cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 10-10-2016
Exécuté par Leo (administrateur) sur LE (12-10-2016 13:06:42)
Exécuté depuis C:\Users\Leo\Desktop
Profils chargés: Leo (Profils disponibles: Leo)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Opera)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
() C:\Windows\jmesoft\Service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Opera Software) C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-11-13] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216576 2014-03-10] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15853176 2016-08-03] (Logitech Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6626696 2016-07-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] => C:\WINDOWS\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-16] ()
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917584 2016-10-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKU\S-1-5-21-2883583054-3779539893-2577248336-1002\...\Run: [TeamSpeak 3 Client] => C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe [11479320 2016-09-12] (TeamSpeak Systems GmbH)
HKU\S-1-5-21-2883583054-3779539893-2577248336-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2883583054-3779539893-2577248336-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.)
HKU\S-1-5-21-2883583054-3779539893-2577248336-1002\...\Run: [WhatPulse] => C:\Program Files (x86)\WhatPulse2\whatpulse.exe [3837016 2016-07-09] ()
HKU\S-1-5-21-2883583054-3779539893-2577248336-1002\...\RunOnce: [Application Restart #0] => C:\Users\Leo\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resource (l'élément de données a 579 caractères en plus).

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\..\Interfaces\{9B86A68A-B67F-4991-A321-635204B78002}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{9B86A68A-B67F-4991-A321-635204B78002}: [DhcpNameServer] 192.168.1.254
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-2883583054-3779539893-2577248336-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-2883583054-3779539893-2577248336-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-2883583054-3779539893-2577248336-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-2883583054-3779539893-2577248336-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-2883583054-3779539893-2577248336-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-17] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: 3t0mi0eb.default
FF ProfilePath: C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\3t0mi0eb.default [2016-09-27]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\3t0mi0eb.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\3t0mi0eb.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\3t0mi0eb.default -> hxxp://www.msn.com/?pc=U270&ocid=U270DHP&osmkt=fr-fr
FF Keyword.URL: Mozilla\Firefox\Profiles\3t0mi0eb.default -> hxxp://www.bing.com/search?FORM=U270DF&PC=U270&q=
FF Extension: (Avira Browser Safety) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\3t0mi0eb.default\Extensions\abs@avira.com.xpi [2016-09-20]
FF Extension: (Bing Search) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\3t0mi0eb.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-12-16]
FF Extension: (Firefox Hotfix) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\3t0mi0eb.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF SearchPlugin: C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\3t0mi0eb.default\searchplugins\bing-.xml [2015-12-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-02-14] (Nitro PDF)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (WOT) - C:\Users\Leo\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2016-10-11]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-22] (Advanced Micro Devices, Inc.) [Fichier non signé]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1086040 2016-10-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [475232 2016-10-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [475232 2016-10-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1489240 2016-10-11] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [346928 2016-08-24] (Avira Operations GmbH & Co. KG)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [92160 2014-03-12] () [Fichier non signé]
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] () [Fichier non signé]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [559872 2014-08-06] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-03] (Logitech Inc.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-16] (Maxthon)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2014-02-14] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 ACTION_SVC; C:\Program Files (x86)\Mirillis\Action!\action_svc.exe [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [110096 2016-05-04] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [149832 2016-10-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [153392 2016-10-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-06-02] (Avira Operations GmbH & Co. KG)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [559832 2014-02-26] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3347672 2014-03-13] (Realtek Semiconductor Corporation )
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-09-12] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-10-12 13:06 - 2016-10-12 13:07 - 00017657 _____ C:\Users\Leo\Desktop\FRST.txt
2016-10-12 13:06 - 2016-10-12 13:06 - 00000000 ____D C:\FRST
2016-10-12 13:05 - 2016-10-12 13:05 - 02407424 _____ (Farbar) C:\Users\Leo\Desktop\FRST64.exe
2016-10-12 11:42 - 2016-10-12 11:42 - 03874368 _____ C:\Users\Leo\Desktop\adwcleaner_6.021.exe
2016-10-12 10:58 - 2016-10-12 11:05 - 00000000 ____D C:\Users\Leo\AppData\Roaming\ZHP
2016-10-12 10:47 - 2016-10-12 11:45 - 00000000 ____D C:\AdwCleaner
2016-10-11 22:23 - 2016-10-11 22:24 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-11 22:22 - 2016-10-11 22:22 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-11 22:22 - 2016-10-11 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-11 22:22 - 2016-10-11 22:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-11 22:22 - 2016-10-11 22:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-11 22:22 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-10-11 22:22 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-10-11 22:22 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-10-11 18:10 - 2016-10-11 18:11 - 3270803456 _____ C:\Users\Leo\Downloads\X17-59479.ISO
2016-10-11 17:37 - 2016-10-11 17:37 - 00000000 ____D C:\Users\Leo\VirtualBox VMs
2016-10-11 17:35 - 2016-10-12 11:23 - 00000000 ____D C:\Users\Leo\.VirtualBox
2016-10-11 17:32 - 2016-10-11 17:32 - 00001103 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-10-11 17:32 - 2016-10-11 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-10-11 17:32 - 2016-10-11 17:32 - 00000000 ____D C:\Program Files\Oracle
2016-10-11 17:32 - 2016-09-12 18:18 - 00920168 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2016-10-11 17:32 - 2016-09-12 18:17 - 00149256 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2016-10-11 17:29 - 2016-10-11 17:30 - 122288608 _____ (Oracle Corporation) C:\Users\Leo\Downloads\VirtualBox-5.1.6-110634-Win.exe
2016-10-11 12:02 - 2016-10-11 12:04 - 48558117 _____ C:\Users\Leo\Documents\gravel.mp4
2016-10-11 10:34 - 2016-10-11 10:33 - 00023640 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2016-10-05 17:56 - 2016-10-05 17:56 - 00012128 _____ C:\Users\Leo\AppData\Local\recently-used.xbel
2016-10-02 16:45 - 2016-10-02 16:45 - 00406574 _____ C:\Users\Leo\Downloads\vti.zip
2016-09-30 23:12 - 2016-09-30 23:28 - 282428268 _____ C:\Users\Leo\Documents\winlights1.mp4
2016-09-30 19:30 - 2016-09-30 19:30 - 00031480 _____ C:\Users\Leo\Documents\winlights1.veg
2016-09-30 19:20 - 2016-09-30 19:26 - 00003072 _____ C:\Users\Leo\Downloads\A FEW MOMENTS LATER (HD).mp4.sfk
2016-09-30 19:20 - 2016-09-30 19:20 - 00315633 _____ C:\Users\Leo\Downloads\A FEW MOMENTS LATER (HD).mp4
2016-09-28 14:18 - 2016-09-28 14:18 - 40522559 _____ C:\Users\Leo\Downloads\!Dynamic Duo RedBlue.zip
2016-09-27 18:03 - 2016-09-27 18:03 - 07084052 _____ C:\Users\Leo\Downloads\LosFabiStorios!.rar
2016-09-27 16:27 - 2016-10-06 16:27 - 00003860 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1474986414
2016-09-27 16:27 - 2016-09-27 16:27 - 00000000 ____D C:\Users\Leo\AppData\Roaming\Opera Software
2016-09-27 16:27 - 2016-09-27 16:27 - 00000000 ____D C:\Users\Leo\AppData\Local\Opera Software
2016-09-27 16:26 - 2016-10-06 16:27 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-27 16:26 - 2016-10-06 16:27 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-27 16:26 - 2016-09-27 16:26 - 01137288 _____ (Opera Software) C:\Users\Leo\Downloads\OperaSetup.exe
2016-09-27 16:26 - 2016-09-27 16:26 - 00001162 _____ C:\Users\Public\Desktop\Opera.lnk
2016-09-27 16:21 - 2016-09-27 16:21 - 00281488 _____ C:\WINDOWS\Minidump\092716-25531-01.dmp
2016-09-27 16:14 - 2016-09-27 16:14 - 00290048 _____ C:\WINDOWS\Minidump\092716-25546-01.dmp
2016-09-27 13:06 - 2016-09-27 13:10 - 00000000 ____D C:\Users\Leo\AppData\Roaming\PlaysTV
2016-09-27 13:04 - 2016-09-27 13:10 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-09-27 13:04 - 2016-09-27 13:04 - 00000000 ____D C:\Users\Leo\AppData\Roaming\library_dir
2016-09-27 13:03 - 2016-09-27 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-09-27 13:03 - 2016-09-27 13:03 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-09-27 13:03 - 2016-06-23 20:22 - 00264992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-09-27 13:03 - 2016-06-23 20:21 - 00257824 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-09-27 13:03 - 2016-06-23 20:21 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-09-27 13:03 - 2016-06-23 20:20 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00000000 ____D C:\Program Files (x86)\AMD
2016-09-27 12:57 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2016-09-27 12:55 - 2016-09-27 12:55 - 00000000 ____D C:\AMD
2016-09-27 12:53 - 2016-09-27 12:53 - 00000437 _____ C:\SetupCD.txt
2016-09-27 12:52 - 2016-09-27 12:52 - 04952336 _____ (Advanced Micro Devices, Inc.) C:\Users\Leo\Downloads\autodetectutility.exe
2016-09-27 12:47 - 2016-09-27 12:47 - 00281488 _____ C:\WINDOWS\Minidump\092716-30687-01.dmp
2016-09-27 12:39 - 2016-09-27 12:39 - 00281488 _____ C:\WINDOWS\Minidump\092716-33062-01.dmp
2016-09-26 22:10 - 2016-09-26 22:11 - 00281488 _____ C:\WINDOWS\Minidump\092616-27015-01.dmp
2016-09-26 18:01 - 2016-09-26 18:02 - 00281376 _____ C:\WINDOWS\Minidump\092616-32421-01.dmp
2016-09-26 13:00 - 2016-09-26 13:01 - 00281384 _____ C:\WINDOWS\Minidump\092616-33703-01.dmp
2016-09-26 12:51 - 2016-09-26 12:52 - 00281376 _____ C:\WINDOWS\Minidump\092616-27031-01.dmp
2016-09-23 23:12 - 2016-09-26 13:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-20 15:17 - 2016-09-20 15:17 - 00281488 _____ C:\WINDOWS\Minidump\092016-23234-01.dmp
2016-09-20 14:49 - 2016-09-20 14:49 - 00281376 _____ C:\WINDOWS\Minidump\092016-24734-01.dmp
2016-09-19 14:32 - 2016-09-19 14:32 - 00001167 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-18 21:41 - 2016-09-18 21:42 - 30533688 _____ C:\Users\Leo\Downloads\vlc-2.2.4-win32.exe
2016-09-18 21:33 - 2016-09-18 21:34 - 00281488 _____ C:\WINDOWS\Minidump\091816-24875-01.dmp
2016-09-17 12:58 - 2016-09-17 12:58 - 00281488 _____ C:\WINDOWS\Minidump\091716-32171-01.dmp
2016-09-17 12:54 - 2016-09-17 12:54 - 00281488 _____ C:\WINDOWS\Minidump\091716-36718-01.dmp
2016-09-17 12:47 - 2016-09-17 12:47 - 00281488 _____ C:\WINDOWS\Minidump\091716-26375-01.dmp
2016-09-17 10:57 - 2016-09-17 11:10 - 351539882 _____ C:\Users\Leo\Documents\hlspood.mp4
2016-09-16 18:30 - 2016-09-16 21:26 - 00061688 _____ C:\Users\Leo\Documents\hlspood.veg
2016-09-16 18:30 - 2016-09-16 18:30 - 00022952 _____ C:\Users\Leo\Documents\hlspood.veg.bak
2016-09-16 18:12 - 2016-09-16 18:13 - 00379648 _____ C:\Users\Leo\Downloads\Nightwish - Nemo lyrics.mp3.sfk
2016-09-14 18:08 - 2016-09-14 18:08 - 10595069 _____ C:\Users\Leo\Downloads\0021-Install_Win8_8.1_8047_08232016.zip
2016-09-14 17:58 - 2016-09-14 17:58 - 00281440 _____ C:\WINDOWS\Minidump\091416-35078-01.dmp
2016-09-14 16:14 - 2016-09-14 16:14 - 00003090 _____ C:\WINDOWS\System32\Tasks\{AD9A2FB0-036F-4571-B0E4-F2948FC6C732}
2016-09-14 07:03 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-14 07:03 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-14 07:03 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-09-14 07:03 - 2016-09-01 03:39 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-09-14 07:03 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-14 07:03 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-14 07:03 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-14 07:03 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-14 07:03 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-14 07:03 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-14 07:03 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-14 07:03 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-14 07:03 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-09-14 07:03 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-14 07:03 - 2016-09-01 01:38 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-09-14 07:03 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-14 07:03 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-14 07:03 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-14 07:03 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-14 07:03 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-14 07:03 - 2016-08-26 07:51 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-14 07:03 - 2016-08-26 06:44 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-14 07:03 - 2016-08-26 06:41 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-09-14 07:03 - 2016-08-26 06:00 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-09-14 07:03 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-09-14 07:03 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-14 07:03 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-09-14 07:03 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-14 07:03 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-14 07:03 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-14 07:03 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-14 07:03 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-14 07:03 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-14 07:03 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-14 07:03 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-14 07:02 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-14 07:02 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-14 07:02 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-14 07:02 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-14 07:02 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-14 07:02 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-14 07:02 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-14 07:02 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-09-14 07:02 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-14 07:02 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-09-14 07:02 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-14 07:02 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-14 07:02 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-14 07:02 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-14 07:02 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-14 07:02 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-14 07:02 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-14 07:02 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-14 07:02 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-14 07:02 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-14 07:02 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-14 07:02 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-14 07:02 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-14 07:02 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-14 07:02 - 2016-07-09 18:10 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-09-14 07:02 - 2016-07-09 00:35 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2016-09-14 07:02 - 2016-07-08 16:17 - 00377344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-14 07:02 - 2016-07-08 16:17 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-14 07:02 - 2016-07-08 00:32 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2016-09-14 07:02 - 2016-07-08 00:18 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2016-09-14 07:02 - 2016-07-08 00:10 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-14 07:02 - 2016-07-08 00:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2016-09-14 07:02 - 2016-07-07 23:04 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2016-09-14 07:02 - 2016-07-07 22:59 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-09-14 07:02 - 2016-07-07 22:44 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-09-14 07:02 - 2016-07-07 22:41 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-14 07:02 - 2016-07-07 22:34 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-14 07:02 - 2016-07-07 22:29 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-14 07:02 - 2016-07-07 22:29 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-09-14 07:02 - 2016-07-07 22:23 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2016-09-14 07:02 - 2016-07-07 22:18 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-14 07:02 - 2016-07-07 22:11 - 01661064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-14 07:02 - 2016-07-07 22:11 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-14 07:02 - 2016-07-07 22:11 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2016-09-14 07:02 - 2016-07-07 21:35 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2016-09-14 07:02 - 2016-07-07 21:14 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-09-14 07:02 - 2016-07-04 07:09 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-14 07:02 - 2016-07-04 05:45 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2016-09-14 07:02 - 2016-07-04 05:37 - 02897920 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-09-14 07:02 - 2016-07-04 05:33 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-14 07:02 - 2016-07-04 05:04 - 02539008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-09-14 07:02 - 2016-07-04 05:02 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-14 07:02 - 2016-07-04 04:19 - 03547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-14 07:02 - 2016-07-01 22:39 - 00197352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssenh.dll
2016-09-14 07:02 - 2016-07-01 22:39 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dssenh.dll
2016-09-14 07:02 - 2016-01-10 19:08 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-09-12 22:02 - 2016-09-12 22:02 - 22918913 _____ C:\Users\Leo\Downloads\§0Lethals §o§1Sapphire §fV4.rar
2016-09-12 18:17 - 2016-09-12 18:17 - 00195936 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2016-09-12 18:17 - 2016-09-12 18:17 - 00121248 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-10-12 13:06 - 2015-12-16 19:26 - 00000000 ____D C:\Users\Leo\AppData\Roaming\TS3Client
2016-10-12 13:06 - 2015-12-16 18:51 - 00001122 _____ C:\Users\Leo\Desktop\nativelog.txt
2016-10-12 12:59 - 2015-12-20 19:37 - 00000000 ____D C:\Users\Leo\AppData\Roaming\Skype
2016-10-12 12:55 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-12 12:54 - 2015-12-16 19:58 - 00111024 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2016-10-12 12:54 - 2015-12-16 19:58 - 00094464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2016-10-12 12:52 - 2015-12-16 18:40 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2883583054-3779539893-2577248336-1002
2016-10-12 12:38 - 2015-12-16 18:47 - 00000000 ____D C:\Users\Leo\AppData\Roaming\.minecraft
2016-10-12 12:36 - 2016-04-27 19:00 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-12 11:47 - 2015-12-16 18:40 - 00000000 __RDO C:\Users\Leo\OneDrive
2016-10-12 11:46 - 2016-04-25 22:54 - 00000512 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-10-12 11:46 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-12 11:45 - 2014-12-23 07:44 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-10-12 11:42 - 2016-01-10 21:45 - 00200192 ___SH C:\Users\Leo\Downloads\Thumbs.db
2016-10-12 10:57 - 2014-12-23 16:30 - 00923076 _____ C:\WINDOWS\system32\perfh00C.dat
2016-10-12 10:57 - 2014-12-23 16:30 - 00194806 _____ C:\WINDOWS\system32\perfc00C.dat
2016-10-12 10:57 - 2014-03-18 11:53 - 00005426 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-12 10:52 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-10-12 10:50 - 2014-12-23 08:01 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-10-12 10:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Cursors
2016-10-12 10:35 - 2015-12-18 22:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 10:31 - 2015-12-18 22:46 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 07:58 - 2015-12-16 18:45 - 00003904 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0A8F259B-BBA6-4FE3-A095-D7234C908144}
2016-10-12 04:36 - 2016-04-27 19:00 - 00003890 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-10-12 04:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-12 04:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-11 20:36 - 2015-12-16 22:16 - 00000000 ____D C:\Users\Leo\AppData\Roaming\OBS
2016-10-11 17:37 - 2015-12-16 18:32 - 00000000 ____D C:\Users\Leo
2016-10-11 17:33 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-10-11 11:44 - 2015-12-16 22:22 - 00000000 ____D C:\Users\Leo\AppData\Roaming\vlc
2016-10-11 10:34 - 2016-01-02 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-10-11 10:33 - 2016-01-02 17:12 - 00153392 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-10-11 10:33 - 2016-01-02 17:12 - 00149832 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-10-10 18:09 - 2016-02-11 22:59 - 00004608 ___SH C:\Users\Leo\Desktop\Thumbs.db
2016-10-08 18:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-10-05 19:10 - 2015-12-21 16:19 - 00000000 ____D C:\Users\Leo\.gimp-2.8
2016-10-05 17:56 - 2015-12-21 16:24 - 00000000 ____D C:\Users\Leo\AppData\Local\gtk-2.0
2016-10-01 02:15 - 2015-12-19 17:38 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-01 02:15 - 2015-12-19 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-30 23:35 - 2016-03-31 00:37 - 00523776 ___SH C:\Users\Leo\Documents\Thumbs.db
2016-09-30 00:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-27 16:21 - 2016-02-02 22:45 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-27 16:21 - 2016-02-02 22:44 - 594852556 _____ C:\WINDOWS\MEMORY.DMP
2016-09-27 13:10 - 2016-08-31 22:46 - 00000000 ____D C:\Program Files (x86)\Mumble
2016-09-27 13:09 - 2016-03-17 00:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2016-09-27 13:09 - 2016-03-17 00:11 - 00000000 ____D C:\Program Files (x86)\Mirillis
2016-09-27 13:09 - 2016-01-06 22:54 - 00000000 ____D C:\Program Files (x86)\Avidemux 2.6 - 32 bits
2016-09-27 13:03 - 2015-12-16 18:37 - 00000000 ____D C:\Users\Leo\AppData\Local\AMD
2016-09-27 13:03 - 2014-12-23 07:44 - 00000000 ____D C:\Program Files\AMD
2016-09-27 13:01 - 2014-12-23 07:43 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-09-27 12:56 - 2014-12-23 07:43 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-26 15:33 - 2016-01-14 14:25 - 00000000 ____D C:\Users\Leo\AppData\Roaming\Audacity
2016-09-26 15:16 - 2015-12-21 16:23 - 00000000 ____D C:\Users\Leo\Desktop\Textures
2016-09-26 13:00 - 2015-12-16 18:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-26 12:49 - 2016-07-20 00:55 - 00000000 ____D C:\Users\Leo\AppData\Local\whatpulse
2016-09-23 20:31 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-23 11:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-09-18 21:43 - 2015-12-16 22:22 - 00001097 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-09-17 13:06 - 2015-12-16 19:09 - 00000000 ____D C:\Users\Leo\.oracle_jre_usage
2016-09-17 13:06 - 2015-12-16 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-17 13:06 - 2015-12-16 19:08 - 00000000 ____D C:\ProgramData\Oracle
2016-09-17 13:06 - 2015-12-16 19:08 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-17 13:05 - 2015-12-16 19:09 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-09-15 16:36 - 2013-08-22 16:44 - 00346936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-15 16:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-15 16:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-14 18:31 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-13 18:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\tracing
2016-09-12 12:36 - 2015-12-16 18:54 - 00000000 ____D C:\Users\Leo\AppData\Local\TeamSpeak 3 Client

==================== Fichiers à la racine de certains dossiers =======

2016-01-06 16:23 - 2016-01-06 16:23 - 0000096 _____ () C:\Users\Leo\AppData\Roaming\Camdata.ini
2016-01-06 16:23 - 2016-01-06 16:23 - 0000408 _____ () C:\Users\Leo\AppData\Roaming\CamLayout.ini
2016-01-06 16:23 - 2016-01-06 16:23 - 0000408 _____ () C:\Users\Leo\AppData\Roaming\CamShapes.ini
2016-01-06 16:23 - 2016-01-06 16:23 - 0004522 _____ () C:\Users\Leo\AppData\Roaming\CamStudio.cfg
2015-12-16 18:58 - 2014-11-09 02:20 - 0000360 _____ () C:\Users\Leo\AppData\Roaming\coal_ore.png
2015-12-16 18:58 - 2014-11-09 02:20 - 0000530 _____ () C:\Users\Leo\AppData\Roaming\cobblestone.png
2015-12-16 18:58 - 2014-11-09 02:20 - 0000590 _____ () C:\Users\Leo\AppData\Roaming\cobblestone_mossy.png
2015-12-16 18:58 - 2014-11-09 02:20 - 0007420 _____ () C:\Users\Leo\AppData\Roaming\diamond_ore.png
2015-12-16 18:58 - 2014-11-09 02:20 - 0000412 _____ () C:\Users\Leo\AppData\Roaming\diamond_ore.png.mcmeta
2015-12-16 18:58 - 2014-11-09 02:20 - 0000352 _____ () C:\Users\Leo\AppData\Roaming\emerald_ore.png
2015-12-16 18:58 - 2014-11-09 02:20 - 0005099 _____ () C:\Users\Leo\AppData\Roaming\gold_ore.png
2015-12-16 18:58 - 2014-11-09 02:20 - 0000286 _____ () C:\Users\Leo\AppData\Roaming\gold_ore.png.mcmeta
2015-12-16 18:58 - 2014-11-09 02:20 - 0028442 _____ () C:\Users\Leo\AppData\Roaming\redstone_ore.png
2015-12-16 18:58 - 2014-11-09 02:20 - 0000235 _____ () C:\Users\Leo\AppData\Roaming\redstone_ore.png.mcmeta
2015-12-16 18:35 - 2016-10-12 11:47 - 0813359 _____ () C:\Users\Leo\AppData\Local\BTServer.log
2016-10-05 17:56 - 2016-10-05 17:56 - 0012128 _____ () C:\Users\Leo\AppData\Local\recently-used.xbel
2014-12-23 07:45 - 2014-12-23 07:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Certains fichiers dans TEMP:
====================
C:\Users\Leo\AppData\Local\Temp\avgnt.exe
C:\Users\Leo\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Leo\AppData\Local\Temp\jansi-64-133513370051351576.dll
C:\Users\Leo\AppData\Local\Temp\jansi-64-1779443516807547725.dll
C:\Users\Leo\AppData\Local\Temp\jansi-64-2232897374637674338.dll
C:\Users\Leo\AppData\Local\Temp\jansi-64-3451325950847259605.dll
C:\Users\Leo\AppData\Local\Temp\jansi-64-5978376593112360982.dll
C:\Users\Leo\AppData\Local\Temp\jansi-64-7696479760299912297.dll
C:\Users\Leo\AppData\Local\Temp\jansi-64-7846884585274134995.dll
C:\Users\Leo\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Leo\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Leo\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Leo\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Leo\AppData\Local\Temp\LenovoExperienceImprovement.exe
C:\Users\Leo\AppData\Local\Temp\libeay32.dll
C:\Users\Leo\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Leo\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Leo\AppData\Local\Temp\msvcr120.dll
C:\Users\Leo\AppData\Local\Temp\oct2790.tmp.exe
C:\Users\Leo\AppData\Local\Temp\oct2C10.tmp.exe
C:\Users\Leo\AppData\Local\Temp\oct37D0.tmp.exe
C:\Users\Leo\AppData\Local\Temp\oct3E36.tmp.exe
C:\Users\Leo\AppData\Local\Temp\oct40F1.tmp.exe
C:\Users\Leo\AppData\Local\Temp\oct58BE.tmp.exe
C:\Users\Leo\AppData\Local\Temp\oct5CC2.tmp.exe
C:\Users\Leo\AppData\Local\Temp\oct80BA.tmp.exe
C:\Users\Leo\AppData\Local\Temp\oct8573.tmp.exe
C:\Users\Leo\AppData\Local\Temp\octA84.tmp.exe
C:\Users\Leo\AppData\Local\Temp\playstv_patch.exe
C:\Users\Leo\AppData\Local\Temp\radeon-crimson-16.7.3-minimalsetup-160728.exe
C:\Users\Leo\AppData\Local\Temp\raptrpatch.exe
C:\Users\Leo\AppData\Local\Temp\raptr_stub.exe
C:\Users\Leo\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Leo\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Leo\AppData\Local\Temp\sqlite3.dll
C:\Users\Leo\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-10-12 05:46

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité