cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by Célia (administrator) on CÉLIA-PC (24-10-2016 10:28:15)
Running from C:\Users\Célia\Desktop
Loaded Profiles: Célia (Available Profiles: Célia)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Anglais (États-Unis)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nalserv.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2012-06-21] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8123936 2012-06-21] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-09-16] (Adobe Systems Incorporated)
HKU\S-1-5-21-1785509145-3527855224-2036375315-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1785509145-3527855224-2036375315-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1785509145-3527855224-2036375315-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1785509145-3527855224-2036375315-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1785509145-3527855224-2036375315-1000\...\Run: [Facebook Update] => C:\Users\Célia\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-16] (Facebook Inc.)
HKU\S-1-5-21-1785509145-3527855224-2036375315-1000\...\Run: [D5CV0VI70F] => "C:\Program Files (x86)\BestCleaner\0H6OD4SUC2.exe"
HKU\S-1-5-21-1785509145-3527855224-2036375315-1000\...\MountPoints2: {589dcdd4-1aa6-11e6-94f9-00245409a969} - G:\SafeStick.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Célia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Célia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Célia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Célia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Célia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Célia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Célia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\Users\Célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-23]
ShortcutTarget: Dropbox.lnk -> C:\Users\Célia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{52E89789-6872-4030-B413-AC2950CCD571}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E27215C9-5D95-4EEB-9E04-52CB26D235FC}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1785509145-3527855224-2036375315-1000 -> DefaultScope {A4ECCC51-0C85-4846-99CE-5B4F0DBF98D0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1785509145-3527855224-2036375315-1000 -> {A4ECCC51-0C85-4846-99CE-5B4F0DBF98D0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-09-17] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-04] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-04] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-09-17] (pdfforge GmbH)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Célia\AppData\Roaming\Mozilla\Firefox\Profiles\7lspeg55.default [2016-10-24]
FF NewTab: Mozilla\Firefox\Profiles\7lspeg55.default -> hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=galzftpbl0cshmobu,f027e99c-fd0a-4d48-b6f7-dc93067f4253,
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\7lspeg55.default -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\7lspeg55.default -> about:home
FF Keyword.URL: Mozilla\Firefox\Profiles\7lspeg55.default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=galzftpbl0cshmobu,f027e99c-fd0a-4d48-b6f7-dc93067f4253,
FF NetworkProxy: Mozilla\Firefox\Profiles\7lspeg55.default -> type", 4
FF Extension: (Firefox Hotfix) - C:\Users\Célia\AppData\Roaming\Mozilla\Firefox\Profiles\7lspeg55.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-09]
FF Extension: (Rikaichan Japanese-English Dictionary File) - C:\Users\Célia\AppData\Roaming\Mozilla\Firefox\Profiles\7lspeg55.default\Extensions\rikaichan-jpen@polarcloud.com [2016-01-09]
FF Extension: (Rikaichan Japanese-French Dictionary File) - C:\Users\Célia\AppData\Roaming\Mozilla\Firefox\Profiles\7lspeg55.default\Extensions\rikaichan-jpfr@polarcloud.com [2016-01-09]
FF Extension: (TinEye Reverse Image Search) - C:\Users\Célia\AppData\Roaming\Mozilla\Firefox\Profiles\7lspeg55.default\Extensions\tineye@ideeinc.com.xpi [2016-09-01]
FF Extension: (Rikaichan) - C:\Users\Célia\AppData\Roaming\Mozilla\Firefox\Profiles\7lspeg55.default\Extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82} [2015-06-01]
FF Extension: (Adblock Plus) - C:\Users\Célia\AppData\Roaming\Mozilla\Firefox\Profiles\7lspeg55.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-10-12] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-02-20] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-09-17] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1785509145-3527855224-2036375315-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Célia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1785509145-3527855224-2036375315-1000: @squareclock.com/SQ3DPlayer_Production_HBMV1 -> C:\Users\Célia\AppData\Local\SquareClock.Production_HBMV1\NPSQ3D.dll [2015-09-07] (SquareClock SAS)
FF Plugin HKU\S-1-5-21-1785509145-3527855224-2036375315-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Célia\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-09-08] (Zoom Video Communications, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Célia\AppData\Local\Google\Chrome\User Data\Default [2016-10-24]
CHR Extension: (Docs) - C:\Users\Célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-24]
CHR Extension: (Google Drive) - C:\Users\Célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-24]
CHR Extension: (YouTube) - C:\Users\Célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-24]
CHR Extension: (Gmail) - C:\Users\Célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-24]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9388064 2016-10-19] (Emsisoft Ltd)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R2 NalServ; C:\Windows\SysWOW64\nalserv.exe [146032 2013-09-06] (Nalpeiron Ltd.)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Atamechterfu; C:\Program Files (x86)\Lcophtergo\Mmcmonitor.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124304 2016-10-05] (Emsisoft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-23] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-06-22] (Duplex Secure Ltd.)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [81792 2016-08-29] (Huorong Borui (Beijing) Technology Co., Ltd.) <==== ATTENTION
U3 al27egae; C:\Windows\System32\Drivers\al27egae.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-24 10:28 - 2016-10-24 10:39 - 00020294 _____ C:\Users\Célia\Desktop\FRST.txt
2016-10-24 10:27 - 2016-10-24 10:28 - 00000000 ____D C:\FRST
2016-10-24 10:25 - 2016-10-24 10:25 - 02407424 _____ (Farbar) C:\Users\Célia\Desktop\FRST64.exe
2016-10-24 08:51 - 2016-10-24 08:51 - 00000000 ____D C:\Users\Célia\AppData\Local\{176640D6-9A16-4662-897C-B50AA08328F0}
2016-10-23 13:29 - 2016-10-23 13:29 - 00000000 ____D C:\Users\Célia\AppData\Local\{6EC72BCD-F498-4DD8-A81A-FDF4F327BCA9}
2016-10-23 12:49 - 2016-10-23 12:49 - 00009100 _____ C:\Users\Célia\Desktop\avantzhpfix.txt
2016-10-22 21:16 - 2016-10-23 12:12 - 00001847 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-10-22 21:16 - 2016-10-22 21:17 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-10-22 21:16 - 2016-10-22 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-10-22 21:15 - 2016-10-22 21:15 - 03521617 _____ (Nicolas Coolman ) C:\Users\Célia\Desktop\ZHPFix.exe
2016-10-22 13:33 - 2016-10-22 13:33 - 00124393 _____ C:\Users\Célia\Desktop\ZHPDiag.txt
2016-10-22 13:25 - 2016-10-23 12:11 - 00000820 _____ C:\Users\Célia\Desktop\ZHPDiag.lnk
2016-10-22 13:24 - 2016-10-22 13:24 - 02422272 _____ C:\Users\Célia\Desktop\ZHPDiag3.exe
2016-10-22 12:36 - 2016-10-22 12:36 - 00001288 _____ C:\Users\Célia\Desktop\rapport mbam.txt
2016-10-22 12:11 - 2016-10-23 11:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-22 12:10 - 2016-10-23 12:12 - 00001100 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-22 12:10 - 2016-10-22 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-22 12:10 - 2016-10-22 12:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-22 12:10 - 2016-10-22 12:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-22 12:10 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-22 12:10 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-22 12:10 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-22 10:57 - 2016-10-22 10:57 - 02469888 _____ C:\Users\Célia\ZHPCleaner.exe
2016-10-22 10:34 - 2016-10-22 10:34 - 00000000 ____D C:\ProgramData\Emsisoft
2016-10-22 09:56 - 2016-10-23 12:12 - 00000934 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-10-22 09:56 - 2016-10-22 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-10-22 09:53 - 2016-10-24 10:18 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-10-22 09:50 - 2016-10-22 09:52 - 241315760 _____ (Emsisoft Ltd. ) C:\Users\Célia\Desktop\EmsisoftAntiMalwareSetup.exe
2016-10-22 01:03 - 2016-10-23 21:45 - 00186534 _____ C:\Windows\ntbtlog.txt
2016-10-22 00:37 - 2016-10-22 11:35 - 00000000 ____D C:\AdwCleaner
2016-10-21 23:46 - 2016-10-22 11:18 - 00005442 _____ C:\Users\Célia\Desktop\ZHPCleaner.txt
2016-10-21 23:27 - 2016-10-23 21:54 - 00000000 ____D C:\Users\Célia\AppData\Roaming\ZHP
2016-10-21 23:27 - 2016-10-23 12:11 - 00000677 _____ C:\Users\Célia\Desktop\ZHPCleaner.lnk
2016-10-21 23:25 - 2016-10-21 23:25 - 22851472 _____ (Malwarebytes ) C:\Users\Célia\Desktop\mbam-setup-2.2.1.1043.exe
2016-10-21 23:23 - 2016-10-21 23:24 - 03910208 _____ C:\Users\Célia\Desktop\adwcleaner_6.030.exe
2016-10-21 23:22 - 2016-10-21 23:22 - 02467840 _____ C:\Users\Célia\Desktop\ZHPCleaner.exe
2016-10-21 22:58 - 2016-10-23 12:11 - 00001093 _____ C:\Users\Célia\Desktop\AutoTime.lnk
2016-10-21 22:58 - 2016-10-21 22:58 - 00000000 ____D C:\Program Files (x86)\GreatMaker
2016-10-21 22:56 - 2016-10-21 22:56 - 00000000 ____D C:\Users\Public\Thunder Network
2016-10-21 22:56 - 2016-10-21 22:56 - 00000000 ____D C:\ProgramData\Thunder Network
2016-10-21 22:55 - 2016-10-22 10:43 - 00000000 ____D C:\Program Files (x86)\mpck
2016-10-21 22:55 - 2016-10-22 10:38 - 00000000 ____D C:\Program Files (x86)\Lcophtergo_
2016-10-21 22:55 - 2016-10-21 22:55 - 00000000 ____D C:\Users\Célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DailyBee
2016-10-21 22:53 - 2016-10-21 22:53 - 00001526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2016-10-21 22:53 - 2016-10-21 22:53 - 00001514 _____ C:\Users\Public\Desktop\UC浏览器.lnk
2016-10-21 22:53 - 2016-10-21 22:53 - 00000000 ____D C:\Users\Célia\AppData\Local\UCBrowser
2016-10-21 22:53 - 2016-10-21 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-10-21 22:53 - 2016-08-29 12:56 - 00081792 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\Windows\system32\Drivers\ucguard.sys
2016-10-21 22:52 - 2016-10-21 22:52 - 00000000 ____D C:\Users\C←lia\AppData\Local\Merhogh
2016-10-21 22:52 - 2016-10-21 22:52 - 00000000 ____D C:\Users\C←lia
2016-10-21 22:52 - 2016-10-21 22:52 - 00000000 _____ C:\TOSTACK
2016-10-21 22:51 - 2016-10-21 22:51 - 00000000 ____D C:\ProgramData\Avira
2016-10-21 22:51 - 2016-10-21 22:51 - 00000000 ____D C:\ProgramData\Avg
2016-10-21 22:51 - 2016-10-21 22:51 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-21 22:50 - 2016-10-21 22:55 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-10-21 22:50 - 2016-10-21 22:51 - 00000000 ____D C:\Program Files\48ef11276e9e26e715ace125add6e39c
2016-10-21 22:50 - 2016-10-21 22:50 - 00006008 _____ C:\Windows\System32\Tasks\Rersipy Client
2016-10-21 22:50 - 2016-10-21 22:50 - 00000000 ____D C:\Users\Célia\ReportSender
2016-10-21 22:49 - 2016-10-21 22:50 - 00002270 __RSH C:\ProgramData\ntuser.pol
2016-10-21 22:48 - 2016-10-23 12:11 - 00001080 _____ C:\Users\Célia\Desktop\Play WarThunder.lnk
2016-10-21 22:48 - 2016-10-21 22:59 - 00000000 ____D C:\Program Files (x86)\Lcophtergo
2016-10-21 22:48 - 2016-10-21 22:48 - 00000000 ____D C:\Users\Célia\AppData\Roaming\Drerhty
2016-10-21 22:48 - 2016-10-21 22:48 - 00000000 ____D C:\Users\Célia\AppData\Local\Merhogh
2016-10-21 19:58 - 2016-10-21 19:58 - 00006816 _____ C:\Users\Célia\Desktop\IMG_9613.xmp
2016-10-21 19:49 - 2016-10-09 09:50 - 37002163 _____ C:\Users\Célia\Desktop\IMG_9613.CR2
2016-10-20 23:20 - 2016-10-22 00:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-20 13:00 - 2016-10-20 13:01 - 00000000 ____D C:\Users\Célia\Downloads\modele-facture-autoentrepreneur
2016-10-20 12:59 - 2016-10-20 13:00 - 00018115 _____ C:\Users\Célia\Downloads\modele-facture-autoentrepreneur.zip
2016-10-19 13:56 - 2016-10-19 13:57 - 00370591 _____ C:\Users\Célia\Downloads\search-engine-optimization-starter-guide-fr.pdf
2016-10-15 13:33 - 2016-10-16 16:24 - 00011812 _____ C:\Users\Célia\Desktop\Calculs frais kilométriques Célia.xlsx
2016-10-13 11:18 - 2016-10-13 11:18 - 00007273 _____ C:\Users\Célia\Downloads\document.pdf
2016-10-13 10:46 - 2016-10-13 10:46 - 00274936 _____ C:\Windows\Minidump\101316-39889-01.dmp
2016-10-12 11:28 - 2016-09-30 22:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-12 11:28 - 2016-09-30 21:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-12 11:28 - 2016-09-30 17:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-12 11:28 - 2016-09-30 17:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-12 11:28 - 2016-09-30 17:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-12 11:28 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-12 11:28 - 2016-09-30 08:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-12 11:28 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-12 11:28 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-12 11:28 - 2016-09-30 08:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-12 11:28 - 2016-09-30 08:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-12 11:28 - 2016-09-30 08:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-12 11:28 - 2016-09-30 08:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-12 11:28 - 2016-09-30 08:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-12 11:28 - 2016-09-30 08:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-12 11:28 - 2016-09-30 08:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-12 11:28 - 2016-09-30 08:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-12 11:28 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-12 11:28 - 2016-09-30 08:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-12 11:28 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-12 11:28 - 2016-09-30 08:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-12 11:28 - 2016-09-30 08:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-12 11:28 - 2016-09-30 07:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-12 11:28 - 2016-09-30 07:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-12 11:28 - 2016-09-30 07:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-12 11:28 - 2016-09-30 07:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-12 11:28 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-12 11:28 - 2016-09-30 07:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-12 11:28 - 2016-09-30 07:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-12 11:28 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-12 11:28 - 2016-09-30 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-12 11:28 - 2016-09-30 07:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-12 11:28 - 2016-09-30 07:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-12 11:28 - 2016-09-30 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-12 11:28 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-12 11:28 - 2016-09-30 07:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-12 11:28 - 2016-09-30 07:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-12 11:28 - 2016-09-30 07:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-12 11:28 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-12 11:28 - 2016-09-30 07:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-12 11:28 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-12 11:28 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-12 11:28 - 2016-09-30 07:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-12 11:28 - 2016-09-30 07:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-12 11:28 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-12 11:28 - 2016-09-30 07:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-12 11:28 - 2016-09-30 07:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-12 11:28 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-12 11:28 - 2016-09-30 07:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-12 11:28 - 2016-09-30 07:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-12 11:28 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-12 11:28 - 2016-09-30 07:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-12 11:28 - 2016-09-30 07:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-12 11:28 - 2016-09-30 07:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-12 11:28 - 2016-09-30 07:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-12 11:28 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-12 11:28 - 2016-09-30 07:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-12 11:28 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-12 11:28 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-12 11:28 - 2016-09-30 07:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-12 11:28 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-12 11:28 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-12 11:28 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-12 11:28 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-12 11:28 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-12 11:28 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-12 11:28 - 2016-09-15 17:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-12 11:28 - 2016-09-15 17:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-12 11:28 - 2016-09-15 17:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-12 11:28 - 2016-09-15 17:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-12 11:28 - 2016-09-12 23:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-12 11:28 - 2016-09-12 23:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-12 11:28 - 2016-09-12 23:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-12 11:28 - 2016-09-12 23:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-12 11:28 - 2016-09-12 22:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-12 11:28 - 2016-09-12 22:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-12 11:28 - 2016-09-12 22:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-12 11:28 - 2016-09-12 22:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-12 11:28 - 2016-09-12 22:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-12 11:28 - 2016-09-12 22:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-12 11:28 - 2016-09-12 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-12 11:28 - 2016-09-12 22:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-12 11:28 - 2016-09-12 21:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 11:28 - 2016-09-12 20:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 11:28 - 2016-09-12 20:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 11:28 - 2016-09-10 18:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-12 11:28 - 2016-09-10 17:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-12 11:28 - 2016-09-09 20:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-12 11:28 - 2016-09-09 20:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-12 11:28 - 2016-09-09 20:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-12 11:28 - 2016-09-09 20:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-12 11:28 - 2016-09-09 20:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-12 11:28 - 2016-09-09 20:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-12 11:28 - 2016-09-09 20:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-12 11:28 - 2016-09-09 19:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-12 11:28 - 2016-09-09 19:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-12 11:28 - 2016-09-09 19:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-12 11:28 - 2016-09-09 19:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-12 11:28 - 2016-09-09 19:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-12 11:28 - 2016-09-09 19:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-12 11:28 - 2016-09-09 19:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-12 11:28 - 2016-09-08 22:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-12 11:28 - 2016-09-08 22:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-12 11:28 - 2016-09-08 22:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-12 11:28 - 2016-09-08 22:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-12 11:28 - 2016-09-08 16:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 11:28 - 2016-09-08 16:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 11:28 - 2016-08-12 19:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-12 11:28 - 2016-08-12 19:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-12 11:28 - 2016-08-12 19:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-12 11:28 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-12 11:28 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-12 11:28 - 2016-08-12 18:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-12 11:28 - 2016-08-12 18:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-12 11:28 - 2016-08-12 18:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-12 11:28 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-12 11:28 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-12 11:28 - 2016-08-12 18:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-12 11:28 - 2016-08-06 17:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-12 11:28 - 2016-08-06 17:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 11:28 - 2016-08-06 17:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-12 11:28 - 2016-08-06 17:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-12 11:28 - 2016-08-06 17:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-12 11:28 - 2016-08-06 17:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-12 11:28 - 2016-08-06 17:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-12 11:28 - 2016-08-06 17:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-12 11:28 - 2016-08-06 17:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-12 11:28 - 2016-08-06 17:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-12 11:28 - 2016-08-06 17:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-12 11:28 - 2016-08-06 17:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 11:28 - 2016-08-06 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-12 11:28 - 2016-08-06 16:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-12 11:28 - 2016-08-06 16:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-12 11:28 - 2016-08-06 16:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-12 11:28 - 2016-06-14 19:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-12 11:28 - 2016-06-14 19:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-12 11:28 - 2016-06-14 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-12 11:28 - 2016-06-14 19:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-12 11:28 - 2016-06-14 17:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-12 11:28 - 2016-06-14 17:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-12 11:28 - 2016-06-14 17:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-12 11:28 - 2016-06-14 17:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-12 11:28 - 2016-06-14 17:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-12 11:28 - 2016-06-14 17:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-12 11:28 - 2016-06-14 17:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-12 11:28 - 2016-06-14 17:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-12 11:28 - 2016-06-14 17:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-12 11:27 - 2016-09-30 08:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-12 11:27 - 2016-09-30 08:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-12 11:27 - 2016-09-30 07:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-12 11:27 - 2016-09-12 23:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-12 11:27 - 2016-09-12 23:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-12 11:27 - 2016-09-12 23:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-12 11:27 - 2016-09-12 22:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-12 11:27 - 2016-09-12 22:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-12 11:27 - 2016-09-12 22:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-12 11:27 - 2016-09-12 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-12 11:27 - 2016-09-09 20:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 20:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-12 11:27 - 2016-09-09 20:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-12 11:27 - 2016-09-09 19:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-12 11:27 - 2016-09-09 19:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-12 11:27 - 2016-09-09 19:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-12 11:27 - 2016-09-09 19:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-12 11:27 - 2016-09-09 19:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 11:27 - 2016-09-09 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-12 11:25 - 2016-09-12 23:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-12 11:25 - 2016-09-12 23:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-12 11:25 - 2016-09-09 17:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-12 11:25 - 2016-09-09 17:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-12 11:25 - 2016-09-09 17:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-12 11:25 - 2016-09-09 17:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-12 11:25 - 2016-09-09 17:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-12 11:25 - 2016-09-09 17:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-12 11:25 - 2016-09-09 17:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-12 11:25 - 2016-08-29 17:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-12 11:25 - 2016-08-29 17:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-12 11:25 - 2016-08-29 17:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-12 11:25 - 2016-08-29 17:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-12 11:25 - 2016-08-29 17:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-12 11:25 - 2016-08-29 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-12 11:25 - 2016-08-29 17:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-12 11:25 - 2016-08-29 16:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-12 11:25 - 2016-08-16 22:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-12 11:25 - 2016-08-16 22:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-12 11:25 - 2016-08-16 22:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-12 11:25 - 2016-08-16 22:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-12 11:25 - 2016-08-16 22:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-12 11:25 - 2016-08-16 22:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-12 11:25 - 2016-08-16 22:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-12 11:25 - 2016-07-22 16:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-12 11:25 - 2016-07-22 16:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-11 23:04 - 2016-10-11 23:04 - 06183104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-10-11 21:38 - 2016-10-11 21:38 - 70225892 _____ C:\Users\Célia\Downloads\HistoiresdeTinyHouses20161003.pdf
2016-10-08 09:09 - 2016-10-08 09:10 - 99090773 _____ C:\Users\Célia\Downloads\COPYHACKERS.zip
2016-09-30 12:09 - 2016-10-23 21:16 - 00000000 ____D C:\Users\Célia\Desktop\CTH
2016-09-30 12:09 - 2016-10-07 14:19 - 00000000 ____D C:\Users\Célia\Desktop\Pro

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-24 10:31 - 2013-02-03 15:28 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-24 10:30 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-24 10:30 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-24 10:23 - 2014-07-20 13:24 - 00000000 ____D C:\Users\Célia\Tracing
2016-10-24 10:17 - 2013-02-03 15:28 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-24 10:17 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-24 10:04 - 2012-06-21 18:50 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-24 09:49 - 2013-04-16 21:44 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1785509145-3527855224-2036375315-1000UA.job
2016-10-24 08:52 - 2012-06-24 15:05 - 00000000 ____D C:\Users\Célia\AppData\Local\Adobe
2016-10-23 12:12 - 2014-11-03 13:09 - 00002153 _____ C:\Users\Public\Desktop\SDL Trados Studio 2014.lnk
2016-10-23 12:12 - 2014-01-31 22:49 - 00001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASSDraw3.lnk
2016-10-23 12:12 - 2014-01-31 22:49 - 00001081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aegisub.lnk
2016-10-23 12:12 - 2013-03-15 04:05 - 00000758 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anki.lnk
2016-10-23 12:12 - 2013-02-03 15:29 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-23 12:12 - 2013-01-22 16:41 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-10-23 12:12 - 2013-01-03 14:22 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-10-23 12:12 - 2012-11-26 05:11 - 00001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2016-10-23 12:12 - 2012-11-26 05:04 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
2016-10-23 12:12 - 2012-08-29 15:11 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-10-23 12:12 - 2012-06-24 17:39 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-10-23 12:12 - 2012-06-24 17:39 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-10-23 12:12 - 2012-06-24 15:18 - 00001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-10-23 12:12 - 2012-06-24 15:17 - 00001211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2016-10-23 12:12 - 2012-06-24 15:17 - 00001081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-10-23 12:12 - 2012-06-24 15:16 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2016-10-23 12:12 - 2012-06-24 15:15 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-10-23 12:12 - 2012-06-24 15:15 - 00001357 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-10-23 12:12 - 2012-06-21 16:45 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-10-23 12:12 - 2012-06-21 15:48 - 00001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-23 12:12 - 2012-06-21 14:54 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-10-23 12:12 - 2012-06-21 14:54 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-10-23 12:12 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-23 12:12 - 2009-07-14 06:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-10-23 12:12 - 2009-07-14 06:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-10-23 12:12 - 2009-07-14 06:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-10-23 12:11 - 2016-03-10 23:26 - 00002231 _____ C:\Users\Célia\Desktop\Kindle.lnk
2016-10-23 12:11 - 2015-09-07 22:03 - 00002080 _____ C:\Users\Célia\AppData\Roaming\Microsoft\Windows\Start Menu\HomeByMe.lnk
2016-10-23 12:11 - 2015-09-07 22:03 - 00002078 _____ C:\Users\Célia\Desktop\HomeByMe.lnk
2016-10-23 12:11 - 2012-06-24 19:42 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Poladroid 0.9.6r0.lnk
2016-10-23 12:11 - 2012-06-21 14:59 - 00001433 _____ C:\Users\Célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-23 12:11 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-10-23 12:11 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-10-22 21:49 - 2013-04-16 21:44 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1785509145-3527855224-2036375315-1000Core.job
2016-10-22 21:18 - 2012-08-29 15:12 - 00000000 ____D C:\ProgramData\Apple Computer
2016-10-22 13:14 - 2012-06-21 16:21 - 00109128 _____ C:\Users\Célia\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-22 12:56 - 2009-07-14 06:45 - 05026808 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-22 12:40 - 2013-05-05 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-10-22 12:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2016-10-22 11:29 - 2012-06-21 17:47 - 00746030 _____ C:\Windows\system32\perfh00C.dat
2016-10-22 11:29 - 2012-06-21 17:47 - 00408922 _____ C:\Windows\system32\perfh011.dat
2016-10-22 11:29 - 2012-06-21 17:47 - 00149922 _____ C:\Windows\system32\perfc00C.dat
2016-10-22 11:29 - 2012-06-21 17:47 - 00122308 _____ C:\Windows\system32\perfc011.dat
2016-10-22 11:29 - 2009-07-14 07:13 - 02200384 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-22 11:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-22 10:57 - 2012-06-21 14:59 - 00000000 ____D C:\Users\Célia
2016-10-22 10:38 - 2013-11-01 16:51 - 00000000 ____D C:\Program Files (x86)\URUSoft
2016-10-22 10:38 - 2012-06-22 14:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-10-22 00:29 - 2012-06-21 15:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-22 00:25 - 2014-07-18 21:05 - 00000000 __SHD C:\Users\Célia\AppData\Local\EmieUserList
2016-10-22 00:25 - 2014-07-18 21:05 - 00000000 __SHD C:\Users\Célia\AppData\Local\EmieSiteList
2016-10-21 23:04 - 2012-06-29 10:36 - 00000460 __RSH C:\Users\Célia\ntuser.pol
2016-10-21 22:56 - 2016-04-01 15:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-10-21 22:56 - 2012-11-14 12:26 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-10-21 22:56 - 2012-06-24 15:14 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-10-21 22:56 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-10-21 22:55 - 2015-12-13 18:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-10-21 22:55 - 2015-10-12 16:46 - 00000000 ____D C:\Program Files (x86)\PDF Architect 3
2016-10-21 22:55 - 2015-05-04 20:33 - 00000000 ____D C:\Program Files (x86)\astrojargon.net
2016-10-21 22:55 - 2014-11-03 13:04 - 00000000 ____D C:\Program Files (x86)\SDL
2016-10-21 22:55 - 2014-11-03 12:57 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2016-10-21 22:55 - 2014-11-03 12:56 - 00000000 ____D C:\Program Files (x86)\Open XML SDK
2016-10-21 22:55 - 2014-07-20 19:49 - 00000000 ____D C:\Program Files (x86)\CDex
2016-10-21 22:55 - 2014-01-31 22:48 - 00000000 ____D C:\Program Files (x86)\Aegisub
2016-10-21 22:55 - 2013-11-02 19:42 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-10-21 22:55 - 2013-08-11 23:43 - 00000000 ____D C:\Program Files (x86)\Snap
2016-10-21 22:55 - 2013-05-05 17:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-10-21 22:55 - 2013-04-25 17:10 - 00000000 ____D C:\Program Files (x86)\Java
2016-10-21 22:55 - 2013-03-13 04:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-21 22:55 - 2013-02-03 15:28 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-21 22:55 - 2013-01-22 16:41 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-10-21 22:55 - 2012-11-26 05:11 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-10-21 22:55 - 2012-11-26 05:04 - 00000000 ____D C:\Program Files (x86)\Movie Maker 2.6
2016-10-21 22:55 - 2012-09-16 08:21 - 00000000 ____D C:\Program Files (x86)\Hugin
2016-10-21 22:55 - 2012-06-24 19:42 - 00000000 ____D C:\Program Files (x86)\Poladroid
2016-10-21 22:55 - 2012-06-24 17:37 - 00000000 ____D C:\Program Files (x86)\Windows Live
2016-10-21 22:55 - 2012-06-24 11:08 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-10-21 22:55 - 2012-06-22 14:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-21 22:55 - 2012-06-22 14:42 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2016-10-21 22:55 - 2012-06-22 14:26 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-10-21 22:55 - 2012-06-21 16:43 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-10-21 22:55 - 2012-06-21 16:43 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-10-21 22:55 - 2012-06-21 16:38 - 00000000 ____D C:\Program Files (x86)\Marvell
2016-10-21 22:55 - 2012-06-21 16:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-21 22:55 - 2012-06-21 16:16 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-10-21 22:55 - 2012-06-21 16:10 - 00000000 ____D C:\Program Files (x86)\Intel
2016-10-21 22:55 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-10-21 22:55 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-10-21 22:55 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-21 22:55 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-10-21 22:55 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-10-21 22:55 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-10-21 22:48 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-10-19 12:10 - 2012-06-24 11:10 - 00000000 ____D C:\Users\Célia\AppData\Roaming\vlc
2016-10-15 10:32 - 2013-08-04 21:03 - 00000000 ____D C:\Windows\system32\MRT
2016-10-15 09:23 - 2012-06-21 16:37 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-14 21:09 - 2014-01-31 22:50 - 00000000 ____D C:\Users\Célia\AppData\Roaming\Aegisub
2016-10-14 10:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-14 10:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-14 10:34 - 2014-12-11 22:29 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-14 10:34 - 2014-04-30 11:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-14 10:30 - 2013-03-13 04:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-13 11:21 - 2013-03-13 04:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-13 10:46 - 2012-10-19 02:44 - 00000000 ____D C:\Windows\Minidump
2016-10-11 23:04 - 2012-06-21 18:50 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-11 23:04 - 2012-06-21 18:50 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-11 23:04 - 2012-06-21 18:50 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-11 23:04 - 2012-06-21 18:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-11 23:04 - 2012-06-21 18:49 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-29 09:03 - 2014-12-27 11:41 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-29 09:00 - 2012-06-21 16:45 - 00001945 _____ C:\Windows\epplauncher.mif
2016-09-29 09:00 - 2012-06-21 16:44 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-09-29 08:58 - 2012-06-21 16:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-09-26 17:29 - 2015-12-04 19:48 - 00000000 ____D C:\Windows\rescache

==================== Files in the root of some directories =======

2013-10-25 23:09 - 2010-01-26 11:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2013-03-30 12:14 - 2013-03-30 12:14 - 0000621 _____ () C:\Users\Célia\AppData\Roaming\.ptbt0
2012-11-02 04:07 - 2012-11-13 07:04 - 0000132 _____ () C:\Users\Célia\AppData\Roaming\Préfs Format GIF Adobe CS6
2013-12-19 10:12 - 2016-08-29 21:12 - 0000357 _____ () C:\Users\Célia\AppData\Roaming\WB.CFG
2015-09-07 22:03 - 2015-09-07 22:03 - 0353118 _____ () C:\Users\Célia\AppData\Local\SquareClock.Production_HBMV1Icon.ico

Files to move or delete:
====================
C:\Users\Célia\ZHPCleaner.exe


Some files in TEMP:
====================
C:\Users\Célia\AppData\Local\Temp\Browser_V5.7.15319.5_r_4670_(Build1608291541).exe
C:\Users\Célia\AppData\Local\Temp\catalyst_mobility_64-bit_util.exe
C:\Users\Célia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcbnhu_.dll
C:\Users\Célia\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Célia\AppData\Local\Temp\i24tjk1g.dll
C:\Users\Célia\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Célia\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\Célia\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Célia\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Célia\AppData\Local\Temp\libeay32.dll
C:\Users\Célia\AppData\Local\Temp\mp3el2.exe
C:\Users\Célia\AppData\Local\Temp\msvcr120.dll
C:\Users\Célia\AppData\Local\Temp\nsg28C.tmp.exe
C:\Users\Célia\AppData\Local\Temp\ose00000.exe
C:\Users\Célia\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Célia\AppData\Local\Temp\sqlite3.dll
C:\Users\Célia\AppData\Local\Temp\Uni000.exe
C:\Users\Célia\AppData\Local\Temp\vk_ok_adblock.exe
C:\Users\Célia\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Célia\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Célia\AppData\Local\Temp\ysins.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-16 12:35

==================== End of FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité