cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 01/01/2017 10:56:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jf\Downloads
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 60,11% Memory free
8,00 Gb Paging File | 6,40 Gb Available in Paging File | 80,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,54 Gb Total Space | 200,85 Gb Free Space | 86,37% Space Free | Partition Type: NTFS
Drive D: | 297,99 Gb Total Space | 297,89 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Drive E: | 7,62 Gb Total Space | 1,83 Gb Free Space | 23,97% Space Free | Partition Type: NTFS

Computer Name: JF-PC | User Name: jf | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2017/01/01 10:48:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jf\Downloads\OTL.exe
PRC - [2016/12/13 00:39:13 | 000,427,064 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
PRC - [2016/12/13 00:39:09 | 000,427,064 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
PRC - [2016/12/09 02:22:13 | 000,510,920 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/11/14 13:30:58 | 001,879,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/11/14 10:45:38 | 000,426,040 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/12/13 00:39:07 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/12/13 00:39:10 | 000,464,440 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerNetworkService)
SRV:[b]64bit:[/b] - [2016/12/13 00:39:10 | 000,464,440 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerLocalSystem)
SRV:[b]64bit:[/b] - [2016/12/13 00:39:07 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe -- (NVIDIA Wireless Controller Service)
SRV:[b]64bit:[/b] - [2016/11/14 21:14:42 | 000,361,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2016/11/14 21:14:42 | 000,119,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/12/13 00:39:13 | 000,427,064 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -- (NvTelemetryContainer)
SRV - [2016/12/09 02:22:32 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/11/14 13:30:58 | 001,879,488 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/11/14 10:45:38 | 000,426,040 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/12/13 00:39:14 | 000,047,672 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2016/12/13 00:38:57 | 000,029,240 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2016/08/25 09:46:12 | 000,135,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2010/08/12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC






IE - HKU\S-1-5-21-681456610-4052110811-3463008291-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/fr-fr/?ocid=iehp
IE - HKU\S-1-5-21-681456610-4052110811-3463008291-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-681456610-4052110811-3463008291-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 BC A8 C0 90 63 D2 01 [binary data]
IE - HKU\S-1-5-21-681456610-4052110811-3463008291-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-681456610-4052110811-3463008291-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-681456610-4052110811-3463008291-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.5.1.1-signed
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2016/12/31 19:45:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jf\AppData\Roaming\mozilla\Extensions
[2017/01/01 10:53:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jf\AppData\Roaming\mozilla\Firefox\Profiles\ixbg9jld.default\extension-data
[2016/12/31 21:02:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jf\AppData\Roaming\mozilla\Firefox\Profiles\ixbg9jld.default\extensions
[2016/12/31 21:02:28 | 000,074,664 | ---- | M] () (No name found) -- C:\Users\jf\AppData\Roaming\mozilla\firefox\profiles\ixbg9jld.default\extensions\translator@zoli.bod.xpi
[2016/12/31 20:26:39 | 001,558,801 | ---- | M] () (No name found) -- C:\Users\jf\AppData\Roaming\mozilla\firefox\profiles\ixbg9jld.default\extensions\uBlock0@raymondhill.net.xpi
[2016/12/31 19:44:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20783AE4-0BF6-42B7-B288-65194C08F3D0}: DhcpNameServer = 192.168.1.254
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016/12/13 19:31:29 | 000,000,122 | ---- | M] () - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] MsMpSvc - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] MsMpSvc - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:[b]64bit:[/b] >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:[b]64bit:[/b] >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017/01/01 10:36:07 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Roaming\ZHP
[2017/01/01 10:22:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2017/01/01 10:07:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2017/01/01 10:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2016/12/31 21:13:49 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Local\Chromium
[2016/12/31 21:13:49 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Local\CEF
[2016/12/31 21:13:47 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2016/12/31 21:13:47 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2016/12/31 21:13:47 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2016/12/31 21:13:47 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2016/12/31 21:13:45 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2016/12/31 21:13:45 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2016/12/31 21:13:23 | 001,855,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/12/31 21:13:23 | 001,756,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/12/31 21:13:23 | 001,454,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/12/31 21:13:23 | 001,318,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/12/31 21:10:06 | 000,157,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/12/31 21:10:06 | 000,125,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/12/31 21:10:06 | 000,047,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2016/12/31 21:07:58 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Local\Nvidia Corporation
[2016/12/31 20:53:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2016/12/31 20:53:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2016/12/31 20:53:23 | 000,615,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/12/31 20:51:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2016/12/31 20:48:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2016/12/31 20:47:55 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2016/12/31 20:42:59 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2016/12/31 20:42:59 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2016/12/31 20:42:59 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2016/12/31 20:42:59 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2016/12/31 20:42:59 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2016/12/31 20:42:59 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2016/12/31 20:42:59 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2016/12/31 20:42:59 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2016/12/31 20:41:38 | 031,523,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/12/31 20:41:38 | 024,208,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/12/31 20:41:38 | 017,559,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/12/31 20:41:38 | 014,497,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2016/12/31 20:41:38 | 013,915,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/12/31 20:41:38 | 013,826,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/12/31 20:41:38 | 011,270,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/12/31 20:41:38 | 011,208,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/12/31 20:41:38 | 004,253,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/12/31 20:41:38 | 003,995,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/12/31 20:41:38 | 001,908,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434201.dll
[2016/12/31 20:41:38 | 001,557,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434201.dll
[2016/12/31 20:41:38 | 000,951,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/12/31 20:41:38 | 000,913,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/12/31 20:41:38 | 000,909,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/12/31 20:41:38 | 000,876,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/12/31 20:41:37 | 023,000,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2016/12/31 20:41:37 | 015,301,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2016/12/31 20:41:37 | 002,822,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2016/12/31 20:39:54 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2016/12/31 20:25:44 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2016/12/31 20:25:44 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2016/12/31 20:20:42 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Local\NVIDIA
[2016/12/31 20:16:46 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2016/12/31 20:16:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2016/12/31 20:16:26 | 006,789,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2016/12/31 20:16:26 | 003,528,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2016/12/31 20:16:26 | 002,558,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2016/12/31 20:16:26 | 000,384,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2016/12/31 20:16:26 | 000,062,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2016/12/31 20:16:10 | 000,082,488 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2016/12/31 20:16:10 | 000,067,520 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2016/12/31 20:15:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2016/12/31 20:07:20 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2016/12/31 20:07:20 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2016/12/31 20:07:17 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2016/12/31 20:07:17 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2016/12/31 20:07:17 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2016/12/31 20:07:00 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Local\ElevatedDiagnostics
[2016/12/31 19:48:01 | 000,758,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\cohelper.dll
[2016/12/31 19:48:01 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2016/12/31 19:47:01 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2016/12/31 19:47:01 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2016/12/31 19:47:01 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2016/12/31 19:47:01 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2016/12/31 19:47:01 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2016/12/31 19:47:01 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2016/12/31 19:47:01 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2016/12/31 19:47:01 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2016/12/31 19:47:01 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2016/12/31 19:47:01 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2016/12/31 19:47:01 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2016/12/31 19:47:01 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2016/12/31 19:47:01 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2016/12/31 19:47:01 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2016/12/31 19:47:01 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2016/12/31 19:47:01 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2016/12/31 19:46:58 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2016/12/31 19:46:58 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2016/12/31 19:46:57 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016/12/31 19:46:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016/12/31 19:46:57 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2016/12/31 19:46:57 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2016/12/31 19:46:57 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2016/12/31 19:46:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2016/12/31 19:46:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2016/12/31 19:46:51 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2016/12/31 19:46:51 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2016/12/31 19:46:51 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2016/12/31 19:46:51 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2016/12/31 19:46:51 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2016/12/31 19:46:50 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2016/12/31 19:46:50 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2016/12/31 19:46:49 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2016/12/31 19:46:49 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2016/12/31 19:46:49 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2016/12/31 19:46:49 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2016/12/31 19:46:49 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2016/12/31 19:46:49 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2016/12/31 19:46:49 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2016/12/31 19:46:49 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2016/12/31 19:46:49 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2016/12/31 19:46:49 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2016/12/31 19:46:49 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2016/12/31 19:46:49 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2016/12/31 19:46:49 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2016/12/31 19:46:49 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2016/12/31 19:46:49 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2016/12/31 19:45:04 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Roaming\Mozilla
[2016/12/31 19:45:04 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Local\Mozilla
[2016/12/31 19:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2016/12/31 19:44:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016/12/31 19:37:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2016/12/31 19:36:08 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Local\Diagnostics
[2016/12/31 19:24:08 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2016/12/31 19:21:28 | 005,503,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2016/12/31 19:21:28 | 003,908,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2016/12/31 19:21:27 | 003,963,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2016/12/31 19:21:27 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2016/12/31 19:21:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2016/12/31 19:21:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2016/12/31 19:21:26 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EOSNotify.exe
[2016/12/31 19:06:04 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2016/12/31 19:06:03 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2016/12/31 19:06:03 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2016/12/31 19:05:58 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2016/12/31 19:05:58 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2016/12/31 19:05:58 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2016/12/31 19:05:54 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2016/12/31 19:05:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2016/12/31 19:00:37 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2016/12/31 18:58:19 | 000,000,000 | R--D | C] -- C:\Users\jf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2016/12/31 18:58:19 | 000,000,000 | R--D | C] -- C:\Users\jf\Searches
[2016/12/31 18:58:19 | 000,000,000 | R--D | C] -- C:\Users\jf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2016/12/31 18:58:19 | 000,000,000 | -H-D | C] -- C:\Users\jf\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2016/12/31 18:58:07 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Roaming\Identities
[2016/12/31 18:58:02 | 000,000,000 | R--D | C] -- C:\Users\jf\Contacts
[2016/12/31 18:57:59 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Local\VirtualStore
[2016/12/31 18:57:41 | 000,000,000 | --SD | C] -- C:\Users\jf\AppData\Roaming\Microsoft
[2016/12/31 18:57:41 | 000,000,000 | R--D | C] -- C:\Users\jf\Videos
[2016/12/31 18:57:41 | 000,000,000 | R--D | C] -- C:\Users\jf\Saved Games
[2016/12/31 18:57:41 | 000,000,000 | R--D | C] -- C:\Users\jf\Pictures
[2016/12/31 18:57:41 | 000,000,000 | R--D | C] -- C:\Users\jf\Music
[2016/12/31 18:57:41 | 000,000,000 | R--D | C] -- C:\Users\jf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2016/12/31 18:57:41 | 000,000,000 | R--D | C] -- C:\Users\jf\Links
[2016/12/31 18:57:41 | 000,000,000 | R--D | C] -- C:\Users\jf\Favorites
[2016/12/31 18:57:41 | 000,000,000 | R--D | C] -- C:\Users\jf\Downloads
[2016/12/31 18:57:41 | 000,000,000 | R--D | C] -- C:\Users\jf\Documents
[2016/12/31 18:57:41 | 000,000,000 | R--D | C] -- C:\Users\jf\Desktop
[2016/12/31 18:57:41 | 000,000,000 | R--D | C] -- C:\Users\jf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Voisinage réseau
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Voisinage d'impression
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\AppData\Local\Temporary Internet Files
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\SendTo
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Recent
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Modèles
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Documents\Mes vidéos
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Documents\Mes images
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Mes documents
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Menu Démarrer
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Documents\Ma musique
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Local Settings
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\AppData\Local\Historique
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Cookies
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\Application Data
[2016/12/31 18:57:41 | 000,000,000 | -HSD | C] -- C:\Users\jf\AppData\Local\Application Data
[2016/12/31 18:57:41 | 000,000,000 | -H-D | C] -- C:\Users\jf\AppData
[2016/12/31 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Local\Temp
[2016/12/31 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Local\Microsoft
[2016/12/31 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\jf\AppData\Roaming\Media Center Programs
[2016/12/31 18:57:27 | 000,000,000 | -HSD | C] -- C:\Recovery
[2016/12/31 18:57:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2016/12/31 18:57:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2016/12/31 18:57:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2016/12/31 18:57:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2016/12/31 18:57:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2016/12/31 18:57:27 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2016/12/31 18:57:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2016/12/31 18:57:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2016/12/31 18:53:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2016/12/31 18:50:53 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2016/12/31 18:50:34 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2016/12/31 18:49:39 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2017/01/01 10:54:42 | 000,000,779 | ---- | M] () -- C:\Users\jf\Desktop\ZHPDiag.lnk
[2017/01/01 10:43:22 | 001,683,252 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017/01/01 10:43:22 | 000,745,056 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2017/01/01 10:43:22 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017/01/01 10:43:22 | 000,148,574 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2017/01/01 10:43:22 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017/01/01 10:41:00 | 001,639,320 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2017/01/01 10:38:49 | 000,016,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017/01/01 10:38:49 | 000,016,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017/01/01 10:33:19 | 000,007,604 | ---- | M] () -- C:\Users\jf\AppData\Local\Resmon.ResmonCfg
[2017/01/01 10:07:37 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2017/01/01 09:26:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017/01/01 09:25:57 | 3220,082,688 | -HS- | M] () -- C:\hiberfil.sys
[2016/12/31 21:13:49 | 000,001,412 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2016/12/31 19:44:58 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/12/31 19:25:57 | 000,265,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2016/12/31 19:01:18 | 000,001,453 | ---- | M] () -- C:\Users\jf\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2016/12/31 18:54:50 | 000,057,694 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2016/12/31 18:54:50 | 000,057,694 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2016/12/31 18:53:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2016/12/13 00:39:16 | 001,855,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/12/13 00:39:16 | 001,756,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/12/13 00:39:16 | 001,454,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/12/13 00:39:16 | 001,318,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/12/13 00:39:16 | 000,121,912 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[2016/12/13 00:39:14 | 000,157,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/12/13 00:39:14 | 000,125,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/12/13 00:39:14 | 000,047,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2016/12/12 15:37:33 | 000,001,951 | ---- | M] () -- C:\Windows\NvContainerRecovery.bat
[2016/12/12 15:36:24 | 000,001,951 | ---- | M] () -- C:\Windows\NvTelemetryContainerRecovery.bat

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/01/01 10:36:19 | 000,000,779 | ---- | C] () -- C:\Users\jf\Desktop\ZHPDiag.lnk
[2017/01/01 10:07:37 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2017/01/01 10:07:15 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2016/12/31 21:13:49 | 000,001,412 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2016/12/31 21:13:23 | 000,121,912 | ---- | C] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[2016/12/31 21:12:51 | 000,001,951 | ---- | C] () -- C:\Windows\NvContainerRecovery.bat
[2016/12/31 21:12:47 | 000,001,951 | ---- | C] () -- C:\Windows\NvTelemetryContainerRecovery.bat
[2016/12/31 20:49:35 | 001,639,320 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2016/12/31 20:16:26 | 007,513,855 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2016/12/31 20:04:10 | 000,007,604 | ---- | C] () -- C:\Users\jf\AppData\Local\Resmon.ResmonCfg
[2016/12/31 19:48:01 | 000,011,164 | ---- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin
[2016/12/31 19:44:58 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2016/12/31 19:44:58 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/12/31 19:01:18 | 000,001,453 | ---- | C] () -- C:\Users\jf\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2016/12/31 18:58:28 | 000,001,425 | ---- | C] () -- C:\Users\jf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2016/12/31 18:58:21 | 000,001,459 | ---- | C] () -- C:\Users\jf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2016/12/31 18:57:41 | 000,000,290 | ---- | C] () -- C:\Users\jf\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2016/12/31 18:57:41 | 000,000,272 | ---- | C] () -- C:\Users\jf\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2016/12/31 18:54:43 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2016/12/31 18:54:31 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2016/12/31 18:53:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2016/12/31 18:50:34 | 3220,082,688 | -HS- | C] () -- C:\hiberfil.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2011/08/30 06:21:15 | 014,164,480 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/08/30 05:28:32 | 012,868,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
Invalid Environment Variable: ALLUSERSPROFILE\

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2016/12/31 18:58:07 | 000,000,000 | ---D | M] -- C:\Users\jf\AppData\Roaming\Identities
[2009/07/14 16:35:18 | 000,000,000 | ---D | M] -- C:\Users\jf\AppData\Roaming\Media Center Programs
[2017/01/01 10:09:46 | 000,000,000 | --SD | M] -- C:\Users\jf\AppData\Roaming\Microsoft
[2016/12/31 19:45:10 | 000,000,000 | ---D | M] -- C:\Users\jf\AppData\Roaming\Mozilla
[2017/01/01 10:54:57 | 000,000,000 | ---D | M] -- C:\Users\jf\AppData\Roaming\ZHP

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2017/01/01 10:35:34 | 002,105,344 | ---- | M] () -- C:\Users\jf\AppData\Roaming\ZHP\ZHPDiag3.exe

[color=#A23BEC]< %temp%\.exe /s >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< End of report >

Publicité

Signaler le contenu de ce document

Publicité