Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2019 01
Ran by SYSTEM on MININT-G01R817 (12-02-2019 20:48:34)
Running from G:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Anglais (États-Unis)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet003
[b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] (Hewlett-Packard Company -> )
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1232896 2013-10-23] (Easybits)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-08-30] (EasyBits Software AS -> EasyBits Software AS)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1666560 2012-02-20] (AimerSoft)
HKLM-x32\...\Run: [start] => C:\Windows\SysWOW64\scrobj.dll [173568 2009-07-13] (Microsoft Corporation) <==== ATTENTION
HKLM-x32\...\RunOnce: [!BingBar] => "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2"
HKLM-x32\...\RunOnce: [wextract_cleanup0] => rundll32.exe C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\seb\AppData\Local\Temp\IXP000.TMP\" <==== ATTENTION
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\seb\...\Run: [SMSetup] => "C:\Users\seb\AppData\Local\Temp\B5A4728A-4F02-497E-A47F-8F32BF943E7C\SMSetup.exe" /cnid 926458 /fpd /dsie /dsff /dsgc /hp /wait /ntp_ie /ms /restart <==== ATTENTION
HKU\seb\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKU\seb\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\seb\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_ActiveX.exe [1456128 2018-12-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\seb\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\seb\...\Policies\Explorer: [HideSCAHealth] 1
HKU\seb\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-24] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\seb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2014-02-08]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-25] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-25] (AVAST Software s.r.o. -> AVAST Software)
S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [241704 2014-03-25] (Foxit Corporation -> Foxit Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-11] (McAfee, Inc. -> McAfee, Inc.)
S2 NGIService; C:\Program Files (x86)\Common Files\McAfee\NGI\Service\NGIService.exe [2319848 2019-02-02] (McAfee, Inc. -> McAfee, Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe [105184 2018-01-25] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
S1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-02-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72864 2019-02-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-02-12] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [104784 2019-02-11] (Malwarebytes Corporation -> Malwarebytes)
S2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare Software Co., Ltd. -> Wondershare)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-12 09:39 - 2019-02-12 09:39 - 000362307 _____ C:\Windows\Minidump.zip
2019-02-12 08:54 - 2019-02-12 08:56 - 000001050 _____ C:\Users\seb\Desktop\Search.txt
2019-02-12 08:48 - 2019-02-12 08:50 - 000000000 ____D C:\Users\seb\Desktop\windows7
2019-02-12 01:40 - 2019-02-12 01:40 - 002434048 _____ (Farbar) C:\Users\seb\Desktop\FRST64.exe
2019-02-12 01:28 - 2019-02-12 01:28 - 003199360 _____ C:\Users\seb\Desktop\ZHPDiag3.exe
2019-02-12 00:24 - 2019-02-12 00:24 - 000274416 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbamswissarmy.sys
2019-02-11 09:03 - 2019-02-11 09:03 - 011840839 ____R C:\Users\seb\Desktop\Windows6.1-KB2670838-x64.msu
2019-02-11 09:03 - 2019-02-11 09:03 - 011840839 _____ C:\Users\seb\Downloads\Windows6.1-KB2670838-x64.msu
2019-02-11 08:23 - 2019-02-11 08:25 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.12.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-11 07:52 - 2019-02-11 07:52 - 000103190 _____ C:\Users\seb\Desktop\reponseB3 (1).pdf
2019-02-11 07:26 - 2019-02-11 07:27 - 029599259 _____ C:\Users\seb\Desktop\windows6.1-kb4480960-x64_bd23adfd0d82403d58aa8cd649636d136cf77700.msu
2019-02-11 06:54 - 2019-02-11 06:54 - 000001894 _____ C:\Users\seb\Desktop\rapport blue.txt
2019-02-11 06:42 - 2019-02-11 06:43 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.11.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-11 06:28 - 2016-03-16 15:49 - 000000462 _____ C:\Users\seb\Desktop\dmpconf.cmd
2019-02-11 06:27 - 2019-02-11 06:27 - 000000361 _____ C:\Users\seb\Desktop\memdmp.zip
2019-02-11 03:37 - 2019-02-11 03:38 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.09.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-11 03:33 - 2019-02-11 03:33 - 000000000 ____D C:\Users\seb\Desktop\WhoCrashed
2019-02-11 03:31 - 2019-02-11 03:32 - 009080880 _____ (Resplendence Software Projects Sp. ) C:\Users\seb\Desktop\whocrashedSetup.exe
2019-02-11 03:28 - 2019-02-11 03:29 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.10.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-11 01:23 - 2019-02-11 01:24 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.08.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-11 00:32 - 2019-02-11 00:32 - 000072864 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2019-02-11 00:32 - 2019-02-11 00:32 - 000003518 _____ C:\Windows\System32\Tasks\Mysa
2019-02-11 00:32 - 2019-02-11 00:32 - 000003504 _____ C:\Windows\System32\Tasks\Mysa3
2019-02-11 00:32 - 2019-02-11 00:32 - 000003424 _____ C:\Windows\System32\Tasks\Mysa2
2019-02-11 00:32 - 2019-02-11 00:32 - 000003190 _____ C:\Windows\System32\Tasks\Mysa1
2019-02-11 00:32 - 2019-02-11 00:32 - 000003186 _____ C:\Windows\System32\Tasks\ok
2019-02-11 00:31 - 2019-02-11 00:31 - 000662528 _____ (Zhuhai Kingsoft Office Software Co.,Ltd) C:\Windows\SysWOW64\Drivers\64.exe
2019-02-11 00:31 - 2019-02-11 00:31 - 000127136 _____ (Malwarebytes) C:\Windows\System32\Drivers\farflt.sys
2019-02-11 00:31 - 2019-02-11 00:31 - 000104784 _____ (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys
2019-02-11 00:30 - 2019-02-11 00:30 - 000000084 _____ C:\Program Files\Common Files\xpdown.dat
2019-02-11 00:26 - 2019-02-11 00:27 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.06.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-10 11:12 - 2019-02-10 11:15 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.05.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-10 10:07 - 2019-02-10 12:13 - 000000000 ____D C:\KVRT_Data
2019-02-10 10:02 - 2019-02-10 10:06 - 159288104 _____ (AO Kaspersky Lab) C:\Users\seb\Desktop\KVRT.exe
2019-02-10 09:27 - 2019-02-10 09:27 - 000001521 _____ C:\Users\seb\Desktop\rapport2.txt
2019-02-10 06:44 - 2019-02-10 06:44 - 000001829 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-10 06:44 - 2019-01-08 06:32 - 000153328 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbae64.sys
2019-02-10 06:42 - 2019-02-10 06:43 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.04.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-10 05:36 - 2019-02-10 05:36 - 000014705 _____ C:\Users\seb\Desktop\rapport.txt
2019-02-10 02:15 - 2019-02-10 02:15 - 000000000 ____D C:\Users\seb\AppData\Local\mbamtray
2019-02-10 02:13 - 2019-02-10 02:14 - 064513784 _____ (Malwarebytes ) C:\Users\seb\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9186.exe
2019-02-10 02:10 - 2019-02-10 02:10 - 000000284 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-02-10 02:01 - 2019-02-10 02:03 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.03.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-10 01:09 - 2019-02-10 01:09 - 000002543 _____ C:\Users\seb\Desktop\AdwCleaner[S03].txt
2019-02-10 01:05 - 2019-02-10 01:05 - 007316688 _____ (Malwarebytes) C:\Users\seb\Desktop\adwcleaner_7.2.7.0.exe
2019-02-09 06:48 - 2019-02-09 06:48 - 004854462 _____ C:\Users\seb\Desktop\ZHPCleaner.txt
2019-02-08 12:15 - 2019-02-08 12:19 - 011974946 _____ C:\Users\seb\Downloads\lemonde090219.pdf
2019-02-08 09:35 - 2019-02-08 09:36 - 003308928 _____ C:\Users\seb\Desktop\ZHPCleaner.exe
2019-02-08 04:39 - 2019-02-12 01:27 - 000000000 ____D C:\Users\seb\AppData\Local\ZHP
2019-02-08 04:39 - 2019-02-08 09:37 - 000000792 _____ C:\Users\seb\Desktop\ZHPCleaner.lnk
2019-02-08 02:12 - 2019-02-08 02:27 - 000013808 _____ C:\Users\seb\Desktop\Fixlog.txt
2019-02-08 02:12 - 2019-02-08 02:12 - 000006404 _____ C:\Users\seb\Desktop\wovhdyxirnjwh.txt
2019-02-08 01:45 - 2019-02-08 01:46 - 000000000 ____D C:\Users\seb\Downloads\Nouveau dossier (2)
2019-02-07 08:46 - 2019-02-12 01:44 - 000174373 _____ C:\Users\seb\Desktop\Shortcut.txt
2019-02-07 08:35 - 2019-02-07 08:35 - 000000000 ____D C:\Users\seb\Desktop\FRST-OlderVersion
2019-02-07 08:01 - 2019-02-12 01:38 - 000321957 _____ C:\Users\seb\Desktop\ZHPDiag.txt
2019-02-07 07:53 - 2019-02-12 01:38 - 000000000 ____D C:\Users\seb\AppData\Roaming\ZHP
2019-02-07 07:53 - 2019-02-12 01:28 - 000000782 _____ C:\Users\seb\Desktop\ZHPDiag.lnk
2019-02-07 07:53 - 2019-02-07 07:53 - 002105344 _____ C:\ZHPDiag3.exe
2019-02-05 10:12 - 2019-02-05 10:12 - 000000000 _____ C:\Users\seb\AppData\Local\{3D0A3C2D-6388-4E53-9EE0-E1215AF28AF0}
2019-02-05 10:12 - 2019-02-05 10:12 - 000000000 _____ C:\Users\seb\AppData\Local\{3CB706B5-36BB-4036-B7F1-872CE9B59BE8}
2019-02-05 08:50 - 2019-02-05 08:51 - 060933528 _____ (HP Development Company, L.P. ) C:\Program Files\sp93457.exe
2019-02-05 08:25 - 2019-02-05 08:25 - 040878896 _____ C:\Program Files\M2070_Series_WIN_SPL_V3.13.12.05.21_CDV1.27.exe
2019-02-04 09:02 - 2019-02-04 09:04 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.01.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-04 03:12 - 2019-02-04 03:14 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.02.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-04 02:16 - 2019-02-04 02:16 - 004211152 _____ ( ) C:\Users\seb\Desktop\hdd-health_4-2_fr_11160.exe
2019-02-04 02:16 - 2019-02-04 02:16 - 000000000 ____D C:\Users\seb\AppData\Roaming\HDDHealth
2019-02-04 01:55 - 2019-02-04 01:56 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.07.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-04 01:03 - 2019-02-04 01:59 - 000000273 _____ C:\Users\seb\Desktop\columbo.url
2019-02-03 10:04 - 2019-02-03 10:04 - 000000000 ____D C:\Users\seb\Desktop\speccy
2019-02-03 04:38 - 2019-02-03 04:38 - 000003720 ____N C:\bootsqm.dat
2019-02-02 11:17 - 2019-02-02 11:17 - 001034556 _____ C:\Program Files (x86)\Windows6.1-KB2999226-x64.msu
2019-02-02 11:15 - 2019-02-02 11:15 - 026028480 _____ (Seagate Technology LLC) C:\Users\seb\Desktop\SeaToolsforWindowsSetup.exe
2019-02-02 11:10 - 2019-02-02 11:11 - 009060056 _____ (Resplendence Software Projects Sp. ) C:\Users\seb\Desktop\whocrashed_6-02_fr_317674.exe
2019-02-02 11:03 - 2019-02-02 11:12 - 000000000 ____D C:\ProgramData\TSR7Settings
2019-02-02 01:40 - 2019-02-02 01:40 - 000210156 _____ C:\Users\seb\Desktop\attachment.pdf
2019-02-02 00:01 - 2019-02-11 03:33 - 000000637 _____ C:\Users\seb\Desktop\WhoCrashed.lnk
2019-02-02 00:01 - 2019-02-02 11:11 - 000000000 ____D C:\Program Files\WhoCrashed
2019-02-01 08:45 - 2019-02-01 08:45 - 000017025 _____ C:\MemTest.zip
2019-02-01 08:45 - 2018-07-19 00:56 - 000040960 _____ () C:\memtest.exe
2019-02-01 08:45 - 2018-07-04 03:57 - 000013390 _____ C:\manual.html
2019-02-01 08:42 - 2019-02-01 08:42 - 000060120 _____ C:\Users\seb\Desktop\SEB-HP.txt
2019-02-01 08:34 - 2019-02-01 08:34 - 000000758 _____ C:\Users\Public\Desktop\Speccy.lnk
2019-02-01 08:34 - 2019-02-01 08:34 - 000000000 ____D C:\Program Files\Speccy
2019-02-01 08:33 - 2019-02-01 08:33 - 006889184 _____ (Piriform Ltd) C:\Users\seb\Desktop\spsetup132.exe
2019-02-01 08:13 - 2019-02-01 08:14 - 000000000 ____D C:\Users\seb\Desktop\SFdebugFiles
2019-02-01 08:12 - 2019-02-01 08:12 - 001848428 _____ C:\Users\seb\Desktop\SEB-HP-01_02_2019_170929,08.zip
2019-02-01 08:08 - 2019-02-01 08:08 - 000314008 _____ C:\Users\seb\Desktop\dm log collector.exe
2019-02-01 07:52 - 2019-02-12 01:44 - 000050995 _____ C:\Users\seb\Desktop\Addition.txt
2019-02-01 07:48 - 2019-02-12 20:48 - 000000000 ____D C:\FRST
2019-02-01 07:48 - 2019-02-12 01:44 - 000073296 _____ C:\Users\seb\Desktop\FRST.txt
2019-02-01 07:48 - 2019-02-01 07:48 - 000000591 _____ C:\AppCrashView.cfg
2019-02-01 07:40 - 2019-02-01 07:40 - 000053566 _____ C:\appcrashview.zip
2019-02-01 07:40 - 2018-11-10 00:42 - 000051408 _____ (NirSoft) C:\AppCrashView.exe
2019-02-01 07:40 - 2018-11-10 00:42 - 000015684 _____ C:\AppCrashView.chm
2019-02-01 07:35 - 2019-02-01 07:35 - 000998056 _____ (Microsoft Corporation) C:\sdksetup.exe
2019-02-01 07:02 - 2019-02-11 06:55 - 000000951 _____ C:\BlueScreenView.cfg
2019-02-01 06:47 - 2019-02-07 07:35 - 000000445 _____ C:\DiskInfo.ini
2019-02-01 06:47 - 2019-02-01 06:47 - 000000000 ____D C:\Smart
2019-02-01 06:46 - 2018-11-20 12:02 - 000000000 ____D C:\CdiResource
2019-02-01 06:46 - 2018-11-19 03:11 - 003706528 _____ (Crystal Dew World) C:\DiskInfo64.exe
2019-02-01 06:46 - 2018-11-19 03:11 - 002849440 _____ (Crystal Dew World) C:\DiskInfo32.exe
2019-02-01 06:46 - 2017-12-31 15:33 - 000000000 ____D C:\License
2019-02-01 06:45 - 2019-02-01 06:45 - 004509412 _____ C:\CrystalDiskInfo8_0_0.zip
2019-02-01 06:29 - 2019-02-01 06:46 - 004575254 _____ C:\bluescreenview.zip
2019-02-01 06:29 - 2015-01-29 01:11 - 000061024 _____ (NirSoft) C:\BlueScreenView.exe
2019-02-01 06:29 - 2015-01-29 01:11 - 000018488 _____ C:\BlueScreenView.chm
2019-02-01 06:29 - 2015-01-29 01:11 - 000017494 _____ C:\readme.txt
2019-02-01 05:52 - 2019-02-01 05:52 - 000000000 ____D C:\Program Files (x86)\WhoCrashed
2019-02-01 05:50 - 2019-02-03 08:17 - 007954904 _____ (Tim Kosse) C:\Users\seb\Downloads\FileZilla_3.40.0_win64-setup.exe
2019-02-01 05:02 - 2019-02-01 05:02 - 000509264 _____ (Microsoft Corporation) C:\Program Files\winsdk_web.exe
2019-02-01 04:50 - 2019-02-01 04:50 - 000000000 ____D C:\Program Files (x86)\NirSoft
2019-02-01 02:46 - 2019-02-01 02:46 - 000000000 ____D C:\Program Files\AVAST Software
2019-02-01 00:30 - 2019-02-12 00:24 - 001416956 _____ C:\Windows\ntbtlog.txt
2019-01-26 00:02 - 2019-01-26 00:05 - 000000000 ____D C:\Users\seb\allocs
2019-01-23 03:17 - 2019-01-23 03:17 - 000000198 _____ C:\Users\seb\Desktop\devoir 2nd.url
2019-01-23 03:15 - 2019-01-23 03:16 - 000000237 _____ C:\Users\seb\Desktop\eval 2nd.url
2019-01-23 00:46 - 2019-01-23 00:47 - 000000227 _____ C:\Users\seb\Desktop\gouts alimentaires.url
2019-01-16 08:07 - 2019-01-16 08:07 - 000000000 ____D C:\Users\seb\Desktop\femmes
2019-01-13 01:40 - 2019-01-13 01:40 - 000210663 _____ C:\Users\seb\Desktop\doc_Societe_et_culture_rurales.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-12 11:33 - 2011-12-12 08:41 - 000000000 ____D C:\Program Files (x86)\Google
2019-02-11 11:02 - 2011-05-02 05:21 - 000000000 ____D C:\Users\seb\AppData\Roaming\FileZilla
2019-02-11 09:53 - 2017-05-24 00:55 - 000000000 ____D C:\Users\seb\AppData\LocalLow\Mozilla
2019-02-11 00:33 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\021119-26722-01.dmp
2019-02-11 00:33 - 2015-11-07 23:31 - 000000000 ____D C:\Windows\Minidump
2019-02-11 00:31 - 2018-10-25 01:26 - 000027136 _____ (Microsoft Corporation) C:\Windows\system\down.exe
2019-02-11 00:31 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\Web
2019-02-11 00:31 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\system
2019-02-11 00:31 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\inf
2019-02-11 00:30 - 2018-12-22 03:05 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-02-11 00:29 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-11 00:13 - 2014-04-29 23:20 - 000000000 ____D C:\Users\seb\Downloads\Nouveau dossier
2019-02-10 06:44 - 2013-04-09 22:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-08 09:48 - 2018-04-30 08:42 - 000002275 _____ C:\Users\seb\AppData\Roaming\FoxitReaderUpdateInfo.txt
2019-02-08 09:48 - 2018-04-30 08:42 - 000002275 _____ C:\FoxitReaderUpdateInfo.txt
2019-02-08 02:28 - 2013-05-31 23:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-08 02:17 - 2011-08-21 09:36 - 000000000 ___SD C:\Users\seb\AppData\LocalLow\Temp
2019-02-08 02:13 - 2018-04-25 23:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-08 02:12 - 2009-07-13 19:20 - 000000000 ___HD C:\Windows\System32\GroupPolicy
2019-02-08 02:12 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-02-08 01:10 - 2013-05-31 23:17 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-06 00:21 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020619-24008-01.dmp
2019-02-05 10:12 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\Help
2019-02-05 10:09 - 2013-12-08 02:35 - 000000000 ____D C:\Windows\pss
2019-02-05 08:52 - 2010-06-14 18:07 - 000000000 ____D C:\swsetup
2019-02-05 08:06 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020519-25724-01.dmp
2019-02-04 08:20 - 2011-08-21 15:46 - 000000000 ____D C:\Users\seb\AppData\Local\ElevatedDiagnostics
2019-02-03 07:47 - 2018-05-24 22:54 - 000300682 ____N C:\Windows\Minidump\020319-28579-01.dmp
2019-02-03 00:37 - 2016-11-22 01:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-02-02 02:42 - 2015-11-13 09:24 - 000000000 ____D C:\Users\seb\AppData\Roaming\BitTorrent
2019-02-02 00:31 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020219-24398-01.dmp
2019-02-01 07:37 - 2018-04-09 03:04 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-01 07:18 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020119-24460-01.dmp
2019-02-01 06:24 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020119-22900-01.dmp
2019-02-01 06:05 - 2017-07-27 05:19 - 000000078 _____ C:\Windows\System32\ps
2019-02-01 06:05 - 2017-06-27 13:58 - 000000076 _____ C:\Windows\System32\p
2019-02-01 06:05 - 2017-04-30 08:56 - 000000080 _____ C:\Windows\System32\s
2019-02-01 05:53 - 2015-12-31 09:28 - 000019456 ___SH C:\Users\seb\AppData\Thumbs.db
2019-02-01 05:31 - 2009-07-13 20:45 - 000006144 _____ C:\Windows\System32\umstartup.etl
2019-02-01 05:27 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020119-25334-01.dmp
2019-02-01 05:23 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020119-32354-01.dmp
2019-02-01 05:17 - 2011-05-02 02:01 - 000000000 ____D C:\users\seb
2019-02-01 05:15 - 2018-12-11 08:04 - 000000000 ____D C:\Users\seb\AppData\Roaming\Xilisoft
2019-02-01 05:15 - 2018-12-11 08:03 - 000000000 ____D C:\ProgramData\Xilisoft
2019-02-01 05:15 - 2018-12-11 08:03 - 000000000 ____D C:\Program Files (x86)\Xilisoft
2019-02-01 05:15 - 2017-12-06 07:03 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2019-02-01 05:15 - 2015-12-31 09:11 - 000000000 ____D C:\Program Files (x86)\Wondershare
2019-02-01 05:15 - 2014-12-21 06:54 - 000000000 ____D C:\ProgramData\Wondershare
2019-02-01 05:15 - 2011-11-23 07:57 - 000000000 ____D C:\Windows\System32\Macromed
2019-02-01 05:15 - 2011-05-02 04:46 - 000000000 ____D C:\Users\seb\AppData\Roaming\vlc
2019-02-01 05:15 - 2011-03-22 07:01 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-01 05:15 - 2009-07-13 23:44 - 000000000 ___RD C:\Users\Public\Recorded TV
2019-02-01 05:15 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\System32\NDF
2019-02-01 05:15 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\registration
2019-01-31 04:56 - 2009-07-13 20:45 - 000018736 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-31 04:56 - 2009-07-13 20:45 - 000018736 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
Files to move or delete:
====================
C:\Windows\SysWOW64\scrobj.dll
Some files in TEMP:
====================
2019-02-08 09:48 - 2014-03-12 00:26 - 010168896 _____ (Foxit Corporation) C:\Users\seb\AppData\Local\Temp\Foxit Reader Updater.exe
==================== KnownDLLs (Whitelisted) =========================
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Association (Whitelisted) =============
==================== Restore Points =========================
Restore point date: 2019-02-11 03:28
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 4095.24 MB
Available physical RAM: 3129.52 MB
Total Virtual: 4093.39 MB
Available Virtual: 3110.26 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.61 GB) (Free:787.63 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:13.8 GB) (Free:0.09 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Removable) (Total:7.26 GB) (Free:3.02 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F176333E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=917.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Protective MBR) (Size: 7.3 GB) (Disk ID: 00000000)
Partition: GPT.
LastRegBack: 2019-01-25 09:09
==================== End of FRST.txt ============================
Ran by SYSTEM on MININT-G01R817 (12-02-2019 20:48:34)
Running from G:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Anglais (États-Unis)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet003
[b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] (Hewlett-Packard Company -> )
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1232896 2013-10-23] (Easybits)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-08-30] (EasyBits Software AS -> EasyBits Software AS)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1666560 2012-02-20] (AimerSoft)
HKLM-x32\...\Run: [start] => C:\Windows\SysWOW64\scrobj.dll [173568 2009-07-13] (Microsoft Corporation) <==== ATTENTION
HKLM-x32\...\RunOnce: [!BingBar] => "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2"
HKLM-x32\...\RunOnce: [wextract_cleanup0] => rundll32.exe C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\seb\AppData\Local\Temp\IXP000.TMP\" <==== ATTENTION
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\seb\...\Run: [SMSetup] => "C:\Users\seb\AppData\Local\Temp\B5A4728A-4F02-497E-A47F-8F32BF943E7C\SMSetup.exe" /cnid 926458 /fpd /dsie /dsff /dsgc /hp /wait /ntp_ie /ms /restart <==== ATTENTION
HKU\seb\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKU\seb\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\seb\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_ActiveX.exe [1456128 2018-12-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\seb\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\seb\...\Policies\Explorer: [HideSCAHealth] 1
HKU\seb\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-24] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\seb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2014-02-08]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-25] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-25] (AVAST Software s.r.o. -> AVAST Software)
S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [241704 2014-03-25] (Foxit Corporation -> Foxit Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-11] (McAfee, Inc. -> McAfee, Inc.)
S2 NGIService; C:\Program Files (x86)\Common Files\McAfee\NGI\Service\NGIService.exe [2319848 2019-02-02] (McAfee, Inc. -> McAfee, Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe [105184 2018-01-25] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
S1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-02-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72864 2019-02-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-02-12] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [104784 2019-02-11] (Malwarebytes Corporation -> Malwarebytes)
S2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare Software Co., Ltd. -> Wondershare)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-12 09:39 - 2019-02-12 09:39 - 000362307 _____ C:\Windows\Minidump.zip
2019-02-12 08:54 - 2019-02-12 08:56 - 000001050 _____ C:\Users\seb\Desktop\Search.txt
2019-02-12 08:48 - 2019-02-12 08:50 - 000000000 ____D C:\Users\seb\Desktop\windows7
2019-02-12 01:40 - 2019-02-12 01:40 - 002434048 _____ (Farbar) C:\Users\seb\Desktop\FRST64.exe
2019-02-12 01:28 - 2019-02-12 01:28 - 003199360 _____ C:\Users\seb\Desktop\ZHPDiag3.exe
2019-02-12 00:24 - 2019-02-12 00:24 - 000274416 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbamswissarmy.sys
2019-02-11 09:03 - 2019-02-11 09:03 - 011840839 ____R C:\Users\seb\Desktop\Windows6.1-KB2670838-x64.msu
2019-02-11 09:03 - 2019-02-11 09:03 - 011840839 _____ C:\Users\seb\Downloads\Windows6.1-KB2670838-x64.msu
2019-02-11 08:23 - 2019-02-11 08:25 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.12.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-11 07:52 - 2019-02-11 07:52 - 000103190 _____ C:\Users\seb\Desktop\reponseB3 (1).pdf
2019-02-11 07:26 - 2019-02-11 07:27 - 029599259 _____ C:\Users\seb\Desktop\windows6.1-kb4480960-x64_bd23adfd0d82403d58aa8cd649636d136cf77700.msu
2019-02-11 06:54 - 2019-02-11 06:54 - 000001894 _____ C:\Users\seb\Desktop\rapport blue.txt
2019-02-11 06:42 - 2019-02-11 06:43 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.11.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-11 06:28 - 2016-03-16 15:49 - 000000462 _____ C:\Users\seb\Desktop\dmpconf.cmd
2019-02-11 06:27 - 2019-02-11 06:27 - 000000361 _____ C:\Users\seb\Desktop\memdmp.zip
2019-02-11 03:37 - 2019-02-11 03:38 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.09.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-11 03:33 - 2019-02-11 03:33 - 000000000 ____D C:\Users\seb\Desktop\WhoCrashed
2019-02-11 03:31 - 2019-02-11 03:32 - 009080880 _____ (Resplendence Software Projects Sp. ) C:\Users\seb\Desktop\whocrashedSetup.exe
2019-02-11 03:28 - 2019-02-11 03:29 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.10.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-11 01:23 - 2019-02-11 01:24 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.08.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-11 00:32 - 2019-02-11 00:32 - 000072864 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2019-02-11 00:32 - 2019-02-11 00:32 - 000003518 _____ C:\Windows\System32\Tasks\Mysa
2019-02-11 00:32 - 2019-02-11 00:32 - 000003504 _____ C:\Windows\System32\Tasks\Mysa3
2019-02-11 00:32 - 2019-02-11 00:32 - 000003424 _____ C:\Windows\System32\Tasks\Mysa2
2019-02-11 00:32 - 2019-02-11 00:32 - 000003190 _____ C:\Windows\System32\Tasks\Mysa1
2019-02-11 00:32 - 2019-02-11 00:32 - 000003186 _____ C:\Windows\System32\Tasks\ok
2019-02-11 00:31 - 2019-02-11 00:31 - 000662528 _____ (Zhuhai Kingsoft Office Software Co.,Ltd) C:\Windows\SysWOW64\Drivers\64.exe
2019-02-11 00:31 - 2019-02-11 00:31 - 000127136 _____ (Malwarebytes) C:\Windows\System32\Drivers\farflt.sys
2019-02-11 00:31 - 2019-02-11 00:31 - 000104784 _____ (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys
2019-02-11 00:30 - 2019-02-11 00:30 - 000000084 _____ C:\Program Files\Common Files\xpdown.dat
2019-02-11 00:26 - 2019-02-11 00:27 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.06.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-10 11:12 - 2019-02-10 11:15 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.05.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-10 10:07 - 2019-02-10 12:13 - 000000000 ____D C:\KVRT_Data
2019-02-10 10:02 - 2019-02-10 10:06 - 159288104 _____ (AO Kaspersky Lab) C:\Users\seb\Desktop\KVRT.exe
2019-02-10 09:27 - 2019-02-10 09:27 - 000001521 _____ C:\Users\seb\Desktop\rapport2.txt
2019-02-10 06:44 - 2019-02-10 06:44 - 000001829 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-10 06:44 - 2019-01-08 06:32 - 000153328 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbae64.sys
2019-02-10 06:42 - 2019-02-10 06:43 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.04.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-10 05:36 - 2019-02-10 05:36 - 000014705 _____ C:\Users\seb\Desktop\rapport.txt
2019-02-10 02:15 - 2019-02-10 02:15 - 000000000 ____D C:\Users\seb\AppData\Local\mbamtray
2019-02-10 02:13 - 2019-02-10 02:14 - 064513784 _____ (Malwarebytes ) C:\Users\seb\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9186.exe
2019-02-10 02:10 - 2019-02-10 02:10 - 000000284 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-02-10 02:01 - 2019-02-10 02:03 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.03.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-10 01:09 - 2019-02-10 01:09 - 000002543 _____ C:\Users\seb\Desktop\AdwCleaner[S03].txt
2019-02-10 01:05 - 2019-02-10 01:05 - 007316688 _____ (Malwarebytes) C:\Users\seb\Desktop\adwcleaner_7.2.7.0.exe
2019-02-09 06:48 - 2019-02-09 06:48 - 004854462 _____ C:\Users\seb\Desktop\ZHPCleaner.txt
2019-02-08 12:15 - 2019-02-08 12:19 - 011974946 _____ C:\Users\seb\Downloads\lemonde090219.pdf
2019-02-08 09:35 - 2019-02-08 09:36 - 003308928 _____ C:\Users\seb\Desktop\ZHPCleaner.exe
2019-02-08 04:39 - 2019-02-12 01:27 - 000000000 ____D C:\Users\seb\AppData\Local\ZHP
2019-02-08 04:39 - 2019-02-08 09:37 - 000000792 _____ C:\Users\seb\Desktop\ZHPCleaner.lnk
2019-02-08 02:12 - 2019-02-08 02:27 - 000013808 _____ C:\Users\seb\Desktop\Fixlog.txt
2019-02-08 02:12 - 2019-02-08 02:12 - 000006404 _____ C:\Users\seb\Desktop\wovhdyxirnjwh.txt
2019-02-08 01:45 - 2019-02-08 01:46 - 000000000 ____D C:\Users\seb\Downloads\Nouveau dossier (2)
2019-02-07 08:46 - 2019-02-12 01:44 - 000174373 _____ C:\Users\seb\Desktop\Shortcut.txt
2019-02-07 08:35 - 2019-02-07 08:35 - 000000000 ____D C:\Users\seb\Desktop\FRST-OlderVersion
2019-02-07 08:01 - 2019-02-12 01:38 - 000321957 _____ C:\Users\seb\Desktop\ZHPDiag.txt
2019-02-07 07:53 - 2019-02-12 01:38 - 000000000 ____D C:\Users\seb\AppData\Roaming\ZHP
2019-02-07 07:53 - 2019-02-12 01:28 - 000000782 _____ C:\Users\seb\Desktop\ZHPDiag.lnk
2019-02-07 07:53 - 2019-02-07 07:53 - 002105344 _____ C:\ZHPDiag3.exe
2019-02-05 10:12 - 2019-02-05 10:12 - 000000000 _____ C:\Users\seb\AppData\Local\{3D0A3C2D-6388-4E53-9EE0-E1215AF28AF0}
2019-02-05 10:12 - 2019-02-05 10:12 - 000000000 _____ C:\Users\seb\AppData\Local\{3CB706B5-36BB-4036-B7F1-872CE9B59BE8}
2019-02-05 08:50 - 2019-02-05 08:51 - 060933528 _____ (HP Development Company, L.P. ) C:\Program Files\sp93457.exe
2019-02-05 08:25 - 2019-02-05 08:25 - 040878896 _____ C:\Program Files\M2070_Series_WIN_SPL_V3.13.12.05.21_CDV1.27.exe
2019-02-04 09:02 - 2019-02-04 09:04 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.01.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-04 03:12 - 2019-02-04 03:14 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.02.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-04 02:16 - 2019-02-04 02:16 - 004211152 _____ ( ) C:\Users\seb\Desktop\hdd-health_4-2_fr_11160.exe
2019-02-04 02:16 - 2019-02-04 02:16 - 000000000 ____D C:\Users\seb\AppData\Roaming\HDDHealth
2019-02-04 01:55 - 2019-02-04 01:56 - 000000000 ____D C:\Users\seb\Downloads\Columbo.Saison.07.DVRiP.XviD-NoTag.WwW.Zone-Telechargement.Ws
2019-02-04 01:03 - 2019-02-04 01:59 - 000000273 _____ C:\Users\seb\Desktop\columbo.url
2019-02-03 10:04 - 2019-02-03 10:04 - 000000000 ____D C:\Users\seb\Desktop\speccy
2019-02-03 04:38 - 2019-02-03 04:38 - 000003720 ____N C:\bootsqm.dat
2019-02-02 11:17 - 2019-02-02 11:17 - 001034556 _____ C:\Program Files (x86)\Windows6.1-KB2999226-x64.msu
2019-02-02 11:15 - 2019-02-02 11:15 - 026028480 _____ (Seagate Technology LLC) C:\Users\seb\Desktop\SeaToolsforWindowsSetup.exe
2019-02-02 11:10 - 2019-02-02 11:11 - 009060056 _____ (Resplendence Software Projects Sp. ) C:\Users\seb\Desktop\whocrashed_6-02_fr_317674.exe
2019-02-02 11:03 - 2019-02-02 11:12 - 000000000 ____D C:\ProgramData\TSR7Settings
2019-02-02 01:40 - 2019-02-02 01:40 - 000210156 _____ C:\Users\seb\Desktop\attachment.pdf
2019-02-02 00:01 - 2019-02-11 03:33 - 000000637 _____ C:\Users\seb\Desktop\WhoCrashed.lnk
2019-02-02 00:01 - 2019-02-02 11:11 - 000000000 ____D C:\Program Files\WhoCrashed
2019-02-01 08:45 - 2019-02-01 08:45 - 000017025 _____ C:\MemTest.zip
2019-02-01 08:45 - 2018-07-19 00:56 - 000040960 _____ () C:\memtest.exe
2019-02-01 08:45 - 2018-07-04 03:57 - 000013390 _____ C:\manual.html
2019-02-01 08:42 - 2019-02-01 08:42 - 000060120 _____ C:\Users\seb\Desktop\SEB-HP.txt
2019-02-01 08:34 - 2019-02-01 08:34 - 000000758 _____ C:\Users\Public\Desktop\Speccy.lnk
2019-02-01 08:34 - 2019-02-01 08:34 - 000000000 ____D C:\Program Files\Speccy
2019-02-01 08:33 - 2019-02-01 08:33 - 006889184 _____ (Piriform Ltd) C:\Users\seb\Desktop\spsetup132.exe
2019-02-01 08:13 - 2019-02-01 08:14 - 000000000 ____D C:\Users\seb\Desktop\SFdebugFiles
2019-02-01 08:12 - 2019-02-01 08:12 - 001848428 _____ C:\Users\seb\Desktop\SEB-HP-01_02_2019_170929,08.zip
2019-02-01 08:08 - 2019-02-01 08:08 - 000314008 _____ C:\Users\seb\Desktop\dm log collector.exe
2019-02-01 07:52 - 2019-02-12 01:44 - 000050995 _____ C:\Users\seb\Desktop\Addition.txt
2019-02-01 07:48 - 2019-02-12 20:48 - 000000000 ____D C:\FRST
2019-02-01 07:48 - 2019-02-12 01:44 - 000073296 _____ C:\Users\seb\Desktop\FRST.txt
2019-02-01 07:48 - 2019-02-01 07:48 - 000000591 _____ C:\AppCrashView.cfg
2019-02-01 07:40 - 2019-02-01 07:40 - 000053566 _____ C:\appcrashview.zip
2019-02-01 07:40 - 2018-11-10 00:42 - 000051408 _____ (NirSoft) C:\AppCrashView.exe
2019-02-01 07:40 - 2018-11-10 00:42 - 000015684 _____ C:\AppCrashView.chm
2019-02-01 07:35 - 2019-02-01 07:35 - 000998056 _____ (Microsoft Corporation) C:\sdksetup.exe
2019-02-01 07:02 - 2019-02-11 06:55 - 000000951 _____ C:\BlueScreenView.cfg
2019-02-01 06:47 - 2019-02-07 07:35 - 000000445 _____ C:\DiskInfo.ini
2019-02-01 06:47 - 2019-02-01 06:47 - 000000000 ____D C:\Smart
2019-02-01 06:46 - 2018-11-20 12:02 - 000000000 ____D C:\CdiResource
2019-02-01 06:46 - 2018-11-19 03:11 - 003706528 _____ (Crystal Dew World) C:\DiskInfo64.exe
2019-02-01 06:46 - 2018-11-19 03:11 - 002849440 _____ (Crystal Dew World) C:\DiskInfo32.exe
2019-02-01 06:46 - 2017-12-31 15:33 - 000000000 ____D C:\License
2019-02-01 06:45 - 2019-02-01 06:45 - 004509412 _____ C:\CrystalDiskInfo8_0_0.zip
2019-02-01 06:29 - 2019-02-01 06:46 - 004575254 _____ C:\bluescreenview.zip
2019-02-01 06:29 - 2015-01-29 01:11 - 000061024 _____ (NirSoft) C:\BlueScreenView.exe
2019-02-01 06:29 - 2015-01-29 01:11 - 000018488 _____ C:\BlueScreenView.chm
2019-02-01 06:29 - 2015-01-29 01:11 - 000017494 _____ C:\readme.txt
2019-02-01 05:52 - 2019-02-01 05:52 - 000000000 ____D C:\Program Files (x86)\WhoCrashed
2019-02-01 05:50 - 2019-02-03 08:17 - 007954904 _____ (Tim Kosse) C:\Users\seb\Downloads\FileZilla_3.40.0_win64-setup.exe
2019-02-01 05:02 - 2019-02-01 05:02 - 000509264 _____ (Microsoft Corporation) C:\Program Files\winsdk_web.exe
2019-02-01 04:50 - 2019-02-01 04:50 - 000000000 ____D C:\Program Files (x86)\NirSoft
2019-02-01 02:46 - 2019-02-01 02:46 - 000000000 ____D C:\Program Files\AVAST Software
2019-02-01 00:30 - 2019-02-12 00:24 - 001416956 _____ C:\Windows\ntbtlog.txt
2019-01-26 00:02 - 2019-01-26 00:05 - 000000000 ____D C:\Users\seb\allocs
2019-01-23 03:17 - 2019-01-23 03:17 - 000000198 _____ C:\Users\seb\Desktop\devoir 2nd.url
2019-01-23 03:15 - 2019-01-23 03:16 - 000000237 _____ C:\Users\seb\Desktop\eval 2nd.url
2019-01-23 00:46 - 2019-01-23 00:47 - 000000227 _____ C:\Users\seb\Desktop\gouts alimentaires.url
2019-01-16 08:07 - 2019-01-16 08:07 - 000000000 ____D C:\Users\seb\Desktop\femmes
2019-01-13 01:40 - 2019-01-13 01:40 - 000210663 _____ C:\Users\seb\Desktop\doc_Societe_et_culture_rurales.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-12 11:33 - 2011-12-12 08:41 - 000000000 ____D C:\Program Files (x86)\Google
2019-02-11 11:02 - 2011-05-02 05:21 - 000000000 ____D C:\Users\seb\AppData\Roaming\FileZilla
2019-02-11 09:53 - 2017-05-24 00:55 - 000000000 ____D C:\Users\seb\AppData\LocalLow\Mozilla
2019-02-11 00:33 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\021119-26722-01.dmp
2019-02-11 00:33 - 2015-11-07 23:31 - 000000000 ____D C:\Windows\Minidump
2019-02-11 00:31 - 2018-10-25 01:26 - 000027136 _____ (Microsoft Corporation) C:\Windows\system\down.exe
2019-02-11 00:31 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\Web
2019-02-11 00:31 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\system
2019-02-11 00:31 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\inf
2019-02-11 00:30 - 2018-12-22 03:05 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-02-11 00:29 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-11 00:13 - 2014-04-29 23:20 - 000000000 ____D C:\Users\seb\Downloads\Nouveau dossier
2019-02-10 06:44 - 2013-04-09 22:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-08 09:48 - 2018-04-30 08:42 - 000002275 _____ C:\Users\seb\AppData\Roaming\FoxitReaderUpdateInfo.txt
2019-02-08 09:48 - 2018-04-30 08:42 - 000002275 _____ C:\FoxitReaderUpdateInfo.txt
2019-02-08 02:28 - 2013-05-31 23:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-08 02:17 - 2011-08-21 09:36 - 000000000 ___SD C:\Users\seb\AppData\LocalLow\Temp
2019-02-08 02:13 - 2018-04-25 23:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-08 02:12 - 2009-07-13 19:20 - 000000000 ___HD C:\Windows\System32\GroupPolicy
2019-02-08 02:12 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-02-08 01:10 - 2013-05-31 23:17 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-06 00:21 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020619-24008-01.dmp
2019-02-05 10:12 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\Help
2019-02-05 10:09 - 2013-12-08 02:35 - 000000000 ____D C:\Windows\pss
2019-02-05 08:52 - 2010-06-14 18:07 - 000000000 ____D C:\swsetup
2019-02-05 08:06 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020519-25724-01.dmp
2019-02-04 08:20 - 2011-08-21 15:46 - 000000000 ____D C:\Users\seb\AppData\Local\ElevatedDiagnostics
2019-02-03 07:47 - 2018-05-24 22:54 - 000300682 ____N C:\Windows\Minidump\020319-28579-01.dmp
2019-02-03 00:37 - 2016-11-22 01:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-02-02 02:42 - 2015-11-13 09:24 - 000000000 ____D C:\Users\seb\AppData\Roaming\BitTorrent
2019-02-02 00:31 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020219-24398-01.dmp
2019-02-01 07:37 - 2018-04-09 03:04 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-01 07:18 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020119-24460-01.dmp
2019-02-01 06:24 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020119-22900-01.dmp
2019-02-01 06:05 - 2017-07-27 05:19 - 000000078 _____ C:\Windows\System32\ps
2019-02-01 06:05 - 2017-06-27 13:58 - 000000076 _____ C:\Windows\System32\p
2019-02-01 06:05 - 2017-04-30 08:56 - 000000080 _____ C:\Windows\System32\s
2019-02-01 05:53 - 2015-12-31 09:28 - 000019456 ___SH C:\Users\seb\AppData\Thumbs.db
2019-02-01 05:31 - 2009-07-13 20:45 - 000006144 _____ C:\Windows\System32\umstartup.etl
2019-02-01 05:27 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020119-25334-01.dmp
2019-02-01 05:23 - 2018-05-24 22:54 - 000301066 ____N C:\Windows\Minidump\020119-32354-01.dmp
2019-02-01 05:17 - 2011-05-02 02:01 - 000000000 ____D C:\users\seb
2019-02-01 05:15 - 2018-12-11 08:04 - 000000000 ____D C:\Users\seb\AppData\Roaming\Xilisoft
2019-02-01 05:15 - 2018-12-11 08:03 - 000000000 ____D C:\ProgramData\Xilisoft
2019-02-01 05:15 - 2018-12-11 08:03 - 000000000 ____D C:\Program Files (x86)\Xilisoft
2019-02-01 05:15 - 2017-12-06 07:03 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2019-02-01 05:15 - 2015-12-31 09:11 - 000000000 ____D C:\Program Files (x86)\Wondershare
2019-02-01 05:15 - 2014-12-21 06:54 - 000000000 ____D C:\ProgramData\Wondershare
2019-02-01 05:15 - 2011-11-23 07:57 - 000000000 ____D C:\Windows\System32\Macromed
2019-02-01 05:15 - 2011-05-02 04:46 - 000000000 ____D C:\Users\seb\AppData\Roaming\vlc
2019-02-01 05:15 - 2011-03-22 07:01 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-01 05:15 - 2009-07-13 23:44 - 000000000 ___RD C:\Users\Public\Recorded TV
2019-02-01 05:15 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\System32\NDF
2019-02-01 05:15 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\registration
2019-01-31 04:56 - 2009-07-13 20:45 - 000018736 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-31 04:56 - 2009-07-13 20:45 - 000018736 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
Files to move or delete:
====================
C:\Windows\SysWOW64\scrobj.dll
Some files in TEMP:
====================
2019-02-08 09:48 - 2014-03-12 00:26 - 010168896 _____ (Foxit Corporation) C:\Users\seb\AppData\Local\Temp\Foxit Reader Updater.exe
==================== KnownDLLs (Whitelisted) =========================
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Association (Whitelisted) =============
==================== Restore Points =========================
Restore point date: 2019-02-11 03:28
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 4095.24 MB
Available physical RAM: 3129.52 MB
Total Virtual: 4093.39 MB
Available Virtual: 3110.26 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.61 GB) (Free:787.63 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:13.8 GB) (Free:0.09 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Removable) (Total:7.26 GB) (Free:3.02 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F176333E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=917.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Protective MBR) (Size: 7.3 GB) (Disk ID: 00000000)
Partition: GPT.
LastRegBack: 2019-01-25 09:09
==================== End of FRST.txt ============================