Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2015
Ran by Tu y yo (administrator) on TUYYO on 11-06-2015 19:26:36
Running from C:\Users\Tu y yo\Desktop
Loaded Profiles: Tu y yo (Available Profiles: Tu y yo)
Platform: Microsoft Windows 8.1 Professionnel (X86) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Bouygues Telecom) C:\ProgramData\media center Bouygues Telecom\MediaServer.exe
(QUALCOMM, Inc.) C:\Program Files\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\media center Bbox\media center\external\MediaServerTray.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CLX3180_Scan2Pc] => C:\WINDOWS\Twain_32\Samsung\CLX3180\Scan2pc.exe [1990144 2011-04-29] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-02-15] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2803995656-3907551314-2027165841-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-2803995656-3907551314-2027165841-1001\...\Run: [GoogleChromeAutoLaunch_C6EA3EB4A8F5717EDC48D988BD513DB8] => C:\Program Files\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
HKU\S-1-5-21-2803995656-3907551314-2027165841-1001\...\MountPoints2: {b7386cba-bf57-11e4-9716-806e6f6e6963} - "F:\MicroLauncher.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MediaServerTray.lnk [2015-03-28]
ShortcutTarget: MediaServerTray.lnk -> C:\Program Files\media center Bbox\media center\external\MediaServerTray.exe ()
Startup: C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\274.lnk [2015-03-10]
ShortcutTarget: 274.lnk -> C:\ProgramData\{4e3f110e-c102-9f6e-4e3f-f110ec10443b}\274.exe (No File)
Startup: C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dsixda_cygwin_install.zip.lnk [2015-05-13]
ShortcutTarget: dsixda_cygwin_install.zip.lnk -> C:\ProgramData\{07dca450-270a-fbae-07dc-ca4502709140}\dsixda_cygwin_install.zip.exe (No File)
Startup: C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Setup_11418.lnk [2015-03-06]
ShortcutTarget: Setup_11418.lnk -> C:\ProgramData\{a8977123-2d6c-d6e7-a897-771232d6c48c}\Setup_11418.exe (No File)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2015-02-11] ()
BootExecute: autocheck autochk * sdnclean.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2803995656-3907551314-2027165841-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2803995656-3907551314-2027165841-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/fr-fr/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2803995656-3907551314-2027165841-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = 
SearchScopes: HKU\S-1-5-21-2803995656-3907551314-2027165841-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Tu y yo\AppData\Local\Google\Chrome\User Data\Default

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\WINDOWS\System32\BthHFSrv.dll [250880 2014-10-29] (Microsoft Corporation)
R2 media center Bouygues Telecom; C:\ProgramData\media center Bouygues Telecom\MediaServer.exe [4177408 2013-07-04] (Bouygues Telecom)
R2 qcmtusvc; C:\Program Files\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe [83456 2014-10-16] (QUALCOMM, Inc.) [File not signed]
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [103936 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284488 2015-02-04] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2014-10-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22200 2015-02-04] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1269248 2014-10-29] (Microsoft Corporation)
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)
R2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [38400 2009-07-13] (Samsung Electronics Co., Ltd.) [File not signed]
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [30720 2014-10-16] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [205824 2014-10-16] (QUALCOMM Incorporated)
S3 qcusbwwan; C:\WINDOWS\system32\DRIVERS\qcusbwwan.sys [425472 2014-10-16] (QUALCOMM Incorporated)
R3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [1698520 2013-07-31] (Realtek Semiconductor Corporation                           )
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [5120 2009-07-12] (Samsung Electronics) [File not signed]
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [84800 2015-02-04] (Microsoft Corporation)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
R3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation)
S1 aknrhdev; \??\C:\WINDOWS\system32\drivers\aknrhdev.sys [X]
S1 pcmnfaeq; \??\C:\WINDOWS\system32\drivers\pcmnfaeq.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-11 19:24 - 2015-06-11 19:26 - 00031524 _____ C:\Users\Tu y yo\Desktop\Addition.txt
2015-06-11 19:23 - 2015-06-11 19:26 - 00011347 _____ C:\Users\Tu y yo\Desktop\FRST.txt
2015-06-11 19:21 - 2015-06-11 19:21 - 01147904 _____ (Farbar) C:\Users\Tu y yo\Desktop\FRST.exe
2015-06-11 19:17 - 2015-06-11 19:17 - 00003751 _____ C:\Users\Tu y yo\Desktop\AdwCleaner[S1].txt
2015-06-11 19:07 - 2015-06-11 19:07 - 02231296 _____ C:\Users\Tu y yo\Downloads\adwcleaner_4.206.exe
2015-06-11 19:07 - 2015-06-11 19:07 - 00000079 _____ C:\WINDOWS\wininit.ini
2015-06-11 18:07 - 2015-06-11 18:07 - 00000512 _____ C:\PhysicalDisk0_MBR.bin
2015-06-11 11:52 - 2015-06-11 18:07 - 00000000 ____D C:\Program Files\ZHPDiag
2015-06-11 11:52 - 2015-06-11 14:26 - 00001956 _____ C:\Users\Tu y yo\Desktop\ZHPFix.lnk
2015-06-11 11:52 - 2015-06-11 14:26 - 00001825 _____ C:\Users\Tu y yo\Desktop\ZHPDiag.lnk
2015-06-11 11:52 - 2015-06-11 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-06-11 11:44 - 2015-06-11 11:44 - 06880102 _____ (Nicolas Coolman ) C:\Users\Tu y yo\Desktop\ZHPDiag2.exe
2015-06-10 22:22 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 22:22 - 2015-05-25 15:22 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 22:22 - 2015-05-25 15:07 - 00977920 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 22:22 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 22:22 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 22:22 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 22:22 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 22:22 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 22:22 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 22:22 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 22:22 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 22:22 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 22:22 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 22:22 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 22:22 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 22:22 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 22:22 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 22:22 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 22:22 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 22:22 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 22:22 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 22:22 - 2015-05-22 15:08 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 22:22 - 2015-05-21 18:04 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-10 22:22 - 2015-05-21 15:07 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 22:22 - 2015-05-21 15:07 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 22:22 - 2015-05-21 15:07 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 22:22 - 2015-05-21 15:07 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 22:22 - 2015-05-21 15:07 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 22:22 - 2015-05-21 15:07 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 22:22 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 22:22 - 2015-04-17 00:07 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 22:22 - 2015-04-16 08:22 - 00259928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 22:22 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 22:22 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 22:22 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 22:22 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 22:22 - 2015-03-20 03:57 - 00873984 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 22:21 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 22:21 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 22:21 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 22:21 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 22:21 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 22:21 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 22:21 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-07 21:41 - 2015-06-07 21:41 - 00000000 ____D C:\Users\Tu y yo\AppData\Local\GWX
2015-06-07 18:31 - 2015-06-11 11:35 - 00000024 _____ C:\Users\Tu y yo\AppData\Roaming\appdataFr25.bin
2015-06-07 18:28 - 2015-06-08 13:15 - 00000000 ____D C:\Program Files\TrashMailcom for  Chrome
2015-06-07 18:26 - 2015-06-11 18:26 - 00000370 _____ C:\WINDOWS\Tasks\ContradeMirror.job
2015-06-07 18:26 - 2015-06-07 18:25 - 00004096 _____ C:\WINDOWS\system32\ntwdblib.dll
2015-05-30 09:39 - 2015-05-30 09:39 - 00395543 _____ C:\Users\Tu y yo\Downloads\download_20150513_145643.jpeg
2015-05-24 10:43 - 2015-05-24 10:43 - 01290412 _____ C:\Users\Tu y yo\Downloads\Freedom_1.0.7j(onhax.net).rar
2015-05-24 10:28 - 2015-05-24 10:28 - 00000935 _____ C:\Users\Public\Desktop\iRoot.lnk
2015-05-24 10:28 - 2015-05-24 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot
2015-05-24 10:27 - 2015-05-24 10:28 - 13128840 _____ (Shenzhen Xinyi Network Co.,Ltd. ) C:\Users\Tu y yo\Downloads\iRoot.exe
2015-05-19 21:45 - 2015-05-19 21:59 - 368840704 _____ C:\Users\Tu y yo\Downloads\Doctor.Who.2005.S08E06.FRENCH.DVDRip.XviD-ZT.zone-telechargement.com.avi
2015-05-18 17:57 - 2015-05-18 17:56 - 00013443 _____ C:\Users\Tu y yo\Desktop\signature.jpeg
2015-05-18 17:53 - 2015-05-18 17:53 - 00892700 _____ C:\Users\Tu y yo\Downloads\Devis CALABRO-pdf (1).zip
2015-05-18 17:47 - 2015-05-18 17:48 - 00269795 _____ C:\Users\Tu y yo\Desktop\cg2.jpeg
2015-05-18 17:46 - 2015-05-18 17:47 - 00256133 _____ C:\Users\Tu y yo\Desktop\cg1.jpeg
2015-05-18 14:03 - 2015-05-18 14:04 - 00892700 _____ C:\Users\Tu y yo\Downloads\Devis CALABRO-pdf.zip
2015-05-17 17:01 - 2015-05-17 17:01 - 00072070 _____ C:\Users\Tu y yo\Desktop\Remplissage simplifié des formulaires CERFA _ N° 13754_02 _ Récapitulatif.html
2015-05-17 17:01 - 2015-05-17 17:01 - 00000000 ____D C:\Users\Tu y yo\Desktop\Remplissage simplifié des formulaires CERFA _ N° 13754_02 _ Récapitulatif_files
2015-05-17 13:09 - 2015-05-17 13:11 - 00000000 ____D C:\Users\Tu y yo\Downloads\La vallée des singes
2015-05-17 13:08 - 2015-05-17 13:13 - 00000000 ____D C:\Users\Tu y yo\Downloads\Château de la Loire
2015-05-14 19:52 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 14:59 - 2015-03-19 00:46 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-05-13 14:59 - 2015-03-19 00:46 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-05-13 14:59 - 2015-03-19 00:46 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-05-13 14:54 - 2015-05-13 14:55 - 00000000 ____D C:\Program Files\Notepad++
2015-05-13 14:54 - 2015-05-13 14:54 - 00001046 _____ C:\Users\Tu y yo\Desktop\Notepad++.lnk
2015-05-13 14:54 - 2015-05-13 14:54 - 00000000 ____D C:\Users\Tu y yo\AppData\Roaming\Notepad++
2015-05-13 14:54 - 2015-05-13 14:54 - 00000000 ____D C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-05-13 14:54 - 2015-05-13 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-05-13 14:51 - 2015-05-13 14:52 - 08254766 _____ C:\Users\Tu y yo\Downloads\npp.6.7.7.Installer.exe
2015-05-13 14:50 - 2015-05-13 14:51 - 00009210 _____ C:\Users\Tu y yo\Downloads\Custom Booting.zip
2015-05-13 14:50 - 2015-05-13 14:50 - 00000000 ____D C:\Users\PC-Thomas\Downloads\http%3a%2f%2fmirrors.163.com%2fcygwin%2f
2015-05-13 14:49 - 2015-05-13 14:49 - 27607298 _____ C:\Users\Tu y yo\Downloads\Android-Kitchen-0.224.zip
2015-05-13 14:49 - 2015-05-13 14:49 - 00000000 ____D C:\Users\PC-Thomas
2015-05-13 14:45 - 2015-05-13 14:50 - 145030048 _____ (Oracle Corporation) C:\Users\Tu y yo\Downloads\jdk-7u79-windows-i586.exe
2015-05-12 20:50 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-12 20:50 - 2015-04-10 02:23 - 01088512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-12 20:50 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-12 20:50 - 2015-03-13 03:19 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-12 20:49 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-12 20:49 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 20:48 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-12 20:48 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-12 20:48 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-12 20:48 - 2015-03-30 07:51 - 00478776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-12 20:48 - 2015-03-27 04:20 - 01117696 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 20:48 - 2015-03-20 03:47 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-12 20:48 - 2015-03-17 19:15 - 00376128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-12 20:48 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-12 20:48 - 2015-01-30 02:56 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-12 20:48 - 2014-11-14 07:04 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-12 20:47 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-12 20:34 - 2015-03-09 03:18 - 00049664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-12 20:34 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-12 20:34 - 2015-03-06 04:27 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-12 20:34 - 2015-02-18 01:19 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-12 20:32 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-12 20:32 - 2015-03-13 04:18 - 00200000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-12 20:32 - 2015-03-13 04:18 - 00131904 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-12 20:31 - 2015-04-09 00:59 - 00333624 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-12 20:31 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-11 19:26 - 2015-02-28 23:53 - 00000000 ____D C:\FRST
2015-06-11 19:26 - 2015-02-28 16:52 - 01232349 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-11 19:19 - 2015-03-10 21:39 - 00000000 __SHD C:\Users\Tu y yo\AppData\Local\EmieUserList
2015-06-11 19:19 - 2015-03-10 21:39 - 00000000 __SHD C:\Users\Tu y yo\AppData\Local\EmieSiteList
2015-06-11 19:19 - 2015-03-10 21:39 - 00000000 __SHD C:\Users\Tu y yo\AppData\Local\EmieBrowserModeList
2015-06-11 19:12 - 2015-04-25 23:34 - 00014956 _____ C:\WINDOWS\PFRO.log
2015-06-11 19:12 - 2015-04-18 16:25 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2015-06-11 19:12 - 2015-04-09 21:05 - 00022302 _____ C:\WINDOWS\setupact.log
2015-06-11 19:12 - 2015-02-28 20:36 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-11 19:12 - 2013-08-22 09:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-11 19:11 - 2015-03-29 10:58 - 00000000 ____D C:\AdwCleaner
2015-06-11 19:11 - 2015-02-28 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-11 19:11 - 2015-02-28 16:45 - 00000000 ____D C:\Users\Tu y yo
2015-06-11 19:07 - 2015-04-18 16:25 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-06-11 19:00 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-11 18:09 - 2015-04-06 21:09 - 00000000 ____D C:\Users\Tu y yo\AppData\Roaming\ZHP
2015-06-11 18:02 - 2015-04-04 12:01 - 00000278 _____ C:\Users\Tu
2015-06-11 13:35 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-06-11 13:31 - 2013-08-22 10:05 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-11 13:23 - 2013-08-22 10:17 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-11 13:22 - 2013-08-22 09:22 - 00407872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-11 13:18 - 2015-04-15 23:58 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-11 13:18 - 2015-04-15 23:58 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-11 13:18 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\system32\fr-FR
2015-06-11 11:43 - 2015-03-05 13:50 - 136900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-11 11:43 - 2015-03-05 13:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-11 11:39 - 2015-02-28 20:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 11:26 - 2015-02-28 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-10 22:03 - 2015-03-01 14:44 - 00000000 ____D C:\Users\Tu y yo\AppData\Local\Adobe
2015-06-10 22:03 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-08 13:17 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-06-08 13:16 - 2013-08-22 08:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-08 12:29 - 2015-02-28 20:22 - 00000000 ____D C:\Program Files\WinRAR
2015-06-08 12:25 - 2015-03-01 00:00 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-07 21:38 - 2015-02-28 20:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-03 18:18 - 2015-03-07 10:36 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-06-03 18:18 - 2015-03-07 10:36 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-05-25 20:26 - 2015-02-28 20:15 - 00002150 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-24 13:50 - 2015-04-04 19:45 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2015-05-24 10:28 - 2015-03-11 20:34 - 00000000 ____D C:\Users\Tu y yo\AppData\Roaming\mgyun
2015-05-24 10:28 - 2015-03-11 20:34 - 00000000 ____D C:\Program Files\iRoot
2015-05-22 16:53 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-05-20 20:18 - 2015-04-04 11:15 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-17 13:01 - 2015-02-28 16:51 - 01824010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-16 12:50 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\rescache
2015-05-16 11:14 - 2015-04-06 21:31 - 00000020 _____ C:\Users\Tu y yo\AppData\Roaming\appdataFr3.bin
2015-05-14 23:34 - 2013-08-22 10:17 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-14 22:59 - 2015-03-01 14:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 19:59 - 2013-09-30 05:49 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 19:38 - 2013-08-22 08:21 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 15:16 - 2015-04-25 23:04 - 00000000 ____D C:\Program Files\Top Password
2015-05-13 14:58 - 2015-03-19 00:38 - 00000000 ____D C:\Program Files\Java

==================== Files in the root of some directories =======

2015-06-07 18:31 - 2015-06-11 11:35 - 0000024 _____ () C:\Users\Tu y yo\AppData\Roaming\appdataFr25.bin
2015-04-06 21:31 - 2015-05-16 11:14 - 0000020 _____ () C:\Users\Tu y yo\AppData\Roaming\appdataFr3.bin
2015-02-28 21:48 - 2015-02-28 21:48 - 0613067 _____ (CMI Limited) C:\Users\Tu y yo\AppData\Local\nslAA59.tmp
2015-02-28 22:43 - 2015-02-28 22:43 - 0628504 _____ (CMI Limited) C:\Users\Tu y yo\AppData\Local\nsrF4BC.tmp
2015-03-10 21:34 - 2015-03-10 21:35 - 0000302 _____ () C:\Users\Tu y yo\AppData\Local\Temp-log.txt

Some files in TEMP:
====================
C:\Users\Tu y yo\AppData\Local\Temp\4308891925316739666b.exe
C:\Users\Tu y yo\AppData\Local\Temp\7488.exe
C:\Users\Tu y yo\AppData\Local\Temp\ntwdblib.dll
C:\Users\Tu y yo\AppData\Local\Temp\Quarantine.exe
C:\Users\Tu y yo\AppData\Local\Temp\sqlite3.dll
C:\Users\Tu y yo\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-08 10:13

==================== End of log ============================