FRST.txt

Cliquez pour partager vos propres fichiers

Commentaire : Fichier FRST

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 23-12-2017
Exécuté par Jako (administrateur) sur DESKTOP-SV3NQC5 (23-12-2017 11:15:02)
Exécuté depuis C:\Users\Jako\Desktop
Profils chargés: Jako (Profils disponibles: Jako)
Platform: Windows 10 Pro Version 1703 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_c06efa65923f756e\stacsv64.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_c06efa65923f756e\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\runonce.exe
(rKo) C:\Program Files\VS Revo Group\62FU4Q6TVQOX47D5H\B2UcFZx2EH.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Jako\AppData\Roaming\ZHP\ZHPCleaner.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2727568 2016-10-18] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-11-18] (IDT, Inc.)
HKLM\...\Run: [JeNv2EyoQr] => C:\Program Files\jhappltlpjhcCDdy\.5Uxappltlp5Ux.vbs
HKLM\...\RunOnce: [Lahin_Raw_barra_al3eb_b3id_B2UcFZx2EH.exe] => C:\Program Files\VS Revo Group\62FU4Q6TVQOX47D5H\B2UcFZx2EH.exe [833024 2017-12-22] (rKo)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION
HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION
HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION
HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION
HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION
HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION
HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION
HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION
HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION
HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [5753296 2017-08-29] (SecureMix LLC)
HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4087864 2017-12-08] (Tonec Inc.)
HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [1bR8e#BNm-.exe] => C:\Program Files\Internet Explorer\5F4EPXXVYPT4\1bR8e#BNm-.exe
HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [AEGF2sBWq9koqW.exe] => C:\Users\Jako\AppData\Roaming\14aa7f43264b4a04ab1680e383e5add5\AEGF2sBWq9koqW.exe
HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [0WWFGsfZzw.exe] => C:\ProgramData\d32f8d3036e74849b10139dac9b0e814\0WWFGsfZzw.exe
HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [KFXMQLRTSM.exe] => C:\Users\Jako\AppData\Local\Temp\3dfa79d50cfc4cc0b3b83838c431cecf\KFXMQLRTSM.exe <==== ATTENTION
HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [SRDDAZQPJV.exe] => C:\Users\Jako\AppData\Local\ddbd81867542464f9db7f48fd5171fce\SRDDAZQPJV.exe
BootExecute: autocheck autochk /p \??\C:autocheck autochk *
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.176.85.20
Tcpip\..\Interfaces\{a2ff062c-0179-4056-8075-b994f3c6b999}: [DhcpNameServer] 10.176.85.20
Tcpip\..\Interfaces\{e90a1d73-c8cb-48bd-9ab9-17e4422785af}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-1013118444-3060868979-3133423822-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B14BD0DA9-01A3-47A6-B84C-575897B32431%7D&gp=811610
SearchScopes: HKU\S-1-5-21-1013118444-3060868979-3133423822-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B14BD0DA9-01A3-47A6-B84C-575897B32431%7D&gp=811610
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-09-22] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-09-22] (Internet Download Manager, Tonec Inc.)

FireFox:
========
FF HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Jako\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Jako\AppData\Roaming\IDM\idmmzcc5 [2017-12-22] [Legacy] [non signé]
FF HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] [Legacy]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-12-22] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-tq0EXJxVDc5wm4QR7b3XYJh0nCgZNVnEADJrtMbbxLF69M0T9xjU4vFliNLWF_Bm5h99ayzwoQvwGQp2CpMpBf03Lv1cEaDMYYerAkuWSXqDd0hM-Qwtgmjz9oZwGO-SHEVchVz2ONeRNI9y7GJBP3lTwHJi5ul0L2qJ8PlYtzo,
CHR Profile: C:\Users\Jako\AppData\Local\Google\Chrome\User Data\Default [2017-12-23]
CHR Extension: (YouTube) - C:\Users\Jako\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-22]
CHR Extension: (Tiempo en colombia en vivo) - C:\Users\Jako\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbhodkgjhojjjggokjjlbccecdhkjjgl [2017-12-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jako\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-22]
CHR Extension: (Chrome Media Router) - C:\Users\Jako\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-22]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-12-08]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_c06efa65923f756e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-10-18] (NVIDIA Corporation)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4420048 2017-08-29] (SecureMix LLC)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) [Fichier non signé]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-10-18] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-10-18] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-10-18] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_c06efa65923f756e\STacSV64.exe [244224 2009-11-18] (IDT, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S4 WinDefender; C:\WINDOWS\windefender.exe [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-08-04] (NVIDIA Corporation)
R3 RICOH SmartCard Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [79488 2006-10-03] (RICOH Company, Ltd.)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 WinMon; C:\WINDOWS\System32\drivers\Winmon.sys [9352 2017-12-22] () [Fichier non signé]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-12-23 11:15 - 2017-12-23 11:16 - 000017484 _____ C:\Users\Jako\Desktop\FRST.txt
2017-12-23 11:14 - 2017-12-23 11:14 - 000000000 ____D C:\Users\Jako\Desktop\FRST-OlderVersion
2017-12-23 11:04 - 2017-12-23 11:08 - 000000000 ____D C:\Users\Jako\Desktop\fortran.f90
2017-12-23 08:29 - 2017-12-23 08:29 - 000001658 _____ C:\Users\Jako\Desktop\ZHPCleaner.txt
2017-12-22 21:58 - 2017-12-22 21:58 - 000007600 _____ C:\Users\Jako\AppData\Local\Resmon.ResmonCfg
2017-12-22 18:11 - 2017-12-22 18:11 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-22 18:11 - 2017-12-22 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-22 18:11 - 2017-12-22 18:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-22 18:11 - 2017-12-22 18:11 - 000000000 ____D C:\Program Files\Malwarebytes
2017-12-22 18:11 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-12-22 18:00 - 2017-12-22 18:00 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Google
2017-12-22 17:58 - 2017-12-22 17:58 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-22 17:58 - 2017-12-22 17:58 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-22 17:57 - 2017-12-22 17:57 - 000003586 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-22 17:57 - 2017-12-22 17:57 - 000003462 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-22 17:27 - 2017-12-22 22:14 - 000000000 ____D C:\AdwCleaner
2017-12-22 17:11 - 2017-12-22 17:08 - 008344776 _____ (Piriform Ltd) C:\Users\Jako\Desktop\ccsetup538_slim.exe
2017-12-22 16:50 - 2017-12-23 11:15 - 000000000 ____D C:\FRST
2017-12-22 16:50 - 2017-12-23 11:14 - 002392064 _____ (Farbar) C:\Users\Jako\Desktop\FRST64.exe
2017-12-22 16:07 - 2017-12-22 16:09 - 008198432 _____ (Malwarebytes) C:\Users\Jako\Desktop\adwcleaner_7.0.6.0.exe
2017-12-22 15:14 - 2017-12-23 08:29 - 000000000 ____D C:\Users\Jako\AppData\Roaming\ZHP
2017-12-22 15:14 - 2017-12-23 08:24 - 000000874 _____ C:\Users\Jako\Desktop\ZHPCleaner.lnk
2017-12-22 15:14 - 2017-12-22 15:14 - 000000000 ____D C:\Users\Jako\AppData\Local\ZHP
2017-12-22 15:13 - 2017-12-22 15:14 - 002997120 _____ C:\Users\Jako\Downloads\ZHPCleaner.exe
2017-12-22 14:46 - 2017-12-22 14:46 - 000000000 ____D C:\Themes
2017-12-22 14:44 - 2017-12-22 14:45 - 000000000 ____D C:\Maps
2017-12-22 14:43 - 2017-12-22 14:43 - 000000000 ____D C:\Ease of Access Themes
2017-12-22 14:40 - 2017-12-22 14:40 - 000009352 _____ C:\Windows\system32\Drivers\Winmon.sys
2017-12-22 14:37 - 2017-12-22 14:40 - 008319904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2017-12-22 14:37 - 2017-12-22 14:40 - 001186464 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2017-12-22 14:35 - 2017-12-22 15:31 - 000016836 _____ C:\Windows\System32\Tasks\InnoLagMagicGrop
2017-12-22 14:35 - 2017-12-22 14:35 - 000004092 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_RK
2017-12-22 14:35 - 2017-12-22 14:35 - 000004092 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_IH
2017-12-22 14:35 - 2017-12-22 14:35 - 000004092 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_AL
2017-12-22 14:35 - 2017-12-22 14:35 - 000004080 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_OW
2017-12-22 14:35 - 2017-12-22 14:35 - 000004072 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_NA
2017-12-22 14:32 - 2017-05-04 16:28 - 002462185 _____ C:\Users\Jako\Downloads\UXThemePatcher 10.exe
2017-12-22 14:30 - 2017-12-22 14:30 - 000000000 ____D C:\Program Files\AVAST Software
2017-12-22 14:29 - 2017-12-22 15:31 - 000000000 ____D C:\ProgramData\AVAST Software
2017-12-22 14:29 - 2017-12-22 14:29 - 002695982 _____ C:\Users\Jako\Downloads\UXThemePatcher 10.sfx.exe
2017-12-22 14:15 - 2017-12-23 11:08 - 000000000 ____D C:\Users\Jako\AppData\Roaming\CodeBlocks
2017-12-22 10:09 - 2017-12-22 10:09 - 000001814 _____ C:\ProgramData\Microsoft\Windows\Start Menu\IDT Audio Control Panel.lnk
2017-12-22 10:09 - 2009-11-18 04:19 - 012532224 _____ (IDT, Inc.) C:\Windows\system32\idtcpl64.cpl
2017-12-22 10:09 - 2009-11-18 04:19 - 003309568 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2017-12-22 10:09 - 2009-11-18 04:19 - 000487424 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2017-12-22 10:09 - 2009-06-26 02:59 - 000160768 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll
2017-12-22 10:09 - 2009-05-22 02:57 - 000436224 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll
2017-12-22 10:09 - 2009-03-03 01:58 - 000068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll
2017-12-22 10:09 - 2009-03-03 01:47 - 000090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll
2017-12-22 10:08 - 2017-12-22 10:09 - 000000000 ____D C:\Program Files\IDT
2017-12-22 10:08 - 2017-12-22 10:08 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-12-22 10:08 - 2009-11-18 04:19 - 001435136 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2017-12-22 10:08 - 2009-11-18 04:19 - 000616448 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2017-12-22 10:08 - 2009-11-18 04:19 - 000503296 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2017-12-22 10:08 - 2009-11-18 04:19 - 000431616 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2017-12-22 10:08 - 2009-11-18 04:19 - 000209920 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll
2017-12-22 10:04 - 2017-12-22 10:04 - 000000000 ____D C:\ProgramData\Uninstall
2017-12-22 10:03 - 2017-12-22 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-12-22 10:03 - 2017-12-22 10:03 - 000000000 ____D C:\Program Files\Hewlett-Packard
2017-12-22 10:02 - 2017-12-22 10:02 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Roxio Log Files
2017-12-22 10:01 - 2017-12-22 10:01 - 000000000 ____D C:\Windows\LastGood.Tmp
2017-12-22 10:01 - 2017-12-22 10:01 - 000000000 ____D C:\Program Files\LSI SoftModem
2017-12-22 10:01 - 2009-06-09 13:28 - 000064000 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsmdel.exe
2017-12-22 10:01 - 2009-03-27 18:12 - 000014848 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsco64.dll
2017-12-22 10:01 - 2009-03-27 18:12 - 000013824 ____N (LSI Corporation) C:\Windows\SysWOW64\agrscoin.dll
2017-12-22 10:00 - 2017-12-22 10:00 - 000000000 ____D C:\Windows\Options
2017-12-22 09:39 - 2017-12-22 09:39 - 000000000 ____D C:\Users\Jako\AppData\Roaming\NVIDIA
2017-12-22 09:24 - 2017-12-22 09:24 - 000003376 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1013118444-3060868979-3133423822-1001
2017-12-22 09:14 - 2017-12-22 09:14 - 000000000 ____D C:\Users\Jako\AppData\Local\PeerDistRepub
2017-12-22 09:14 - 2017-12-22 09:14 - 000000000 ____D C:\Users\Jako\AppData\Local\NVIDIA Corporation
2017-12-22 09:13 - 2017-12-22 09:13 - 000000000 ____D C:\Users\Jako\AppData\Local\NVIDIA
2017-12-22 09:13 - 2017-12-22 09:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-22 09:13 - 2016-10-18 19:39 - 001767712 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-12-22 09:13 - 2016-10-18 19:39 - 001756560 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-12-22 09:13 - 2016-10-18 19:39 - 001377752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-12-22 09:13 - 2016-10-18 19:39 - 001316136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-12-22 09:13 - 2016-10-18 19:39 - 000112168 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-12-22 09:13 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-12-22 09:13 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-12-22 09:13 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-12-22 09:13 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-12-22 09:13 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2017-12-22 09:13 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2017-12-22 09:12 - 2017-12-22 09:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-22 09:11 - 2017-12-22 09:11 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-22 09:11 - 2016-10-18 14:54 - 006790080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-12-22 09:11 - 2016-10-18 14:54 - 003529152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-12-22 09:11 - 2016-10-18 14:54 - 002558512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-12-22 09:11 - 2016-10-18 14:54 - 000932728 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2017-12-22 09:11 - 2016-10-18 14:54 - 000385072 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-12-22 09:11 - 2016-10-18 14:54 - 000062512 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-12-22 09:11 - 2016-10-18 13:15 - 007471705 _____ C:\Windows\system32\nvcoproc.bin
2017-12-22 09:10 - 2017-12-22 09:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-12-22 09:08 - 2017-12-22 09:08 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-22 09:08 - 2016-10-18 15:53 - 001515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-12-22 09:08 - 2016-10-18 15:53 - 000197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-12-22 09:08 - 2016-10-18 15:53 - 000031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-12-22 09:08 - 2016-08-04 05:20 - 000114744 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-12-22 09:08 - 2016-08-04 05:20 - 000104512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-12-22 09:08 - 2016-08-04 05:20 - 000056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-12-22 09:07 - 2016-10-18 15:53 - 031522240 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 024208952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 023000000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 018634216 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 017559200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 016128720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 015302712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 014497712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 013916048 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 013827664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 012909624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-12-22 09:07 - 2016-10-18 15:53 - 011272008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 011209336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 004252608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 003994560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 003212456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 002826176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 001908088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434200.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 001557552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434200.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 000953912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 000915392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 000911928 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 000876992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-12-22 09:07 - 2016-10-18 15:53 - 000026157 _____ C:\Windows\system32\nvinfo.pb
2017-12-22 09:06 - 2017-12-22 09:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-12-22 09:04 - 2017-12-22 09:04 - 000000000 ____D C:\NVIDIA
2017-12-22 08:33 - 2017-12-22 08:38 - 000000000 ____D C:\Users\Jako\Downloads\idm rep
2017-12-22 08:12 - 2017-12-22 08:12 - 000000000 ____D C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
2017-12-22 08:11 - 2017-12-22 08:11 - 000000000 ____D C:\Users\Jako\AppData\Local\IIIQF
2017-12-22 08:05 - 2017-12-22 20:14 - 000000000 ____D C:\Users\Jako\AppData\Local\CrashDumps
2017-12-22 08:05 - 2017-12-22 08:05 - 000000000 ____D C:\Users\Jako\AppData\Local\DBG
2017-12-22 08:04 - 2017-12-22 08:04 - 000000000 _____ C:\ProgramData\1.txt
2017-12-22 07:59 - 2017-12-22 07:59 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Mozilla
2017-12-22 07:58 - 2017-12-22 07:58 - 000000000 ____D C:\Users\Jako\AppData\Local\Geckofx
2017-12-21 16:26 - 2017-12-21 16:26 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-12-21 14:30 - 2017-12-21 14:30 - 000001140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Urban Rivals.lnk
2017-12-21 14:30 - 2017-12-21 14:30 - 000001128 _____ C:\Users\Public\Desktop\Urban Rivals.lnk
2017-12-21 14:30 - 2017-12-21 14:30 - 000000000 ____D C:\Users\Jako\AppData\LocalLow\Boostr
2017-12-21 14:30 - 2017-12-21 14:30 - 000000000 ____D C:\Program Files (x86)\Urban Rivals
2017-12-21 14:14 - 2017-12-22 22:28 - 000000000 ____D C:\Users\Jako\AppData\Roaming\DMCache
2017-12-21 14:14 - 2017-12-22 14:01 - 000000000 ____D C:\Users\Jako\Downloads\Compressed
2017-12-21 14:14 - 2017-12-22 13:40 - 000000000 ____D C:\Users\Jako\Downloads\Video
2017-12-21 14:14 - 2017-12-21 14:17 - 000000000 ____D C:\Users\Jako\AppData\Roaming\IDM
2017-12-21 14:14 - 2017-12-21 14:14 - 000001082 _____ C:\Users\Jako\Desktop\Internet Download Manager.lnk
2017-12-21 14:14 - 2017-12-21 14:14 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-12-21 14:14 - 2017-12-21 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-12-21 14:14 - 2017-12-21 14:14 - 000000000 ____D C:\ProgramData\IDM
2017-12-21 14:13 - 2017-12-21 14:14 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-12-21 14:12 - 2017-12-21 14:12 - 000000000 ____D C:\Users\Jako\AppData\Roaming\WinRAR
2017-12-21 13:34 - 2017-12-22 18:47 - 000002750 __RSH C:\ProgramData\ntuser.pol
2017-12-21 13:19 - 2017-12-21 13:19 - 000000000 __SHD C:\found.000
2017-12-21 12:11 - 2017-12-22 17:58 - 000000000 ____D C:\Users\Jako\AppData\Local\Google
2017-12-21 12:11 - 2017-12-22 17:57 - 000000000 ____D C:\Program Files (x86)\Google
2017-12-21 11:40 - 2017-12-21 11:40 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-12-21 06:48 - 2017-12-22 14:34 - 000000000 ____D C:\Program Files\VS Revo Group
2017-12-21 06:48 - 2017-12-21 06:48 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-12-21 06:48 - 2017-12-21 06:48 - 000000000 ____D C:\Users\Jako\AppData\Local\MicrosoftEdge
2017-12-21 06:48 - 2017-12-21 06:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-12-21 06:47 - 2017-12-21 06:47 - 000000895 _____ C:\Users\Jako\Desktop\µTorrent.lnk
2017-12-21 06:46 - 2017-12-21 07:02 - 000000000 ____D C:\Users\Jako\AppData\Roaming\uTorrent
2017-12-21 06:45 - 2017-12-21 06:45 - 000001148 _____ C:\Users\Public\Desktop\FastStone Capture.lnk
2017-12-21 06:45 - 2017-12-21 06:45 - 000001048 _____ C:\Users\Public\Desktop\WinRAR.lnk
2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\Users\Jako\AppData\Roaming\FastStone
2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\Users\Jako\AppData\Local\FastStone
2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\Program Files\WinRAR
2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\Program Files (x86)\FastStone Capture
2017-12-21 06:43 - 2017-12-21 06:44 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2017-12-21 06:43 - 2017-12-21 06:44 - 000000000 ____D C:\Program Files (x86)\CodeBlocks
2017-12-21 06:43 - 2017-12-21 06:43 - 000001164 _____ C:\Users\Jako\Desktop\CodeBlocks.lnk
2017-12-21 06:43 - 2017-12-21 06:43 - 000000000 ____D C:\Users\Jako\AppData\Local\Comms
2017-12-21 06:43 - 2017-12-21 06:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2017-12-21 06:42 - 2017-12-21 06:42 - 000001087 _____ C:\Users\Public\Desktop\Adobe Photoshop CS6 x64.lnk
2017-12-21 06:42 - 2017-12-21 06:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-12-21 06:41 - 2017-12-21 06:41 - 000000000 ____D C:\Windows\System32\Tasks\S-1-5-21-1013118444-3060868979-3133423822-1001
2017-12-21 06:39 - 2017-12-21 16:26 - 000000000 ____D C:\Users\Jako\AppData\Local\Adobe
2017-12-21 06:39 - 2017-12-21 16:26 - 000000000 ____D C:\ProgramData\Adobe
2017-12-21 06:39 - 2017-12-21 06:40 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-12-21 06:39 - 2017-12-21 06:39 - 000000000 ____D C:\Users\Jako\AppData\Local\GlassWire
2017-12-21 06:39 - 2017-12-21 06:39 - 000000000 ____D C:\Program Files\Adobe
2017-12-21 06:39 - 2012-09-01 19:03 - 000000144 _____ C:\Users\Jako\AppData\Roaming\ACEConfigCache2.lst
2017-12-21 06:38 - 2017-12-21 06:38 - 000001974 _____ C:\Users\Public\Desktop\GlassWire.lnk
2017-12-21 06:38 - 2017-12-21 06:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire
2017-12-21 06:38 - 2017-12-21 06:38 - 000000000 ____D C:\ProgramData\GlassWire
2017-12-21 06:38 - 2017-12-21 06:38 - 000000000 ____D C:\Program Files (x86)\GlassWire
2017-12-21 06:38 - 2015-05-29 05:30 - 000008392 _____ C:\Windows\system32\Drivers\gwdrv.cat
2017-12-21 06:38 - 2015-05-29 05:15 - 000033152 _____ (SecureMix LLC) C:\Windows\system32\Drivers\gwdrv.sys
2017-12-21 06:37 - 2017-12-23 08:22 - 000000000 ____D C:\Users\Jako\AppData\Roaming\vlc
2017-12-21 06:33 - 2017-12-21 06:33 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-12-21 06:33 - 2017-12-21 06:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-12-21 06:33 - 2017-12-21 06:33 - 000000000 ____D C:\Program Files\VideoLAN
2017-12-21 06:29 - 2017-12-22 09:24 - 000002408 _____ C:\Users\Jako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-21 06:29 - 2017-12-22 09:24 - 000000000 ___RD C:\Users\Jako\OneDrive
2017-12-21 06:28 - 2017-12-21 06:28 - 000000000 ____D C:\ProgramData\USOShared
2017-12-21 06:26 - 2017-12-21 06:26 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-21 06:25 - 2017-12-21 06:25 - 000000000 ____D C:\Users\Jako\AppData\Local\Publishers
2017-12-21 06:24 - 2017-12-23 06:39 - 000000000 ____D C:\Users\Jako
2017-12-21 06:24 - 2017-12-21 16:27 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Adobe
2017-12-21 06:24 - 2017-12-21 15:33 - 000000000 ____D C:\Users\Jako\AppData\Local\Packages
2017-12-21 06:24 - 2017-12-21 06:24 - 000000020 ___SH C:\Users\Jako\ntuser.ini
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Voisinage réseau
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Voisinage d'impression
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Modèles
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Mes documents
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Menu Démarrer
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Documents\Mes vidéos
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Documents\Mes images
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Documents\Ma musique
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\AppData\Local\Historique
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 ____D C:\Users\Jako\AppData\Local\VirtualStore
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 ____D C:\Users\Jako\AppData\Local\TileDataLayer
2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 ____D C:\Users\Jako\AppData\Local\ConnectedDevicesPlatform
2017-12-21 06:22 - 2017-12-23 06:42 - 002452250 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-21 06:20 - 2017-12-21 06:20 - 000000000 ____D C:\Windows\CSC
2017-12-21 06:20 - 2017-03-18 21:56 - 002233344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Public\Documents\Mes vidéos
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Public\Documents\Mes images
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Public\Documents\Ma musique
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Voisinage réseau
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Voisinage d'impression
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Modèles
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Mes documents
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Menu Démarrer
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Documents\Mes vidéos
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Documents\Mes images
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Documents\Ma musique
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default User\Documents\Mes images
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default User\Documents\Ma musique
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\ProgramData\Modèles
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\ProgramData\Menu Démarrer
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\ProgramData\Bureau
2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Program Files\Fichiers communs
2017-12-21 06:11 - 2017-12-23 06:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-21 06:11 - 2017-12-21 06:11 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-12-21 06:10 - 2017-12-23 11:03 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-12-21 06:10 - 2017-12-22 15:31 - 000226384 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-21 06:10 - 2017-12-21 06:10 - 000000000 ____D C:\Windows\ServiceProfiles
2017-12-21 06:02 - 2017-12-21 06:02 - 000008192 _____ C:\Windows\system32\config\userdiff
2017-12-21 05:34 - 2017-12-21 06:19 - 000000000 ___DC C:\Windows\Panther
2017-12-20 20:37 - 2017-12-21 06:08 - 000000000 ____D C:\Windows.old(1)
2017-12-11 14:52 - 2017-12-11 14:56 - 000000000 ____D C:\Users\Jako\Downloads\Internet Download Manager 6.30 Build 1 By GetPcSofts.NET
2017-12-08 23:00 - 2017-12-05 02:54 - 000226024 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-12-23 08:03 - 2016-05-02 12:47 - 000000000 ____D C:\Intel
2017-12-23 06:42 - 2017-03-20 06:10 - 001160504 _____ C:\Windows\system32\perfh00C.dat
2017-12-23 06:42 - 2017-03-20 06:10 - 000255382 _____ C:\Windows\system32\perfc00C.dat
2017-12-22 22:29 - 2017-03-18 12:40 - 000524288 _____ C:\Windows\system32\config\BBI
2017-12-22 10:09 - 2017-03-18 22:01 - 000000000 ____D C:\Windows\INF
2017-12-22 10:03 - 2016-04-23 17:32 - 000000000 ____D C:\SwSetup
2017-12-22 09:11 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\Help
2017-12-22 07:53 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-12-22 07:25 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\appcompat
2017-12-21 17:09 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-21 15:37 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\AppReadiness
2017-12-21 13:15 - 2017-03-18 22:03 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-12-21 06:28 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-21 06:21 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2017-12-21 06:20 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\spool
2017-12-21 06:20 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-12-21 06:19 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-12-21 06:18 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows NT
2017-12-21 06:15 - 2017-03-18 12:40 - 000000000 ____D C:\Windows\system32\Sysprep
2017-12-21 06:13 - 2017-03-18 22:03 - 000000000 ___RD C:\Windows\PrintDialog
2017-12-21 06:13 - 2017-03-18 22:03 - 000000000 ___RD C:\Windows\MiracastView
2017-12-21 06:13 - 2017-03-18 22:03 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-12-21 06:12 - 2017-03-20 06:12 - 000000000 ____D C:\Windows\HoloShell
2017-12-21 06:11 - 2017-03-18 12:40 - 000032768 _____ C:\Windows\system32\config\ELAM
2017-12-21 06:09 - 2017-03-18 22:03 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2017-12-21 06:08 - 2017-03-18 22:06 - 000000000 ____D C:\Windows\Setup

==================== Fichiers à la racine de certains dossiers =======

2017-12-21 06:39 - 2012-09-01 19:03 - 000000144 _____ () C:\Users\Jako\AppData\Roaming\ACEConfigCache2.lst
2017-12-22 21:58 - 2017-12-22 21:58 - 000007600 _____ () C:\Users\Jako\AppData\Local\Resmon.ResmonCfg

Certains fichiers dans TEMP:
====================
2017-12-22 08:03 - 2017-12-22 08:03 - 000000000 _____ () C:\Users\Jako\AppData\Local\Temp\condefclean.exe
2017-12-22 14:37 - 2017-12-22 14:37 - 001527488 _____ (Microsoft Corporation) C:\Users\Jako\AppData\Local\Temp\dbghelp.dll
2017-12-22 14:37 - 2017-12-22 14:37 - 000167616 _____ (Microsoft Corporation) C:\Users\Jako\AppData\Local\Temp\symsrv.dll
2017-12-21 14:14 - 2017-12-21 14:14 - 000028160 _____ (Pasi Ruokola) C:\Users\Jako\AppData\Local\Temp\UnSigner.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

nointegritychecks: ==> "IntegrityChecks" is disabled. <==== ATTENTION

LastRegBack: 2017-12-21 06:09

==================== Fin de FRST.txt ============================

Signaler le contenu de ce document