Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-12-2017
Exécuté par Paul (administrateur) sur PAUL-PC (08-12-2017 18:13:13)
Exécuté depuis C:\Users\Paul\Downloads
Profils chargés: Paul (Profils disponibles: Paul)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Gadwin Systems, Inc) C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Users\Paul\Desktop\Captvty\Captvty.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
() C:\Users\Paul\Desktop\Captvty\Captvty.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google) C:\Users\Paul\AppData\Local\Google\Chrome\User Data\SwReporter\24.136.200\software_reporter_tool.exe
(Microsoft Corporation) C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Paul\AppData\Roaming\ZHP\ZHPDiag3.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\...\Run: [Gadwin PrintScreen] => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [1842384 2012-05-30] (Gadwin Systems, Inc)
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\...\MountPoints2: E - E:\AutoRun\AutoRun.exe
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\...\MountPoints2: {2be6976f-6b59-11e6-9f5e-001b1147f94c} - G:\LaunchU3.exe -a
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\...\MountPoints2: {81fd44fe-00e0-11e6-886a-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Superviser les alertes relatives aux cartouches - HP ENVY 4520 series.lnk [2017-12-08]
ShortcutTarget: Superviser les alertes relatives aux cartouches - HP ENVY 4520 series.lnk -> C:\Program Files\HP\HP ENVY 4520 series\Bin\HPStatusBL.dll (HP Inc.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45894EA8-DA24-4FA2-9EFD-B83869063279}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5D27A284-232A-4E5C-9F73-8AAE9C91FDD2}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.fr/
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Module complémentaire de navigateur pour la désactivation de Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll [2014-04-03] (Google, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27] (Adobe Systems Incorporated.)
BHO-x32: Module complémentaire de navigateur pour la désactivation de Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll [2014-04-03] (Google, Inc.)
BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27] (Adobe Systems Incorporated.)
Toolbar: HKU\S-1-5-21-3236533265-2694198059-1176122490-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3329707&octid=EB_ORIGINAL_CTID&ISID=MC78AAE5E-0508-4967-B180-BBD6CD114602&SearchSource=55&CUI=&UM=6&UP=SP3300B6EB-3CCE-4DCA-BE69-B94A0A9B311B&SSPV=
CHR StartupUrls: Default -> "hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl","hxxp://www.google.fr/?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0D91D54D-7812-4A4C-9CB1-6F54348C12E8&SSPV=","hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl","hxxp://astromenda.com/?f=7&a=ast_tgraduit_14_40_ie&cd=2XzuyEtN2Y1L1QzutDtDtByBtD0EtAyC0AyEtAtDyD0DtD0AtN0D0Tzu0StCtDtDyEtN1L2XzutAtFtBtFtCtFyCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtCtC0CyB0BzztGtAyCtAzztG0B0D0EyEtG0EyBtByCtGyEtAyDyCtCyC0FyCyEzzyB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtCzz0C0EyD0AtGyCtA0E0CtGyEyB0FyBtGzztAtC0FtGtD0F0B0AyByCyEyD0AtDyEyE2Q&cr=45520239&ir=","hxxp://astromenda.com/?f=7&a=ast_ggbc_14_40_ie&cd=2XzuyEtN2Y1L1QzutDtDtC0ByByBtByEyB0FtCyBtByE0AyEtN0D0Tzu0StCtDtDyCtN1L2XzutAtFtBtFtCtFyCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDtA0FtC0DtB0E0CtG0A0F0C0EtG0C0AzyyEtGyB0BtC0EtGtD0C0AtDzy0AtBtA0FyByBtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtA0BtBzzyC0DyDtG0EyEyD0DtGyEyByEzytG0AtCyB0BtGzy0D0E0A0FtCzz0Fzz0BtD0F2Q&cr=360718047&ir=","hxxp://astromenda.com/?f=7&a=ast_ggfc_14_40_ie&cd=2XzuyEtN2Y1L1QzutDtDtByBtD0EtAyC0AyEtAtDyD0DtD0AtN0D0Tzu0StCtDtDzztN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCtBtCtC0CyB0BzztGtAyCtAzztG0B0D0EyEtG0EyBtByCtGyEtAyDyCtCyC0FyCyEzzyB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtCzz0C0EyD0AtGyCtA0E0CtGyEyB0FyBtGzztAtC0FtGtD0F0B0AyByCyEyD0AtDyEyE2Q&cr=813386991&ir=","hxxp://astromenda.com/?f=7&a=ast_ggfc_14_40_ie&cd=2XzuyEtN2Y1L1QzutDtDtByBtD0EtAyC0AyEtAtDyD0DtD0AtN0D0Tzu0StCtDtDzztN1L2XzutAtFtBtFtCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCtBtCtC0CyB0BzztGtAyCtAzztG0B0D0EyEtG0EyBtByCtGyEtAyDyCtCyC0FyCyEzzyB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtCzz0C0EyD0AtGyCtA0E0CtGyEyB0FyBtGzztAtC0FtGtD0F0B0AyByCyEyD0AtDyEyE2Q&cr=847391344&ir=","hxxp://isearch.omiga-plus.com/?type=hp&ts=1414246715&from=tugs&uid=ST380021A_3HV0SCQK","hxxp://Vosteran.com/?f=7&a=vst_ggfc_14_50_ch&cd=2XzuyEtN2Y1L1QzutDtDtByBtD0EtAyC0AyEtAtDtA0EtDzztN0D0Tzu0StCtDyBtAtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtDtA0EtCyC0FtBtGyCzyyEyBtG0C0FtCtBtGtB0A0B0AtGtAtCtC0C0AtAzytD0B0C0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0B0Czy0CzyyBtAtG0EzztD0BtGyE0DyE0EtGzy0C0EtDtGzztB0EtD0B0A0FyD0E0AyB0A2Q&cr=397589653&ir=","hxxp://istart.webssearches.com/?type=hp&ts=1418302820&from=slb2&uid=ST380021A_3HV0SCQK","hxxps://encrypted.google.com"
CHR NewTab: Default -> Not-active:"chrome-extension://lfogljjmjckmhnblkmnedjkhfdgdebmd/new-tab.html", Not-active:"chrome-extension://kohoehgoafblafjinhplmhcbphgaaobc/product.html", Not-active:"chrome-extension://bhabmdaokjoiellmihejkfnchgihnhid/stubby.html"
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Default Search
CHR Profile: C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default [2017-12-08]
CHR Extension: (Slides) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-20]
CHR Extension: (PConverter) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhabmdaokjoiellmihejkfnchgihnhid [2017-11-26]
CHR Extension: (WOT: Web of Trust, Évaluation de la réputation de sites Web) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-11-08]
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-20]
CHR Extension: (Adobe Acrobat) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-20]
CHR Extension: (Sheets) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-20]
CHR Extension: (Blockulicious) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngglkijfekbhidmchmlfmpkdffmedob [2017-07-20]
CHR Extension: (InternetSpeedTracker) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc [2017-11-26]
CHR Extension: (EasyPDFCombine) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh [2017-11-26]
CHR Extension: (Default) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfogljjmjckmhnblkmnedjkhfdgdebmd [2017-11-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-20]
CHR Extension: (Chrome Media Router) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-15]
CHR HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Fichier non signé]
R2 CLCapSvc; C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [278608 2007-03-02] () [Fichier non signé]
R2 CLSched; C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [110677 2007-03-02] () [Fichier non signé]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-09-14] (Digital Wave Ltd.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Fichier non signé]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-09-07] (Macrovision Europe Ltd.) [Fichier non signé]
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2017-08-02] (Freemake) [Fichier non signé]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
S2 PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [Fichier non signé]
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Fichier non signé]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [241734 2008-04-07] () [Fichier non signé]
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
U4 Asptdbh; pas de ImagePath
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-11-22] ()
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-11-22] (Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-12-06] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-12-06] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-12-08] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-12-06] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\neo_vpn.sys [22784 2017-07-28] (Trust.Zone VPN Project)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
U0 aswVmm; pas de ImagePath
S3 catchme; \??\C:\Users\Paul\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-12-08 18:13 - 2017-12-08 18:13 - 000019297 _____ C:\Users\Paul\Downloads\FRST.txt
2017-12-08 18:06 - 2017-12-08 18:06 - 002390528 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2017-12-08 18:06 - 2017-12-08 18:06 - 000000000 ____D C:\Users\Paul\Downloads\FRST-OlderVersion
2017-12-08 17:56 - 2017-12-08 17:56 - 000189751 _____ C:\Users\Paul\Desktop\ZHPDiag.txt
2017-12-08 17:41 - 2017-12-08 17:41 - 000000830 _____ C:\Users\Paul\Desktop\ZHPDiag.lnk
2017-12-08 17:40 - 2017-12-08 17:40 - 000000000 ____D C:\Users\Paul\AppData\Local\ZHP
2017-12-08 16:54 - 2017-12-08 16:54 - 002943360 _____ C:\Users\Paul\Downloads\ZHPDiag3.exe
2017-12-08 15:59 - 2017-12-08 15:59 - 000000074 _____ C:\Users\Paul\Desktop\Infecté avec Astromenda,Adware Elex Travi Vostram Chrome search.url
2017-12-08 15:43 - 2017-12-08 15:43 - 000010185 _____ C:\Users\Paul\Desktop\MBAM du 8 decembre.txt
2017-12-07 11:42 - 2017-12-07 11:42 - 001266888 _____ (Opera Software) C:\Users\Paul\Downloads\OperaSetup (1).exe
2017-12-07 09:05 - 2017-12-07 09:05 - 000780432 _____ (Ammyy LLC) C:\Users\Paul\Desktop\AA_v3.exe
2017-12-07 09:03 - 2017-12-07 09:03 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Opera Software
2017-12-07 09:03 - 2017-12-07 09:03 - 000000000 ____D C:\Users\Paul\AppData\Local\Opera Software
2017-12-07 09:01 - 2017-12-07 12:50 - 000000000 ____D C:\Program Files\Opera
2017-12-07 09:00 - 2017-12-07 09:00 - 001267016 _____ (Opera Software) C:\Users\Paul\Downloads\OperaSetup.exe
2017-12-06 18:43 - 2017-12-06 18:43 - 000000000 ____D C:\ProgramData\AMMYY
2017-12-06 07:50 - 2017-10-18 08:31 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-12-06 07:50 - 2017-10-18 07:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-12-06 07:50 - 2017-10-18 03:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-12-06 07:50 - 2017-10-17 00:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-12-06 07:50 - 2017-10-16 23:34 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-12-06 07:50 - 2017-10-16 22:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-12-06 07:50 - 2017-10-14 09:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-06 07:50 - 2017-10-14 09:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-12-06 07:50 - 2017-10-14 09:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-12-06 07:50 - 2017-10-14 09:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-12-06 07:50 - 2017-10-14 09:12 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-12-06 07:50 - 2017-10-14 09:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-06 07:50 - 2017-10-14 09:11 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-12-06 07:50 - 2017-10-14 09:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-12-06 07:50 - 2017-10-14 09:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-12-06 07:50 - 2017-10-14 09:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-06 07:50 - 2017-10-14 09:05 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-12-06 07:50 - 2017-10-14 09:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-12-06 07:50 - 2017-10-14 09:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-12-06 07:50 - 2017-10-14 09:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-06 07:50 - 2017-10-14 09:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-12-06 07:50 - 2017-10-14 09:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-12-06 07:50 - 2017-10-14 09:00 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-12-06 07:50 - 2017-10-14 08:55 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-06 07:50 - 2017-10-14 08:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-12-06 07:50 - 2017-10-14 08:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-12-06 07:50 - 2017-10-14 08:47 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-06 07:50 - 2017-10-14 08:46 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-12-06 07:50 - 2017-10-14 08:43 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-12-06 07:50 - 2017-10-14 08:43 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-12-06 07:50 - 2017-10-14 08:41 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-12-06 07:50 - 2017-10-14 08:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-12-06 07:50 - 2017-10-14 08:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-12-06 07:50 - 2017-10-14 08:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-06 07:50 - 2017-10-14 08:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-12-06 07:50 - 2017-10-14 08:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-06 07:50 - 2017-10-14 08:28 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-12-06 07:50 - 2017-10-14 08:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-12-06 07:50 - 2017-10-14 08:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-06 07:50 - 2017-10-14 08:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-12-06 07:50 - 2017-10-14 08:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-06 07:50 - 2017-10-14 08:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-12-06 07:50 - 2017-10-14 07:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-06 07:50 - 2017-10-14 07:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-12-06 07:50 - 2017-10-14 07:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-12-06 07:50 - 2017-10-14 07:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-12-06 07:50 - 2017-10-14 07:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-12-06 07:50 - 2017-10-14 07:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-12-06 07:50 - 2017-10-14 07:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-12-06 07:50 - 2017-10-14 07:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-12-06 07:50 - 2017-10-14 07:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-12-06 07:50 - 2017-10-14 07:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-12-06 07:50 - 2017-10-14 07:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-12-06 07:50 - 2017-10-14 07:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-12-06 07:50 - 2017-10-14 07:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-12-06 07:50 - 2017-10-14 07:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-12-06 07:50 - 2017-10-14 07:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-12-06 07:50 - 2017-10-14 07:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-12-06 07:50 - 2017-10-14 07:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-12-06 07:50 - 2017-10-14 07:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-12-06 07:50 - 2017-10-14 07:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-12-06 07:50 - 2017-10-14 07:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-12-06 07:50 - 2017-10-14 07:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-12-06 07:50 - 2017-10-14 07:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-12-06 07:50 - 2017-10-14 07:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-12-06 07:50 - 2017-10-14 07:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-12-06 07:50 - 2017-10-14 07:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-12-06 07:50 - 2017-10-14 07:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-12-06 07:50 - 2017-10-14 07:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-12-06 07:50 - 2017-10-14 07:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-12-06 07:50 - 2017-10-14 07:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-12-06 07:50 - 2017-10-14 07:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-12-06 07:50 - 2017-10-12 01:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-12-06 07:50 - 2017-10-12 01:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-12-06 07:50 - 2017-10-12 01:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-12-06 07:50 - 2017-10-12 01:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-12-06 07:50 - 2017-10-12 01:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-12-06 07:50 - 2017-10-12 01:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-12-06 07:50 - 2017-10-12 01:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-12-06 07:50 - 2017-10-12 01:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-12-06 07:50 - 2017-10-12 01:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-12-06 07:50 - 2017-10-12 01:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-12-06 07:50 - 2017-10-12 01:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-12-06 07:50 - 2017-10-12 01:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-12-06 07:50 - 2017-10-12 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-12-06 07:50 - 2017-10-12 01:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-12-06 07:50 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-12-06 07:50 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-12-06 07:50 - 2017-10-12 01:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-12-06 07:50 - 2017-10-12 01:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-12-06 07:36 - 2017-12-06 07:36 - 000002263 _____ C:\Users\Paul\Desktop\PowerpointImageExtractor V1.2b.lnk
2017-12-06 07:15 - 2017-12-06 17:38 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-12-05 19:24 - 2017-12-05 19:24 - 001345517 _____ C:\Users\Paul\Downloads\HTIH841611.MP4
2017-12-05 19:21 - 2017-12-05 19:22 - 004794132 _____ C:\Users\Paul\Downloads\- video - Dailymotion11.mp4
2017-12-05 19:21 - 2017-12-05 19:22 - 004794132 _____ C:\Users\Paul\Downloads\- video - Dailymotion11 (1).mp4
2017-12-05 16:40 - 2017-12-05 16:42 - 000000000 ____D C:\Users\Paul\Desktop\Cuisine
2017-12-05 14:23 - 2017-12-05 14:23 - 001190456 _____ C:\Users\Paul\Downloads\Chasse-a-l-alouette1.mp4
2017-12-05 09:10 - 2017-12-05 09:10 - 004011133 _____ C:\Users\Paul\Downloads\LA VERITE.mp4
2017-12-05 08:58 - 2017-12-05 08:58 - 001119447 _____ C:\Users\Paul\Downloads\IMG_05991 (1).MP4
2017-12-05 08:57 - 2017-12-05 08:58 - 001119447 _____ C:\Users\Paul\Downloads\IMG_05991.MP4
2017-12-05 08:52 - 2017-12-05 08:52 - 006492979 _____ C:\Users\Paul\Downloads\Evolutie 1.mp4
2017-12-05 08:49 - 2017-12-05 08:49 - 009908684 _____ C:\Users\Paul\Downloads\VID-20170405-WA0056.mp4
2017-12-04 20:51 - 2017-12-04 20:51 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Cuisine
2017-12-04 15:11 - 2017-04-06 22:23 - 000840328 ____N (HP Inc.) C:\Windows\system32\HPDiscoPMD711.dll
2017-12-04 14:46 - 2017-12-04 14:47 - 005971872 _____ C:\Users\Paul\Downloads\HPEasyStart_6_5_3442_26 (3).exe
2017-12-04 14:42 - 2017-12-04 14:42 - 005971872 _____ C:\Users\Paul\Downloads\HPEasyStart_6_5_3442_26 (2).exe
2017-12-04 14:33 - 2017-12-04 14:33 - 005971872 _____ C:\Users\Paul\Downloads\HPEasyStart_6_5_3442_26 (1).exe
2017-12-04 14:28 - 2017-12-04 14:28 - 005971872 _____ C:\Users\Paul\Downloads\HPEasyStart_6_5_3442_26.exe
2017-12-04 09:30 - 2017-12-04 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFR
2017-12-03 18:10 - 2017-12-03 18:10 - 000586804 _____ C:\Users\Paul\Downloads\VID-20161020-WA0014111.mp4
2017-12-03 18:09 - 2017-12-03 18:09 - 005203687 _____ C:\Users\Paul\Downloads\Chien portugais.mp4
2017-12-03 18:08 - 2017-12-03 18:08 - 002194061 _____ C:\Users\Paul\Downloads\Chien belge111.mp4
2017-12-03 18:05 - 2017-12-03 18:05 - 006985000 _____ C:\Users\Paul\Downloads\Siffleur - Quel talent ._ 18 09 201711.mp4
2017-12-03 17:45 - 2017-12-03 17:45 - 002972672 _____ C:\Users\Paul\Downloads\Bon pour le moral11.pps
2017-12-03 17:43 - 2017-12-03 17:43 - 001166848 _____ C:\Users\Paul\Downloads\350615_johu.pps
2017-12-03 17:41 - 2017-12-03 17:41 - 000165368 _____ C:\Users\Paul\Downloads\Mayv-Badge_prioritaire111.pdf
2017-12-03 10:09 - 2017-12-03 10:09 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Nouveau dossier du forum pc astuces
2017-12-03 09:41 - 2017-12-04 08:25 - 000000000 ____D C:\Users\Paul\AppData\Roaming\KastorAllVideoDownloader
2017-12-03 09:37 - 2017-12-03 09:38 - 011923560 _____ (KastorSoft ) C:\Users\Paul\Downloads\setup_allvideodownloader.exe
2017-12-03 09:31 - 2017-12-03 09:31 - 000000000 ____D C:\ProgramData\Real
2017-12-03 09:29 - 2017-12-03 09:29 - 001308632 _____ (RealNetworks, Inc.) C:\Users\Paul\Downloads\RealDownloader.exe
2017-12-03 09:12 - 2017-12-04 08:25 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Apowersoft
2017-12-03 09:12 - 2017-12-03 09:12 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Apowersoft
2017-12-03 09:12 - 2017-08-03 09:15 - 000370424 _____ (Riverbed Technology, Inc.) C:\Windows\system32\wpcap.dll
2017-12-03 09:12 - 2017-08-03 09:15 - 000282360 _____ (Riverbed Technology, Inc.) C:\Windows\SysWOW64\wpcap.dll
2017-12-03 09:12 - 2017-08-03 09:15 - 000107768 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Packet.dll
2017-12-03 09:12 - 2017-08-03 09:15 - 000098040 _____ (Riverbed Technology, Inc.) C:\Windows\SysWOW64\Packet.dll
2017-12-03 09:12 - 2017-08-03 09:15 - 000053299 _____ C:\Windows\SysWOW64\pthreadVC.dll
2017-12-03 09:12 - 2017-08-03 09:15 - 000036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2017-12-02 12:02 - 2017-12-02 12:03 - 007402784 _____ C:\Users\Paul\Downloads\facile le basque2.mp4
2017-12-02 12:01 - 2017-12-02 12:01 - 007989760 _____ C:\Users\Paul\Downloads\MG_Papillons11.pps
2017-12-02 08:31 - 2017-12-02 08:31 - 003913728 _____ C:\Users\Paul\Downloads\Non confirmé 966500.crdownload
2017-12-02 08:31 - 2017-12-02 08:31 - 002554167 _____ C:\Users\Paul\Downloads\Non confirmé 272498.crdownload
2017-12-01 09:58 - 2017-12-01 10:00 - 008172032 _____ (Malwarebytes) C:\Users\Paul\Downloads\adwcleaner_7.0.5.0.exe
2017-12-01 07:42 - 2017-12-01 07:42 - 000148641 _____ C:\Users\Paul\Downloads\adobeflashplayer (1).exe
2017-12-01 07:42 - 2017-12-01 07:42 - 000148640 _____ C:\Users\Paul\Downloads\adobeflashplayer.exe
2017-11-30 09:41 - 2017-11-30 09:41 - 002637316 _____ C:\Users\Paul\Downloads\Supermarkt_der_Zukunft1.mp4
2017-11-30 09:33 - 2017-11-30 09:33 - 008204677 _____ C:\Users\Paul\Downloads\LimoDriver20171.mp4
2017-11-30 09:31 - 2017-11-30 09:31 - 005521466 _____ C:\Users\Paul\Downloads\Plage eětonnante.mp4
2017-11-30 09:28 - 2017-11-30 09:28 - 003001605 _____ C:\Users\Paul\Downloads\Ti kabo11 (1).mp4
2017-11-30 08:11 - 2017-11-30 08:11 - 011345446 _____ C:\Users\Paul\Downloads\VID-20171004-WA0000.mp4
2017-11-30 08:07 - 2017-11-30 08:07 - 000133632 _____ C:\Users\Paul\Downloads\tuLe-pigeon-rouge-128038.pps
2017-11-30 08:01 - 2017-11-30 08:02 - 013022749 _____ C:\Users\Paul\Downloads\VID-20171019-WA0000.mp4
2017-11-30 08:01 - 2017-11-30 08:01 - 003001605 _____ C:\Users\Paul\Downloads\Ti kabo11.mp4
2017-11-30 07:53 - 2017-11-30 07:53 - 009054907 _____ C:\Users\Paul\Downloads\IMG_058711.MP4
2017-11-30 07:48 - 2017-11-30 07:48 - 006059817 _____ C:\Users\Paul\Downloads\LL-VID-20170425-WA00071.mp4
2017-11-30 06:29 - 2017-11-30 06:29 - 000985600 _____ C:\Users\Paul\Downloads\10_Curiosites_du_corps_humain_11 (1).pps
2017-11-30 06:27 - 2017-11-30 06:27 - 000985088 _____ C:\Users\Paul\Downloads\10_Curiosites_du_corps_humain_11.pps
2017-11-29 20:34 - 2017-11-29 20:34 - 000000097 _____ C:\Users\Paul\Desktop\Vous avez l’option EJP du Tarif Bleu - Retrouvez en un clic toutes les infos !.url
2017-11-29 13:40 - 2017-11-29 13:42 - 048353760 _____ (F-Secure Corporation) C:\Users\Paul\Downloads\Freedome (1).exe
2017-11-29 12:48 - 2017-11-29 12:48 - 010957807 _____ (Oleg N. Scherbakov) C:\Users\Paul\Downloads\captvty-2.6.5.1-autoextract (2).exe
2017-11-29 12:46 - 2017-11-29 12:46 - 010957807 _____ (Oleg N. Scherbakov) C:\Users\Paul\Downloads\captvty-2.6.5.1-autoextract.exe
2017-11-29 12:46 - 2017-11-29 12:46 - 010957807 _____ (Oleg N. Scherbakov) C:\Users\Paul\Downloads\captvty-2.6.5.1-autoextract (1).exe
2017-11-29 12:44 - 2017-11-29 12:44 - 016931037 _____ C:\Users\Paul\Downloads\captvty-2.6.5.1 (1).zip
2017-11-29 12:42 - 2017-11-29 12:43 - 016931037 _____ C:\Users\Paul\Downloads\captvty-2.6.5.1.zip
2017-11-29 11:27 - 2017-11-29 11:27 - 000208080 _____ C:\Users\Paul\Downloads\F0341124522001.pdf
2017-11-27 17:02 - 2017-11-27 17:02 - 002929023 _____ C:\Users\Paul\Downloads\un_juif_en_taxi_.mp4
2017-11-27 09:55 - 2017-11-27 09:55 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Lettre santé
2017-11-26 07:57 - 2017-10-18 03:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-26 07:57 - 2017-10-18 03:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-26 07:57 - 2017-10-15 23:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-26 07:57 - 2017-10-04 14:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-25 22:45 - 2017-11-25 22:45 - 001793536 _____ C:\Users\Paul\Downloads\Drogue non merci1.pps
2017-11-25 22:45 - 2017-11-25 22:45 - 001793536 _____ C:\Users\Paul\Downloads\Drogue non merci1 (1).pps
2017-11-25 06:48 - 2017-11-25 06:48 - 016932745 _____ C:\Users\Paul\Downloads\captvty-2.6.5.zip
2017-11-23 19:48 - 2017-11-23 19:48 - 011073024 _____ C:\Users\Paul\Downloads\Le musee d'Orsay - Paris 7e v11111.pps
2017-11-23 17:38 - 2017-11-23 17:38 - 007166392 _____ C:\Users\Paul\Downloads\videoplayback.mp4
2017-11-23 17:35 - 2017-11-23 17:35 - 000216465 _____ C:\Users\Paul\Downloads\associations chiffres.pdf
2017-11-23 17:28 - 2017-11-23 17:28 - 005871104 _____ C:\Users\Paul\Downloads\les corons et mineurs de fond (1).pps
2017-11-23 17:27 - 2017-11-23 17:27 - 005868544 _____ C:\Users\Paul\Downloads\les corons et mineurs de fond.pps
2017-11-22 14:35 - 2017-11-22 14:35 - 007930922 _____ C:\Users\Paul\Downloads\deux guitares12.mp4
2017-11-22 13:15 - 2017-11-22 13:38 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Recepissé
2017-11-22 12:46 - 2017-12-08 07:09 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-22 12:46 - 2017-12-06 17:38 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-11-22 12:46 - 2017-12-06 17:38 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-11-22 12:46 - 2017-11-22 12:46 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-11-22 11:25 - 2017-12-06 18:01 - 000161938 _____ C:\Windows\ntbtlog.txt
2017-11-22 09:39 - 2017-11-23 07:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-22 09:39 - 2017-11-22 12:46 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-11-22 09:39 - 2017-11-22 09:39 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-22 09:38 - 2017-11-22 09:38 - 000000000 ____D C:\ProgramData\MB2Migration
2017-11-22 09:30 - 2017-11-22 09:33 - 065942208 _____ (Malwarebytes ) C:\Users\Paul\Downloads\malwarebytes-anti-malware_3-2-2-2029_fr_215092.exe
2017-11-22 06:49 - 2017-11-22 06:49 - 000000000 ____D C:\Users\Paul\My Documents\Documents\TotalAV
2017-11-22 06:49 - 2017-11-22 06:49 - 000000000 ____D C:\ProgramData\SecuritySuite
2017-11-21 08:18 - 2017-11-21 08:18 - 000000000 ____D C:\Users\Paul\AppData\Roaming\TotalAV
2017-11-21 07:21 - 2017-11-21 07:21 - 004382384 _____ C:\Users\Paul\Downloads\Mamie.mp4
2017-11-20 19:59 - 2017-11-20 19:59 - 000375296 _____ C:\Users\Paul\Downloads\1000_euros_la_passe coquin maisjoli1 CA.pps
2017-11-20 19:57 - 2017-11-20 19:57 - 002977460 _____ C:\Users\Paul\Downloads\VID-20171008-WA000111.mp4
2017-11-20 10:14 - 2017-11-20 10:14 - 001877504 _____ C:\Users\Paul\Downloads\Un vrai petit bijou.pps
2017-11-20 10:09 - 2017-11-20 10:09 - 010458536 _____ C:\Users\Paul\Downloads\recyclage1221.mp4
2017-11-20 10:07 - 2017-11-20 10:07 - 000422912 _____ C:\Users\Paul\Downloads\Dentifrice-Colgate-Pub Geniale-07 vues.pps.pps
2017-11-20 10:00 - 2017-11-20 10:00 - 005588480 _____ C:\Users\Paul\Downloads\Visite_sous_la_mer_puis_sur_terre.pps
2017-11-20 09:24 - 2017-11-20 09:24 - 000112416 _____ C:\Users\Paul\Downloads\Lo ARGIC ARCCO1.pdf
2017-11-20 09:22 - 2017-11-20 09:22 - 001658945 _____ C:\Users\Paul\Downloads\VID-20171027-WA0023.mp4
2017-11-18 15:54 - 2017-11-18 15:54 - 004935069 _____ C:\Users\Paul\Downloads\utf-8''Un curé réaliste.mp4
2017-11-16 16:24 - 2017-11-16 16:24 - 010105492 _____ C:\Users\Paul\Downloads\2CV(y)1.mp4
2017-11-16 16:09 - 2017-11-16 16:09 - 009053758 _____ C:\Users\Paul\Downloads\2017-08-04-VIDEO-00001280.mp4
2017-11-16 15:52 - 2017-11-16 15:52 - 000538112 _____ C:\Users\Paul\Downloads\Vive_le_sport11-13.pps
2017-11-15 07:40 - 2017-11-15 07:41 - 003383653 _____ C:\Users\Paul\Downloads\Une ecolo en action GB11111.mp4
2017-11-14 06:52 - 2017-11-14 06:52 - 004130304 _____ C:\Users\Paul\Downloads\Dessins.pps
2017-11-14 06:50 - 2017-11-14 06:50 - 009867071 _____ C:\Users\Paul\Downloads\Woodpecker_Fends_Off_Squirrel__North_America111.mp4
2017-11-14 06:47 - 2017-11-14 06:47 - 003435008 _____ C:\Users\Paul\Downloads\Lodowiec_gletser_in_argentinie131.pps
2017-11-14 06:45 - 2017-11-14 06:45 - 011086146 _____ C:\Users\Paul\Downloads\MAGI111111.mp4
2017-11-14 06:43 - 2017-11-14 06:43 - 007966208 _____ C:\Users\Paul\Downloads\Circuit Breton.pps
2017-11-14 06:25 - 2017-11-14 06:25 - 004482195 _____ C:\Users\Paul\Downloads\Dessines_moi_un_cheval-3.mp4
2017-11-14 06:22 - 2017-11-14 06:23 - 012661902 _____ C:\Users\Paul\Downloads\Spania1.MP4
2017-11-14 06:12 - 2017-11-14 06:12 - 005650146 _____ C:\Users\Paul\Downloads\Beggar in Japan.mp4
2017-11-14 06:08 - 2017-11-14 06:08 - 004134457 _____ C:\Users\Paul\Downloads\Lebonhommedeneige1115111.mp4
2017-11-14 05:57 - 2017-11-14 05:57 - 008804913 _____ C:\Users\Paul\Downloads\2017-07-08-VIDEO-000015131.mp4
2017-11-10 19:52 - 2017-11-10 19:52 - 000176128 _____ C:\Users\Paul\Downloads\Le_Douanier11111.pps
2017-11-10 19:52 - 2017-11-10 19:52 - 000176128 _____ C:\Users\Paul\Downloads\Le_Douanier11111 (1).pps
2017-11-10 09:26 - 2017-11-16 08:57 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Soins des pieds
2017-11-09 18:19 - 2017-11-09 18:19 - 000107008 _____ C:\Users\Paul\Downloads\les_2_nonnes11.pps
2017-11-09 13:26 - 2017-11-09 13:26 - 000000000 ____D C:\Users\Paul\Downloads\Mont-Blanc
2017-11-08 14:11 - 2017-11-08 14:11 - 011345446 _____ C:\Users\Paul\Downloads\VID-20171004-WA0000111.mp4
2017-11-08 11:58 - 2017-11-08 11:58 - 005740535 _____ C:\Users\Paul\Downloads\VID-20170220-WA0001-1.mp4
2017-11-08 11:55 - 2017-11-08 11:55 - 005096541 _____ C:\Users\Paul\Downloads\j'ai honte ._.11.mp4
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-12-08 18:13 - 2016-07-25 18:02 - 000000000 ____D C:\FRST
2017-12-08 18:12 - 2016-04-12 20:36 - 000003928 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FCEAB000-C7B1-4A03-A525-294A439DE568}
2017-12-08 17:49 - 2016-10-19 17:21 - 000000000 ____D C:\Users\Paul\AppData\Roaming\ZHP
2017-12-08 16:07 - 2017-10-24 18:27 - 000000000 ____D C:\Users\Paul\AppData\Roaming\vlc
2017-12-08 15:38 - 2017-09-10 05:53 - 000000000 ____D C:\Users\Paul\Desktop\Captvty
2017-12-08 07:46 - 2016-04-13 15:14 - 000000000 ____D C:\Users\Paul\.rainlendar2
2017-12-08 07:24 - 2009-07-14 05:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-08 07:24 - 2009-07-14 05:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-08 07:08 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-07 12:50 - 2016-04-12 20:29 - 000001444 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-12-07 07:59 - 2017-07-27 05:32 - 000003168 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3236533265-2694198059-1176122490-1000
2017-12-07 07:59 - 2017-05-25 07:27 - 000000000 ___RD C:\Users\Paul\OneDrive
2017-12-07 07:59 - 2016-12-06 19:40 - 000002212 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-12-06 21:35 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2017-12-06 09:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2017-12-06 08:30 - 2009-07-14 05:45 - 002583752 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-06 07:56 - 2016-04-14 03:24 - 001642388 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-12-06 07:56 - 2011-04-12 10:16 - 000747320 _____ C:\Windows\system32\perfh00C.dat
2017-12-06 07:56 - 2011-04-12 10:16 - 000149844 _____ C:\Windows\system32\perfc00C.dat
2017-12-06 07:56 - 2009-07-14 06:13 - 001642388 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-06 07:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-12-06 07:36 - 2016-07-26 06:53 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerpointImageExtractor V1.2b.lnk
2017-12-06 07:36 - 2016-07-26 06:53 - 000000000 ____D C:\Program Files (x86)\PowerpointImageExtractor_V1_2
2017-12-06 07:36 - 2016-05-14 05:03 - 000000000 ____D C:\Users\Paul\Desktop\HP
2017-12-06 07:36 - 2016-04-13 13:22 - 000000000 ____D C:\Users\Paul\Desktop\Logiciels
2017-12-05 07:42 - 2016-12-20 15:20 - 000000000 ____D C:\Edf-Ejp
2017-12-04 18:21 - 2016-09-06 11:37 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Bibliothèque calibre
2017-12-04 15:10 - 2017-10-31 14:32 - 000000000 ____D C:\Program Files (x86)\HP
2017-12-04 15:10 - 2016-05-12 17:45 - 000000000 ____D C:\ProgramData\HP
2017-12-04 14:29 - 2016-05-12 17:42 - 000000000 ____D C:\Users\Paul\AppData\Local\HP
2017-12-04 08:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2017-12-04 08:11 - 2017-11-07 13:18 - 000000000 ____D C:\Users\Paul\Desktop\Scanner Sumikon
2017-12-02 11:03 - 2017-04-14 08:02 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-12-01 23:21 - 2017-09-08 05:25 - 000000000 ____D C:\Program Files (x86)\QuickTime
2017-12-01 23:21 - 2016-04-13 16:31 - 000000000 ____D C:\ProgramData\Apple Computer
2017-12-01 23:19 - 2017-09-08 05:25 - 000000000 ____D C:\Windows\SysWOW64\QuickTime
2017-12-01 23:19 - 2017-09-08 05:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-12-01 17:37 - 2016-11-18 15:32 - 000000000 ____D C:\ProgramData\F-Secure
2017-12-01 10:00 - 2016-02-29 11:20 - 000000000 ____D C:\AdwCleaner
2017-12-01 08:14 - 2016-10-24 17:17 - 000000978 _____ C:\Users\Public\Desktop\Kobo.lnk
2017-12-01 08:14 - 2016-10-24 15:39 - 000000000 ____D C:\Program Files (x86)\Kobo
2017-11-30 10:21 - 2017-11-06 10:31 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Histoires droles
2017-11-28 19:34 - 2017-06-17 09:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-28 06:58 - 2016-09-09 10:21 - 000000000 ____D C:\Users\Paul\My Documents\Documents\My Digital Editions
2017-11-28 04:57 - 2016-04-15 02:30 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-27 15:04 - 2017-03-29 11:04 - 000236032 ___SH C:\Users\Paul\Desktop\Thumbs.db
2017-11-27 13:29 - 2016-04-12 20:29 - 000000000 ____D C:\Users\Paul\AppData\Local\VirtualStore
2017-11-26 10:59 - 2017-09-23 12:53 - 000000000 ____D C:\Users\Paul\Desktop\Synopsis des Films d'Espagne
2017-11-26 07:43 - 2016-04-12 20:29 - 000000000 ____D C:\Users\Paul
2017-11-26 07:41 - 2016-06-10 12:10 - 000000000 ____D C:\Users\Paul\AppData\Roaming\dvdcss
2017-11-26 07:41 - 2016-04-20 19:25 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Jardin
2017-11-26 06:40 - 2017-01-18 11:14 - 000000000 ____D C:\Users\Paul\AppData\Local\ElevatedDiagnostics
2017-11-25 10:18 - 2017-10-13 10:29 - 000000000 ____D C:\Users\Paul\Desktop\Galas d'accordéon avec vidéo
2017-11-25 10:13 - 2017-09-18 12:32 - 000000000 ____D C:\Users\Paul\Desktop\Musique de danse
2017-11-23 07:56 - 2016-07-13 07:38 - 000000000 ____D C:\Windows\pss
2017-11-23 07:56 - 2016-04-24 10:58 - 000000000 ____D C:\Users\Paul\AppData\Roaming\DVDVideoSoft
2017-11-23 07:56 - 2016-04-13 04:57 - 000000000 ____D C:\Users\Paul\AppData\Local\Microsoft Help
2017-11-22 14:52 - 2017-11-03 19:18 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Scanner Sumikon
2017-11-22 09:39 - 2016-04-13 15:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-22 08:45 - 2016-07-28 09:19 - 000000000 __RHD C:\MSOCache
2017-11-20 21:32 - 2010-11-21 04:27 - 000545440 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-11-16 15:35 - 2017-10-02 14:31 - 000000000 ____D C:\Users\Paul\Desktop\Mobile sfr
2017-11-16 06:12 - 2017-08-07 17:59 - 000002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 13:00 - 2016-08-05 14:21 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-14 20:46 - 2016-04-12 21:06 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 20:46 - 2016-04-12 21:06 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-14 20:39 - 2017-03-25 08:01 - 000004642 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-14 20:39 - 2016-06-17 03:47 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 20:39 - 2016-06-17 03:47 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 20:39 - 2016-06-17 03:47 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-14 20:39 - 2016-06-17 03:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-14 20:39 - 2016-06-17 03:46 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-13 19:10 - 2016-04-13 08:14 - 000011849 _____ C:\Users\Paul\Desktop\Classeur anniversaire 2015.2016.xlsx
2017-11-11 19:59 - 2016-04-07 09:25 - 000000000 ____D C:\Users\Paul\Desktop\Jardin
2017-11-08 10:27 - 2017-09-14 13:33 - 000000000 ____D C:\Chaufferie
==================== Fichiers à la racine de certains dossiers =======
2017-08-08 14:24 - 2012-03-01 23:18 - 000721408 _____ (http://lame.sf.net) C:\Program Files (x86)\libmp3lame.dll
2017-06-17 09:22 - 2017-06-18 05:38 - 000000053 _____ () C:\Users\Paul\AppData\Roaming\LogFile.txt
2016-05-09 07:37 - 2016-06-20 15:15 - 000000016 ____H () C:\Users\Paul\AppData\Roaming\mxfilerelatedcache.mxc2
2017-06-21 13:17 - 2017-10-01 08:24 - 000000580 _____ () C:\Users\Paul\AppData\Roaming\PAUL-PC.MTBF.txt
2016-04-13 16:26 - 2016-12-09 06:59 - 000000269 _____ () C:\Users\Paul\AppData\Roaming\WB.CFG
2017-06-21 13:18 - 2017-10-01 08:26 - 000001608 _____ () C:\Users\Paul\AppData\Roaming\__AvidCloudManager.log
2017-06-21 13:18 - 2017-06-25 13:37 - 000001682 _____ () C:\Users\Paul\AppData\Roaming\__AvidCloudManagerPrevious.log
Certains fichiers dans TEMP:
====================
2017-12-03 09:13 - 2017-12-03 09:13 - 000361112 _____ (Apowersoft) C:\Users\Paul\AppData\Local\Temp\ApowersoftAutoUpdater.exe
2017-12-04 15:01 - 2017-12-04 15:05 - 156129840 _____ () C:\Users\Paul\AppData\Local\Temp\HPInstaller.exe
2017-12-03 09:33 - 2017-10-02 13:48 - 000186736 _____ (RealNetworks, Inc.) C:\Users\Paul\AppData\Local\Temp\lowproc.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-11-29 00:59
==================== Fin de FRST.txt ============================
Exécuté par Paul (administrateur) sur PAUL-PC (08-12-2017 18:13:13)
Exécuté depuis C:\Users\Paul\Downloads
Profils chargés: Paul (Profils disponibles: Paul)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Gadwin Systems, Inc) C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Users\Paul\Desktop\Captvty\Captvty.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
() C:\Users\Paul\Desktop\Captvty\Captvty.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google) C:\Users\Paul\AppData\Local\Google\Chrome\User Data\SwReporter\24.136.200\software_reporter_tool.exe
(Microsoft Corporation) C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Paul\AppData\Roaming\ZHP\ZHPDiag3.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\...\Run: [Gadwin PrintScreen] => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [1842384 2012-05-30] (Gadwin Systems, Inc)
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\...\MountPoints2: E - E:\AutoRun\AutoRun.exe
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\...\MountPoints2: {2be6976f-6b59-11e6-9f5e-001b1147f94c} - G:\LaunchU3.exe -a
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\...\MountPoints2: {81fd44fe-00e0-11e6-886a-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Superviser les alertes relatives aux cartouches - HP ENVY 4520 series.lnk [2017-12-08]
ShortcutTarget: Superviser les alertes relatives aux cartouches - HP ENVY 4520 series.lnk -> C:\Program Files\HP\HP ENVY 4520 series\Bin\HPStatusBL.dll (HP Inc.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45894EA8-DA24-4FA2-9EFD-B83869063279}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5D27A284-232A-4E5C-9F73-8AAE9C91FDD2}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.fr/
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Module complémentaire de navigateur pour la désactivation de Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll [2014-04-03] (Google, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27] (Adobe Systems Incorporated.)
BHO-x32: Module complémentaire de navigateur pour la désactivation de Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll [2014-04-03] (Google, Inc.)
BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27] (Adobe Systems Incorporated.)
Toolbar: HKU\S-1-5-21-3236533265-2694198059-1176122490-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3329707&octid=EB_ORIGINAL_CTID&ISID=MC78AAE5E-0508-4967-B180-BBD6CD114602&SearchSource=55&CUI=&UM=6&UP=SP3300B6EB-3CCE-4DCA-BE69-B94A0A9B311B&SSPV=
CHR StartupUrls: Default -> "hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl","hxxp://www.google.fr/?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0D91D54D-7812-4A4C-9CB1-6F54348C12E8&SSPV=","hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl","hxxp://astromenda.com/?f=7&a=ast_tgraduit_14_40_ie&cd=2XzuyEtN2Y1L1QzutDtDtByBtD0EtAyC0AyEtAtDyD0DtD0AtN0D0Tzu0StCtDtDyEtN1L2XzutAtFtBtFtCtFyCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtCtC0CyB0BzztGtAyCtAzztG0B0D0EyEtG0EyBtByCtGyEtAyDyCtCyC0FyCyEzzyB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtCzz0C0EyD0AtGyCtA0E0CtGyEyB0FyBtGzztAtC0FtGtD0F0B0AyByCyEyD0AtDyEyE2Q&cr=45520239&ir=","hxxp://astromenda.com/?f=7&a=ast_ggbc_14_40_ie&cd=2XzuyEtN2Y1L1QzutDtDtC0ByByBtByEyB0FtCyBtByE0AyEtN0D0Tzu0StCtDtDyCtN1L2XzutAtFtBtFtCtFyCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDtA0FtC0DtB0E0CtG0A0F0C0EtG0C0AzyyEtGyB0BtC0EtGtD0C0AtDzy0AtBtA0FyByBtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtA0BtBzzyC0DyDtG0EyEyD0DtGyEyByEzytG0AtCyB0BtGzy0D0E0A0FtCzz0Fzz0BtD0F2Q&cr=360718047&ir=","hxxp://astromenda.com/?f=7&a=ast_ggfc_14_40_ie&cd=2XzuyEtN2Y1L1QzutDtDtByBtD0EtAyC0AyEtAtDyD0DtD0AtN0D0Tzu0StCtDtDzztN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCtBtCtC0CyB0BzztGtAyCtAzztG0B0D0EyEtG0EyBtByCtGyEtAyDyCtCyC0FyCyEzzyB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtCzz0C0EyD0AtGyCtA0E0CtGyEyB0FyBtGzztAtC0FtGtD0F0B0AyByCyEyD0AtDyEyE2Q&cr=813386991&ir=","hxxp://astromenda.com/?f=7&a=ast_ggfc_14_40_ie&cd=2XzuyEtN2Y1L1QzutDtDtByBtD0EtAyC0AyEtAtDyD0DtD0AtN0D0Tzu0StCtDtDzztN1L2XzutAtFtBtFtCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCtBtCtC0CyB0BzztGtAyCtAzztG0B0D0EyEtG0EyBtByCtGyEtAyDyCtCyC0FyCyEzzyB0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtCzz0C0EyD0AtGyCtA0E0CtGyEyB0FyBtGzztAtC0FtGtD0F0B0AyByCyEyD0AtDyEyE2Q&cr=847391344&ir=","hxxp://isearch.omiga-plus.com/?type=hp&ts=1414246715&from=tugs&uid=ST380021A_3HV0SCQK","hxxp://Vosteran.com/?f=7&a=vst_ggfc_14_50_ch&cd=2XzuyEtN2Y1L1QzutDtDtByBtD0EtAyC0AyEtAtDtA0EtDzztN0D0Tzu0StCtDyBtAtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtDtA0EtCyC0FtBtGyCzyyEyBtG0C0FtCtBtGtB0A0B0AtGtAtCtC0C0AtAzytD0B0C0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0B0Czy0CzyyBtAtG0EzztD0BtGyE0DyE0EtGzy0C0EtDtGzztB0EtD0B0A0FyD0E0AyB0A2Q&cr=397589653&ir=","hxxp://istart.webssearches.com/?type=hp&ts=1418302820&from=slb2&uid=ST380021A_3HV0SCQK","hxxps://encrypted.google.com"
CHR NewTab: Default -> Not-active:"chrome-extension://lfogljjmjckmhnblkmnedjkhfdgdebmd/new-tab.html", Not-active:"chrome-extension://kohoehgoafblafjinhplmhcbphgaaobc/product.html", Not-active:"chrome-extension://bhabmdaokjoiellmihejkfnchgihnhid/stubby.html"
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Default Search
CHR Profile: C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default [2017-12-08]
CHR Extension: (Slides) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-20]
CHR Extension: (PConverter) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhabmdaokjoiellmihejkfnchgihnhid [2017-11-26]
CHR Extension: (WOT: Web of Trust, Évaluation de la réputation de sites Web) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-11-08]
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-20]
CHR Extension: (Adobe Acrobat) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-20]
CHR Extension: (Sheets) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-20]
CHR Extension: (Blockulicious) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngglkijfekbhidmchmlfmpkdffmedob [2017-07-20]
CHR Extension: (InternetSpeedTracker) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc [2017-11-26]
CHR Extension: (EasyPDFCombine) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh [2017-11-26]
CHR Extension: (Default) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfogljjmjckmhnblkmnedjkhfdgdebmd [2017-11-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-20]
CHR Extension: (Chrome Media Router) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-15]
CHR HKU\S-1-5-21-3236533265-2694198059-1176122490-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Fichier non signé]
R2 CLCapSvc; C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [278608 2007-03-02] () [Fichier non signé]
R2 CLSched; C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [110677 2007-03-02] () [Fichier non signé]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-09-14] (Digital Wave Ltd.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Fichier non signé]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-09-07] (Macrovision Europe Ltd.) [Fichier non signé]
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2017-08-02] (Freemake) [Fichier non signé]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
S2 PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [Fichier non signé]
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Fichier non signé]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [241734 2008-04-07] () [Fichier non signé]
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
U4 Asptdbh; pas de ImagePath
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-11-22] ()
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-11-22] (Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-12-06] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-12-06] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-12-08] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-12-06] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\neo_vpn.sys [22784 2017-07-28] (Trust.Zone VPN Project)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
U0 aswVmm; pas de ImagePath
S3 catchme; \??\C:\Users\Paul\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-12-08 18:13 - 2017-12-08 18:13 - 000019297 _____ C:\Users\Paul\Downloads\FRST.txt
2017-12-08 18:06 - 2017-12-08 18:06 - 002390528 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2017-12-08 18:06 - 2017-12-08 18:06 - 000000000 ____D C:\Users\Paul\Downloads\FRST-OlderVersion
2017-12-08 17:56 - 2017-12-08 17:56 - 000189751 _____ C:\Users\Paul\Desktop\ZHPDiag.txt
2017-12-08 17:41 - 2017-12-08 17:41 - 000000830 _____ C:\Users\Paul\Desktop\ZHPDiag.lnk
2017-12-08 17:40 - 2017-12-08 17:40 - 000000000 ____D C:\Users\Paul\AppData\Local\ZHP
2017-12-08 16:54 - 2017-12-08 16:54 - 002943360 _____ C:\Users\Paul\Downloads\ZHPDiag3.exe
2017-12-08 15:59 - 2017-12-08 15:59 - 000000074 _____ C:\Users\Paul\Desktop\Infecté avec Astromenda,Adware Elex Travi Vostram Chrome search.url
2017-12-08 15:43 - 2017-12-08 15:43 - 000010185 _____ C:\Users\Paul\Desktop\MBAM du 8 decembre.txt
2017-12-07 11:42 - 2017-12-07 11:42 - 001266888 _____ (Opera Software) C:\Users\Paul\Downloads\OperaSetup (1).exe
2017-12-07 09:05 - 2017-12-07 09:05 - 000780432 _____ (Ammyy LLC) C:\Users\Paul\Desktop\AA_v3.exe
2017-12-07 09:03 - 2017-12-07 09:03 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Opera Software
2017-12-07 09:03 - 2017-12-07 09:03 - 000000000 ____D C:\Users\Paul\AppData\Local\Opera Software
2017-12-07 09:01 - 2017-12-07 12:50 - 000000000 ____D C:\Program Files\Opera
2017-12-07 09:00 - 2017-12-07 09:00 - 001267016 _____ (Opera Software) C:\Users\Paul\Downloads\OperaSetup.exe
2017-12-06 18:43 - 2017-12-06 18:43 - 000000000 ____D C:\ProgramData\AMMYY
2017-12-06 07:50 - 2017-10-18 08:31 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-12-06 07:50 - 2017-10-18 07:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-12-06 07:50 - 2017-10-18 03:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-12-06 07:50 - 2017-10-18 03:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-12-06 07:50 - 2017-10-17 00:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-12-06 07:50 - 2017-10-16 23:34 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-12-06 07:50 - 2017-10-16 22:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-12-06 07:50 - 2017-10-14 09:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-06 07:50 - 2017-10-14 09:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-12-06 07:50 - 2017-10-14 09:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-12-06 07:50 - 2017-10-14 09:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-12-06 07:50 - 2017-10-14 09:12 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-12-06 07:50 - 2017-10-14 09:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-06 07:50 - 2017-10-14 09:11 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-12-06 07:50 - 2017-10-14 09:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-12-06 07:50 - 2017-10-14 09:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-12-06 07:50 - 2017-10-14 09:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-06 07:50 - 2017-10-14 09:05 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-12-06 07:50 - 2017-10-14 09:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-12-06 07:50 - 2017-10-14 09:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-12-06 07:50 - 2017-10-14 09:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-06 07:50 - 2017-10-14 09:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-12-06 07:50 - 2017-10-14 09:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-12-06 07:50 - 2017-10-14 09:00 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-12-06 07:50 - 2017-10-14 08:55 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-06 07:50 - 2017-10-14 08:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-12-06 07:50 - 2017-10-14 08:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-12-06 07:50 - 2017-10-14 08:47 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-06 07:50 - 2017-10-14 08:46 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-12-06 07:50 - 2017-10-14 08:43 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-12-06 07:50 - 2017-10-14 08:43 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-12-06 07:50 - 2017-10-14 08:41 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-12-06 07:50 - 2017-10-14 08:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-12-06 07:50 - 2017-10-14 08:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-12-06 07:50 - 2017-10-14 08:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-06 07:50 - 2017-10-14 08:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-12-06 07:50 - 2017-10-14 08:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-06 07:50 - 2017-10-14 08:28 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-12-06 07:50 - 2017-10-14 08:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-12-06 07:50 - 2017-10-14 08:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-06 07:50 - 2017-10-14 08:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-12-06 07:50 - 2017-10-14 08:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-06 07:50 - 2017-10-14 08:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-12-06 07:50 - 2017-10-14 07:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-06 07:50 - 2017-10-14 07:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-12-06 07:50 - 2017-10-14 07:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-12-06 07:50 - 2017-10-14 07:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-12-06 07:50 - 2017-10-14 07:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-12-06 07:50 - 2017-10-14 07:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-12-06 07:50 - 2017-10-14 07:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-12-06 07:50 - 2017-10-14 07:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-12-06 07:50 - 2017-10-14 07:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-12-06 07:50 - 2017-10-14 07:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-12-06 07:50 - 2017-10-14 07:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-12-06 07:50 - 2017-10-14 07:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-12-06 07:50 - 2017-10-14 07:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-12-06 07:50 - 2017-10-14 07:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-12-06 07:50 - 2017-10-14 07:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-12-06 07:50 - 2017-10-14 07:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-12-06 07:50 - 2017-10-14 07:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-12-06 07:50 - 2017-10-14 07:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-12-06 07:50 - 2017-10-14 07:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-12-06 07:50 - 2017-10-14 07:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-12-06 07:50 - 2017-10-14 07:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-12-06 07:50 - 2017-10-14 07:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-12-06 07:50 - 2017-10-14 07:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-12-06 07:50 - 2017-10-14 07:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-12-06 07:50 - 2017-10-14 07:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-12-06 07:50 - 2017-10-14 07:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-12-06 07:50 - 2017-10-14 07:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-12-06 07:50 - 2017-10-14 07:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-12-06 07:50 - 2017-10-14 07:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-12-06 07:50 - 2017-10-14 07:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-12-06 07:50 - 2017-10-12 01:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-12-06 07:50 - 2017-10-12 01:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-12-06 07:50 - 2017-10-12 01:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-12-06 07:50 - 2017-10-12 01:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-12-06 07:50 - 2017-10-12 01:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-12-06 07:50 - 2017-10-12 01:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-12-06 07:50 - 2017-10-12 01:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-12-06 07:50 - 2017-10-12 01:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-12-06 07:50 - 2017-10-12 01:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-12-06 07:50 - 2017-10-12 01:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-12-06 07:50 - 2017-10-12 01:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-12-06 07:50 - 2017-10-12 01:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-12-06 07:50 - 2017-10-12 01:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-12-06 07:50 - 2017-10-12 01:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-12-06 07:50 - 2017-10-12 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-12-06 07:50 - 2017-10-12 01:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-12-06 07:50 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-12-06 07:50 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-12-06 07:50 - 2017-10-12 01:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-12-06 07:50 - 2017-10-12 01:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-12-06 07:50 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-12-06 07:36 - 2017-12-06 07:36 - 000002263 _____ C:\Users\Paul\Desktop\PowerpointImageExtractor V1.2b.lnk
2017-12-06 07:15 - 2017-12-06 17:38 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-12-05 19:24 - 2017-12-05 19:24 - 001345517 _____ C:\Users\Paul\Downloads\HTIH841611.MP4
2017-12-05 19:21 - 2017-12-05 19:22 - 004794132 _____ C:\Users\Paul\Downloads\- video - Dailymotion11.mp4
2017-12-05 19:21 - 2017-12-05 19:22 - 004794132 _____ C:\Users\Paul\Downloads\- video - Dailymotion11 (1).mp4
2017-12-05 16:40 - 2017-12-05 16:42 - 000000000 ____D C:\Users\Paul\Desktop\Cuisine
2017-12-05 14:23 - 2017-12-05 14:23 - 001190456 _____ C:\Users\Paul\Downloads\Chasse-a-l-alouette1.mp4
2017-12-05 09:10 - 2017-12-05 09:10 - 004011133 _____ C:\Users\Paul\Downloads\LA VERITE.mp4
2017-12-05 08:58 - 2017-12-05 08:58 - 001119447 _____ C:\Users\Paul\Downloads\IMG_05991 (1).MP4
2017-12-05 08:57 - 2017-12-05 08:58 - 001119447 _____ C:\Users\Paul\Downloads\IMG_05991.MP4
2017-12-05 08:52 - 2017-12-05 08:52 - 006492979 _____ C:\Users\Paul\Downloads\Evolutie 1.mp4
2017-12-05 08:49 - 2017-12-05 08:49 - 009908684 _____ C:\Users\Paul\Downloads\VID-20170405-WA0056.mp4
2017-12-04 20:51 - 2017-12-04 20:51 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Cuisine
2017-12-04 15:11 - 2017-04-06 22:23 - 000840328 ____N (HP Inc.) C:\Windows\system32\HPDiscoPMD711.dll
2017-12-04 14:46 - 2017-12-04 14:47 - 005971872 _____ C:\Users\Paul\Downloads\HPEasyStart_6_5_3442_26 (3).exe
2017-12-04 14:42 - 2017-12-04 14:42 - 005971872 _____ C:\Users\Paul\Downloads\HPEasyStart_6_5_3442_26 (2).exe
2017-12-04 14:33 - 2017-12-04 14:33 - 005971872 _____ C:\Users\Paul\Downloads\HPEasyStart_6_5_3442_26 (1).exe
2017-12-04 14:28 - 2017-12-04 14:28 - 005971872 _____ C:\Users\Paul\Downloads\HPEasyStart_6_5_3442_26.exe
2017-12-04 09:30 - 2017-12-04 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFR
2017-12-03 18:10 - 2017-12-03 18:10 - 000586804 _____ C:\Users\Paul\Downloads\VID-20161020-WA0014111.mp4
2017-12-03 18:09 - 2017-12-03 18:09 - 005203687 _____ C:\Users\Paul\Downloads\Chien portugais.mp4
2017-12-03 18:08 - 2017-12-03 18:08 - 002194061 _____ C:\Users\Paul\Downloads\Chien belge111.mp4
2017-12-03 18:05 - 2017-12-03 18:05 - 006985000 _____ C:\Users\Paul\Downloads\Siffleur - Quel talent ._ 18 09 201711.mp4
2017-12-03 17:45 - 2017-12-03 17:45 - 002972672 _____ C:\Users\Paul\Downloads\Bon pour le moral11.pps
2017-12-03 17:43 - 2017-12-03 17:43 - 001166848 _____ C:\Users\Paul\Downloads\350615_johu.pps
2017-12-03 17:41 - 2017-12-03 17:41 - 000165368 _____ C:\Users\Paul\Downloads\Mayv-Badge_prioritaire111.pdf
2017-12-03 10:09 - 2017-12-03 10:09 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Nouveau dossier du forum pc astuces
2017-12-03 09:41 - 2017-12-04 08:25 - 000000000 ____D C:\Users\Paul\AppData\Roaming\KastorAllVideoDownloader
2017-12-03 09:37 - 2017-12-03 09:38 - 011923560 _____ (KastorSoft ) C:\Users\Paul\Downloads\setup_allvideodownloader.exe
2017-12-03 09:31 - 2017-12-03 09:31 - 000000000 ____D C:\ProgramData\Real
2017-12-03 09:29 - 2017-12-03 09:29 - 001308632 _____ (RealNetworks, Inc.) C:\Users\Paul\Downloads\RealDownloader.exe
2017-12-03 09:12 - 2017-12-04 08:25 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Apowersoft
2017-12-03 09:12 - 2017-12-03 09:12 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Apowersoft
2017-12-03 09:12 - 2017-08-03 09:15 - 000370424 _____ (Riverbed Technology, Inc.) C:\Windows\system32\wpcap.dll
2017-12-03 09:12 - 2017-08-03 09:15 - 000282360 _____ (Riverbed Technology, Inc.) C:\Windows\SysWOW64\wpcap.dll
2017-12-03 09:12 - 2017-08-03 09:15 - 000107768 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Packet.dll
2017-12-03 09:12 - 2017-08-03 09:15 - 000098040 _____ (Riverbed Technology, Inc.) C:\Windows\SysWOW64\Packet.dll
2017-12-03 09:12 - 2017-08-03 09:15 - 000053299 _____ C:\Windows\SysWOW64\pthreadVC.dll
2017-12-03 09:12 - 2017-08-03 09:15 - 000036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2017-12-02 12:02 - 2017-12-02 12:03 - 007402784 _____ C:\Users\Paul\Downloads\facile le basque2.mp4
2017-12-02 12:01 - 2017-12-02 12:01 - 007989760 _____ C:\Users\Paul\Downloads\MG_Papillons11.pps
2017-12-02 08:31 - 2017-12-02 08:31 - 003913728 _____ C:\Users\Paul\Downloads\Non confirmé 966500.crdownload
2017-12-02 08:31 - 2017-12-02 08:31 - 002554167 _____ C:\Users\Paul\Downloads\Non confirmé 272498.crdownload
2017-12-01 09:58 - 2017-12-01 10:00 - 008172032 _____ (Malwarebytes) C:\Users\Paul\Downloads\adwcleaner_7.0.5.0.exe
2017-12-01 07:42 - 2017-12-01 07:42 - 000148641 _____ C:\Users\Paul\Downloads\adobeflashplayer (1).exe
2017-12-01 07:42 - 2017-12-01 07:42 - 000148640 _____ C:\Users\Paul\Downloads\adobeflashplayer.exe
2017-11-30 09:41 - 2017-11-30 09:41 - 002637316 _____ C:\Users\Paul\Downloads\Supermarkt_der_Zukunft1.mp4
2017-11-30 09:33 - 2017-11-30 09:33 - 008204677 _____ C:\Users\Paul\Downloads\LimoDriver20171.mp4
2017-11-30 09:31 - 2017-11-30 09:31 - 005521466 _____ C:\Users\Paul\Downloads\Plage eětonnante.mp4
2017-11-30 09:28 - 2017-11-30 09:28 - 003001605 _____ C:\Users\Paul\Downloads\Ti kabo11 (1).mp4
2017-11-30 08:11 - 2017-11-30 08:11 - 011345446 _____ C:\Users\Paul\Downloads\VID-20171004-WA0000.mp4
2017-11-30 08:07 - 2017-11-30 08:07 - 000133632 _____ C:\Users\Paul\Downloads\tuLe-pigeon-rouge-128038.pps
2017-11-30 08:01 - 2017-11-30 08:02 - 013022749 _____ C:\Users\Paul\Downloads\VID-20171019-WA0000.mp4
2017-11-30 08:01 - 2017-11-30 08:01 - 003001605 _____ C:\Users\Paul\Downloads\Ti kabo11.mp4
2017-11-30 07:53 - 2017-11-30 07:53 - 009054907 _____ C:\Users\Paul\Downloads\IMG_058711.MP4
2017-11-30 07:48 - 2017-11-30 07:48 - 006059817 _____ C:\Users\Paul\Downloads\LL-VID-20170425-WA00071.mp4
2017-11-30 06:29 - 2017-11-30 06:29 - 000985600 _____ C:\Users\Paul\Downloads\10_Curiosites_du_corps_humain_11 (1).pps
2017-11-30 06:27 - 2017-11-30 06:27 - 000985088 _____ C:\Users\Paul\Downloads\10_Curiosites_du_corps_humain_11.pps
2017-11-29 20:34 - 2017-11-29 20:34 - 000000097 _____ C:\Users\Paul\Desktop\Vous avez l’option EJP du Tarif Bleu - Retrouvez en un clic toutes les infos !.url
2017-11-29 13:40 - 2017-11-29 13:42 - 048353760 _____ (F-Secure Corporation) C:\Users\Paul\Downloads\Freedome (1).exe
2017-11-29 12:48 - 2017-11-29 12:48 - 010957807 _____ (Oleg N. Scherbakov) C:\Users\Paul\Downloads\captvty-2.6.5.1-autoextract (2).exe
2017-11-29 12:46 - 2017-11-29 12:46 - 010957807 _____ (Oleg N. Scherbakov) C:\Users\Paul\Downloads\captvty-2.6.5.1-autoextract.exe
2017-11-29 12:46 - 2017-11-29 12:46 - 010957807 _____ (Oleg N. Scherbakov) C:\Users\Paul\Downloads\captvty-2.6.5.1-autoextract (1).exe
2017-11-29 12:44 - 2017-11-29 12:44 - 016931037 _____ C:\Users\Paul\Downloads\captvty-2.6.5.1 (1).zip
2017-11-29 12:42 - 2017-11-29 12:43 - 016931037 _____ C:\Users\Paul\Downloads\captvty-2.6.5.1.zip
2017-11-29 11:27 - 2017-11-29 11:27 - 000208080 _____ C:\Users\Paul\Downloads\F0341124522001.pdf
2017-11-27 17:02 - 2017-11-27 17:02 - 002929023 _____ C:\Users\Paul\Downloads\un_juif_en_taxi_.mp4
2017-11-27 09:55 - 2017-11-27 09:55 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Lettre santé
2017-11-26 07:57 - 2017-10-18 03:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-26 07:57 - 2017-10-18 03:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-26 07:57 - 2017-10-15 23:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-26 07:57 - 2017-10-04 14:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-26 07:57 - 2017-10-04 14:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-25 22:45 - 2017-11-25 22:45 - 001793536 _____ C:\Users\Paul\Downloads\Drogue non merci1.pps
2017-11-25 22:45 - 2017-11-25 22:45 - 001793536 _____ C:\Users\Paul\Downloads\Drogue non merci1 (1).pps
2017-11-25 06:48 - 2017-11-25 06:48 - 016932745 _____ C:\Users\Paul\Downloads\captvty-2.6.5.zip
2017-11-23 19:48 - 2017-11-23 19:48 - 011073024 _____ C:\Users\Paul\Downloads\Le musee d'Orsay - Paris 7e v11111.pps
2017-11-23 17:38 - 2017-11-23 17:38 - 007166392 _____ C:\Users\Paul\Downloads\videoplayback.mp4
2017-11-23 17:35 - 2017-11-23 17:35 - 000216465 _____ C:\Users\Paul\Downloads\associations chiffres.pdf
2017-11-23 17:28 - 2017-11-23 17:28 - 005871104 _____ C:\Users\Paul\Downloads\les corons et mineurs de fond (1).pps
2017-11-23 17:27 - 2017-11-23 17:27 - 005868544 _____ C:\Users\Paul\Downloads\les corons et mineurs de fond.pps
2017-11-22 14:35 - 2017-11-22 14:35 - 007930922 _____ C:\Users\Paul\Downloads\deux guitares12.mp4
2017-11-22 13:15 - 2017-11-22 13:38 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Recepissé
2017-11-22 12:46 - 2017-12-08 07:09 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-22 12:46 - 2017-12-06 17:38 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-11-22 12:46 - 2017-12-06 17:38 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-11-22 12:46 - 2017-11-22 12:46 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-11-22 11:25 - 2017-12-06 18:01 - 000161938 _____ C:\Windows\ntbtlog.txt
2017-11-22 09:39 - 2017-11-23 07:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-22 09:39 - 2017-11-22 12:46 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-11-22 09:39 - 2017-11-22 09:39 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-22 09:38 - 2017-11-22 09:38 - 000000000 ____D C:\ProgramData\MB2Migration
2017-11-22 09:30 - 2017-11-22 09:33 - 065942208 _____ (Malwarebytes ) C:\Users\Paul\Downloads\malwarebytes-anti-malware_3-2-2-2029_fr_215092.exe
2017-11-22 06:49 - 2017-11-22 06:49 - 000000000 ____D C:\Users\Paul\My Documents\Documents\TotalAV
2017-11-22 06:49 - 2017-11-22 06:49 - 000000000 ____D C:\ProgramData\SecuritySuite
2017-11-21 08:18 - 2017-11-21 08:18 - 000000000 ____D C:\Users\Paul\AppData\Roaming\TotalAV
2017-11-21 07:21 - 2017-11-21 07:21 - 004382384 _____ C:\Users\Paul\Downloads\Mamie.mp4
2017-11-20 19:59 - 2017-11-20 19:59 - 000375296 _____ C:\Users\Paul\Downloads\1000_euros_la_passe coquin maisjoli1 CA.pps
2017-11-20 19:57 - 2017-11-20 19:57 - 002977460 _____ C:\Users\Paul\Downloads\VID-20171008-WA000111.mp4
2017-11-20 10:14 - 2017-11-20 10:14 - 001877504 _____ C:\Users\Paul\Downloads\Un vrai petit bijou.pps
2017-11-20 10:09 - 2017-11-20 10:09 - 010458536 _____ C:\Users\Paul\Downloads\recyclage1221.mp4
2017-11-20 10:07 - 2017-11-20 10:07 - 000422912 _____ C:\Users\Paul\Downloads\Dentifrice-Colgate-Pub Geniale-07 vues.pps.pps
2017-11-20 10:00 - 2017-11-20 10:00 - 005588480 _____ C:\Users\Paul\Downloads\Visite_sous_la_mer_puis_sur_terre.pps
2017-11-20 09:24 - 2017-11-20 09:24 - 000112416 _____ C:\Users\Paul\Downloads\Lo ARGIC ARCCO1.pdf
2017-11-20 09:22 - 2017-11-20 09:22 - 001658945 _____ C:\Users\Paul\Downloads\VID-20171027-WA0023.mp4
2017-11-18 15:54 - 2017-11-18 15:54 - 004935069 _____ C:\Users\Paul\Downloads\utf-8''Un curé réaliste.mp4
2017-11-16 16:24 - 2017-11-16 16:24 - 010105492 _____ C:\Users\Paul\Downloads\2CV(y)1.mp4
2017-11-16 16:09 - 2017-11-16 16:09 - 009053758 _____ C:\Users\Paul\Downloads\2017-08-04-VIDEO-00001280.mp4
2017-11-16 15:52 - 2017-11-16 15:52 - 000538112 _____ C:\Users\Paul\Downloads\Vive_le_sport11-13.pps
2017-11-15 07:40 - 2017-11-15 07:41 - 003383653 _____ C:\Users\Paul\Downloads\Une ecolo en action GB11111.mp4
2017-11-14 06:52 - 2017-11-14 06:52 - 004130304 _____ C:\Users\Paul\Downloads\Dessins.pps
2017-11-14 06:50 - 2017-11-14 06:50 - 009867071 _____ C:\Users\Paul\Downloads\Woodpecker_Fends_Off_Squirrel__North_America111.mp4
2017-11-14 06:47 - 2017-11-14 06:47 - 003435008 _____ C:\Users\Paul\Downloads\Lodowiec_gletser_in_argentinie131.pps
2017-11-14 06:45 - 2017-11-14 06:45 - 011086146 _____ C:\Users\Paul\Downloads\MAGI111111.mp4
2017-11-14 06:43 - 2017-11-14 06:43 - 007966208 _____ C:\Users\Paul\Downloads\Circuit Breton.pps
2017-11-14 06:25 - 2017-11-14 06:25 - 004482195 _____ C:\Users\Paul\Downloads\Dessines_moi_un_cheval-3.mp4
2017-11-14 06:22 - 2017-11-14 06:23 - 012661902 _____ C:\Users\Paul\Downloads\Spania1.MP4
2017-11-14 06:12 - 2017-11-14 06:12 - 005650146 _____ C:\Users\Paul\Downloads\Beggar in Japan.mp4
2017-11-14 06:08 - 2017-11-14 06:08 - 004134457 _____ C:\Users\Paul\Downloads\Lebonhommedeneige1115111.mp4
2017-11-14 05:57 - 2017-11-14 05:57 - 008804913 _____ C:\Users\Paul\Downloads\2017-07-08-VIDEO-000015131.mp4
2017-11-10 19:52 - 2017-11-10 19:52 - 000176128 _____ C:\Users\Paul\Downloads\Le_Douanier11111.pps
2017-11-10 19:52 - 2017-11-10 19:52 - 000176128 _____ C:\Users\Paul\Downloads\Le_Douanier11111 (1).pps
2017-11-10 09:26 - 2017-11-16 08:57 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Soins des pieds
2017-11-09 18:19 - 2017-11-09 18:19 - 000107008 _____ C:\Users\Paul\Downloads\les_2_nonnes11.pps
2017-11-09 13:26 - 2017-11-09 13:26 - 000000000 ____D C:\Users\Paul\Downloads\Mont-Blanc
2017-11-08 14:11 - 2017-11-08 14:11 - 011345446 _____ C:\Users\Paul\Downloads\VID-20171004-WA0000111.mp4
2017-11-08 11:58 - 2017-11-08 11:58 - 005740535 _____ C:\Users\Paul\Downloads\VID-20170220-WA0001-1.mp4
2017-11-08 11:55 - 2017-11-08 11:55 - 005096541 _____ C:\Users\Paul\Downloads\j'ai honte ._.11.mp4
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-12-08 18:13 - 2016-07-25 18:02 - 000000000 ____D C:\FRST
2017-12-08 18:12 - 2016-04-12 20:36 - 000003928 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FCEAB000-C7B1-4A03-A525-294A439DE568}
2017-12-08 17:49 - 2016-10-19 17:21 - 000000000 ____D C:\Users\Paul\AppData\Roaming\ZHP
2017-12-08 16:07 - 2017-10-24 18:27 - 000000000 ____D C:\Users\Paul\AppData\Roaming\vlc
2017-12-08 15:38 - 2017-09-10 05:53 - 000000000 ____D C:\Users\Paul\Desktop\Captvty
2017-12-08 07:46 - 2016-04-13 15:14 - 000000000 ____D C:\Users\Paul\.rainlendar2
2017-12-08 07:24 - 2009-07-14 05:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-08 07:24 - 2009-07-14 05:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-08 07:08 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-07 12:50 - 2016-04-12 20:29 - 000001444 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-12-07 07:59 - 2017-07-27 05:32 - 000003168 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3236533265-2694198059-1176122490-1000
2017-12-07 07:59 - 2017-05-25 07:27 - 000000000 ___RD C:\Users\Paul\OneDrive
2017-12-07 07:59 - 2016-12-06 19:40 - 000002212 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-12-06 21:35 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2017-12-06 09:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2017-12-06 08:30 - 2009-07-14 05:45 - 002583752 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-06 07:56 - 2016-04-14 03:24 - 001642388 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-12-06 07:56 - 2011-04-12 10:16 - 000747320 _____ C:\Windows\system32\perfh00C.dat
2017-12-06 07:56 - 2011-04-12 10:16 - 000149844 _____ C:\Windows\system32\perfc00C.dat
2017-12-06 07:56 - 2009-07-14 06:13 - 001642388 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-06 07:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-12-06 07:36 - 2016-07-26 06:53 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerpointImageExtractor V1.2b.lnk
2017-12-06 07:36 - 2016-07-26 06:53 - 000000000 ____D C:\Program Files (x86)\PowerpointImageExtractor_V1_2
2017-12-06 07:36 - 2016-05-14 05:03 - 000000000 ____D C:\Users\Paul\Desktop\HP
2017-12-06 07:36 - 2016-04-13 13:22 - 000000000 ____D C:\Users\Paul\Desktop\Logiciels
2017-12-05 07:42 - 2016-12-20 15:20 - 000000000 ____D C:\Edf-Ejp
2017-12-04 18:21 - 2016-09-06 11:37 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Bibliothèque calibre
2017-12-04 15:10 - 2017-10-31 14:32 - 000000000 ____D C:\Program Files (x86)\HP
2017-12-04 15:10 - 2016-05-12 17:45 - 000000000 ____D C:\ProgramData\HP
2017-12-04 14:29 - 2016-05-12 17:42 - 000000000 ____D C:\Users\Paul\AppData\Local\HP
2017-12-04 08:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2017-12-04 08:11 - 2017-11-07 13:18 - 000000000 ____D C:\Users\Paul\Desktop\Scanner Sumikon
2017-12-02 11:03 - 2017-04-14 08:02 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-12-01 23:21 - 2017-09-08 05:25 - 000000000 ____D C:\Program Files (x86)\QuickTime
2017-12-01 23:21 - 2016-04-13 16:31 - 000000000 ____D C:\ProgramData\Apple Computer
2017-12-01 23:19 - 2017-09-08 05:25 - 000000000 ____D C:\Windows\SysWOW64\QuickTime
2017-12-01 23:19 - 2017-09-08 05:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-12-01 17:37 - 2016-11-18 15:32 - 000000000 ____D C:\ProgramData\F-Secure
2017-12-01 10:00 - 2016-02-29 11:20 - 000000000 ____D C:\AdwCleaner
2017-12-01 08:14 - 2016-10-24 17:17 - 000000978 _____ C:\Users\Public\Desktop\Kobo.lnk
2017-12-01 08:14 - 2016-10-24 15:39 - 000000000 ____D C:\Program Files (x86)\Kobo
2017-11-30 10:21 - 2017-11-06 10:31 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Histoires droles
2017-11-28 19:34 - 2017-06-17 09:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-28 06:58 - 2016-09-09 10:21 - 000000000 ____D C:\Users\Paul\My Documents\Documents\My Digital Editions
2017-11-28 04:57 - 2016-04-15 02:30 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-27 15:04 - 2017-03-29 11:04 - 000236032 ___SH C:\Users\Paul\Desktop\Thumbs.db
2017-11-27 13:29 - 2016-04-12 20:29 - 000000000 ____D C:\Users\Paul\AppData\Local\VirtualStore
2017-11-26 10:59 - 2017-09-23 12:53 - 000000000 ____D C:\Users\Paul\Desktop\Synopsis des Films d'Espagne
2017-11-26 07:43 - 2016-04-12 20:29 - 000000000 ____D C:\Users\Paul
2017-11-26 07:41 - 2016-06-10 12:10 - 000000000 ____D C:\Users\Paul\AppData\Roaming\dvdcss
2017-11-26 07:41 - 2016-04-20 19:25 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Jardin
2017-11-26 06:40 - 2017-01-18 11:14 - 000000000 ____D C:\Users\Paul\AppData\Local\ElevatedDiagnostics
2017-11-25 10:18 - 2017-10-13 10:29 - 000000000 ____D C:\Users\Paul\Desktop\Galas d'accordéon avec vidéo
2017-11-25 10:13 - 2017-09-18 12:32 - 000000000 ____D C:\Users\Paul\Desktop\Musique de danse
2017-11-23 07:56 - 2016-07-13 07:38 - 000000000 ____D C:\Windows\pss
2017-11-23 07:56 - 2016-04-24 10:58 - 000000000 ____D C:\Users\Paul\AppData\Roaming\DVDVideoSoft
2017-11-23 07:56 - 2016-04-13 04:57 - 000000000 ____D C:\Users\Paul\AppData\Local\Microsoft Help
2017-11-22 14:52 - 2017-11-03 19:18 - 000000000 ____D C:\Users\Paul\My Documents\Documents\Scanner Sumikon
2017-11-22 09:39 - 2016-04-13 15:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-22 08:45 - 2016-07-28 09:19 - 000000000 __RHD C:\MSOCache
2017-11-20 21:32 - 2010-11-21 04:27 - 000545440 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-11-16 15:35 - 2017-10-02 14:31 - 000000000 ____D C:\Users\Paul\Desktop\Mobile sfr
2017-11-16 06:12 - 2017-08-07 17:59 - 000002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 13:00 - 2016-08-05 14:21 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-14 20:46 - 2016-04-12 21:06 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 20:46 - 2016-04-12 21:06 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-14 20:39 - 2017-03-25 08:01 - 000004642 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-14 20:39 - 2016-06-17 03:47 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 20:39 - 2016-06-17 03:47 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 20:39 - 2016-06-17 03:47 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-14 20:39 - 2016-06-17 03:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-14 20:39 - 2016-06-17 03:46 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-13 19:10 - 2016-04-13 08:14 - 000011849 _____ C:\Users\Paul\Desktop\Classeur anniversaire 2015.2016.xlsx
2017-11-11 19:59 - 2016-04-07 09:25 - 000000000 ____D C:\Users\Paul\Desktop\Jardin
2017-11-08 10:27 - 2017-09-14 13:33 - 000000000 ____D C:\Chaufferie
==================== Fichiers à la racine de certains dossiers =======
2017-08-08 14:24 - 2012-03-01 23:18 - 000721408 _____ (http://lame.sf.net) C:\Program Files (x86)\libmp3lame.dll
2017-06-17 09:22 - 2017-06-18 05:38 - 000000053 _____ () C:\Users\Paul\AppData\Roaming\LogFile.txt
2016-05-09 07:37 - 2016-06-20 15:15 - 000000016 ____H () C:\Users\Paul\AppData\Roaming\mxfilerelatedcache.mxc2
2017-06-21 13:17 - 2017-10-01 08:24 - 000000580 _____ () C:\Users\Paul\AppData\Roaming\PAUL-PC.MTBF.txt
2016-04-13 16:26 - 2016-12-09 06:59 - 000000269 _____ () C:\Users\Paul\AppData\Roaming\WB.CFG
2017-06-21 13:18 - 2017-10-01 08:26 - 000001608 _____ () C:\Users\Paul\AppData\Roaming\__AvidCloudManager.log
2017-06-21 13:18 - 2017-06-25 13:37 - 000001682 _____ () C:\Users\Paul\AppData\Roaming\__AvidCloudManagerPrevious.log
Certains fichiers dans TEMP:
====================
2017-12-03 09:13 - 2017-12-03 09:13 - 000361112 _____ (Apowersoft) C:\Users\Paul\AppData\Local\Temp\ApowersoftAutoUpdater.exe
2017-12-04 15:01 - 2017-12-04 15:05 - 156129840 _____ () C:\Users\Paul\AppData\Local\Temp\HPInstaller.exe
2017-12-03 09:33 - 2017-10-02 13:48 - 000186736 _____ (RealNetworks, Inc.) C:\Users\Paul\AppData\Local\Temp\lowproc.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-11-29 00:59
==================== Fin de FRST.txt ============================