Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01 Exécuté par hdiouri (administrateur) sur DIOURI-H (17-06-2016 17:28:37) Exécuté depuis C:\Users\hdiouri\Desktop Profils chargés: hdiouri (Profils disponibles: adm & hdiouri & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Edge) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (PC SOFT) C:\Program Files (x86)\PC SOFT\Serveur HyperFileSQL\Manta64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe (Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe (PC SOFT) C:\Program Files (x86)\PC SOFT\Serveur HyperFileSQL\MantaManager64.exe (Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe (Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Google Inc.) C:\Users\hdiouri\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\hdiouri\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.41141.0_x64__8wekyb3d8bbwe\HxTsr.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-04-05] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation) HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684024 2012-03-07] (PDF Complete Inc) HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [322432 2012-04-05] (Hewlett-Packard Company) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2013-04-05] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2013-04-05] (Intel Corporation) HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12313720 2012-08-07] (Hewlett-Packard) HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1127800 2012-01-27] (Infineon Technologies AG) HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [24576 2009-05-11] (Hewlett-Packard Company) HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X] HKU\S-1-5-21-698735725-3776238058-3315447757-2171\...\Run: [Google Update] => C:\Users\hdiouri\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.) HKU\S-1-5-21-698735725-3776238058-3315447757-2171\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd) HKU\S-1-5-21-698735725-3776238058-3315447757-2171\...\RunOnce: [Uninstall C:\Users\hdiouri\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\hdiouri\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\hdiouri\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\FileSyncShell64.dll [2016-04-30] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\hdiouri\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\FileSyncShell64.dll [2016-04-30] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\hdiouri\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\FileSyncShell64.dll [2016-04-30] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hdiouri\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hdiouri\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hdiouri\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hdiouri\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\hdiouri\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncShell.dll [2016-04-30] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\hdiouri\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncShell.dll [2016-04-30] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\hdiouri\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncShell.dll [2016-04-30] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hdiouri\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hdiouri\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hdiouri\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-01-28] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-11-24] ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) GroupPolicy: Restriction - Chrome <======= ATTENTION GroupPolicy-x32: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) AutoConfigURL: [S-1-5-21-698735725-3776238058-3315447757-2171] => file://C:\Program Files (x86)\BrowseSmart\bin\Pac8807.js Hosts: 192.168.1.5 NPI11FF7A Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4ab6916a-f542-4b1e-a810-3bd8705489be}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8f38a4c4-a41b-497c-82a7-f7a11a4f21f1}: [DhcpNameServer] 192.168.0.1 192.168.0.1 Tcpip\..\Interfaces\{9d82f8f0-25dc-405f-a9c8-f846c1cf28f1}: [DhcpNameServer] 192.168.1.254 ManualProxies: 0file://C:\Program Files (x86)\BrowseSmart\bin\Pac8807.js Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-698735725-3776238058-3315447757-2171\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/9 SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-698735725-3776238058-3315447757-2171 -> {832129FC-D34D-4A82-87A7-D3DEBDE58031} URL = hxxps://www.google.com/search?q={searchTerms} BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.) BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-08-07] (Hewlett-Packard) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-20] (Oracle Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-698735725-3776238058-3315447757-2171 -> hxxp://google.com/ FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-14] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-04-05] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-04-05] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-20] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Pas de fichier] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) FF Plugin HKU\S-1-5-21-698735725-3776238058-3315447757-2171: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-698735725-3776238058-3315447757-2171: @nsroblox.roblox.com/launcher -> C:\Users\hdiouri\AppData\Local\Roblox\Versions\version-e66ffbb509ce4483\\NPRobloxProxy.dll [2012-12-31] ( ROBLOX Corporation) FF Plugin HKU\S-1-5-21-698735725-3776238058-3315447757-2171: @tools.google.com/Google Update;version=3 -> C:\Users\hdiouri\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin HKU\S-1-5-21-698735725-3776238058-3315447757-2171: @tools.google.com/Google Update;version=9 -> C:\Users\hdiouri\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin HKU\S-1-5-21-698735725-3776238058-3315447757-2171: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\hdiouri\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2015-05-13] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2015-05-13] (RealPlayer Cloud) FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2012-12-21] [non signé] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-28] [non signé] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => non trouvé(e) FF HKU\S-1-5-21-698735725-3776238058-3315447757-2171\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR Profile: C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-17] CHR Extension: (Google Slides) - C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-17] CHR Extension: (Google Drive) - C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17] CHR Extension: (YouTube) - C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-17] CHR Extension: (Recherche Google) - C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17] CHR Extension: (Google Slides) - C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-17] CHR Extension: (Google Slides) - C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-02] CHR Extension: (TU-95 - Pilot the Plane!) - C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjohfoloehbkffdihkengbkjgalmabj [2016-01-14] CHR Extension: (SWOOOP) - C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default\Extensions\jblimahfbhdcengjfbdpdngcfcghladf [2016-01-14] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Gmail) - C:\Users\hdiouri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-17] StartMenuInternet: Google Chrome.B2KMLQFTVVHGD75TZSWAJPBDTY - C:\Users\hdiouri\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2286848 2015-10-01] (Broadcom Corporation.) R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-03-28] (DigitalPersona, Inc.) S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-01-31] (Hewlett-Packard Company) R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Fichier non signé] R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [Fichier non signé] R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [368512 2012-04-05] (Hewlett-Packard Company) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Fichier non signé] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26168 2015-12-20] (Hewlett-Packard Company) R2 Hyper File Server : DIOURI-H; C:\Program Files (x86)\PC SOFT\Serveur HyperFileSQL\Manta64.exe [292864 2010-12-01] (PC SOFT) [Fichier non signé] R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1127800 2012-01-27] (Infineon Technologies AG) R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-01-27] (Infineon Technologies AG) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2013-04-05] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2013-04-05] (Intel Corporation) R2 MantaManager; C:\Program Files (x86)\PC SOFT\Serveur HyperFileSQL\MantaManager64.exe [504832 2010-11-15] (PC SOFT) [Fichier non signé] R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-07-11] () [Fichier non signé] R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé] R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-03-07] (PDF Complete Inc) R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-01-27] (Infineon Technologies AG) R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095976 2015-11-24] (RealNetworks, Inc.) R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1095976 2015-11-24] (RealNetworks, Inc.) R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [536848 2012-03-21] () R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-04-05] (IDT, Inc.) [Fichier non signé] R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-03] (Synaptics Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 ARCVCAM; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [208176 2015-10-01] (Broadcom Corporation.) S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation) S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.) R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468752 2014-07-28] (Intel Corporation) S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [117504 2009-12-07] (Huawei Technologies Co., Ltd.) [Fichier non signé] S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.) R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [90736 2012-07-11] (McAfee, Inc.) R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158832 2012-07-11] (McAfee, Inc.) R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation) R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited) R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [2668424 2015-06-08] () S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.) R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [108624 2010-11-08] (Trend Micro Inc.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31656 2016-04-14] (HP) U3 idsvc; pas de ImagePath U3 wpcsvc; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-06-17 17:28 - 2016-06-17 17:30 - 00030790 _____ C:\Users\hdiouri\Desktop\FRST.txt 2016-06-17 17:27 - 2016-06-17 17:28 - 00000000 ____D C:\FRST 2016-06-17 17:26 - 2016-06-17 17:26 - 02386944 _____ (Farbar) C:\Users\hdiouri\Desktop\FRST64.exe 2016-06-17 07:27 - 2016-06-17 07:27 - 00165493 _____ C:\Users\hdiouri\Desktop\ZHPDiag.txt 2016-06-16 23:27 - 2016-06-16 23:27 - 00001954 _____ C:\Users\hdiouri\Desktop\ZHPFixReport.txt 2016-06-16 23:20 - 2016-06-16 23:20 - 00000000 ____D C:\ProgramData\McAfee 2016-06-16 22:55 - 2016-06-16 22:55 - 03480040 _____ (McAfee, Inc.) C:\Users\hdiouri\Downloads\MCPR.exe 2016-06-16 22:53 - 2016-06-16 22:54 - 03480040 _____ (McAfee, Inc.) C:\Users\hdiouri\Desktop\MCPR.exe 2016-06-16 14:51 - 2016-06-17 07:14 - 00000000 ____D C:\Users\hdiouri\Desktop\zhpdiag 2016-06-15 16:14 - 2016-06-15 16:14 - 00001918 _____ C:\Users\Public\Desktop\ZHPFix.lnk 2016-06-15 16:14 - 2016-06-15 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2016-06-15 16:14 - 2016-06-15 16:14 - 00000000 ____D C:\Program Files (x86)\ZHPFix 2016-06-15 15:48 - 2016-06-15 16:14 - 03521617 _____ (Nicolas Coolman ) C:\Users\hdiouri\Desktop\ZHPFix.exe 2016-06-15 15:19 - 2016-06-15 15:19 - 00570726 _____ C:\Users\hdiouri\Downloads\maison_2016-06-15_15-16.mkv 2016-06-15 14:53 - 2016-06-15 15:03 - 03703360 _____ C:\Users\hdiouri\Desktop\adwcleaner_5.200.exe 2016-06-15 11:34 - 2016-06-17 07:16 - 00000000 ____D C:\Users\hdiouri\AppData\Roaming\ZHP 2016-06-15 11:34 - 2016-06-15 18:23 - 00000905 _____ C:\Users\hdiouri\Desktop\ZHPDiag.lnk 2016-06-15 11:34 - 2016-06-15 11:34 - 02216960 _____ C:\Users\hdiouri\ZHPDiag3.exe 2016-06-15 11:34 - 2016-06-15 11:34 - 02213888 _____ C:\Users\hdiouri\Downloads\ZHPDiag3.exe 2016-06-15 11:04 - 2016-05-28 04:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-06-15 11:04 - 2016-05-28 04:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-06-15 11:04 - 2016-05-28 04:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-06-15 11:04 - 2016-05-28 04:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-06-15 11:04 - 2016-05-28 04:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-06-15 11:04 - 2016-05-28 04:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-06-15 11:04 - 2016-05-28 04:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-06-15 11:04 - 2016-05-28 04:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-06-15 11:04 - 2016-05-28 04:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-06-15 11:04 - 2016-05-28 04:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-06-15 11:04 - 2016-05-28 04:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-06-15 11:04 - 2016-05-28 04:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-06-15 11:04 - 2016-05-28 04:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-06-15 11:04 - 2016-05-28 04:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-06-15 11:04 - 2016-05-28 04:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-06-15 11:04 - 2016-05-28 04:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-06-15 11:04 - 2016-05-28 04:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-06-15 11:04 - 2016-05-28 04:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-06-15 11:04 - 2016-05-28 04:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-06-15 11:04 - 2016-05-28 04:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-06-15 11:04 - 2016-05-28 04:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-06-15 11:04 - 2016-05-28 04:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-06-15 11:04 - 2016-05-28 04:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-06-15 11:04 - 2016-05-28 04:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-06-15 11:04 - 2016-05-28 04:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-06-15 11:04 - 2016-05-28 04:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-06-15 11:04 - 2016-05-28 03:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-06-15 11:03 - 2016-05-28 06:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-06-15 11:03 - 2016-05-28 06:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-06-15 11:03 - 2016-05-28 06:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-06-15 11:03 - 2016-05-28 06:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-06-15 11:03 - 2016-05-28 05:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll 2016-06-15 11:03 - 2016-05-28 05:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2016-06-15 11:03 - 2016-05-28 05:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-06-15 11:03 - 2016-05-28 05:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2016-06-15 11:03 - 2016-05-28 05:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2016-06-15 11:03 - 2016-05-28 05:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-06-15 11:03 - 2016-05-28 05:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-06-15 11:03 - 2016-05-28 05:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-06-15 11:03 - 2016-05-28 05:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-06-15 11:03 - 2016-05-28 05:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-06-15 11:03 - 2016-05-28 05:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-06-15 11:03 - 2016-05-28 05:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-06-15 11:03 - 2016-05-28 05:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-06-15 11:03 - 2016-05-28 05:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-06-15 11:03 - 2016-05-28 05:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-06-15 11:03 - 2016-05-28 05:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2016-06-15 11:03 - 2016-05-28 05:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-06-15 11:03 - 2016-05-28 05:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-06-15 11:03 - 2016-05-28 05:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-06-15 11:03 - 2016-05-28 05:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-06-15 11:03 - 2016-05-28 04:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-06-15 11:03 - 2016-05-28 04:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-06-15 11:03 - 2016-05-28 04:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-06-15 11:03 - 2016-05-28 04:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-06-15 11:03 - 2016-05-28 04:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-06-15 11:03 - 2016-05-28 04:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-06-15 11:03 - 2016-05-28 04:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-06-15 11:03 - 2016-05-28 04:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-06-15 11:03 - 2016-05-28 04:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-06-15 11:03 - 2016-05-28 04:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-06-15 11:03 - 2016-05-28 04:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-06-15 11:03 - 2016-05-28 04:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys 2016-06-15 11:03 - 2016-05-28 04:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-06-15 11:03 - 2016-05-28 04:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2016-06-15 11:03 - 2016-05-28 04:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-06-15 11:03 - 2016-05-28 04:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-06-15 11:03 - 2016-05-28 04:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-06-15 11:03 - 2016-05-28 04:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-06-15 11:03 - 2016-05-28 04:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-06-15 11:03 - 2016-05-28 04:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-06-15 11:03 - 2016-05-28 04:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-06-15 11:03 - 2016-05-28 04:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-06-15 11:03 - 2016-05-28 04:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-06-15 11:03 - 2016-05-28 04:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2016-06-15 11:03 - 2016-05-28 04:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-06-15 11:03 - 2016-05-28 04:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2016-06-15 11:03 - 2016-05-28 04:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll 2016-06-15 11:03 - 2016-05-28 04:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-06-15 11:03 - 2016-05-28 04:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-06-15 11:03 - 2016-05-28 04:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-06-15 11:03 - 2016-05-28 04:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-06-15 11:03 - 2016-05-28 04:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2016-06-15 11:03 - 2016-05-28 04:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-06-15 11:03 - 2016-05-28 04:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2016-06-15 11:03 - 2016-05-28 04:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-06-15 11:03 - 2016-05-28 04:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-06-15 11:03 - 2016-05-28 04:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2016-06-15 11:03 - 2016-05-28 04:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2016-06-15 11:03 - 2016-05-28 04:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-06-15 11:03 - 2016-05-28 04:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-06-15 11:03 - 2016-05-28 04:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2016-06-15 11:03 - 2016-05-28 04:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2016-06-15 11:03 - 2016-05-28 04:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-06-15 11:03 - 2016-05-28 04:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-06-15 11:03 - 2016-05-28 04:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll 2016-06-15 11:03 - 2016-05-28 04:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-06-15 11:03 - 2016-05-28 04:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-06-15 11:03 - 2016-05-28 04:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-06-15 11:03 - 2016-05-28 04:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-06-15 11:03 - 2016-05-28 04:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-06-15 11:03 - 2016-05-28 04:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-06-15 11:03 - 2016-05-28 04:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-06-15 11:03 - 2016-05-28 04:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-06-15 11:03 - 2016-05-28 04:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2016-06-15 11:03 - 2016-05-28 04:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-06-15 11:03 - 2016-05-28 04:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-06-15 11:03 - 2016-05-28 04:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-06-15 11:03 - 2016-05-28 04:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-06-15 11:03 - 2016-05-28 04:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-06-15 11:03 - 2016-05-28 04:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-06-15 11:03 - 2016-05-28 04:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-06-15 11:03 - 2016-05-28 04:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-06-15 11:03 - 2016-05-28 04:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2016-06-15 11:03 - 2016-05-28 04:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-06-15 11:03 - 2016-05-28 04:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-06-15 11:03 - 2016-05-28 04:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-06-15 11:03 - 2016-05-28 04:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-06-15 11:03 - 2016-05-28 04:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-06-15 11:03 - 2016-05-28 04:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-06-15 11:03 - 2016-05-28 04:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-06-15 11:03 - 2016-05-28 04:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll 2016-06-15 11:03 - 2016-05-28 04:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-06-15 11:03 - 2016-05-28 04:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-06-15 11:03 - 2016-05-28 04:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2016-06-15 11:03 - 2016-05-28 04:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-06-15 11:03 - 2016-05-28 04:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-06-15 11:03 - 2016-05-28 04:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-06-15 11:03 - 2016-05-28 04:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-06-15 11:03 - 2016-05-28 04:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-06-15 11:03 - 2016-05-28 04:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-06-15 11:03 - 2016-05-28 04:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-06-15 11:03 - 2016-05-28 04:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-06-15 11:03 - 2016-05-28 04:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-06-15 11:03 - 2016-05-28 03:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-06-15 11:03 - 2016-05-28 03:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-06-15 11:03 - 2016-05-28 03:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-06-15 11:03 - 2016-05-28 03:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-06-15 11:03 - 2016-05-28 03:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-06-15 11:02 - 2016-05-28 06:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-06-15 11:02 - 2016-05-28 06:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-06-15 11:02 - 2016-05-28 05:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll 2016-06-15 11:02 - 2016-05-28 05:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2016-06-15 11:02 - 2016-05-28 05:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2016-06-15 11:02 - 2016-05-28 05:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-06-15 11:02 - 2016-05-28 05:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll 2016-06-15 11:02 - 2016-05-28 05:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-06-15 11:02 - 2016-05-28 05:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe 2016-06-15 11:02 - 2016-05-28 05:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-06-15 11:02 - 2016-05-28 05:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys 2016-06-15 11:02 - 2016-05-28 05:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-06-15 11:02 - 2016-05-28 05:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-06-15 11:02 - 2016-05-28 05:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-06-15 11:02 - 2016-05-28 05:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-06-15 11:02 - 2016-05-28 05:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-06-15 11:02 - 2016-05-28 05:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2016-06-15 11:02 - 2016-05-28 05:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-06-15 11:02 - 2016-05-28 05:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2016-06-15 11:02 - 2016-05-28 04:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-06-15 11:02 - 2016-05-28 04:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-06-15 11:02 - 2016-05-28 04:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll 2016-06-15 11:02 - 2016-05-28 04:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll 2016-06-15 11:02 - 2016-05-28 04:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-06-15 11:02 - 2016-05-28 04:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll 2016-06-15 11:02 - 2016-05-28 04:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-06-15 11:02 - 2016-05-28 04:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2016-06-15 11:02 - 2016-05-28 04:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2016-06-15 11:02 - 2016-05-28 04:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll 2016-06-15 11:02 - 2016-05-28 04:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-06-15 11:02 - 2016-05-28 04:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys 2016-06-15 11:02 - 2016-05-28 04:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-06-15 11:02 - 2016-05-28 04:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-06-15 11:02 - 2016-05-28 04:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2016-06-15 11:02 - 2016-05-28 04:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-06-15 11:02 - 2016-05-28 04:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-06-15 11:02 - 2016-05-28 04:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2016-06-15 11:02 - 2016-05-28 04:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-06-15 11:02 - 2016-05-28 04:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-06-15 11:02 - 2016-05-28 04:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll 2016-06-15 11:02 - 2016-05-28 04:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-06-15 11:02 - 2016-05-28 04:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-06-15 11:02 - 2016-05-28 04:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll 2016-06-15 11:02 - 2016-05-28 04:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll 2016-06-15 11:02 - 2016-05-28 04:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll 2016-06-15 11:02 - 2016-05-28 04:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2016-06-15 11:02 - 2016-05-28 04:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll 2016-06-15 11:02 - 2016-05-28 04:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll 2016-06-15 11:02 - 2016-05-28 04:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2016-06-15 11:02 - 2016-05-28 04:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-06-15 11:02 - 2016-05-28 04:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-06-15 11:02 - 2016-05-28 04:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2016-06-15 11:02 - 2016-05-28 04:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2016-06-15 11:02 - 2016-05-28 04:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2016-06-15 11:02 - 2016-05-28 04:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL 2016-06-15 11:02 - 2016-05-28 04:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll 2016-06-15 11:02 - 2016-05-28 04:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-06-15 11:02 - 2016-05-28 04:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-06-15 11:02 - 2016-05-28 04:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2016-06-15 11:02 - 2016-05-28 04:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2016-06-15 11:02 - 2016-05-28 04:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll 2016-06-15 11:02 - 2016-05-28 04:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2016-06-15 11:02 - 2016-05-28 04:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2016-06-15 11:02 - 2016-05-28 04:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2016-06-15 11:02 - 2016-05-28 04:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-06-15 11:02 - 2016-05-28 04:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-06-15 11:02 - 2016-05-28 04:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-06-15 11:02 - 2016-05-28 04:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-06-15 11:02 - 2016-05-28 04:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2016-06-15 11:02 - 2016-05-28 04:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-06-15 11:02 - 2016-05-28 04:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2016-06-15 11:02 - 2016-05-28 04:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-06-15 11:02 - 2016-05-28 04:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-06-15 11:02 - 2016-05-28 04:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2016-06-15 11:02 - 2016-05-28 04:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-06-15 11:02 - 2016-05-28 04:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-06-15 11:02 - 2016-05-28 04:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-06-15 11:02 - 2016-05-28 04:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-06-15 11:02 - 2016-05-28 04:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-06-15 11:02 - 2016-05-28 04:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-06-15 11:02 - 2016-05-28 03:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-06-15 11:02 - 2016-05-28 03:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-06-15 11:02 - 2016-05-28 03:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2016-06-14 12:13 - 2016-06-14 12:13 - 00015360 _____ C:\Users\hdiouri\Desktop\ETAT_Pointage.xls 2016-06-10 10:48 - 2016-06-10 10:48 - 00000000 ____D C:\Users\hdiouri\AppData\Roaming\IDT 2016-06-09 21:05 - 2016-06-09 21:13 - 00007625 _____ C:\Users\hdiouri\AppData\Local\resmon.resmoncfg 2016-06-09 18:05 - 2016-06-09 18:09 - 01933336 _____ (Kaspersky Lab) C:\Users\hdiouri\Downloads\kaspersky-antivirus-2016_16-0-0-614_fr_10479.exe 2016-06-08 23:41 - 2016-06-08 23:41 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-06-08 23:40 - 2016-06-08 23:40 - 22851472 _____ (Malwarebytes ) C:\Users\hdiouri\Downloads\mbam-setup-2.2.1.1043.exe 2016-06-08 22:13 - 2016-06-08 22:13 - 02405672 _____ (Trend Micro Inc.) C:\Users\hdiouri\Downloads\HousecallLauncher64 (6).exe 2016-06-08 22:04 - 2016-06-08 22:04 - 02405672 _____ (Trend Micro Inc.) C:\Users\hdiouri\Downloads\HousecallLauncher64 (5).exe 2016-06-08 21:50 - 2016-06-08 21:51 - 06893008 _____ (Piriform Ltd) C:\Users\hdiouri\Downloads\ccsetup518.exe 2016-06-07 14:24 - 2016-06-07 14:24 - 00000000 ____D C:\Users\hdiouri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-06-07 14:22 - 2016-06-07 14:22 - 00452753 _____ C:\Users\hdiouri\Desktop\facture auto select 05.2016 toyota.pdf 2016-06-02 15:15 - 2016-06-02 15:16 - 00022313 _____ C:\Users\hdiouri\Downloads\account.report_partnerledger (3).pdf 2016-06-02 15:14 - 2016-06-02 15:14 - 00012930 _____ C:\Users\hdiouri\Downloads\account.report_partnerledger (2).pdf 2016-06-02 15:13 - 2016-06-02 15:13 - 00013061 _____ C:\Users\hdiouri\Downloads\account.report_partnerledger (1).pdf 2016-06-02 15:12 - 2016-06-02 15:12 - 00012787 _____ C:\Users\hdiouri\Downloads\account.report_partnerledger.pdf ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-06-17 17:22 - 2016-05-10 22:17 - 00001112 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-698735725-3776238058-3315447757-2171UA1d1ab09ae4cdbf9.job 2016-06-17 17:18 - 2015-06-18 10:04 - 00001204 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-698735725-3776238058-3315447757-2171UA.job 2016-06-17 17:16 - 2014-01-25 10:20 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-17 17:16 - 2013-03-20 08:49 - 00001112 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-698735725-3776238058-3315447757-2171UA.job 2016-06-17 17:11 - 2015-10-30 07:21 - 00000000 ____D C:\WINDOWS\INF 2016-06-17 17:09 - 2014-01-25 10:20 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-17 17:08 - 2016-04-19 14:18 - 00000000 __SHD C:\Users\hdiouri\IntelGraphicsProfiles 2016-06-17 17:07 - 2016-02-13 13:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-06-17 17:07 - 2012-06-11 07:04 - 00000000 ____D C:\ProgramData\PDFC 2016-06-17 17:06 - 2015-10-30 06:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-06-17 09:45 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-06-17 09:45 - 2015-10-30 07:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-06-17 09:02 - 2012-06-11 07:06 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-06-17 08:58 - 2016-04-19 14:26 - 00000000 ____D C:\Users\hdiouri\AppData\Local\Deployment 2016-06-17 07:51 - 2013-03-29 10:42 - 00000000 ____D C:\Users\hdiouri\Documents\Ymsoft 2016-06-17 07:39 - 2015-10-30 07:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-06-16 23:22 - 2016-05-10 22:17 - 00001060 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-698735725-3776238058-3315447757-2171Core1d1ab09ae303f6a.job 2016-06-16 18:15 - 2015-10-30 07:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-06-16 18:15 - 2015-10-30 06:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-06-16 18:05 - 2013-03-20 08:49 - 00001060 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-698735725-3776238058-3315447757-2171Core.job 2016-06-16 14:25 - 2016-02-13 13:20 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-06-16 12:57 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\rescache 2016-06-16 12:34 - 2016-02-13 04:11 - 00472160 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-06-16 12:32 - 2015-10-30 07:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-06-16 12:32 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-06-16 12:32 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-06-16 12:21 - 2013-07-22 05:55 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-06-16 12:14 - 2013-03-19 20:24 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-06-15 20:40 - 2010-11-21 03:27 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-06-15 15:26 - 2014-10-07 09:22 - 00000000 ____D C:\AdwCleaner 2016-06-15 11:40 - 2014-07-20 16:02 - 00000000 ____D C:\Users\hdiouri\AppData\LocalLow\Adblock Plus for IE 2016-06-15 11:34 - 2016-04-19 13:38 - 00000000 ____D C:\Users\hdiouri 2016-06-14 18:33 - 2015-10-30 07:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-06-14 18:33 - 2015-10-30 07:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-14 12:13 - 2016-02-17 11:34 - 00000000 ____D C:\Program Files\LGA 2016-06-10 10:37 - 2013-03-15 18:34 - 00128864 _____ C:\Users\hdiouri\AppData\Local\GDIPFONTCACHEV1.DAT 2016-06-10 10:17 - 2015-05-13 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks 2016-06-10 10:17 - 2013-07-19 22:04 - 00000000 ____D C:\Program Files (x86)\Real 2016-06-10 10:17 - 2013-07-19 22:03 - 00000000 ____D C:\Users\hdiouri\AppData\Roaming\Real 2016-06-10 10:16 - 2014-07-20 16:02 - 00000000 ____D C:\ProgramData\Package Cache 2016-06-10 10:16 - 2013-07-19 22:02 - 00000000 ____D C:\ProgramData\Real 2016-06-10 10:15 - 2013-03-18 16:31 - 00000000 ____D C:\Users\hdiouri\AppData\Local\Google 2016-06-10 10:15 - 2013-03-18 16:31 - 00000000 ____D C:\Program Files (x86)\Google 2016-06-10 10:14 - 2014-06-03 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-06-10 10:14 - 2013-07-19 21:56 - 00000000 ____D C:\Users\hdiouri\AppData\Roaming\Mozilla 2016-06-10 10:01 - 2014-05-31 21:49 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin 2016-06-10 09:57 - 2016-04-21 10:01 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-06-10 09:54 - 2016-04-19 14:18 - 00000000 ____D C:\Users\hdiouri\AppData\Local\Packages 2016-06-10 09:53 - 2015-05-08 18:16 - 00000000 ____D C:\Users\hdiouri\AppData\Roaming\Battle.net 2016-06-10 09:53 - 2015-05-08 18:11 - 00000000 ____D C:\ProgramData\Battle.net 2016-06-10 09:48 - 2013-03-18 16:31 - 00000000 ____D C:\Users\hdiouri\AppData\Local\Apps\2.0 2016-06-09 23:05 - 2014-12-31 08:39 - 00000000 ____D C:\Users\Public\Documents\Wondershare 2016-06-09 21:52 - 2016-04-19 13:27 - 00000000 ____D C:\Windows.old 2016-06-09 20:18 - 2015-06-18 10:04 - 00001152 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-698735725-3776238058-3315447757-2171Core.job 2016-06-09 18:22 - 2016-04-19 13:37 - 02161582 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-06-09 18:22 - 2016-02-13 12:49 - 00944222 _____ C:\WINDOWS\system32\perfh00C.dat 2016-06-09 18:22 - 2016-02-13 12:49 - 00202038 _____ C:\WINDOWS\system32\perfc00C.dat 2016-06-09 18:18 - 2009-07-14 03:20 - 00000000 ____D C:\Users\Default.migrated 2016-06-09 11:52 - 2014-07-20 16:02 - 00000000 ____D C:\Program Files\Adblock Plus for IE 2016-06-09 11:41 - 2016-05-03 08:52 - 00000000 ____D C:\Users\hdiouri\Desktop\APPLICATIONS 2016-06-09 09:20 - 2013-03-20 08:51 - 00002499 _____ C:\Users\hdiouri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-09 07:08 - 2013-03-29 10:42 - 00000000 ____D C:\Users\hdiouri\AppData\Roaming\Ymsoft 2016-06-09 00:17 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\Registration 2016-06-07 16:37 - 2015-10-20 14:44 - 00000000 ____D C:\Users\hdiouri\Desktop\BP TALBI MME 2016-06-07 14:24 - 2013-06-05 08:41 - 00000000 ____D C:\Users\hdiouri\AppData\Roaming\Dropbox 2016-06-07 14:03 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-06-02 14:18 - 2014-10-01 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-05-28 05:55 - 2016-02-13 13:16 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll ==================== Fichiers à la racine de certains dossiers ======= 2014-01-28 09:50 - 2014-10-01 08:19 - 0000697 _____ () C:\Users\hdiouri\AppData\Roaming\ConvAPIPlugin.log 2015-02-19 08:36 - 2014-10-15 08:54 - 0000043 _____ () C:\Users\hdiouri\AppData\Roaming\pdfdrawcodec.dll 2014-02-14 16:11 - 2014-02-14 16:35 - 0037069 _____ () C:\Users\hdiouri\AppData\Roaming\Valeurs séparées par une virgule (DOS).ADR 2014-02-14 16:13 - 2014-02-14 16:39 - 0037073 _____ () C:\Users\hdiouri\AppData\Roaming\Valeurs séparées par une virgule (Windows).ADR 2016-01-12 15:27 - 2016-05-10 20:33 - 0142885 _____ () C:\Users\hdiouri\AppData\Local\ars.cache 2016-01-12 15:28 - 2016-05-10 20:33 - 0751274 _____ () C:\Users\hdiouri\AppData\Local\census.cache 2015-06-12 15:08 - 2016-01-12 14:59 - 0000036 _____ () C:\Users\hdiouri\AppData\Local\housecall.guid.cache 2016-06-09 21:05 - 2016-06-09 21:13 - 0007625 _____ () C:\Users\hdiouri\AppData\Local\resmon.resmoncfg 2013-04-04 08:57 - 2014-10-01 08:20 - 0004141 _____ () C:\ProgramData\hpzinstall.log 2016-04-03 07:22 - 2016-04-03 07:22 - 0000016 _____ () C:\ProgramData\mntemp Fichiers à déplacer ou supprimer: ==================== C:\Users\adm\iperf.exe C:\Users\hdiouri\ZHPDiag3.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-06-09 20:56 ==================== Fin de FRST.txt ============================