Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01
Exécuté par Administrateur (administrateur) sur SRVCTRL (19-06-2017 10:10:27)
Exécuté depuis C:\Users\Administrateur.PROARCHIVES\Desktop
Profils chargés: Administrateur & (Profils disponibles: guest & jeanphilipper & magalip & yvanz & hristok & fredericz & juliettel & gautieru & mirceas & ptournay & Administrateur & Classic .NET AppPool)
Platform: Windows Server 2008 R2 Enterprise Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
(Symantec Corporation) C:\Program Files\Symantec\BACKUP EXEC\RAWS\beremote.exe
(Symantec Corporation) C:\Program Files\Symantec\BACKUP EXEC\RAWS\bedbg.exe
(Hewlett-Packard Company) C:\Program Files\HP\Cissesrv\cissesrv.exe
(Hewlett-Packard Company) C:\Windows\System32\cpqrcmc.exe
(Hewlett-Packard Company) C:\hp\hpsmh\data\cgi-bin\vcagent\vcagent.exe
(Microsoft Corporation) C:\Windows\System32\dfsrs.exe
(Microsoft Corporation) C:\Windows\System32\dns.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\ntfrs.exe
(Quadratus) E:\qappli\Quadra\PGM32\QLockSce.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Bin\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec System Recovery\Agent\VProSvc.exe
(Hewlett-Packard Company) C:\Windows\System32\sysdown.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\smhstart.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\hpsmhd.exe
(Hewlett-Packard Company) C:\Windows\System32\CPQNiMgt\cpqnimgt.exe
(Hewlett-Packard Company) C:\Windows\System32\CpqMgmt\cqmgserv\cqmgserv.exe
(Hewlett-Packard Company) C:\Windows\System32\CpqMgmt\cqmgstor\cqmgstor.exe
(Microsoft Corporation) C:\Windows\System32\dfssvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\rotatelogs.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\rotatelogs.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\hpsmhd.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\rotatelogs.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\rotatelogs.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\rotatelogs.exe
(Hewlett-Packard Company) C:\Windows\System32\CpqMgmt\cqmghost\cqmghost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
(Microsoft Corporation) C:\Windows\System32\iashost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Symantec) C:\Program Files\Symantec\Symantec System Recovery\Shared\Drivers\Service\SymTrackServicex64.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Bin\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\rdpclip.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Microsoft Corporation) C:\Windows\System32\certreq.exe
(Microsoft Corporation) C:\Windows\System32\certreq.exe
(Microsoft Corporation) C:\Windows\System32\choice.exe
(Microsoft Corporation) C:\Windows\System32\choice.exe
(Microsoft Corporation) C:\Windows\System32\cliconfg.exe
(Microsoft Corporation) C:\Windows\System32\cliconfg.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmstp.exe
(Microsoft Corporation) C:\Windows\System32\cmstp.exe
(Microsoft Corporation) C:\Windows\System32\colorcpl.exe
(Microsoft Corporation) C:\Windows\System32\comp.exe
(Microsoft Corporation) C:\Windows\System32\comp.exe
(Microsoft Corporation) C:\Windows\System32\ComputerDefaults.exe
(Microsoft Corporation) C:\Windows\System32\ComputerDefaults.exe
(Microsoft Corporation) C:\Windows\System32\control.exe
(Microsoft Corporation) C:\Windows\System32\credwiz.exe
(Microsoft Corporation) C:\Windows\System32\credwiz.exe
(Microsoft Corporation) C:\Windows\System32\cttune.exe
(Microsoft Corporation) C:\Windows\System32\cttune.exe
(Microsoft Corporation) C:\Windows\System32\cttunesvr.exe
(Microsoft Corporation) C:\Windows\System32\cttunesvr.exe
(Microsoft Corporation) C:\Windows\System32\dcgpofix.exe
(Microsoft Corporation) C:\Windows\System32\dcgpofix.exe
(Microsoft Corporation) C:\Windows\System32\dcpromo.exe
(Microsoft Corporation) C:\Windows\System32\dcpromo.exe
(Microsoft Corporation) C:\Windows\System32\DevicePairingWizard.exe
(Microsoft Corporation) C:\Windows\System32\DevicePairingWizard.exe
(Microsoft Corporation) C:\Windows\System32\dfrgui.exe
(Microsoft Corporation) C:\Windows\System32\dfrgui.exe
(Microsoft Corporation) C:\Windows\System32\dialer.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\diskshadow.exe
(Microsoft Corporation) C:\Windows\System32\dpapimig.exe
(Microsoft Corporation) C:\Windows\System32\dpapimig.exe
(Microsoft Corporation) C:\Windows\System32\DpiScaling.exe
(Microsoft Corporation) C:\Windows\System32\DpiScaling.exe
(Microsoft Corporation) C:\Windows\System32\dsdbutil.exe
(Microsoft Corporation) C:\Windows\System32\dsdbutil.exe
(Microsoft Corporation) C:\Windows\System32\dsmgmt.exe
(Microsoft Corporation) C:\Windows\System32\dsmgmt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
(Microsoft Corporation) C:\Windows\System32\EhStorAuthn.exe
(Microsoft Corporation) C:\Windows\System32\EhStorAuthn.exe
(Microsoft Corporation) C:\Windows\System32\esentutl.exe
(Microsoft Corporation) C:\Windows\System32\esentutl.exe
(Microsoft Corporation) C:\Windows\System32\iexpress.exe
(Microsoft Corporation) C:\Windows\System32\iexpress.exe
(Microsoft Corporation) C:\Windows\System32\label.exe
(Microsoft Corporation) C:\Windows\System32\label.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\msconfig.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\msinfo32.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\choice.exe
(Microsoft Corporation) C:\Windows\System32\choice.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\evntwin.exe
(Microsoft Corporation) C:\Windows\System32\MdSched.exe
(Microsoft Corporation) C:\Windows\System32\MdSched.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\evntwin.exe
(Microsoft Corporation) C:\Windows\System32\evntwin.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\ProvisionShare.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dw20.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [BGClients] => cmd /c start /min c:\windows\system32\wbem\123.bat
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll [X]
HKLM\...\Policies\Explorer: [ShowSuperHidden] 1
HKU\S-1-5-21-2195496237-476440402-2604502530-1194-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092621111\...\MountPoints2: {0b29ed09-8161-11df-9c50-806e6f6e6963} - D:\Browser.exe
HKU\S-1-5-21-2195496237-476440402-2604502530-1194-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092621111\...\MountPoints2: {5c8a07fc-b125-11df-98d1-1cc1de0917e0} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422\...\Run: [HydraVisionDesktopManager] => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
Lsa: [Notification Packages] scecli rassfm
SecurityProviders: credssp.dll, pwdssp.dll
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\..\Interfaces\{028E94BD-8423-400D-B435-39C4672D2321}: [NameServer] 10.37.2.1
Tcpip\..\Interfaces\{7B48C67A-5DCB-4691-8D77-3DBE0D3CA373}: [NameServer] 10.37.2.1
Tcpip\..\Interfaces\{82610343-E587-4771-83D8-0D60F6918A26}: [NameServer] 10.37.2.1,10.37.0.254,127.0.0.1
Tcpip\..\Interfaces\{EC7D71A4-B35B-4A95-939E-737BDCFA51CC}: [NameServer] 10.37.2.1,8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-2195496237-476440402-2604502530-1115-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092619679\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1116-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092620176\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1118-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092620577\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1121-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092620813\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1194-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092621111\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1767-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622147\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-2195496237-476440402-2604502530-1854-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092623203\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-500\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092623747\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
SearchScopes: HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422 -> {B5BAF6F2-2079-4317-BDD5-5A78E3564D5F} URL = hxxps://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
SearchScopes: HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422 -> {D6C41D3A-B27B-4D0F-9185-9AB4FAB4969A} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO-x32: Pas de nom -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> Pas de fichier
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-06-01] (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-06-01] (Sun Microsystems, Inc.)
Handler: hpapp - Pas de valeur CLSID
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF => non trouvé(e)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ADWS; C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe [487424 2013-01-25] (Microsoft Corporation)
R2 BackupExecAgentAccelerator; C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\beremote.exe [1857360 2013-07-12] (Symantec Corporation)
R2 bedbg; C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\bedbg.exe [359760 2013-07-12] (Symantec Corporation)
S4 CIMnotify; C:\Windows\system32\CIMntfy\cimntfy.exe [268392 2010-02-17] (Hewlett-Packard Company)
R2 Cissesrv; C:\Program Files\HP\Cissesrv\cissesrv.exe [163840 2010-01-19] (Hewlett-Packard Company) [Fichier non signé]
R2 CpqNicMgmt; C:\Windows\system32\CPQNiMgt\cpqnimgt.exe [9728 2010-01-21] (Hewlett-Packard Company) [Fichier non signé]
R2 CpqRcmc; C:\Windows\system32\cpqrcmc.exe [22568 2008-11-14] (Hewlett-Packard Company)
R2 cpqvcagent; C:\hp\hpsmh\data\cgi-bin\vcagent\vcagent.exe [1291776 2010-02-25] (Hewlett-Packard Company) [Fichier non signé]
R2 CqMgHost; C:\Windows\system32\CpqMgmt\cqmghost\cqmghost.exe [15464 2010-02-17] (Hewlett-Packard Company)
R2 CqMgServ; C:\Windows\system32\CpqMgmt\cqmgserv\cqmgserv.exe [15464 2010-02-26] (Hewlett-Packard Company)
R2 CqMgStor; C:\Windows\system32\CpqMgmt\cqmgstor\cqmgstor.exe [20992 2010-01-11] (Hewlett-Packard Company) [Fichier non signé]
R2 Dfs; C:\Windows\system32\dfssvc.exe [377344 2010-11-20] (Microsoft Corporation)
R2 DFSR; C:\Windows\system32\DFSRs.exe [4518400 2010-11-20] (Microsoft Corporation)
R2 DHCPServer; C:\Windows\System32\dhcpssvc.dll [729088 2010-11-20] (Microsoft Corporation)
R2 DNS; C:\Windows\system32\dns.exe [700928 2017-04-07] (Microsoft Corporation)
S3 FCRegSvc; C:\Windows\system32\FCRegSvc.dll [25600 2009-07-14] (Microsoft Corporation)
S3 GenericMount Helper Service; C:\Program Files\Symantec\Symantec System Recovery\Shared\Drivers\GenericMountHelperx64.exe [1931024 2014-08-28] (Symantec)
S4 GxFilActualiteService; E:\Bureautique\Commun\GENESYS\MAJ\Fil d'actualité\GX Service Fil Actualite\GxFilActualiteService.exe [3484160 2013-12-17] () [Fichier non signé]
S4 IsmServ; C:\Windows\System32\ismserv.exe [59392 2010-11-20] (Microsoft Corporation)
R2 kdc; C:\Windows\System32\lsass.exe [30720 2017-04-28] (Microsoft Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-02-17] (Symantec Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [220104 2012-06-12] (Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [32096 2010-04-03] (Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62118344 2012-06-12] (Microsoft Corporation)
S3 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe [54791520 2011-06-17] (Microsoft Corporation)
R2 NTDS; C:\Windows\System32\lsass.exe [30720 2017-04-28] (Microsoft Corporation)
R2 NtFrs; C:\Windows\system32\ntfrs.exe [1020416 2010-11-20] (Microsoft Corporation)
S3 PDVFSService; C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\PDVFSService.exe [301680 2013-06-20] ()
R2 QLocks; e:\qappli\quadra\pgm32\QLockSce.exe [258048 2014-02-12] (Quadratus) [Fichier non signé]
S3 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2180960 2011-06-17] (Microsoft Corporation)
S3 RSoPProv; C:\Windows\system32\RSoPProv.exe [91648 2009-07-14] (Microsoft Corporation)
S3 sacsvr; C:\Windows\system32\sacsvr.dll [14848 2009-07-14] (Microsoft Corporation)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Bin\ccSvcHst.exe [155168 2016-10-14] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Bin64\snac64.exe [378152 2016-10-14] (Symantec Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-12] (Microsoft Corporation)
R2 Symantec System Recovery; C:\Program Files\Symantec\Symantec System Recovery\Agent\VProSvc.exe [6446176 2015-03-23] (Symantec Corporation)
R3 SymTrackService; C:\Program Files\Symantec\Symantec System Recovery\Shared\Drivers\Service\SymTrackServicex64.exe [2980096 2015-02-19] (Symantec)
R2 sysdown; C:\Windows\system32\sysdown.exe [17960 2010-01-25] (Hewlett-Packard Company)
R2 SysMgmtHp; C:\hp\hpsmh\bin\smhstart.exe [2041856 2010-01-28] (Hewlett-Packard Company) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [2210816 2009-06-24] (ATI Technologies Inc.)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\BASHDefs\20170616.007\BHDrvx64.sys [1862784 2017-06-05] (Symantec Corporation)
R1 ccSettings_{401E2631-C8BD-44F0-A072-0862598AFBD3}; C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\ccSetx64.sys [174328 2016-10-14] (Symantec Corporation)
R3 CpqCiDrv; C:\Windows\System32\DRIVERS\cpqcidrv.sys [51752 2009-05-11] (Hewlett-Packard Company)
S3 CPQTeam; C:\Windows\System32\DRIVERS\cpqteam.sys [225792 2010-02-24] (Hewlett-Packard Company)
S3 CPQTeamMP; C:\Windows\System32\DRIVERS\cpqteam.sys [225792 2010-02-24] (Hewlett-Packard Company)
R1 DfsDriver; C:\Windows\System32\drivers\dfs.sys [51776 2009-07-14] (Microsoft Corporation)
R0 DfsrRo; C:\Windows\System32\drivers\dfsrro.sys [66944 2010-11-20] (Microsoft Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507032 2017-06-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-06-13] (Symantec Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-05-31] ()
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [69360 2014-08-28] ()
R0 HpCISSs2; C:\Windows\System32\DRIVERS\HpCISSs2.sys [156776 2010-02-22] (Hewlett-Packard Company)
R0 hpqilo2; C:\Windows\System32\DRIVERS\hpqilo2.sys [160296 2010-01-25] (Hewlett-Packard Company)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\IPSDefs\20170616.011\IDSvia64.sys [1012864 2017-06-14] (Symantec Corporation)
S3 ioatdma; C:\Windows\System32\Drivers\qd260x64.sys [35328 2009-06-10] (Intel Corporation)
S3 l2nd; C:\Windows\System32\DRIVERS\bxnd60a.sys [83496 2010-02-01] (Broadcom Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188312 2017-06-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [113592 2017-06-19] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [44960 2017-06-19] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-19] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-06-19] (Malwarebytes)
R1 PDVFSDriver; C:\Windows\System32\drivers\pdfsd.sys [81496 2013-01-14] (Symantec Corporation)
S4 PDVFSNP; pas de ImagePath
R3 q57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [321064 2010-01-20] (Broadcom Corporation)
S0 sacdrv; C:\Windows\System32\DRIVERS\sacdrv.sys [96320 2009-07-14] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SRTSP64.SYS [779504 2016-10-14] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SRTSPX64.SYS [48888 2016-10-14] (Symantec Corporation)
R0 SSRFSF; C:\Windows\System32\DRIVERS\SSRFsF.sys [28432 2014-09-22] (Symantec)
R0 SymEFASI; C:\Windows\System32\drivers\symefasi\0601010.013\symefasi.sys [1628888 2017-06-13] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [101104 2017-06-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\Ironx64.SYS [294128 2016-10-14] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SYMNETS.SYS [567536 2016-10-14] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [124480 2016-10-14] (Symantec Corporation)
R3 VirtFile; C:\Windows\System32\DRIVERS\VirtFile.sys [115440 2013-01-04] (Symantec Corporation)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [34544 2014-09-17] ()
R0 Vtrack; C:\Windows\System32\DRIVERS\VTrack.sys [466704 2014-09-22] (Symantec)
S3 NAVENG; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\SDSDefs\20170613.003\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\SDSDefs\20170613.003\EX64.SYS [X]
U3 SPBBCDrv; [X]
U0 symsnap; pas de ImagePath
========================== MD5 Pilotes =======================
C:\Windows\system32\drivers\1394ohci.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\ACPI.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\acpipmi.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\adp94xx.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\adpahci.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\adpu320.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\afd.sys 0DC2A9882540DEA4A55B08785E09D8FC
C:\Windows\system32\drivers\agp440.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\aliide.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\amdide.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\amdk8.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\amdppm.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 00D77B30CA9CB1D7793AC952549331A0
C:\Windows\system32\DRIVERS\arc.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\arcsas.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\asyncmac.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\atapi.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ati2mtag.sys 8BF2F7453BA6233F76A45FB1E73B7419
C:\Windows\System32\DRIVERS\bxvbda.sys EC13E07DFD6313A43E561F90EAF46520
C:\Windows\System32\DRIVERS\b57nd60a.sys 62FF331D34C9408435535E47AA113031
C:\Windows\System32\Drivers\Beep.sys ==> Le MD5 est légitime
C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\BASHDefs\20170616.007\BHDrvx64.sys CC39063453D126E565C17981F411BA87
C:\Windows\System32\DRIVERS\blbdrive.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\bowser.sys ABA3984C822E4D3F889699912D85D6C5
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Brserid.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\BrSerWdm.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\BrUsbSer.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\ccSetx64.sys 03427B8FF618BE50EB5027B4E549C0D8
C:\Windows\System32\DRIVERS\cdfs.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\cdrom.sys ==> Le MD5 est légitime
C:\Windows\System32\CLFS.sys 3D67C27DD17B254D7915FA16A5AE3573
C:\Windows\system32\DRIVERS\CmBatt.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\cmdide.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\cng.sys A98CED39AD91B445E2E442A9BD67E8B4
C:\Windows\system32\DRIVERS\compbatt.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\CompositeBus.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\cpqcidrv.sys 42359CD29C14C94ACE1F908852259E28
C:\Windows\System32\DRIVERS\cpqteam.sys D1EAFA0F8F4FF31A544F43110E6CDA8B
C:\Windows\System32\DRIVERS\cpqteam.sys D1EAFA0F8F4FF31A544F43110E6CDA8B
C:\Windows\system32\DRIVERS\crcdisk.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\dfsc.sys 9B38580063D281A99E68EF5813022A5F
C:\Windows\System32\drivers\dfs.sys FFFE7EF57BD8C93AB3076B340FAE0830
C:\Windows\System32\drivers\dfsrro.sys E66B02FC5250331BAAC1CAE2111D1288
C:\Windows\System32\drivers\discache.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\disk.sys 616387BBD83372220B09DE95F4E67BBC
C:\Windows\System32\drivers\dxgkrnl.sys 30545EF2A1E3EF79450AED5DF80F5884
C:\Windows\system32\DRIVERS\evbda.sys ==> Le MD5 est légitime
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys F141EE982C1A06839E9C4D81C09445B8
C:\Windows\system32\DRIVERS\elxstor.sys ==> Le MD5 est légitime
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 2FDBBCCF9B4516C4F1B2171810EF4939
C:\Windows\system32\drivers\errdev.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\mbae64.sys 5C9CA030C451CB3553DB9094C68EE6E9
C:\Windows\System32\Drivers\exfat.sys 7E45F8B117419ABA3BB26579F6E70324
C:\Windows\System32\Drivers\fastfat.sys 6EDFA237D25433C03F42FBFDB16BDD24
C:\Windows\system32\DRIVERS\fdc.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\fileinfo.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\filetrace.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\flpydisk.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\fltmgr.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\FsDepends.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\GenericMount.sys AF9ACACB28C89C4531C450EC538372EE
C:\Windows\system32\drivers\HDAudBus.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\HidBatt.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\hidusb.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\HpCISSs2.sys 64F1B1D6DFA66F59F552864B4FBE7680
C:\Windows\System32\DRIVERS\hpqilo2.sys D6EF2C4F0B02FD82FAC3887086D56443
C:\Windows\System32\drivers\HpSAMD.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\i8042prt.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\IPSDefs\20170616.011\IDSvia64.sys 65021B80FC14226690FDD7A34ABDC80E
C:\Windows\system32\DRIVERS\iirsp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\intelide.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\intelppm.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\qd260x64.sys FF0FB51A0ACC2E2D0D412138A05A0B59
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\IPMIDrv.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\ipnat.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\isapnp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\system32\drivers\kbdclass.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\kbdhid.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\ksecdd.sys 15682ED7B70B186C9C2BE6CA423D8E74
C:\Windows\System32\Drivers\ksecpkg.sys 945F4DA63A76EB2725C070BF3A86B5A5
C:\Windows\system32\drivers\ksthunk.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\bxnd60a.sys 1926299DABD3DB8AF4E456368791AC0A
C:\Windows\System32\DRIVERS\lltdio.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\luafv.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\MBAMChameleon.sys E095FFE590241C1765D093E91E325147
C:\Windows\system32\drivers\farflt.sys C51267EE2726707D38C489C06DDF01ED
C:\Windows\system32\drivers\mbam.sys 68B3141EEFEA3AF9C244945B52247241
C:\Windows\system32\drivers\MBAMSwissArmy.sys 913F4230E29E312D1B4B02E2BAC67C87
C:\Windows\system32\drivers\mwac.sys D2E49FBBFCDB16584C6E457B2888E453
C:\Windows\system32\DRIVERS\megasas.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\MegaSR.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\modem.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\monitor.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\mouclass.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\mouhid.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\mountmgr.sys 8ADB5445B29941CB41AF2846FD5C93C7
C:\Windows\system32\drivers\mpio.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\mpsdrv.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\mrxsmb.sys 054F780A442DB96F9FE10501B35E75CA
C:\Windows\System32\DRIVERS\mrxsmb10.sys A1EAC982807B3179DD92235B6B709C0A
C:\Windows\System32\DRIVERS\mrxsmb20.sys E6B504F163094F2DB84F7D34A893FA00
C:\Windows\system32\drivers\msahci.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\msdsm.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Msfs.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\mshidkmdf.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\msisadrv.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\MsRPC.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\mssmbios.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\MTConfig.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\mup.sys AA0C2BA3782E92BD85E2264BE418E67C
C:\Windows\System32\drivers\ndis.sys F7309F42555F8AAB7144A51A1F2585B0
C:\Windows\System32\DRIVERS\ndiscap.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ndistapi.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ndisuio.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ndiswan.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\NDProxy.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\netbios.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\netbt.sys E47D571FEC2C76E867935109AB2A770C
C:\Windows\system32\DRIVERS\nfrd960.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Npfs.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\nsiproxy.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Ntfs.sys 47B2D0B31BDC3EBE6090228E2BA3764D
C:\Windows\System32\Drivers\Null.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\ohci1394.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\parport.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\pciide.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\pcmcia.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\pcw.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\pdfsd.sys 92452A36525119B1C3C704CDFA09A8DB
C:\Windows\System32\drivers\peauth.sys EA4D67448BE493D543F1730D6CD04694
C:\Windows\System32\DRIVERS\raspptp.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\processr.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\pacer.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\b57nd60a.sys 62FF331D34C9408435535E47AA113031
C:\Windows\system32\DRIVERS\ql2300.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\ql40xx.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rasacd.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\raspppoe.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rassstp.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rdbss.sys 71B6F78D6444CCE6F77BC42917A4E8F7
C:\Windows\System32\DRIVERS\rdpbus.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\rdpdr.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\rdpencdd.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\rdprefmp.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\DRIVERS\RsFx0151.sys C606C5F712A3761896CEFFA4AF6B1268
C:\Windows\System32\DRIVERS\rspndr.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\vms3cap.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\sacdrv.sys D65E5E5C59F70516E856F5350106CDAB
C:\Windows\system32\drivers\sbp2port.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\scfilter.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\secdrv.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\serenum.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\serial.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\sermouse.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sffdisk.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sffp_mmc.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sffp_sd.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\sfloppy.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\sisraid4.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\smb.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\spldr.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SRTSP64.SYS AC8380901D1F149474689A2E0422D3AB
C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SRTSPX64.SYS 27382B6CF36D08783212FCF8B3691649
C:\Windows\System32\DRIVERS\srv.sys 546C81F238F084A393EC54114741A0A8
C:\Windows\System32\DRIVERS\srv2.sys 431D2B06E8F93EAEC53E8FA37FCFF2F1
C:\Windows\System32\DRIVERS\srvnet.sys 42EDAB3E3E8E25C7093674936C2DB4BD
C:\Windows\System32\DRIVERS\SSRFsF.sys C4F25A99E2427FCCCF0E2AE331A9E18C
C:\Windows\system32\DRIVERS\stexstor.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\vmstorfl.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\storvsc.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\storvsp.sys 6B567ABA6A040F73219628C510FE7144
C:\Windows\system32\drivers\swenum.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\symefasi\0601010.013\symefasi.sys D619758D67B99F5FFB10F44828F92DD3
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 0AE63C39A5AB5EAD1613A155B40FA73A
C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\Ironx64.SYS 86593EA778254471CB0220BFC20D4D8C
C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SYMNETS.SYS 5A185256AE1689912B5EC53F69D53820
C:\Windows\System32\drivers\tcpip.sys 351A21ED3971ADD558956FF3EB0F6FED
C:\Windows\System32\DRIVERS\tcpip.sys 351A21ED3971ADD558956FF3EB0F6FED
C:\Windows\System32\drivers\tcpipreg.sys 7FE5586314EE7D6AA8483264A089E5AF
C:\Windows\System32\drivers\tdpipe.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys EC75A942C32F7F405659D86156DCE4C5
C:\Windows\System32\DRIVERS\Teefer.sys EC01A2196294F397CC70DBC978B96D67
C:\Windows\system32\drivers\termdd.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\uagp35.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\udfs.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\uliagpkx.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\umbus.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\umpass.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\usbccgp.sys 28B81917A195B67617AF7DCF4DFE5736
C:\Windows\system32\drivers\usbehci.sys B626F048318DAE65A3317F0592BE592C
C:\Windows\system32\drivers\usbhub.sys 390109E8E05BA00375DCB1ED64DC60AF
C:\Windows\system32\drivers\usbohci.sys B4DF0F4C1D9D25DFE1DAD1D8670F1D4F
C:\Windows\system32\DRIVERS\usbprint.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\USBSTOR.SYS D029DD09E22EB24318A8FC3D8138BA43
C:\Windows\system32\drivers\usbuhci.sys CFEAAF96E666E3DCBD8F6DFF516784AE
C:\Windows\System32\drivers\vdrvroot.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\vgapnp.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\vga.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\vhdmp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\viaide.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\Vid.sys 1720D283BDB1EAA7F21976586FF52B95
C:\Windows\System32\DRIVERS\VirtFile.sys FBA86314446D68EEE7BA1D016B5F03E0
C:\Windows\System32\drivers\vmbus.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\VMBusHID.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\volmgr.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\volmgrx.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\volsnap.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\vproeventmonitor.sys 47F8D9BEAF9862B3F4DB0CB589DDFC9C
C:\Windows\system32\DRIVERS\vsmraid.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\VTrack.sys 7F7C9B4E8771FE37BD8E7D0823E7CB07
C:\Windows\system32\DRIVERS\wacompen.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\wanarp.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\wanarp.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\wd.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\wimmount.sys ==> Le MD5 est légitime
C:\Windows\SysWOW64\drivers\wimmount.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\wmiacpi.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\ws2ifsl.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
NETSVC: sacsvr -> C:\Windows\system32\sacsvr.dll (Microsoft Corporation)
==================== Trois mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-19 10:10 - 2017-06-19 10:11 - 00044121 _____ C:\Users\Administrateur.PROARCHIVES\Desktop\FRST.txt
2017-06-19 10:05 - 2017-06-19 10:10 - 00000000 ____D C:\FRST
2017-06-19 10:05 - 2017-06-19 10:04 - 02439680 _____ (Farbar) C:\Users\Administrateur.PROARCHIVES\Desktop\FRST64.exe
2017-06-19 09:24 - 2017-06-19 09:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-06-19 09:20 - 2017-06-19 09:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170619-092021-11100-11104.dat
2017-06-19 09:20 - 2017-06-19 09:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170619-092021-11064-11068.dat
2017-06-19 09:20 - 2017-06-19 09:20 - 00000026 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\DisA67B.tmp
2017-06-19 09:11 - 2017-06-19 10:11 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\2
2017-06-18 00:13 - 2017-06-18 00:13 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\Desktop\mbam-rules-2017.06.15
2017-06-18 00:13 - 2017-06-18 00:09 - 18759898 _____ C:\Users\Administrateur.PROARCHIVES\Desktop\mbam-rules-2017.06.15.zip
2017-06-16 17:45 - 2017-06-16 17:45 - 00000843 _____ C:\Users\Administrateur.PROARCHIVES\Desktop\Symantec.csv
2017-06-16 16:24 - 2017-06-16 16:23 - 00380928 _____ C:\Users\Administrateur.PROARCHIVES\Desktop\ic4hg0d1.exe
2017-06-15 18:15 - 2017-06-15 18:15 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF398ECD6F57664365.TMP
2017-06-15 18:15 - 2017-06-15 18:15 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF1394FE2DA310F460.TMP
2017-06-15 18:15 - 2017-06-15 18:15 - 00098304 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DFA7293E0FE88B38D9.TMP
2017-06-15 18:15 - 2017-06-15 18:15 - 00000512 ____T C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF99B389323D257D5D.TMP
2017-06-15 18:15 - 2017-06-15 18:15 - 00000134 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\104993742.od
2017-06-15 18:15 - 2017-06-15 18:15 - 00000000 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\CVR1287.tmp.cvr
2017-06-14 22:17 - 2017-06-15 18:32 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\msohtmlclip1
2017-06-14 22:17 - 2017-06-14 22:17 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\msohtmlclip
2017-06-14 18:15 - 2017-06-14 18:15 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF4E2A6AA5F78D0F87.TMP
2017-06-14 18:15 - 2017-06-14 18:15 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF0713F0AFDDE63F85.TMP
2017-06-14 18:15 - 2017-06-14 18:15 - 00098304 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DFF4A77640470E7935.TMP
2017-06-14 18:15 - 2017-06-14 18:15 - 00000134 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\18605006.od
2017-06-14 18:15 - 2017-06-14 18:15 - 00000000 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\CVRE380.tmp.cvr
2017-06-14 14:43 - 2017-06-14 14:43 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\TeamViewer
2017-06-14 13:20 - 2017-06-14 13:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170614-132016-10372-10368.dat
2017-06-14 13:20 - 2017-06-14 13:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170614-132016-10364-9812.dat
2017-06-14 13:20 - 2017-06-14 13:20 - 00000026 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\DisB05B.tmp
2017-06-14 13:20 - 2017-06-14 13:20 - 00000026 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\DisB05A.tmp
2017-06-13 19:44 - 2017-06-13 19:44 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\VBE
2017-06-13 19:28 - 2017-06-13 19:29 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF4EE745950A414B84.TMP
2017-06-13 19:23 - 2017-06-13 19:24 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF3719D3CD0DB8F7CF.TMP
2017-06-13 18:23 - 2017-06-13 18:23 - 00000134 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\7314933.od
2017-06-13 18:23 - 2017-06-13 18:23 - 00000000 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\CVR99F0.tmp.cvr
2017-06-13 16:40 - 2017-06-13 16:40 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-164017-10820-10824.dat
2017-06-13 16:40 - 2017-06-13 16:40 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-164017-10812-10816.dat
2017-06-13 16:40 - 2017-06-13 16:40 - 00000026 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\DisFC49.tmp
2017-06-13 16:40 - 2017-06-13 16:40 - 00000026 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\DisFC48.tmp
2017-06-13 16:40 - 2017-06-13 16:40 - 00000000 _____ C:\Windows\evntwin.INI
2017-06-13 16:17 - 2017-06-13 16:17 - 00000000 ____D C:\Windows\System32\Tasks\Symantec Endpoint Protection
2017-06-13 16:06 - 2017-06-13 16:29 - 00000146 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\communicator.dat
2017-06-13 16:06 - 2017-06-13 16:06 - 00000000 ____D C:\Windows\system32\Drivers\symefasi
2017-06-13 16:06 - 2017-06-13 16:06 - 00000000 ____D C:\ProgramData\SymEFASI
2017-06-13 15:58 - 2017-06-13 15:58 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\Desktop\Symantec_Endpoint_Protection_14_Win64-bit_Client_FR
2017-06-13 15:40 - 2017-06-19 10:00 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\msdtadmin
2017-06-13 15:40 - 2017-06-13 15:40 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-154021-8804-8696.dat
2017-06-13 15:40 - 2017-06-13 15:40 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-154021-8220-9056.dat
2017-06-13 15:20 - 2017-06-13 15:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-152018-10232-10236.dat
2017-06-13 15:20 - 2017-06-13 15:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-152018-10224-10228.dat
2017-06-13 15:00 - 2017-06-19 10:00 - 00019132 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\ddodiag.xml
2017-06-13 15:00 - 2017-06-13 15:47 - 00257412 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\ArmUI.ini
2017-06-13 15:00 - 2017-06-13 15:00 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-150017-6348-6384.dat
2017-06-13 15:00 - 2017-06-13 15:00 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-150017-1940-5520.dat
2017-06-13 14:54 - 2017-06-13 15:55 - 00009780 _____ C:\Windows\system32\PerfStringBackup.TMP
2017-06-13 14:45 - 2017-06-13 14:45 - 00001432 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\OutofProcReport3110685.txt
2017-06-13 14:04 - 2017-06-13 16:39 - 00001784 _____ C:\Users\Administrateur.PROARCHIVES\Desktop\Traitement proarchives 13062017.txt
2017-06-13 13:54 - 2017-06-13 14:45 - 00266926 _____ C:\Windows\ntbtlog.txt
2017-06-12 10:20 - 2017-06-19 09:40 - 00027515 _____ C:\Windows\diagerr.xml
2017-06-12 10:20 - 2017-06-19 09:40 - 00019053 _____ C:\Windows\diagwrn.xml
2017-06-09 18:10 - 2017-06-09 18:10 - 00188312 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-06-09 18:09 - 2017-06-19 09:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-09 18:09 - 2017-06-19 09:03 - 00252832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-06-09 18:09 - 2017-06-19 09:03 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-06-09 18:09 - 2017-06-19 09:03 - 00084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-06-09 18:09 - 2017-06-19 09:03 - 00044960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-06-09 18:09 - 2017-06-09 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-09 18:09 - 2017-06-09 18:09 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-09 18:09 - 2017-05-31 11:09 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-06-08 11:58 - 2017-06-08 11:58 - 00000000 ____D C:\Windows\java
2017-05-26 22:27 - 2017-05-26 21:55 - 00251585 _____ C:\Wan_proarchives.php
2017-05-10 02:36 - 2017-04-28 03:14 - 05547240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-10 02:36 - 2017-04-28 03:14 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-05-10 02:36 - 2017-04-28 03:14 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-05-10 02:36 - 2017-04-28 03:14 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-05-10 02:36 - 2017-04-28 03:14 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-05-10 02:36 - 2017-04-28 03:11 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:36 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-05-10 02:36 - 2017-04-28 02:36 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-05-10 02:36 - 2017-04-28 02:34 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:19 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-05-10 02:36 - 2017-04-28 02:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-05-10 02:36 - 2017-04-28 02:19 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-10 02:36 - 2017-04-28 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-05-10 02:36 - 2017-04-28 02:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-05-10 02:36 - 2017-04-28 02:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-10 02:36 - 2017-04-28 02:11 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-10 02:36 - 2017-04-28 02:11 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-10 02:36 - 2017-04-28 02:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-05-10 02:36 - 2017-04-28 02:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-05-10 02:36 - 2017-04-28 02:10 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-05-10 02:36 - 2017-04-28 02:08 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-05-10 02:36 - 2017-04-28 02:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-05-10 02:36 - 2017-04-28 02:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-05-10 02:36 - 2017-04-28 02:08 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-05-10 02:36 - 2017-04-28 02:07 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-05-10 02:36 - 2017-04-28 02:07 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:07 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 02:36 - 2017-04-26 16:59 - 03220992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-10 02:36 - 2017-04-21 17:34 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-05-10 02:36 - 2017-04-21 17:15 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-05-10 02:36 - 2017-04-20 02:00 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-10 02:36 - 2017-04-20 01:16 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 02:36 - 2017-04-17 17:37 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-10 02:36 - 2017-04-17 17:37 - 00876544 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-10 02:36 - 2017-04-17 17:37 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-10 02:36 - 2017-04-17 17:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-05-10 02:36 - 2017-04-17 17:37 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-05-10 02:36 - 2017-04-17 17:12 - 01417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-10 02:36 - 2017-04-17 17:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 02:36 - 2017-04-17 17:12 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-05-10 02:36 - 2017-04-17 16:54 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-05-10 02:36 - 2017-04-16 11:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-05-10 02:36 - 2017-04-16 11:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-05-10 02:36 - 2017-04-16 10:57 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-05-10 02:36 - 2017-04-16 10:55 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-05-10 02:36 - 2017-04-16 10:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-05-10 02:36 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-10 02:36 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-10 02:36 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-10 02:36 - 2017-04-16 10:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-05-10 02:36 - 2017-04-16 10:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-05-10 02:36 - 2017-04-16 10:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-05-10 02:36 - 2017-04-16 10:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-05-10 02:36 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-10 02:36 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-10 02:36 - 2017-04-16 10:36 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-05-10 02:36 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-10 02:36 - 2017-04-16 10:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-05-10 02:36 - 2017-04-16 10:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-05-10 02:36 - 2017-04-16 10:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-05-10 02:36 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-10 02:36 - 2017-04-16 10:11 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-05-10 02:36 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-10 02:36 - 2017-04-16 10:09 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-05-10 02:36 - 2017-04-16 10:04 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-05-10 02:36 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-10 02:36 - 2017-04-16 10:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-05-10 02:36 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-10 02:36 - 2017-04-16 10:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-05-10 02:36 - 2017-04-16 10:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-05-10 02:36 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-10 02:36 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-10 02:36 - 2017-04-16 09:57 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-05-10 02:36 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-10 02:36 - 2017-04-16 09:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-05-10 02:36 - 2017-04-16 09:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-05-10 02:36 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-10 02:36 - 2017-04-16 09:48 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-05-10 02:36 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-05-10 02:36 - 2017-04-16 09:47 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-05-10 02:36 - 2017-04-16 09:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-10 02:36 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-10 02:36 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-10 02:36 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-10 02:36 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-10 02:36 - 2017-04-16 09:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-05-10 02:36 - 2017-04-16 09:35 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-05-10 02:36 - 2017-04-16 09:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-10 02:36 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-10 02:36 - 2017-04-16 09:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-05-10 02:36 - 2017-04-16 09:25 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-05-10 02:36 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 02:36 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 02:36 - 2017-04-16 09:20 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-05-10 02:36 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-10 02:36 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-10 02:36 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 02:36 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-10 02:36 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-10 02:36 - 2017-04-16 09:08 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-05-10 02:36 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-10 02:36 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-10 02:36 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-10 02:36 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-10 02:36 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-10 02:36 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-10 02:36 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 02:36 - 2017-04-12 17:32 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-10 02:36 - 2017-04-12 17:32 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-05-10 02:36 - 2017-04-12 17:32 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-05-10 02:36 - 2017-04-12 17:32 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-05-10 02:36 - 2017-04-12 17:26 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-05-10 02:36 - 2017-04-12 17:25 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-10 02:36 - 2017-04-12 17:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-05-10 02:36 - 2017-04-12 17:25 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-05-10 02:36 - 2017-04-07 17:34 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-10 02:36 - 2017-04-07 17:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-10 02:36 - 2017-04-07 17:30 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-10 02:36 - 2017-04-07 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-05-10 02:36 - 2017-04-07 17:22 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-10 02:36 - 2017-04-07 17:03 - 00700928 _____ (Microsoft Corporation) C:\Windows\system32\dns.exe
2017-05-10 02:36 - 2017-04-05 16:55 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-10 02:36 - 2017-04-05 16:55 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-10 02:36 - 2017-04-05 16:55 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-05-10 02:36 - 2017-04-04 17:34 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-05-10 02:36 - 2017-04-04 17:34 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-05-10 02:36 - 2017-04-04 17:34 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-05-10 02:36 - 2017-04-04 16:53 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-05-10 02:36 - 2017-04-04 16:53 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-05-10 02:36 - 2017-03-10 18:32 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-05-10 02:36 - 2017-03-10 18:32 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-05-10 02:36 - 2017-03-10 18:20 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2017-05-10 02:36 - 2017-03-10 18:20 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2017-05-10 02:36 - 2017-03-10 17:57 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-05-10 02:36 - 2017-03-10 17:55 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-05-10 02:36 - 2017-03-10 17:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-05-10 02:36 - 2017-03-09 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-05-10 02:36 - 2017-03-09 18:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-04-14 10:00 - 2017-04-14 10:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-14 10:00 - 2017-04-14 10:00 - 00002051 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-04-12 06:39 - 2017-03-22 17:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-12 06:39 - 2017-03-22 17:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-12 06:39 - 2017-03-22 17:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-12 06:39 - 2017-03-22 17:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-04-12 06:39 - 2017-03-22 17:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-12 06:39 - 2017-03-22 17:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-12 06:39 - 2017-03-22 17:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-12 06:39 - 2017-03-22 17:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-12 06:39 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-04-12 06:39 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-12 06:39 - 2017-03-22 17:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-04-12 06:39 - 2017-03-22 17:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 06:39 - 2017-03-22 17:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-12 06:39 - 2017-03-22 17:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-12 06:39 - 2017-03-22 17:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-12 06:39 - 2017-03-22 17:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-04-12 06:39 - 2017-03-16 17:31 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\vmsntfy.dll
2017-04-12 06:39 - 2017-03-10 18:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-12 06:39 - 2017-03-10 18:32 - 02762240 _____ (Microsoft Corporation) C:\Windows\system32\ntdsai.dll
2017-04-12 06:39 - 2017-03-10 18:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-04-12 06:39 - 2017-03-10 18:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-12 06:39 - 2017-03-10 18:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-04-12 06:39 - 2017-03-10 18:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-04-12 06:39 - 2017-03-10 18:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-12 06:39 - 2017-03-10 18:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-04-12 06:39 - 2017-03-10 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-04-12 06:39 - 2017-03-10 18:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-04-12 06:39 - 2017-03-10 17:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-12 06:39 - 2017-03-07 18:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-12 06:39 - 2017-03-07 18:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-12 06:39 - 2017-03-04 03:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-12 06:39 - 2017-03-04 03:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-12 06:39 - 2017-02-14 18:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-12 06:39 - 2017-02-14 18:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-04-12 06:39 - 2017-02-09 18:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-12 06:39 - 2017-02-09 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-12 06:39 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 06:39 - 2017-01-12 19:37 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2017-04-12 06:39 - 2017-01-12 19:37 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\passthruparser.sys
2017-04-12 06:39 - 2017-01-12 19:37 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdparser.sys
2017-03-29 21:01 - 2017-03-29 21:01 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-03-29 21:01 - 2017-03-29 21:01 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-03-29 21:01 - 2017-03-29 21:01 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-03-29 21:01 - 2017-03-29 21:01 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2017-03-29 21:01 - 2017-03-29 21:01 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-03-29 21:01 - 2017-03-29 21:01 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2017-03-23 18:46 - 2017-03-23 18:46 - 00000000 ____D C:\Users\mirceas\AppData\Local\Apps\2.0
==================== Trois mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-19 10:09 - 2014-07-28 16:00 - 00004198 _____ C:\Windows\System32\Tasks\MAJ_Inventaires
2017-06-19 10:02 - 2010-08-12 11:26 - 00000000 ____D C:\Windows\system32\dhcp
2017-06-19 09:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-06-19 09:20 - 2010-08-10 12:18 - 00006480 _____ C:\Windows\system32\config\netlogon.dnb
2017-06-19 09:20 - 2010-08-10 12:18 - 00002371 _____ C:\Windows\system32\config\netlogon.dns
2017-06-19 09:12 - 2009-07-14 06:49 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-19 09:12 - 2009-07-14 06:49 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-19 09:02 - 2010-08-10 12:13 - 00000000 ____D C:\Windows\system32\dns
2017-06-19 09:02 - 2009-07-14 07:06 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-19 09:01 - 2010-08-10 12:14 - 00000000 ____D C:\Windows\NTDS
2017-06-16 17:50 - 2010-09-01 17:22 - 00004282 _____ C:\Windows\System32\Tasks\Redémarrage
2017-06-15 19:52 - 2011-12-13 12:42 - 00000000 ____D C:\Excel
2017-06-15 18:01 - 2010-08-12 13:01 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\Documents\SQL Server Management Studio
2017-06-14 17:52 - 2016-05-13 15:38 - 00003586 _____ C:\Windows\System32\Tasks\Quadra NumEcr
2017-06-14 17:52 - 2014-04-14 16:21 - 00004582 _____ C:\Windows\System32\Tasks\Tâche_Dernier_Num_conteneur_AGO
2017-06-14 17:51 - 2011-03-10 16:46 - 00003580 _____ C:\Windows\System32\Tasks\MAJ
2017-06-14 17:51 - 2011-03-07 16:31 - 00004258 _____ C:\Windows\System32\Tasks\Power_Test
2017-06-14 16:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2017-06-13 16:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-06-13 16:17 - 2010-08-12 15:58 - 00000000 ____D C:\ProgramData\Symantec
2017-06-13 16:13 - 2010-08-13 12:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection
2017-06-13 16:12 - 2014-03-19 22:11 - 00483624 _____ (Symantec Corporation) C:\Windows\SysWOW64\SymVPN.dll
2017-06-13 16:12 - 2014-03-19 22:11 - 00217896 _____ (Symantec Corporation) C:\Windows\SysWOW64\FwsVpn.dll
2017-06-13 16:12 - 2013-07-06 22:33 - 00222504 _____ (Symantec Corporation) C:\Windows\system32\FwsVpn.dll
2017-06-13 16:12 - 2013-07-06 22:33 - 00094504 _____ (Symantec Corporation) C:\Windows\system32\snacnp.dll
2017-06-13 16:12 - 2013-07-06 22:33 - 00083752 _____ (Symantec Corporation) C:\Windows\SysWOW64\snacnp.dll
2017-06-13 16:12 - 2013-07-06 22:33 - 00047696 _____ (Symantec Corporation) C:\Windows\system32\Drivers\WGX64.SYS
2017-06-13 16:12 - 2010-08-12 15:49 - 00608040 _____ (Symantec Corporation) C:\Windows\system32\SymVPN.dll
2017-06-13 16:06 - 2013-07-05 11:22 - 00000000 ____D C:\Windows\system32\Drivers\SEP
2017-06-13 16:06 - 2013-07-05 11:22 - 00000000 ____D C:\ProgramData\regid.1992-12.com.symantec
2017-06-13 16:06 - 2010-08-13 13:00 - 00101104 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2017-06-13 16:06 - 2010-08-13 13:00 - 00008270 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2017-06-13 15:51 - 2016-03-01 23:36 - 00004486 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-13 15:51 - 2013-06-27 15:06 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-06-13 15:50 - 2014-12-24 10:13 - 00004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-06-13 15:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2017-06-06 15:43 - 2015-08-03 11:36 - 00000250 ___SH C:\Users\mirceas\ntuser.ini
2017-06-06 15:43 - 2015-08-03 11:36 - 00000000 ____D C:\Users\mirceas
2017-05-28 08:31 - 2009-07-14 07:06 - 00032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-05-24 21:04 - 2013-07-24 21:00 - 00000000 ____D C:\Windows\system32\MRT
2017-05-24 21:00 - 2010-06-26 23:07 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers =======
2015-07-31 19:53 - 2015-07-31 19:53 - 0000600 _____ () C:\Users\Administrateur.PROARCHIVES\AppData\Local\PUTTY.RND
2010-08-23 09:49 - 2017-06-14 17:45 - 0007600 _____ () C:\Users\Administrateur.PROARCHIVES\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {7be5c113-81b4-11df-a075-1cc1de6e7eb9}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows Serverÿ2008ÿR2
locale fr-FR
inherit {bootloadersettings}
recoverysequence {7be5c115-81b4-11df-a075-1cc1de6e7eb9}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {7be5c113-81b4-11df-a075-1cc1de6e7eb9}
nx OptOut
Chargeur de d‚marrage Windows
-----------------------------
identificateur {7be5c115-81b4-11df-a075-1cc1de6e7eb9}
device ramdisk=[C:]\Recovery\7be5c115-81b4-11df-a075-1cc1de6e7eb9\Winre.wim,{7be5c116-81b4-11df-a075-1cc1de6e7eb9}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\7be5c115-81b4-11df-a075-1cc1de6e7eb9\Winre.wim,{7be5c116-81b4-11df-a075-1cc1de6e7eb9}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {7be5c113-81b4-11df-a075-1cc1de6e7eb9}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {7be5c116-81b4-11df-a075-1cc1de6e7eb9}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\7be5c115-81b4-11df-a075-1cc1de6e7eb9\boot.sdi
LastRegBack: 2017-06-12 16:34
==================== Fin de FRST.txt ============================
Exécuté par Administrateur (administrateur) sur SRVCTRL (19-06-2017 10:10:27)
Exécuté depuis C:\Users\Administrateur.PROARCHIVES\Desktop
Profils chargés: Administrateur & (Profils disponibles: guest & jeanphilipper & magalip & yvanz & hristok & fredericz & juliettel & gautieru & mirceas & ptournay & Administrateur & Classic .NET AppPool)
Platform: Windows Server 2008 R2 Enterprise Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
(Symantec Corporation) C:\Program Files\Symantec\BACKUP EXEC\RAWS\beremote.exe
(Symantec Corporation) C:\Program Files\Symantec\BACKUP EXEC\RAWS\bedbg.exe
(Hewlett-Packard Company) C:\Program Files\HP\Cissesrv\cissesrv.exe
(Hewlett-Packard Company) C:\Windows\System32\cpqrcmc.exe
(Hewlett-Packard Company) C:\hp\hpsmh\data\cgi-bin\vcagent\vcagent.exe
(Microsoft Corporation) C:\Windows\System32\dfsrs.exe
(Microsoft Corporation) C:\Windows\System32\dns.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\ntfrs.exe
(Quadratus) E:\qappli\Quadra\PGM32\QLockSce.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Bin\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec System Recovery\Agent\VProSvc.exe
(Hewlett-Packard Company) C:\Windows\System32\sysdown.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\smhstart.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\hpsmhd.exe
(Hewlett-Packard Company) C:\Windows\System32\CPQNiMgt\cpqnimgt.exe
(Hewlett-Packard Company) C:\Windows\System32\CpqMgmt\cqmgserv\cqmgserv.exe
(Hewlett-Packard Company) C:\Windows\System32\CpqMgmt\cqmgstor\cqmgstor.exe
(Microsoft Corporation) C:\Windows\System32\dfssvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\rotatelogs.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\rotatelogs.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\hpsmhd.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\rotatelogs.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\rotatelogs.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Company) C:\hp\hpsmh\bin\rotatelogs.exe
(Hewlett-Packard Company) C:\Windows\System32\CpqMgmt\cqmghost\cqmghost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
(Microsoft Corporation) C:\Windows\System32\iashost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Symantec) C:\Program Files\Symantec\Symantec System Recovery\Shared\Drivers\Service\SymTrackServicex64.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Bin\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\rdpclip.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Microsoft Corporation) C:\Windows\System32\certreq.exe
(Microsoft Corporation) C:\Windows\System32\certreq.exe
(Microsoft Corporation) C:\Windows\System32\choice.exe
(Microsoft Corporation) C:\Windows\System32\choice.exe
(Microsoft Corporation) C:\Windows\System32\cliconfg.exe
(Microsoft Corporation) C:\Windows\System32\cliconfg.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmstp.exe
(Microsoft Corporation) C:\Windows\System32\cmstp.exe
(Microsoft Corporation) C:\Windows\System32\colorcpl.exe
(Microsoft Corporation) C:\Windows\System32\comp.exe
(Microsoft Corporation) C:\Windows\System32\comp.exe
(Microsoft Corporation) C:\Windows\System32\ComputerDefaults.exe
(Microsoft Corporation) C:\Windows\System32\ComputerDefaults.exe
(Microsoft Corporation) C:\Windows\System32\control.exe
(Microsoft Corporation) C:\Windows\System32\credwiz.exe
(Microsoft Corporation) C:\Windows\System32\credwiz.exe
(Microsoft Corporation) C:\Windows\System32\cttune.exe
(Microsoft Corporation) C:\Windows\System32\cttune.exe
(Microsoft Corporation) C:\Windows\System32\cttunesvr.exe
(Microsoft Corporation) C:\Windows\System32\cttunesvr.exe
(Microsoft Corporation) C:\Windows\System32\dcgpofix.exe
(Microsoft Corporation) C:\Windows\System32\dcgpofix.exe
(Microsoft Corporation) C:\Windows\System32\dcpromo.exe
(Microsoft Corporation) C:\Windows\System32\dcpromo.exe
(Microsoft Corporation) C:\Windows\System32\DevicePairingWizard.exe
(Microsoft Corporation) C:\Windows\System32\DevicePairingWizard.exe
(Microsoft Corporation) C:\Windows\System32\dfrgui.exe
(Microsoft Corporation) C:\Windows\System32\dfrgui.exe
(Microsoft Corporation) C:\Windows\System32\dialer.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\diskshadow.exe
(Microsoft Corporation) C:\Windows\System32\dpapimig.exe
(Microsoft Corporation) C:\Windows\System32\dpapimig.exe
(Microsoft Corporation) C:\Windows\System32\DpiScaling.exe
(Microsoft Corporation) C:\Windows\System32\DpiScaling.exe
(Microsoft Corporation) C:\Windows\System32\dsdbutil.exe
(Microsoft Corporation) C:\Windows\System32\dsdbutil.exe
(Microsoft Corporation) C:\Windows\System32\dsmgmt.exe
(Microsoft Corporation) C:\Windows\System32\dsmgmt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
(Microsoft Corporation) C:\Windows\System32\EhStorAuthn.exe
(Microsoft Corporation) C:\Windows\System32\EhStorAuthn.exe
(Microsoft Corporation) C:\Windows\System32\esentutl.exe
(Microsoft Corporation) C:\Windows\System32\esentutl.exe
(Microsoft Corporation) C:\Windows\System32\iexpress.exe
(Microsoft Corporation) C:\Windows\System32\iexpress.exe
(Microsoft Corporation) C:\Windows\System32\label.exe
(Microsoft Corporation) C:\Windows\System32\label.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\msconfig.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\msinfo32.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\choice.exe
(Microsoft Corporation) C:\Windows\System32\choice.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\evntwin.exe
(Microsoft Corporation) C:\Windows\System32\MdSched.exe
(Microsoft Corporation) C:\Windows\System32\MdSched.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\diskpart.exe
(Microsoft Corporation) C:\Windows\System32\evntwin.exe
(Microsoft Corporation) C:\Windows\System32\evntwin.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\mpnotify.exe
(Microsoft Corporation) C:\Windows\System32\ProvisionShare.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dw20.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\TSTheme.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [BGClients] => cmd /c start /min c:\windows\system32\wbem\123.bat
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll [X]
HKLM\...\Policies\Explorer: [ShowSuperHidden] 1
HKU\S-1-5-21-2195496237-476440402-2604502530-1194-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092621111\...\MountPoints2: {0b29ed09-8161-11df-9c50-806e6f6e6963} - D:\Browser.exe
HKU\S-1-5-21-2195496237-476440402-2604502530-1194-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092621111\...\MountPoints2: {5c8a07fc-b125-11df-98d1-1cc1de0917e0} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422\...\Run: [HydraVisionDesktopManager] => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
Lsa: [Notification Packages] scecli rassfm
SecurityProviders: credssp.dll, pwdssp.dll
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\..\Interfaces\{028E94BD-8423-400D-B435-39C4672D2321}: [NameServer] 10.37.2.1
Tcpip\..\Interfaces\{7B48C67A-5DCB-4691-8D77-3DBE0D3CA373}: [NameServer] 10.37.2.1
Tcpip\..\Interfaces\{82610343-E587-4771-83D8-0D60F6918A26}: [NameServer] 10.37.2.1,10.37.0.254,127.0.0.1
Tcpip\..\Interfaces\{EC7D71A4-B35B-4A95-939E-737BDCFA51CC}: [NameServer] 10.37.2.1,8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-2195496237-476440402-2604502530-1115-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092619679\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1116-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092620176\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1118-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092620577\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1121-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092620813\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1194-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092621111\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1767-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622147\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-2195496237-476440402-2604502530-1854-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092623203\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-500\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
HKU\S-1-5-21-2195496237-476440402-2604502530-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092623747\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
SearchScopes: HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422 -> {B5BAF6F2-2079-4317-BDD5-5A78E3564D5F} URL = hxxps://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
SearchScopes: HKU\S-1-5-21-2195496237-476440402-2604502530-1795-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06192017092622422 -> {D6C41D3A-B27B-4D0F-9185-9AB4FAB4969A} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO-x32: Pas de nom -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> Pas de fichier
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-06-01] (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-06-01] (Sun Microsystems, Inc.)
Handler: hpapp - Pas de valeur CLSID
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF => non trouvé(e)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ADWS; C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe [487424 2013-01-25] (Microsoft Corporation)
R2 BackupExecAgentAccelerator; C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\beremote.exe [1857360 2013-07-12] (Symantec Corporation)
R2 bedbg; C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\bedbg.exe [359760 2013-07-12] (Symantec Corporation)
S4 CIMnotify; C:\Windows\system32\CIMntfy\cimntfy.exe [268392 2010-02-17] (Hewlett-Packard Company)
R2 Cissesrv; C:\Program Files\HP\Cissesrv\cissesrv.exe [163840 2010-01-19] (Hewlett-Packard Company) [Fichier non signé]
R2 CpqNicMgmt; C:\Windows\system32\CPQNiMgt\cpqnimgt.exe [9728 2010-01-21] (Hewlett-Packard Company) [Fichier non signé]
R2 CpqRcmc; C:\Windows\system32\cpqrcmc.exe [22568 2008-11-14] (Hewlett-Packard Company)
R2 cpqvcagent; C:\hp\hpsmh\data\cgi-bin\vcagent\vcagent.exe [1291776 2010-02-25] (Hewlett-Packard Company) [Fichier non signé]
R2 CqMgHost; C:\Windows\system32\CpqMgmt\cqmghost\cqmghost.exe [15464 2010-02-17] (Hewlett-Packard Company)
R2 CqMgServ; C:\Windows\system32\CpqMgmt\cqmgserv\cqmgserv.exe [15464 2010-02-26] (Hewlett-Packard Company)
R2 CqMgStor; C:\Windows\system32\CpqMgmt\cqmgstor\cqmgstor.exe [20992 2010-01-11] (Hewlett-Packard Company) [Fichier non signé]
R2 Dfs; C:\Windows\system32\dfssvc.exe [377344 2010-11-20] (Microsoft Corporation)
R2 DFSR; C:\Windows\system32\DFSRs.exe [4518400 2010-11-20] (Microsoft Corporation)
R2 DHCPServer; C:\Windows\System32\dhcpssvc.dll [729088 2010-11-20] (Microsoft Corporation)
R2 DNS; C:\Windows\system32\dns.exe [700928 2017-04-07] (Microsoft Corporation)
S3 FCRegSvc; C:\Windows\system32\FCRegSvc.dll [25600 2009-07-14] (Microsoft Corporation)
S3 GenericMount Helper Service; C:\Program Files\Symantec\Symantec System Recovery\Shared\Drivers\GenericMountHelperx64.exe [1931024 2014-08-28] (Symantec)
S4 GxFilActualiteService; E:\Bureautique\Commun\GENESYS\MAJ\Fil d'actualité\GX Service Fil Actualite\GxFilActualiteService.exe [3484160 2013-12-17] () [Fichier non signé]
S4 IsmServ; C:\Windows\System32\ismserv.exe [59392 2010-11-20] (Microsoft Corporation)
R2 kdc; C:\Windows\System32\lsass.exe [30720 2017-04-28] (Microsoft Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-02-17] (Symantec Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [220104 2012-06-12] (Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [32096 2010-04-03] (Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62118344 2012-06-12] (Microsoft Corporation)
S3 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe [54791520 2011-06-17] (Microsoft Corporation)
R2 NTDS; C:\Windows\System32\lsass.exe [30720 2017-04-28] (Microsoft Corporation)
R2 NtFrs; C:\Windows\system32\ntfrs.exe [1020416 2010-11-20] (Microsoft Corporation)
S3 PDVFSService; C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\PDVFSService.exe [301680 2013-06-20] ()
R2 QLocks; e:\qappli\quadra\pgm32\QLockSce.exe [258048 2014-02-12] (Quadratus) [Fichier non signé]
S3 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2180960 2011-06-17] (Microsoft Corporation)
S3 RSoPProv; C:\Windows\system32\RSoPProv.exe [91648 2009-07-14] (Microsoft Corporation)
S3 sacsvr; C:\Windows\system32\sacsvr.dll [14848 2009-07-14] (Microsoft Corporation)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Bin\ccSvcHst.exe [155168 2016-10-14] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Bin64\snac64.exe [378152 2016-10-14] (Symantec Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-12] (Microsoft Corporation)
R2 Symantec System Recovery; C:\Program Files\Symantec\Symantec System Recovery\Agent\VProSvc.exe [6446176 2015-03-23] (Symantec Corporation)
R3 SymTrackService; C:\Program Files\Symantec\Symantec System Recovery\Shared\Drivers\Service\SymTrackServicex64.exe [2980096 2015-02-19] (Symantec)
R2 sysdown; C:\Windows\system32\sysdown.exe [17960 2010-01-25] (Hewlett-Packard Company)
R2 SysMgmtHp; C:\hp\hpsmh\bin\smhstart.exe [2041856 2010-01-28] (Hewlett-Packard Company) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [2210816 2009-06-24] (ATI Technologies Inc.)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\BASHDefs\20170616.007\BHDrvx64.sys [1862784 2017-06-05] (Symantec Corporation)
R1 ccSettings_{401E2631-C8BD-44F0-A072-0862598AFBD3}; C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\ccSetx64.sys [174328 2016-10-14] (Symantec Corporation)
R3 CpqCiDrv; C:\Windows\System32\DRIVERS\cpqcidrv.sys [51752 2009-05-11] (Hewlett-Packard Company)
S3 CPQTeam; C:\Windows\System32\DRIVERS\cpqteam.sys [225792 2010-02-24] (Hewlett-Packard Company)
S3 CPQTeamMP; C:\Windows\System32\DRIVERS\cpqteam.sys [225792 2010-02-24] (Hewlett-Packard Company)
R1 DfsDriver; C:\Windows\System32\drivers\dfs.sys [51776 2009-07-14] (Microsoft Corporation)
R0 DfsrRo; C:\Windows\System32\drivers\dfsrro.sys [66944 2010-11-20] (Microsoft Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507032 2017-06-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-06-13] (Symantec Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-05-31] ()
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [69360 2014-08-28] ()
R0 HpCISSs2; C:\Windows\System32\DRIVERS\HpCISSs2.sys [156776 2010-02-22] (Hewlett-Packard Company)
R0 hpqilo2; C:\Windows\System32\DRIVERS\hpqilo2.sys [160296 2010-01-25] (Hewlett-Packard Company)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\IPSDefs\20170616.011\IDSvia64.sys [1012864 2017-06-14] (Symantec Corporation)
S3 ioatdma; C:\Windows\System32\Drivers\qd260x64.sys [35328 2009-06-10] (Intel Corporation)
S3 l2nd; C:\Windows\System32\DRIVERS\bxnd60a.sys [83496 2010-02-01] (Broadcom Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188312 2017-06-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [113592 2017-06-19] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [44960 2017-06-19] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-19] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-06-19] (Malwarebytes)
R1 PDVFSDriver; C:\Windows\System32\drivers\pdfsd.sys [81496 2013-01-14] (Symantec Corporation)
S4 PDVFSNP; pas de ImagePath
R3 q57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [321064 2010-01-20] (Broadcom Corporation)
S0 sacdrv; C:\Windows\System32\DRIVERS\sacdrv.sys [96320 2009-07-14] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SRTSP64.SYS [779504 2016-10-14] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SRTSPX64.SYS [48888 2016-10-14] (Symantec Corporation)
R0 SSRFSF; C:\Windows\System32\DRIVERS\SSRFsF.sys [28432 2014-09-22] (Symantec)
R0 SymEFASI; C:\Windows\System32\drivers\symefasi\0601010.013\symefasi.sys [1628888 2017-06-13] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [101104 2017-06-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\Ironx64.SYS [294128 2016-10-14] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SYMNETS.SYS [567536 2016-10-14] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [124480 2016-10-14] (Symantec Corporation)
R3 VirtFile; C:\Windows\System32\DRIVERS\VirtFile.sys [115440 2013-01-04] (Symantec Corporation)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [34544 2014-09-17] ()
R0 Vtrack; C:\Windows\System32\DRIVERS\VTrack.sys [466704 2014-09-22] (Symantec)
S3 NAVENG; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\SDSDefs\20170613.003\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\SDSDefs\20170613.003\EX64.SYS [X]
U3 SPBBCDrv; [X]
U0 symsnap; pas de ImagePath
========================== MD5 Pilotes =======================
C:\Windows\system32\drivers\1394ohci.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\ACPI.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\acpipmi.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\adp94xx.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\adpahci.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\adpu320.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\afd.sys 0DC2A9882540DEA4A55B08785E09D8FC
C:\Windows\system32\drivers\agp440.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\aliide.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\amdide.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\amdk8.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\amdppm.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 00D77B30CA9CB1D7793AC952549331A0
C:\Windows\system32\DRIVERS\arc.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\arcsas.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\asyncmac.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\atapi.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ati2mtag.sys 8BF2F7453BA6233F76A45FB1E73B7419
C:\Windows\System32\DRIVERS\bxvbda.sys EC13E07DFD6313A43E561F90EAF46520
C:\Windows\System32\DRIVERS\b57nd60a.sys 62FF331D34C9408435535E47AA113031
C:\Windows\System32\Drivers\Beep.sys ==> Le MD5 est légitime
C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\BASHDefs\20170616.007\BHDrvx64.sys CC39063453D126E565C17981F411BA87
C:\Windows\System32\DRIVERS\blbdrive.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\bowser.sys ABA3984C822E4D3F889699912D85D6C5
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Brserid.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\BrSerWdm.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\BrUsbSer.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\ccSetx64.sys 03427B8FF618BE50EB5027B4E549C0D8
C:\Windows\System32\DRIVERS\cdfs.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\cdrom.sys ==> Le MD5 est légitime
C:\Windows\System32\CLFS.sys 3D67C27DD17B254D7915FA16A5AE3573
C:\Windows\system32\DRIVERS\CmBatt.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\cmdide.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\cng.sys A98CED39AD91B445E2E442A9BD67E8B4
C:\Windows\system32\DRIVERS\compbatt.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\CompositeBus.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\cpqcidrv.sys 42359CD29C14C94ACE1F908852259E28
C:\Windows\System32\DRIVERS\cpqteam.sys D1EAFA0F8F4FF31A544F43110E6CDA8B
C:\Windows\System32\DRIVERS\cpqteam.sys D1EAFA0F8F4FF31A544F43110E6CDA8B
C:\Windows\system32\DRIVERS\crcdisk.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\dfsc.sys 9B38580063D281A99E68EF5813022A5F
C:\Windows\System32\drivers\dfs.sys FFFE7EF57BD8C93AB3076B340FAE0830
C:\Windows\System32\drivers\dfsrro.sys E66B02FC5250331BAAC1CAE2111D1288
C:\Windows\System32\drivers\discache.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\disk.sys 616387BBD83372220B09DE95F4E67BBC
C:\Windows\System32\drivers\dxgkrnl.sys 30545EF2A1E3EF79450AED5DF80F5884
C:\Windows\system32\DRIVERS\evbda.sys ==> Le MD5 est légitime
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys F141EE982C1A06839E9C4D81C09445B8
C:\Windows\system32\DRIVERS\elxstor.sys ==> Le MD5 est légitime
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 2FDBBCCF9B4516C4F1B2171810EF4939
C:\Windows\system32\drivers\errdev.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\mbae64.sys 5C9CA030C451CB3553DB9094C68EE6E9
C:\Windows\System32\Drivers\exfat.sys 7E45F8B117419ABA3BB26579F6E70324
C:\Windows\System32\Drivers\fastfat.sys 6EDFA237D25433C03F42FBFDB16BDD24
C:\Windows\system32\DRIVERS\fdc.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\fileinfo.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\filetrace.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\flpydisk.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\fltmgr.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\FsDepends.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\GenericMount.sys AF9ACACB28C89C4531C450EC538372EE
C:\Windows\system32\drivers\HDAudBus.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\HidBatt.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\hidusb.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\HpCISSs2.sys 64F1B1D6DFA66F59F552864B4FBE7680
C:\Windows\System32\DRIVERS\hpqilo2.sys D6EF2C4F0B02FD82FAC3887086D56443
C:\Windows\System32\drivers\HpSAMD.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\i8042prt.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.1904.0000.105\Data\Definitions\IPSDefs\20170616.011\IDSvia64.sys 65021B80FC14226690FDD7A34ABDC80E
C:\Windows\system32\DRIVERS\iirsp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\intelide.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\intelppm.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\qd260x64.sys FF0FB51A0ACC2E2D0D412138A05A0B59
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\IPMIDrv.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\ipnat.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\isapnp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\system32\drivers\kbdclass.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\kbdhid.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\ksecdd.sys 15682ED7B70B186C9C2BE6CA423D8E74
C:\Windows\System32\Drivers\ksecpkg.sys 945F4DA63A76EB2725C070BF3A86B5A5
C:\Windows\system32\drivers\ksthunk.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\bxnd60a.sys 1926299DABD3DB8AF4E456368791AC0A
C:\Windows\System32\DRIVERS\lltdio.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\luafv.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\MBAMChameleon.sys E095FFE590241C1765D093E91E325147
C:\Windows\system32\drivers\farflt.sys C51267EE2726707D38C489C06DDF01ED
C:\Windows\system32\drivers\mbam.sys 68B3141EEFEA3AF9C244945B52247241
C:\Windows\system32\drivers\MBAMSwissArmy.sys 913F4230E29E312D1B4B02E2BAC67C87
C:\Windows\system32\drivers\mwac.sys D2E49FBBFCDB16584C6E457B2888E453
C:\Windows\system32\DRIVERS\megasas.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\MegaSR.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\modem.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\monitor.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\mouclass.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\mouhid.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\mountmgr.sys 8ADB5445B29941CB41AF2846FD5C93C7
C:\Windows\system32\drivers\mpio.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\mpsdrv.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\mrxsmb.sys 054F780A442DB96F9FE10501B35E75CA
C:\Windows\System32\DRIVERS\mrxsmb10.sys A1EAC982807B3179DD92235B6B709C0A
C:\Windows\System32\DRIVERS\mrxsmb20.sys E6B504F163094F2DB84F7D34A893FA00
C:\Windows\system32\drivers\msahci.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\msdsm.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Msfs.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\mshidkmdf.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\msisadrv.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\MsRPC.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\mssmbios.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\MTConfig.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\mup.sys AA0C2BA3782E92BD85E2264BE418E67C
C:\Windows\System32\drivers\ndis.sys F7309F42555F8AAB7144A51A1F2585B0
C:\Windows\System32\DRIVERS\ndiscap.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ndistapi.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ndisuio.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ndiswan.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\NDProxy.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\netbios.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\netbt.sys E47D571FEC2C76E867935109AB2A770C
C:\Windows\system32\DRIVERS\nfrd960.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Npfs.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\nsiproxy.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Ntfs.sys 47B2D0B31BDC3EBE6090228E2BA3764D
C:\Windows\System32\Drivers\Null.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\ohci1394.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\parport.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\pciide.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\pcmcia.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\pcw.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\pdfsd.sys 92452A36525119B1C3C704CDFA09A8DB
C:\Windows\System32\drivers\peauth.sys EA4D67448BE493D543F1730D6CD04694
C:\Windows\System32\DRIVERS\raspptp.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\processr.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\pacer.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\b57nd60a.sys 62FF331D34C9408435535E47AA113031
C:\Windows\system32\DRIVERS\ql2300.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\ql40xx.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rasacd.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\raspppoe.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rassstp.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rdbss.sys 71B6F78D6444CCE6F77BC42917A4E8F7
C:\Windows\System32\DRIVERS\rdpbus.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\rdpdr.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\rdpencdd.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\rdprefmp.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\DRIVERS\RsFx0151.sys C606C5F712A3761896CEFFA4AF6B1268
C:\Windows\System32\DRIVERS\rspndr.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\vms3cap.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\sacdrv.sys D65E5E5C59F70516E856F5350106CDAB
C:\Windows\system32\drivers\sbp2port.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\scfilter.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\secdrv.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\serenum.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\serial.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\sermouse.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sffdisk.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sffp_mmc.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sffp_sd.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\sfloppy.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\sisraid4.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\smb.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\spldr.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SRTSP64.SYS AC8380901D1F149474689A2E0422D3AB
C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SRTSPX64.SYS 27382B6CF36D08783212FCF8B3691649
C:\Windows\System32\DRIVERS\srv.sys 546C81F238F084A393EC54114741A0A8
C:\Windows\System32\DRIVERS\srv2.sys 431D2B06E8F93EAEC53E8FA37FCFF2F1
C:\Windows\System32\DRIVERS\srvnet.sys 42EDAB3E3E8E25C7093674936C2DB4BD
C:\Windows\System32\DRIVERS\SSRFsF.sys C4F25A99E2427FCCCF0E2AE331A9E18C
C:\Windows\system32\DRIVERS\stexstor.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\vmstorfl.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\storvsc.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\storvsp.sys 6B567ABA6A040F73219628C510FE7144
C:\Windows\system32\drivers\swenum.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\symefasi\0601010.013\symefasi.sys D619758D67B99F5FFB10F44828F92DD3
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 0AE63C39A5AB5EAD1613A155B40FA73A
C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\Ironx64.SYS 86593EA778254471CB0220BFC20D4D8C
C:\Windows\System32\Drivers\SEP\0E000770\0000.105\x64\SYMNETS.SYS 5A185256AE1689912B5EC53F69D53820
C:\Windows\System32\drivers\tcpip.sys 351A21ED3971ADD558956FF3EB0F6FED
C:\Windows\System32\DRIVERS\tcpip.sys 351A21ED3971ADD558956FF3EB0F6FED
C:\Windows\System32\drivers\tcpipreg.sys 7FE5586314EE7D6AA8483264A089E5AF
C:\Windows\System32\drivers\tdpipe.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys EC75A942C32F7F405659D86156DCE4C5
C:\Windows\System32\DRIVERS\Teefer.sys EC01A2196294F397CC70DBC978B96D67
C:\Windows\system32\drivers\termdd.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\uagp35.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\udfs.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\uliagpkx.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\umbus.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\umpass.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\usbccgp.sys 28B81917A195B67617AF7DCF4DFE5736
C:\Windows\system32\drivers\usbehci.sys B626F048318DAE65A3317F0592BE592C
C:\Windows\system32\drivers\usbhub.sys 390109E8E05BA00375DCB1ED64DC60AF
C:\Windows\system32\drivers\usbohci.sys B4DF0F4C1D9D25DFE1DAD1D8670F1D4F
C:\Windows\system32\DRIVERS\usbprint.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\USBSTOR.SYS D029DD09E22EB24318A8FC3D8138BA43
C:\Windows\system32\drivers\usbuhci.sys CFEAAF96E666E3DCBD8F6DFF516784AE
C:\Windows\System32\drivers\vdrvroot.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\vgapnp.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\vga.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\vhdmp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\viaide.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\Vid.sys 1720D283BDB1EAA7F21976586FF52B95
C:\Windows\System32\DRIVERS\VirtFile.sys FBA86314446D68EEE7BA1D016B5F03E0
C:\Windows\System32\drivers\vmbus.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\VMBusHID.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\volmgr.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\volmgrx.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\volsnap.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\vproeventmonitor.sys 47F8D9BEAF9862B3F4DB0CB589DDFC9C
C:\Windows\system32\DRIVERS\vsmraid.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\VTrack.sys 7F7C9B4E8771FE37BD8E7D0823E7CB07
C:\Windows\system32\DRIVERS\wacompen.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\wanarp.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\wanarp.sys ==> Le MD5 est légitime
C:\Windows\system32\DRIVERS\wd.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\wimmount.sys ==> Le MD5 est légitime
C:\Windows\SysWOW64\drivers\wimmount.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\wmiacpi.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\ws2ifsl.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
NETSVC: sacsvr -> C:\Windows\system32\sacsvr.dll (Microsoft Corporation)
==================== Trois mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-19 10:10 - 2017-06-19 10:11 - 00044121 _____ C:\Users\Administrateur.PROARCHIVES\Desktop\FRST.txt
2017-06-19 10:05 - 2017-06-19 10:10 - 00000000 ____D C:\FRST
2017-06-19 10:05 - 2017-06-19 10:04 - 02439680 _____ (Farbar) C:\Users\Administrateur.PROARCHIVES\Desktop\FRST64.exe
2017-06-19 09:24 - 2017-06-19 09:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-06-19 09:20 - 2017-06-19 09:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170619-092021-11100-11104.dat
2017-06-19 09:20 - 2017-06-19 09:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170619-092021-11064-11068.dat
2017-06-19 09:20 - 2017-06-19 09:20 - 00000026 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\DisA67B.tmp
2017-06-19 09:11 - 2017-06-19 10:11 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\2
2017-06-18 00:13 - 2017-06-18 00:13 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\Desktop\mbam-rules-2017.06.15
2017-06-18 00:13 - 2017-06-18 00:09 - 18759898 _____ C:\Users\Administrateur.PROARCHIVES\Desktop\mbam-rules-2017.06.15.zip
2017-06-16 17:45 - 2017-06-16 17:45 - 00000843 _____ C:\Users\Administrateur.PROARCHIVES\Desktop\Symantec.csv
2017-06-16 16:24 - 2017-06-16 16:23 - 00380928 _____ C:\Users\Administrateur.PROARCHIVES\Desktop\ic4hg0d1.exe
2017-06-15 18:15 - 2017-06-15 18:15 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF398ECD6F57664365.TMP
2017-06-15 18:15 - 2017-06-15 18:15 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF1394FE2DA310F460.TMP
2017-06-15 18:15 - 2017-06-15 18:15 - 00098304 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DFA7293E0FE88B38D9.TMP
2017-06-15 18:15 - 2017-06-15 18:15 - 00000512 ____T C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF99B389323D257D5D.TMP
2017-06-15 18:15 - 2017-06-15 18:15 - 00000134 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\104993742.od
2017-06-15 18:15 - 2017-06-15 18:15 - 00000000 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\CVR1287.tmp.cvr
2017-06-14 22:17 - 2017-06-15 18:32 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\msohtmlclip1
2017-06-14 22:17 - 2017-06-14 22:17 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\msohtmlclip
2017-06-14 18:15 - 2017-06-14 18:15 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF4E2A6AA5F78D0F87.TMP
2017-06-14 18:15 - 2017-06-14 18:15 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF0713F0AFDDE63F85.TMP
2017-06-14 18:15 - 2017-06-14 18:15 - 00098304 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DFF4A77640470E7935.TMP
2017-06-14 18:15 - 2017-06-14 18:15 - 00000134 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\18605006.od
2017-06-14 18:15 - 2017-06-14 18:15 - 00000000 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\CVRE380.tmp.cvr
2017-06-14 14:43 - 2017-06-14 14:43 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\TeamViewer
2017-06-14 13:20 - 2017-06-14 13:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170614-132016-10372-10368.dat
2017-06-14 13:20 - 2017-06-14 13:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170614-132016-10364-9812.dat
2017-06-14 13:20 - 2017-06-14 13:20 - 00000026 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\DisB05B.tmp
2017-06-14 13:20 - 2017-06-14 13:20 - 00000026 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\DisB05A.tmp
2017-06-13 19:44 - 2017-06-13 19:44 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\VBE
2017-06-13 19:28 - 2017-06-13 19:29 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF4EE745950A414B84.TMP
2017-06-13 19:23 - 2017-06-13 19:24 - 00311296 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\~DF3719D3CD0DB8F7CF.TMP
2017-06-13 18:23 - 2017-06-13 18:23 - 00000134 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\7314933.od
2017-06-13 18:23 - 2017-06-13 18:23 - 00000000 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\CVR99F0.tmp.cvr
2017-06-13 16:40 - 2017-06-13 16:40 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-164017-10820-10824.dat
2017-06-13 16:40 - 2017-06-13 16:40 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-164017-10812-10816.dat
2017-06-13 16:40 - 2017-06-13 16:40 - 00000026 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\DisFC49.tmp
2017-06-13 16:40 - 2017-06-13 16:40 - 00000026 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\DisFC48.tmp
2017-06-13 16:40 - 2017-06-13 16:40 - 00000000 _____ C:\Windows\evntwin.INI
2017-06-13 16:17 - 2017-06-13 16:17 - 00000000 ____D C:\Windows\System32\Tasks\Symantec Endpoint Protection
2017-06-13 16:06 - 2017-06-13 16:29 - 00000146 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\communicator.dat
2017-06-13 16:06 - 2017-06-13 16:06 - 00000000 ____D C:\Windows\system32\Drivers\symefasi
2017-06-13 16:06 - 2017-06-13 16:06 - 00000000 ____D C:\ProgramData\SymEFASI
2017-06-13 15:58 - 2017-06-13 15:58 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\Desktop\Symantec_Endpoint_Protection_14_Win64-bit_Client_FR
2017-06-13 15:40 - 2017-06-19 10:00 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\msdtadmin
2017-06-13 15:40 - 2017-06-13 15:40 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-154021-8804-8696.dat
2017-06-13 15:40 - 2017-06-13 15:40 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-154021-8220-9056.dat
2017-06-13 15:20 - 2017-06-13 15:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-152018-10232-10236.dat
2017-06-13 15:20 - 2017-06-13 15:20 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-152018-10224-10228.dat
2017-06-13 15:00 - 2017-06-19 10:00 - 00019132 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\ddodiag.xml
2017-06-13 15:00 - 2017-06-13 15:47 - 00257412 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\ArmUI.ini
2017-06-13 15:00 - 2017-06-13 15:00 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-150017-6348-6384.dat
2017-06-13 15:00 - 2017-06-13 15:00 - 00000606 _____ C:\Windows\system32\DispDiag-20170613-150017-1940-5520.dat
2017-06-13 14:54 - 2017-06-13 15:55 - 00009780 _____ C:\Windows\system32\PerfStringBackup.TMP
2017-06-13 14:45 - 2017-06-13 14:45 - 00001432 _____ C:\Users\Administrateur.PROARCHIVES\AppData\Local\Temp\OutofProcReport3110685.txt
2017-06-13 14:04 - 2017-06-13 16:39 - 00001784 _____ C:\Users\Administrateur.PROARCHIVES\Desktop\Traitement proarchives 13062017.txt
2017-06-13 13:54 - 2017-06-13 14:45 - 00266926 _____ C:\Windows\ntbtlog.txt
2017-06-12 10:20 - 2017-06-19 09:40 - 00027515 _____ C:\Windows\diagerr.xml
2017-06-12 10:20 - 2017-06-19 09:40 - 00019053 _____ C:\Windows\diagwrn.xml
2017-06-09 18:10 - 2017-06-09 18:10 - 00188312 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-06-09 18:09 - 2017-06-19 09:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-09 18:09 - 2017-06-19 09:03 - 00252832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-06-09 18:09 - 2017-06-19 09:03 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-06-09 18:09 - 2017-06-19 09:03 - 00084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-06-09 18:09 - 2017-06-19 09:03 - 00044960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-06-09 18:09 - 2017-06-09 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-09 18:09 - 2017-06-09 18:09 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-09 18:09 - 2017-05-31 11:09 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-06-08 11:58 - 2017-06-08 11:58 - 00000000 ____D C:\Windows\java
2017-05-26 22:27 - 2017-05-26 21:55 - 00251585 _____ C:\Wan_proarchives.php
2017-05-10 02:36 - 2017-04-28 03:14 - 05547240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-10 02:36 - 2017-04-28 03:14 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-05-10 02:36 - 2017-04-28 03:14 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-05-10 02:36 - 2017-04-28 03:14 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-05-10 02:36 - 2017-04-28 03:14 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-05-10 02:36 - 2017-04-28 03:11 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-05-10 02:36 - 2017-04-28 03:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:36 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-05-10 02:36 - 2017-04-28 02:36 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-05-10 02:36 - 2017-04-28 02:34 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:19 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-05-10 02:36 - 2017-04-28 02:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-05-10 02:36 - 2017-04-28 02:19 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-10 02:36 - 2017-04-28 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-05-10 02:36 - 2017-04-28 02:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-05-10 02:36 - 2017-04-28 02:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-10 02:36 - 2017-04-28 02:11 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-10 02:36 - 2017-04-28 02:11 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-10 02:36 - 2017-04-28 02:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-05-10 02:36 - 2017-04-28 02:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-05-10 02:36 - 2017-04-28 02:10 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-05-10 02:36 - 2017-04-28 02:08 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-05-10 02:36 - 2017-04-28 02:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-05-10 02:36 - 2017-04-28 02:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-05-10 02:36 - 2017-04-28 02:08 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-05-10 02:36 - 2017-04-28 02:07 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-05-10 02:36 - 2017-04-28 02:07 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:07 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 02:36 - 2017-04-28 02:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 02:36 - 2017-04-26 16:59 - 03220992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-10 02:36 - 2017-04-21 17:34 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-05-10 02:36 - 2017-04-21 17:15 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-05-10 02:36 - 2017-04-20 02:00 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-10 02:36 - 2017-04-20 01:16 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 02:36 - 2017-04-17 17:37 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-10 02:36 - 2017-04-17 17:37 - 00876544 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-10 02:36 - 2017-04-17 17:37 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-10 02:36 - 2017-04-17 17:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-05-10 02:36 - 2017-04-17 17:37 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-05-10 02:36 - 2017-04-17 17:12 - 01417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-10 02:36 - 2017-04-17 17:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 02:36 - 2017-04-17 17:12 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-05-10 02:36 - 2017-04-17 16:54 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-05-10 02:36 - 2017-04-16 11:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-05-10 02:36 - 2017-04-16 11:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-05-10 02:36 - 2017-04-16 10:57 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-05-10 02:36 - 2017-04-16 10:55 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-05-10 02:36 - 2017-04-16 10:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-05-10 02:36 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-10 02:36 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-10 02:36 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-10 02:36 - 2017-04-16 10:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-05-10 02:36 - 2017-04-16 10:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-05-10 02:36 - 2017-04-16 10:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-05-10 02:36 - 2017-04-16 10:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-05-10 02:36 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-10 02:36 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-10 02:36 - 2017-04-16 10:36 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-05-10 02:36 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-10 02:36 - 2017-04-16 10:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-05-10 02:36 - 2017-04-16 10:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-05-10 02:36 - 2017-04-16 10:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-05-10 02:36 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-10 02:36 - 2017-04-16 10:11 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-05-10 02:36 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-10 02:36 - 2017-04-16 10:09 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-05-10 02:36 - 2017-04-16 10:04 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-05-10 02:36 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-10 02:36 - 2017-04-16 10:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-05-10 02:36 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-10 02:36 - 2017-04-16 10:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-05-10 02:36 - 2017-04-16 10:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-05-10 02:36 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-10 02:36 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-10 02:36 - 2017-04-16 09:57 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-05-10 02:36 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-10 02:36 - 2017-04-16 09:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-05-10 02:36 - 2017-04-16 09:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-05-10 02:36 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-10 02:36 - 2017-04-16 09:48 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-05-10 02:36 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-05-10 02:36 - 2017-04-16 09:47 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-05-10 02:36 - 2017-04-16 09:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-10 02:36 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-10 02:36 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-10 02:36 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-10 02:36 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-10 02:36 - 2017-04-16 09:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-05-10 02:36 - 2017-04-16 09:35 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-05-10 02:36 - 2017-04-16 09:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-10 02:36 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-10 02:36 - 2017-04-16 09:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-05-10 02:36 - 2017-04-16 09:25 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-05-10 02:36 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 02:36 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 02:36 - 2017-04-16 09:20 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-05-10 02:36 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-10 02:36 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-10 02:36 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 02:36 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-10 02:36 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-10 02:36 - 2017-04-16 09:08 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-05-10 02:36 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-10 02:36 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-10 02:36 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-10 02:36 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-10 02:36 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-10 02:36 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-10 02:36 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 02:36 - 2017-04-12 17:32 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-10 02:36 - 2017-04-12 17:32 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-05-10 02:36 - 2017-04-12 17:32 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-05-10 02:36 - 2017-04-12 17:32 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-05-10 02:36 - 2017-04-12 17:26 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-05-10 02:36 - 2017-04-12 17:25 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-10 02:36 - 2017-04-12 17:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-05-10 02:36 - 2017-04-12 17:25 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-05-10 02:36 - 2017-04-07 17:34 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-10 02:36 - 2017-04-07 17:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-10 02:36 - 2017-04-07 17:30 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-10 02:36 - 2017-04-07 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-05-10 02:36 - 2017-04-07 17:22 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-10 02:36 - 2017-04-07 17:03 - 00700928 _____ (Microsoft Corporation) C:\Windows\system32\dns.exe
2017-05-10 02:36 - 2017-04-05 16:55 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-10 02:36 - 2017-04-05 16:55 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-10 02:36 - 2017-04-05 16:55 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-05-10 02:36 - 2017-04-04 17:34 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-05-10 02:36 - 2017-04-04 17:34 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-05-10 02:36 - 2017-04-04 17:34 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-05-10 02:36 - 2017-04-04 16:53 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-05-10 02:36 - 2017-04-04 16:53 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-05-10 02:36 - 2017-03-10 18:32 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-05-10 02:36 - 2017-03-10 18:32 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-05-10 02:36 - 2017-03-10 18:20 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2017-05-10 02:36 - 2017-03-10 18:20 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2017-05-10 02:36 - 2017-03-10 17:57 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-05-10 02:36 - 2017-03-10 17:55 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-05-10 02:36 - 2017-03-10 17:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-05-10 02:36 - 2017-03-09 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-05-10 02:36 - 2017-03-09 18:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-04-14 10:00 - 2017-04-14 10:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-14 10:00 - 2017-04-14 10:00 - 00002051 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-04-12 06:39 - 2017-03-22 17:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-12 06:39 - 2017-03-22 17:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-12 06:39 - 2017-03-22 17:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-12 06:39 - 2017-03-22 17:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-04-12 06:39 - 2017-03-22 17:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-12 06:39 - 2017-03-22 17:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-12 06:39 - 2017-03-22 17:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-12 06:39 - 2017-03-22 17:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-12 06:39 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-04-12 06:39 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-12 06:39 - 2017-03-22 17:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-04-12 06:39 - 2017-03-22 17:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 06:39 - 2017-03-22 17:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-12 06:39 - 2017-03-22 17:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-12 06:39 - 2017-03-22 17:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-12 06:39 - 2017-03-22 17:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-04-12 06:39 - 2017-03-16 17:31 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\vmsntfy.dll
2017-04-12 06:39 - 2017-03-10 18:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-12 06:39 - 2017-03-10 18:32 - 02762240 _____ (Microsoft Corporation) C:\Windows\system32\ntdsai.dll
2017-04-12 06:39 - 2017-03-10 18:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-04-12 06:39 - 2017-03-10 18:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-12 06:39 - 2017-03-10 18:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-04-12 06:39 - 2017-03-10 18:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-04-12 06:39 - 2017-03-10 18:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-12 06:39 - 2017-03-10 18:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-04-12 06:39 - 2017-03-10 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-04-12 06:39 - 2017-03-10 18:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-04-12 06:39 - 2017-03-10 17:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-12 06:39 - 2017-03-07 18:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-12 06:39 - 2017-03-07 18:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-12 06:39 - 2017-03-04 03:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-12 06:39 - 2017-03-04 03:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-12 06:39 - 2017-02-14 18:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-12 06:39 - 2017-02-14 18:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-04-12 06:39 - 2017-02-09 18:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-12 06:39 - 2017-02-09 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-12 06:39 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 06:39 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 06:39 - 2017-01-12 19:37 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2017-04-12 06:39 - 2017-01-12 19:37 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\passthruparser.sys
2017-04-12 06:39 - 2017-01-12 19:37 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdparser.sys
2017-03-29 21:01 - 2017-03-29 21:01 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-03-29 21:01 - 2017-03-29 21:01 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-03-29 21:01 - 2017-03-29 21:01 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-03-29 21:01 - 2017-03-29 21:01 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2017-03-29 21:01 - 2017-03-29 21:01 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-03-29 21:01 - 2017-03-29 21:01 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-03-29 20:21 - 2017-03-29 20:21 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2017-03-23 18:46 - 2017-03-23 18:46 - 00000000 ____D C:\Users\mirceas\AppData\Local\Apps\2.0
==================== Trois mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-19 10:09 - 2014-07-28 16:00 - 00004198 _____ C:\Windows\System32\Tasks\MAJ_Inventaires
2017-06-19 10:02 - 2010-08-12 11:26 - 00000000 ____D C:\Windows\system32\dhcp
2017-06-19 09:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-06-19 09:20 - 2010-08-10 12:18 - 00006480 _____ C:\Windows\system32\config\netlogon.dnb
2017-06-19 09:20 - 2010-08-10 12:18 - 00002371 _____ C:\Windows\system32\config\netlogon.dns
2017-06-19 09:12 - 2009-07-14 06:49 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-19 09:12 - 2009-07-14 06:49 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-19 09:02 - 2010-08-10 12:13 - 00000000 ____D C:\Windows\system32\dns
2017-06-19 09:02 - 2009-07-14 07:06 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-19 09:01 - 2010-08-10 12:14 - 00000000 ____D C:\Windows\NTDS
2017-06-16 17:50 - 2010-09-01 17:22 - 00004282 _____ C:\Windows\System32\Tasks\Redémarrage
2017-06-15 19:52 - 2011-12-13 12:42 - 00000000 ____D C:\Excel
2017-06-15 18:01 - 2010-08-12 13:01 - 00000000 ____D C:\Users\Administrateur.PROARCHIVES\Documents\SQL Server Management Studio
2017-06-14 17:52 - 2016-05-13 15:38 - 00003586 _____ C:\Windows\System32\Tasks\Quadra NumEcr
2017-06-14 17:52 - 2014-04-14 16:21 - 00004582 _____ C:\Windows\System32\Tasks\Tâche_Dernier_Num_conteneur_AGO
2017-06-14 17:51 - 2011-03-10 16:46 - 00003580 _____ C:\Windows\System32\Tasks\MAJ
2017-06-14 17:51 - 2011-03-07 16:31 - 00004258 _____ C:\Windows\System32\Tasks\Power_Test
2017-06-14 16:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2017-06-13 16:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-06-13 16:17 - 2010-08-12 15:58 - 00000000 ____D C:\ProgramData\Symantec
2017-06-13 16:13 - 2010-08-13 12:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection
2017-06-13 16:12 - 2014-03-19 22:11 - 00483624 _____ (Symantec Corporation) C:\Windows\SysWOW64\SymVPN.dll
2017-06-13 16:12 - 2014-03-19 22:11 - 00217896 _____ (Symantec Corporation) C:\Windows\SysWOW64\FwsVpn.dll
2017-06-13 16:12 - 2013-07-06 22:33 - 00222504 _____ (Symantec Corporation) C:\Windows\system32\FwsVpn.dll
2017-06-13 16:12 - 2013-07-06 22:33 - 00094504 _____ (Symantec Corporation) C:\Windows\system32\snacnp.dll
2017-06-13 16:12 - 2013-07-06 22:33 - 00083752 _____ (Symantec Corporation) C:\Windows\SysWOW64\snacnp.dll
2017-06-13 16:12 - 2013-07-06 22:33 - 00047696 _____ (Symantec Corporation) C:\Windows\system32\Drivers\WGX64.SYS
2017-06-13 16:12 - 2010-08-12 15:49 - 00608040 _____ (Symantec Corporation) C:\Windows\system32\SymVPN.dll
2017-06-13 16:06 - 2013-07-05 11:22 - 00000000 ____D C:\Windows\system32\Drivers\SEP
2017-06-13 16:06 - 2013-07-05 11:22 - 00000000 ____D C:\ProgramData\regid.1992-12.com.symantec
2017-06-13 16:06 - 2010-08-13 13:00 - 00101104 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2017-06-13 16:06 - 2010-08-13 13:00 - 00008270 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2017-06-13 15:51 - 2016-03-01 23:36 - 00004486 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-13 15:51 - 2013-06-27 15:06 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-06-13 15:50 - 2014-12-24 10:13 - 00004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-06-13 15:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2017-06-06 15:43 - 2015-08-03 11:36 - 00000250 ___SH C:\Users\mirceas\ntuser.ini
2017-06-06 15:43 - 2015-08-03 11:36 - 00000000 ____D C:\Users\mirceas
2017-05-28 08:31 - 2009-07-14 07:06 - 00032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-05-24 21:04 - 2013-07-24 21:00 - 00000000 ____D C:\Windows\system32\MRT
2017-05-24 21:00 - 2010-06-26 23:07 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers =======
2015-07-31 19:53 - 2015-07-31 19:53 - 0000600 _____ () C:\Users\Administrateur.PROARCHIVES\AppData\Local\PUTTY.RND
2010-08-23 09:49 - 2017-06-14 17:45 - 0007600 _____ () C:\Users\Administrateur.PROARCHIVES\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {7be5c113-81b4-11df-a075-1cc1de6e7eb9}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows Serverÿ2008ÿR2
locale fr-FR
inherit {bootloadersettings}
recoverysequence {7be5c115-81b4-11df-a075-1cc1de6e7eb9}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {7be5c113-81b4-11df-a075-1cc1de6e7eb9}
nx OptOut
Chargeur de d‚marrage Windows
-----------------------------
identificateur {7be5c115-81b4-11df-a075-1cc1de6e7eb9}
device ramdisk=[C:]\Recovery\7be5c115-81b4-11df-a075-1cc1de6e7eb9\Winre.wim,{7be5c116-81b4-11df-a075-1cc1de6e7eb9}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\7be5c115-81b4-11df-a075-1cc1de6e7eb9\Winre.wim,{7be5c116-81b4-11df-a075-1cc1de6e7eb9}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {7be5c113-81b4-11df-a075-1cc1de6e7eb9}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {7be5c116-81b4-11df-a075-1cc1de6e7eb9}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\7be5c115-81b4-11df-a075-1cc1de6e7eb9\boot.sdi
LastRegBack: 2017-06-12 16:34
==================== Fin de FRST.txt ============================