HD SiteRip (183 Vids) (720p).torrent
2017-03-04 23:32 - 2017-03-04 23:32 - 00380661 _____ C:\Users\rever\Downloads\Naked Kombat Collection (1).torrent
2017-03-04 23:21 - 2017-03-04 23:21 - 00380661 _____ C:\Users\rever\Downloads\Naked Kombat Collection.torrent
2017-03-04 18:42 - 2017-03-04 18:42 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636242497417175754
2017-03-04 16:32 - 2017-03-05 02:15 - 541569008 ____R C:\Users\rever\Downloads\EBD-JayAlexander-BennettAnthony-540-SD.mp4
2017-03-04 16:32 - 2017-03-04 16:32 - 00010701 _____ C:\Users\rever\Downloads\I Need Big Cock - Jay Alexander & Bennett Anthony.torrent
2017-03-04 15:51 - 2017-03-04 15:51 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636242394781968505
2017-03-04 14:42 - 2017-03-04 14:42 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636242353620060416
2017-03-04 13:28 - 2017-03-04 13:35 - 1518637897 _____ C:\Users\rever\Downloads\MEN - Dad Group Part 1 - Connor Maguire, Jake Ashford (1080p).mp4
2017-03-04 12:47 - 2017-03-04 12:47 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636242284258466936
2017-03-04 12:23 - 2017-03-04 12:23 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636242269922872097
2017-03-04 11:27 - 2017-03-04 11:30 - 472086717 _____ C:\Users\rever\Downloads\FuckerMate - Gianni Maggio and Louis Ricaute Horse Riding.mp4
2017-03-04 08:28 - 2017-03-04 08:38 - 1463573797 ____R C:\Users\rever\Downloads\Raging Stallion - Wasteland - Bruno Bernal, Bruce Beckham.mp4
2017-03-04 06:50 - 2017-03-04 06:50 - 00001142 _____ C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2017-03-04 06:50 - 2017-03-04 06:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2017-03-04 06:50 - 2017-03-04 06:50 - 00000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2017-03-04 06:01 - 2017-03-04 07:34 - 1932553065 ____R C:\Users\rever\Downloads\The Making of the Warwick Rowers 2016 Calendar - England Film.mp4
2017-03-04 06:00 - 2017-03-04 06:00 - 00018777 _____ C:\Users\rever\Downloads\[gay-torrents.org] The Making of the Warwick Rowers 2016 Calendar - England Film.torrent
2017-03-04 04:28 - 2017-03-04 04:28 - 00000000 ____D C:\Users\rever\AppData\Local\NVIDIA Corporation
2017-03-04 01:43 - 2017-03-04 01:43 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636241886039200045
2017-03-04 01:11 - 2017-03-04 01:11 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2017-03-03 22:04 - 2017-03-03 22:04 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636241754903681773
2017-03-03 21:58 - 2017-03-03 22:07 - 1041977097 _____ C:\Users\rever\Downloads\RagingStallion - High n' Tight - Bruno Bernal & Ryan Cruz.mp4
2017-03-03 21:11 - 2017-03-04 20:11 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-03 21:09 - 2017-03-03 21:08 - 00372736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVUNINST.EXE
2017-03-03 21:08 - 2017-03-03 21:08 - 00000000 ____D C:\Program Files (x86)\NVIDIA nTune Performance Application
2017-03-03 18:40 - 2017-03-03 18:40 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636241632493235881
2017-03-03 18:19 - 2017-03-03 18:19 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636241619930446884
2017-03-03 17:51 - 2017-03-03 17:51 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636241603196134311
2017-03-03 17:35 - 2017-03-03 17:38 - 877563511 _____ C:\Users\rever\Downloads\[Hot House] Dirty Work - Jimmy Durano & Ace Era.mp4
2017-03-03 17:27 - 2017-03-03 17:27 - 00000000 ____D C:\Users\rever\Downloads\9
2017-03-03 16:48 - 2017-03-04 09:25 - 00000000 ____D C:\Users\rever\Documents\Snagit
2017-03-03 16:47 - 2017-03-04 09:36 - 00000000 ____D C:\Users\rever\AppData\Local\TechSmith
2017-03-03 16:47 - 2017-03-04 09:36 - 00000000 ____D C:\ProgramData\TechSmith
2017-03-03 16:44 - 2017-03-03 16:44 - 00000000 ____D C:\Users\rever\Downloads\Snagit 13
2017-03-03 16:41 - 2017-03-03 16:42 - 00000000 ____D C:\Users\rever\Downloads\TechSmith Snagit v13.1.1.7662
2017-03-03 15:03 - 2017-03-03 15:05 - 1650678391 _____ C:\Users\rever\Downloads\Next Door Originals - 20170303 The Talented Mr Bubbles (Mark Long, Ty Thomas) [1080p].mp4
2017-03-03 14:51 - 2017-03-03 21:41 - 00000000 ____D C:\Users\rever\Desktop\Fichier inutilisé (CU)
2017-03-03 14:51 - 2017-03-03 18:54 - 00000000 ____D C:\Users\Public\Desktop\Raccourci inutilisé (AU)
2017-03-03 14:51 - 2017-03-03 14:51 - 00000000 ____D C:\Users\rever\Desktop\Raccourci inutilisé (CU)
2017-03-03 14:51 - 2017-03-03 14:51 - 00000000 ____D C:\Users\Public\Desktop\Fichier inutilisé (AU)
2017-03-03 14:47 - 2017-03-03 14:47 - 04031440 _____ C:\Users\rever\Desktop\adwcleaner_6.044.exe
2017-03-02 10:08 - 2017-03-02 10:19 - 798897917 ____R C:\Users\rever\Downloads\HardBritLads-JordanFox-MattRichie-1080p.mp4
2017-03-02 08:45 - 2017-03-02 08:45 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636240411506276400
2017-03-02 08:30 - 2017-03-02 08:33 - 676695495 _____ C:\Users\rever\Downloads\TitanMen - 2 Men Kiss - Jason Vario fucks Lorenzo Flexx.mp4
2017-03-02 06:42 - 2017-03-02 06:42 - 00000000 ____D C:\Users\rever\Downloads\sean cody 1810 dominic 3
2017-03-02 06:20 - 2017-03-02 06:29 - 849226220 _____ C:\Users\rever\Downloads\TM-LorenzoFlexx-JasonVario.mp4
2017-03-02 02:33 - 2017-03-02 02:39 - 00000000 ____D C:\Users\rever\AppData\Local\Mozilla
2017-03-02 02:32 - 2017-03-03 14:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-02 02:32 - 2017-03-02 02:32 - 00001196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-03-02 00:34 - 2017-03-02 00:35 - 401257606 _____ C:\Users\rever\Downloads\Raw Fuck Club - Loaded Up At The Gym - Owen Powers & Alejandro Fusco.mp4
2017-03-01 22:26 - 2017-03-01 22:27 - 800487229 _____ C:\Users\rever\Downloads\[Tim Tales] Ridder Rivera Barebacks Dano.mp4
2017-03-01 19:56 - 2017-03-01 19:56 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636239950087629862
2017-03-01 19:53 - 2017-03-01 20:02 - 450036931 _____ C:\Users\rever\Downloads\[Tim Tales] Caio Fucks Jonathan.mp4
2017-03-01 19:47 - 2017-03-01 19:49 - 233734112 _____ C:\Users\rever\Downloads\[Ridleydovarez] Abused, beaten, fucked and raped (Jordan Fox).mp4
2017-03-01 19:39 - 2017-03-01 19:39 - 00099460 _____ C:\Users\rever\Desktop\SFTGC.txt
2017-03-01 12:50 - 2017-03-01 12:52 - 130971586 _____ C:\Users\rever\Downloads\The Best Flex - Muscle Diamond Bedroom Flexing.mp4
2017-03-01 12:28 - 2017-03-01 12:28 - 00000000 ____D C:\Users\rever\Downloads\Universal Viewer Pro 6.5.6.2 + Serial
2017-03-01 08:34 - 2017-03-01 08:35 - 41828732 ____R C:\Users\rever\Downloads\PlanB-2.mp4
2017-03-01 04:46 - 2017-03-01 04:51 - 00000000 ____D C:\Users\rever\AppData\Roaming\ATViewer
2017-03-01 04:45 - 2017-03-01 04:45 - 00000000 ____D C:\Users\rever\AppData\Roaming\WinRAR
2017-03-01 04:44 - 2017-03-01 04:44 - 00001028 _____ C:\Users\Public\Desktop\WinRAR.lnk
2017-03-01 04:44 - 2017-03-01 04:44 - 00000000 ____D C:\Users\rever\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-03-01 04:44 - 2017-03-01 04:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-03-01 04:44 - 2017-03-01 04:44 - 00000000 ____D C:\Program Files\WinRAR
2017-03-01 04:24 - 2012-06-13 12:58 - 00000000 ____D C:\Users\rever\Desktop\Plugins
2017-03-01 03:26 - 2017-03-01 03:41 - 2174473384 _____ C:\Users\rever\Downloads\HEAVENLY - Pleasure Productions.mp4
2017-02-28 23:54 - 2017-03-01 00:50 - 3032484657 _____ C:\Users\rever\Downloads\Devon S (Shoot 02).mp4
2017-02-28 22:20 - 2017-02-28 22:20 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636239172038728988
2017-02-28 21:55 - 2017-02-28 21:57 - 527157066 _____ C:\Users\rever\Downloads\Jake Cruise - Leo Giamani Massaged (Oct 31, 08).wmv
2017-02-28 19:57 - 2017-02-28 19:57 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636239086416716187
2017-02-28 16:27 - 2017-02-28 16:32 - 579465361 ____R C:\Users\rever\Downloads\Muscle Hunks - Claude Carroll Solo.mp4
2017-02-28 07:29 - 2017-02-28 07:29 - 02041535 _____ C:\Users\rever\Desktop\FRATMEN™ _ FRATPAD Archive_ SPENCER on 2008_02_16.mkv
2017-02-28 06:45 - 2017-02-28 17:36 - 2685104966 _____ C:\Users\rever\Downloads\♺ TREASURE ISLAN MEDIA BBreed n Seed n Feed CUMpilation_vol 1.mov
2017-02-28 03:47 - 2017-02-28 03:47 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636238504613312855
2017-02-28 02:27 - 2017-02-28 20:59 - 00000000 ____D C:\Program Files (x86)\DAZ 3D
2017-02-28 01:00 - 2017-02-28 02:31 - 00000000 ____D C:\Users\Public\Documents\My DAZ 3D Library
2017-02-28 01:00 - 2017-02-28 01:00 - 00000000 ____D C:\Users\rever\Documents\DAZ 3D
2017-02-28 00:57 - 2017-02-28 00:57 - 00000000 ____D C:\ProgramData\DAZ 3D
2017-02-28 00:55 - 2017-02-28 01:00 - 00000000 ____D C:\Users\rever\AppData\Roaming\DAZ 3D
2017-02-27 23:48 - 2017-02-27 23:49 - 00000000 ____D C:\ProgramData\Temp
2017-02-27 23:40 - 2017-02-28 21:01 - 00000000 ____D C:\Users\rever\AppData\Roaming\Notepad++
2017-02-27 23:40 - 2017-02-28 21:01 - 00000000 ____D C:\Program Files (x86)\Notepad++
2017-02-27 23:23 - 2017-02-27 23:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2
2017-02-27 23:23 - 2017-02-27 23:23 - 00000000 ____D C:\Users\rever\AppData\Roaming\proDAD
2017-02-27 23:23 - 2017-02-27 23:23 - 00000000 ____D C:\ProgramData\proDAD
2017-02-27 23:23 - 2017-02-27 23:23 - 00000000 ____D C:\Program Files\Common Files\NewBlue
2017-02-27 23:23 - 2017-02-27 23:06 - 00607256 _____ (proDAD GmbH) C:\WINDOWS\system32\prodad-codec.dll
2017-02-27 23:23 - 2017-02-27 23:04 - 00376344 _____ (proDAD GmbH) C:\WINDOWS\system32\proDAD-PA-Support.dll
2017-02-27 23:22 - 2017-03-01 22:22 - 00000000 ____D C:\Program Files (x86)\NewBlue
2017-02-27 23:20 - 2017-03-03 21:33 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2017-02-27 23:20 - 2017-02-27 23:48 - 00000000 ____D C:\ProgramData\install_backup
2017-02-27 23:20 - 2017-02-27 23:20 - 00000000 ____D C:\Users\Public\Cyberlink
2017-02-27 23:19 - 2017-02-27 23:49 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-02-27 23:19 - 2017-02-27 23:48 - 00000000 ____D C:\ProgramData\CLSK
2017-02-27 23:19 - 2017-02-27 23:23 - 00000000 ____D C:\ProgramData\install_clap
2017-02-27 23:00 - 2017-03-06 14:18 - 00000000 ____D C:\Users\rever\Downloads\CyberLink PowerDirector Ultimate 15 Suite
2017-02-27 20:33 - 2017-02-27 20:33 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636238244312840294
2017-02-27 20:25 - 2017-02-27 20:25 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636238239576335624
2017-02-27 20:13 - 2017-02-27 20:13 - 00000000 ____D C:\Users\rever\AppData\Roaming\Bandicam Company
2017-02-27 20:09 - 2017-02-27 20:15 - 00000000 ____D C:\Program Files (x86)\Bandicam
2017-02-27 20:09 - 2017-02-27 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2017-02-27 20:09 - 2017-02-27 20:09 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2017-02-27 18:36 - 2017-02-27 18:36 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636238173613573309
2017-02-27 17:52 - 2017-02-27 17:52 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636238147267937185
2017-02-27 17:21 - 2017-02-27 17:21 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636238128636320837
2017-02-27 16:46 - 2017-02-27 16:51 - 00000000 ____D C:\Users\rever\Downloads\Lucas Entertainment - A Vito Gallo Collection
2017-02-25 21:23 - 2017-02-25 21:23 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636236545825821063
2017-02-25 11:35 - 2017-02-25 11:35 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636236193437600224
2017-02-25 06:35 - 2017-02-25 06:35 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636236013534579789
2017-02-25 04:18 - 2017-02-25 04:18 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636235931055227546
2017-02-25 02:49 - 2017-02-25 02:49 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636235877709867746
2017-02-25 02:48 - 2017-02-25 02:48 - 00000000 ____D C:\Users\rever\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2017-02-25 02:48 - 2017-02-25 02:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2017-02-25 02:42 - 2017-02-25 02:48 - 00000000 ____D C:\Program Files (x86)\Freemake
2017-02-25 00:03 - 2017-02-25 00:03 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636235777911642478
2017-02-24 21:01 - 2017-02-24 21:01 - 00000000 ____D C:\Users\rever\Downloads\MANTICIPATION
2017-02-24 18:19 - 2017-02-24 18:19 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636235571894182862
2017-02-24 17:00 - 2017-02-24 17:00 - 00000000 ___HD C:\Users\rever\Documents\Freemake_do_not_remove_this_folder636235524120641681
2017-02-24 15:51 - 2017-03-04 11:36 - 00000000 ____D C:\Users\rever\Documents\Bandicam
2017-02-23 07:59 - 2017-02-23 07:59 - 00003584 _____ C:\Users\rever\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-02-23 07:10 - 2017-02-23 07:10 - 00000000 ____D C:\Users\rever\AppData\Local\.marble
2017-02-23 07:07 - 2017-02-23 07:07 - 00000000 ____D C:\Users\rever\AppData\Local\kxmlgui5
2017-02-23 07:05 - 2017-02-23 07:11 - 00019524 _____ C:\Users\rever\AppData\Local\digikamrc
2017-02-23 07:04 - 2017-02-23 07:04 - 00000000 ____D C:\Users\rever\AppData\Local\cache
2017-02-23 01:55 - 2017-02-25 03:14 - 00001256 _____ C:\Users\rever\Desktop\Windows 10 Manager.lnk
2017-02-23 01:55 - 2017-02-25 03:14 - 00001246 _____ C:\Users\rever\Desktop\1-Click Cleaner.lnk
2017-02-23 01:55 - 2017-02-23 01:55 - 00000000 ____D C:\Users\rever\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamicsoft
2017-02-23 01:55 - 2017-02-23 01:55 - 00000000 ____D C:\Program Files\Yamicsoft
2017-02-22 05:22 - 2017-03-03 17:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 03:23 - 2017-02-22 03:23 - 00000000 ____D C:\Users\rever\Desktop\Data
2017-02-21 22:33 - 2017-02-21 22:33 - 00000000 ____D C:\Users\rever\Downloads\Yamicsoft Windows 10 Manager 2.0.5 Portable
2017-02-18 21:17 - 2017-02-18 21:17 - 00000000 ____D C:\Users\rever\AppData\Local\Apowersoft
2017-02-17 22:45 - 2017-03-06 15:12 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-17 22:25 - 2017-02-17 22:25 - 00000000 ____D C:\Users\rever\Intel
2017-02-17 18:45 - 2017-03-06 14:28 - 00002000 _____ C:\Users\rever\Desktop\ZHPCleaner.txt
2017-02-16 06:53 - 2017-03-03 17:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-16 06:32 - 2017-02-16 06:32 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-02-16 03:23 - 2017-02-16 03:33 - 972707671 ____R C:\Users\rever\Downloads\Brodie & Levi.mp4
2017-02-16 02:49 - 2017-03-06 17:54 - 00000000 ____D C:\Users\rever\AppData\Roaming\Anvsoft
2017-02-16 02:49 - 2017-02-16 02:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft
2017-02-16 02:49 - 2017-02-16 02:49 - 00000000 ____D C:\Program Files (x86)\Anvsoft
2017-02-16 00:36 - 2017-03-04 20:13 - 00000000 ____D C:\Users\rever\AppData\Roaming\IDM
2017-02-16 00:34 - 2017-02-16 00:37 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-02-16 00:34 - 2017-02-16 00:34 - 00000000 ____D C:\Users\rever\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-02-16 00:34 - 2017-02-16 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-02-15 13:19 - 2017-02-15 14:51 - 00000000 ____D C:\Program Files\CCleaner
2017-02-15 13:19 - 2017-02-15 13:19 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-15 13:19 - 2017-02-15 13:19 - 00000827 _____ C:\Users\rever\Desktop\CCleaner.lnk
2017-02-15 13:19 - 2017-02-15 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-14 00:12 - 2017-03-06 14:20 - 00000879 _____ C:\Users\rever\Desktop\ZHPCleaner.lnk
2017-02-14 00:12 - 2017-02-14 00:12 - 02702848 _____ C:\Users\rever\Desktop\ZHPCleaner.exe
2017-02-13 18:14 - 2016-10-17 16:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2017-02-13 15:38 - 2017-02-13 16:08 - 2648317683 ____R C:\Users\rever\Downloads\[MEN] [Drill My Hole] Hideous Color [Arpad Miklos and John Magnum] [1080p].mp4
2017-02-13 07:16 - 2017-02-13 07:16 - 00000000 ____D C:\Users\rever\Downloads\Falcon (FVP113) - CALIFORNIA KINGS
2017-02-13 03:01 - 2017-03-04 06:53 - 00000000 ____D C:\Users\rever\AppData\Roaming\FastStone
2017-02-13 03:01 - 2017-02-13 03:01 - 00000000 ____D C:\Users\rever\AppData\Local\FastStone
2017-02-12 19:54 - 2017-02-12 20:19 - 00000000 ___HD C:\adobeTemp
2017-02-12 13:08 - 2017-02-12 13:08 - 108504137 _____ C:\Users\rever\Desktop\Temperament de feu.wmv
2017-02-11 06:28 - 2017-02-12 18:13 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2017-02-11 00:57 - 2017-02-17 14:48 - 00000000 ____D C:\Users\rever\Downloads\Adobe Photoshop Lightroom CC 6.8
2017-02-10 14:48 - 2017-02-10 14:48 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-10 14:48 - 2016-12-29 13:28 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-10 14:48 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-10 14:48 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-10 14:48 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-10 14:48 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-08 02:30 - 2017-02-08 02:30 - 17836124 _____ C:\Users\rever\Downloads\Sheila You Light my fire Festivalbar Verone  Rai Uno - vidéo Dailymotion.ts
2017-02-07 08:05 - 2017-02-17 21:42 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-02-07 06:10 - 2017-02-07 06:10 - 01239752 _____ (Microsoft Corporation) C:\Users\rever\Desktop\wlsetup-web.exe
2017-02-06 21:49 - 2017-02-13 03:25 - 00063386 _____ C:\Users\rever\Documents\starburn.txt
2017-02-06 21:49 - 2017-02-06 21:49 - 00000000 ____D C:\Users\rever\AppData\Local\Wondershare
2017-02-06 21:49 - 2017-02-06 21:49 - 00000000 ____D C:\ProgramData\Wondershare
2017-02-06 21:48 - 2017-02-06 22:41 - 00000000 ____D C:\Users\rever\Documents\Wondershare Filmora
2017-02-04 17:11 - 2017-02-04 17:11 - 00000000 ____D C:\Program Files\Avidemux 2.6 - 64 bits
2017-02-04 16:05 - 2017-02-17 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64 bits)
2017-02-04 12:07 - 2017-02-04 12:10 - 683952928 ____R C:\Users\rever\Downloads\Robbie [IslandStuds].mp4
2017-02-04 00:01 - 2017-02-04 00:01 - 00000000 ____D C:\Users\rever\.MCTranscodingSDK
2017-02-04 00:00 - 2017-02-04 00:01 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2017-02-04 00:00 - 2017-02-04 00:00 - 00000000 ____D C:\ProgramData\Geevs

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-03-06 18:09 - 2017-01-11 12:26 - 00000000 ____D C:\Users\rever\AppData\LocalLow\Mozilla
2017-03-06 18:09 - 2017-01-03 21:40 - 00228223 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-03-06 18:09 - 2016-12-14 13:14 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-06 18:04 - 2017-01-31 01:18 - 00000000 ____D C:\Users\rever\AppData\Roaming\DMCache
2017-03-06 18:04 - 2016-12-14 17:00 - 00000000 ____D C:\Users\rever\AppData\Roaming\uTorrent
2017-03-06 18:04 - 2016-12-14 15:26 - 00000000 ____D C:\Users\rever\AppData\Local\Spotify
2017-03-06 18:01 - 2017-01-09 05:03 - 00000000 ____D C:\Users\rever\AppData\Local\CrashDumps
2017-03-06 17:34 - 2016-12-14 15:13 - 00000000 ____D C:\Users\rever\AppData\Roaming\avidemux
2017-03-06 17:32 - 2017-01-24 10:44 - 00000000 ____D C:\Users\rever\AppData\Roaming\vlc
2017-03-06 16:34 - 2016-12-14 13:20 - 00000000 ____D C:\Users\rever
2017-03-06 16:11 - 2016-12-14 20:36 - 00004178 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9DB31290-AF51-4C9A-8B42-1A984439DA55}
2017-03-06 16:05 - 2016-12-14 15:25 - 00000000 ____D C:\Users\rever\AppData\Roaming\Spotify
2017-03-06 15:07 - 2016-12-14 13:20 - 00000000 ____D C:\Users\rever\AppData\Local\Packages
2017-03-06 15:07 - 2016-12-14 11:45 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-06 14:28 - 2016-12-14 16:34 - 00000000 ____D C:\Users\rever\AppData\Roaming\ZHP
2017-03-06 14:20 - 2016-12-14 16:11 - 00000000 ____D C:\AdwCleaner
2017-03-06 14:12 - 2016-12-14 22:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-05 16:03 - 2017-01-27 17:57 - 00000000 ____D C:\Users\rever\AppData\Local\ElevatedDiagnostics
2017-03-05 03:28 - 2017-02-01 00:18 - 00000000 ____D C:\Users\rever\Desktop\mecs1
2017-03-04 20:11 - 2016-12-14 11:44 - 00000000 ____D C:\WINDOWS\INF
2017-03-04 15:45 - 2016-12-14 15:25 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-03-04 15:41 - 2016-12-14 22:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-04 15:41 - 2016-12-14 11:31 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-04 15:31 - 2016-12-15 12:29 - 02748416 _____ C:\Users\rever\ZHPCleaner.exe
2017-03-04 14:23 - 2016-12-14 11:45 - 00000000 ____D C:\WINDOWS\rescache
2017-03-04 09:35 - 2016-12-18 00:43 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-04 05:04 - 2016-12-14 11:45 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-04 04:26 - 2016-12-14 22:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-04 04:26 - 2016-12-14 22:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-03 21:41 - 2017-01-27 18:42 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
2017-03-03 21:29 - 2016-12-23 18:35 - 00002938 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2017-03-03 20:30 - 2016-12-23 18:35 - 00003556 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-03 20:30 - 2016-12-18 00:46 - 00003016 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-03 20:30 - 2016-12-18 00:45 - 00003142 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-03 20:30 - 2016-12-18 00:45 - 00003114 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-03 20:30 - 2016-12-18 00:45 - 00002996 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-03 20:30 - 2016-12-18 00:45 - 00002944 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-03 20:30 - 2016-12-18 00:45 - 00002902 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-03 17:11 - 2016-07-16 12:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-03-03 17:11 - 2016-07-16 12:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-03-03 17:11 - 2016-07-16 12:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-03-03 17:11 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-03-03 17:11 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-03-03 14:14 - 2017-01-08 11:47 - 00000000 ____D C:\Users\rever\AppData\LocalLow\Adobe
2017-03-03 14:14 - 2016-12-14 13:20 - 00000000 ____D C:\Users\rever\AppData\Roaming\Adobe
2017-03-02 02:33 - 2016-12-14 13:28 - 00000000 ____D C:\Users\rever\AppData\Roaming\Mozilla
2017-02-27 14:56 - 2016-12-21 19:48 - 00000000 ___HD C:\Users\rever\Desktop\.picasaoriginals
2017-02-25 02:49 - 2016-12-14 21:13 - 00000000 ____D C:\ProgramData\Freemake
2017-02-24 23:23 - 2016-12-21 18:02 - 00000000 ____D C:\oem
2017-02-24 23:02 - 2016-12-15 06:41 - 00000000 ____D C:\Users\rever\AppData\Roaming\dvdcss
2017-02-23 09:34 - 2016-12-14 19:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 09:32 - 2016-12-14 19:58 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 01:54 - 2017-01-03 22:22 - 00000000 ____D C:\Users\rever\AppData\Roaming\Yamicsoft
2017-02-23 00:41 - 2016-12-29 15:45 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-18 21:22 - 2016-12-15 01:57 - 00000000 ____D C:\Users\rever\AppData\Roaming\Apowersoft
2017-02-18 14:50 - 2016-12-14 16:36 - 00120071 _____ C:\Users\rever\Desktop\ZHPDiag.txt
2017-02-17 22:02 - 2016-12-14 11:45 - 00000155 _____ C:\WINDOWS\win.ini
2017-02-17 21:42 - 2016-12-14 11:45 - 00000000 __RSD C:\WINDOWS\Media
2017-02-17 21:42 - 2016-12-14 11:45 - 00000000 ____D C:\WINDOWS\security
2017-02-17 21:42 - 2016-12-14 11:45 - 00000000 ____D C:\WINDOWS\Registration
2017-02-17 21:42 - 2016-12-14 11:45 - 00000000 ____D C:\WINDOWS\Help
2017-02-15 23:42 - 2017-01-21 01:11 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-15 23:42 - 2016-12-14 22:02 - 00242632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-14 18:34 - 2017-01-21 01:11 - 00003988 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-02-14 18:34 - 2016-12-14 11:45 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-14 18:34 - 2016-12-14 11:45 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-12 20:24 - 2016-12-29 15:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-02-11 07:02 - 2017-01-31 01:18 - 00000000 ____D C:\Users\rever\Downloads\Video
2017-02-10 22:40 - 2016-12-21 18:03 - 00000000 ____D C:\Users\rever\AppData\Local\Acer
2017-02-10 21:46 - 2017-01-08 11:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-02-10 21:18 - 2017-02-03 21:41 - 00001086 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2017-02-10 21:18 - 2017-02-03 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2017-02-08 05:19 - 2016-12-19 09:40 - 324695890 _____ C:\Users\rever\Downloads\SC-Marshall-Pierce.wmv
2017-02-08 05:12 - 2016-12-29 15:47 - 00000000 ____D C:\Users\rever\AppData\Roaming\NVIDIA
2017-02-07 07:48 - 2017-02-03 21:09 - 00000000 ____D C:\Program Files (x86)\Windows Live
2017-02-07 06:13 - 2016-12-14 13:23 - 00000000 ___RD C:\Users\rever\OneDrive
2017-02-06 23:07 - 2017-01-23 22:55 - 00002234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 20:48 - 2016-12-14 11:46 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-12-14 11:46 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-06 16:55 - 2016-12-18 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2017-02-04 15:34 - 2016-12-21 18:02 - 00000000 ____D C:\Program Files (x86)\Acer
2017-02-04 15:33 - 2016-12-21 18:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2017-02-04 15:33 - 2016-12-21 18:02 - 00000000 ____D C:\ProgramData\acer
2017-02-04 13:34 - 2016-12-14 22:09 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-02-04 00:55 - 2017-01-14 21:16 - 00000000 ____D C:\Users\rever\.thumbnails

==================== Fichiers à la racine de certains dossiers =======

2017-02-23 07:59 - 2017-02-23 07:59 - 0003584 _____ () C:\Users\rever\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-02-23 07:05 - 2017-02-23 07:11 - 0019524 _____ () C:\Users\rever\AppData\Local\digikamrc
2017-01-29 09:53 - 2017-01-29 09:53 - 0007605 _____ () C:\Users\rever\AppData\Local\Resmon.ResmonCfg
2016-12-14 22:10 - 2016-12-14 22:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-02-01 15:10 - 2017-02-01 15:10 - 0004975 _____ () C:\ProgramData\kjiixkes.ghp
2017-02-01 15:10 - 2017-02-01 15:10 - 0000016 _____ () C:\ProgramData\mntemp
2016-12-23 18:35 - 2017-03-03 21:34 - 0002312 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-23 18:35 - 2017-03-03 21:29 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Fichiers à déplacer ou supprimer:
====================
C:\Users\rever\ZHPCleaner.exe
C:\Users\rever\ZHPDiag3.exe


==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-02-28 08:50

==================== Fin de FRST.txt ============================