Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware broke my dns config


  • This topic is locked This topic is locked
70 replies to this topic

#1 nelina29

nelina29

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 02 October 2015 - 04:06 PM

Hi,

Seems I was infected by some kind of virus. PC works but no internet if I use chrome or any other apps. Only Edge is working. I tried to install Norton and AVG but don't work because  both need connection to install. Skype is not loading also saying ''Cannot load dll DNSAPI.dll. Tried to reinitialize my PC (with option to keep my files) but doesn't work too... My computer run Win 10. Got a report in Defender saying it has intercepted virus Patches.AP twice yesterday.

 

Hope somebody can help me.

 

thanks



BC AdBot (Login to Remove)

 


#2 nelina29

nelina29
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 02 October 2015 - 04:41 PM

Seems dnsapi.dll been modified last week. Where can I find a safe dnsapi.dll file to downlod?



#3 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:52 PM

Posted 03 October 2015 - 04:35 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#4 nelina29

nelina29
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 03 October 2015 - 07:58 AM

Here is addition.txt
 
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:03-10-2015
Exécuté par Marc (2015-10-03 08:52:15)
Exécuté depuis C:\Users\Marc\Downloads
Windows 10 Home (X64) (2015-09-29 18:40:03)
Mode d'amorçage: Normal
==========================================================
 

==================== Comptes: =============================
 
Administrateur (S-1-5-21-4134767481-1855000554-3754352258-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4134767481-1855000554-3754352258-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4134767481-1855000554-3754352258-1003 - Limited - Enabled)
Invité (S-1-5-21-4134767481-1855000554-3754352258-501 - Limited - Disabled) => C:\Users\Invité
Marc (S-1-5-21-4134767481-1855000554-3754352258-1001 - Administrator - Enabled) => C:\Users\Marc
nelli (S-1-5-21-4134767481-1855000554-3754352258-1004 - Limited - Disabled) => C:\Users\nelli
 
==================== Centre de sécurité ========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
 
AV: Norton Security avec Backup (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security avec Backup (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security avec Backup (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Programmes installés ======================
 
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
 
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.4229.1024 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Norton Security with Backup (HKLM-x32\...\NSBU) (Version: 22.5.2.15 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.4229.1024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.4229.1024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.4229.1024 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Skype™ 7.11 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 
==================== Personnalisé CLSID (Avec liste blanche): ==========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 

==================== Points de restauration =========================
 
02-10-2015 20:50:20 Point de contrôle planifié
 
==================== Hosts contenu: ===============================
 
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
 
2015-09-29 08:54 - 2015-09-29 08:52 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Tâches planifiées (Avec liste blanche) =============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
Task: {0F71672D-D9F2-4F31-B9CF-80C889506F17} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {3732F711-4FFC-43E3-BE4C-CC469D49A5B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {93D8433F-7A51-4DDD-BB4D-6A97F598DFD7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {BDEDC939-0B61-4747-86E3-D6D18D5C2489} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {D0F92FA6-613C-41A9-9395-9D926E785B95} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-09-09] (Microsoft Corporation)
Task: {DA7F94F9-3E01-4393-A3CE-81F55F339B5C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-09-09] (Microsoft Corporation)
Task: {E225D3C8-1016-485A-8A15-5F6D645C8FEA} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {F71D3D8A-F3BD-434A-942C-61FC38EB8DE3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-09-29] (Microsoft Corporation)
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Modules chargés (Avec liste blanche) ==============
 
2015-08-03 04:58 - 2015-08-03 04:58 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 08:37 - 2015-08-11 05:13 - 00413184 _____ () C:\WINDOWS\System32\diagtrack_win.dll
2015-09-29 15:38 - 2015-09-09 22:33 - 00162880 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-29 14:24 - 2015-07-13 13:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-10-01 17:49 - 2015-09-17 01:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00143360 ____N () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-01 17:50 - 2015-09-17 01:44 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 17:48 - 2015-09-17 01:42 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 17:49 - 2015-09-17 01:42 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 17:49 - 2015-09-17 01:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 12:28 - 00210432 ____N () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-09-30 15:06 - 2015-09-30 15:06 - 08395776 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-09-30 15:06 - 2015-09-30 15:06 - 02311680 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
 
==================== Alternate Data Streams (Avec liste blanche) =========
 
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
 
AlternateDataStreams: C:\Users\Marc\OneDrive:ms-properties
 
==================== Mode sans échec (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
 

==================== EXE Association (Avec liste blanche) ===============
 
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
 

==================== Internet Explorer sites de confiance/sensibles ===============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
 

==================== Autres zones ============================
 
(Actuellement, il n'y a pas de correction automatique pour cette section.)
 
HKU\S-1-5-21-4134767481-1855000554-3754352258-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marc\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\papier peint de la visionneuse de photos windows.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
 
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
 
(Actuellement, il n'y a pas de correction automatique pour cette section.)
 

==================== RèglesPare-feu (Avec liste blanche) ===============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CE6A1852-7A43-42C9-AA82-98CBA289DF0F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F128A3D5-C99C-4FD4-A578-FC9B1FE5FB55}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{D280A6DC-6C0D-4D80-B4D9-59ED290FC1FD}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{096B64DD-B6F3-4636-9E64-BD7199E0586F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{09F62524-F3F9-477D-A1C4-8F9C23DB80F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{51D2D42F-09CD-4562-A6B3-799C24960A69}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{263CC231-088A-4137-8679-6C60A932130B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AB1A86C-D052-4003-8092-9D20C0D85B3F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C0EA91A1-90A1-4A5D-A15D-060A609610D1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1BE19668-19DB-4951-AFEE-F0A95D358ECA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
 
==================== Éléments en erreur du Gestionnaire de périphériques =============
 

==================== Erreurs du Journal des événements: =========================
 
Erreurs Application:
==================
Error: (10/03/2015 08:28:57 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
 
Error: (10/03/2015 08:27:15 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {4A472B29-9EF1-4E59-8564-D733751C2CE7}
 
Error: (10/03/2015 08:27:15 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {4A472B29-9EF1-4E59-8564-D733751C2CE7}
 
Error: (10/02/2015 08:50:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
 
System Error:
Accès refusé.
.
 
Error: (10/02/2015 05:36:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
 
System Error:
Accès refusé.
.
 
Error: (10/02/2015 05:16:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOPMARC)
Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
 
Error: (10/02/2015 05:10:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOPMARC)
Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
 
Error: (10/02/2015 04:27:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOPMARC)
Description: Échec de l’activation de l’application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
 
Error: (10/02/2015 03:35:44 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {2F7668CC-D5CB-415A-9B5E-36527D7BA44C}
 
Error: (10/02/2015 03:35:44 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {2F7668CC-D5CB-415A-9B5E-36527D7BA44C}
 

Erreurs système:
=============
Error: (10/02/2015 08:01:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Accès aux données utilisateur_Session1 s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
 
Error: (10/02/2015 08:01:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Stockage des données utilisateur_Session1 s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
 
Error: (10/02/2015 08:01:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Données de contacts_Session1 s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
 
Error: (10/02/2015 08:01:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Hôte de synchronisation_Session1 s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
 
Error: (10/02/2015 07:31:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Cache de police de Windows Presentation Foundation 3.0.0.0 n'a pas pu démarrer en raison de l'erreur :
%%1053
 
Error: (10/02/2015 07:31:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l'attente de la connexion du service Cache de police de Windows Presentation Foundation 3.0.0.0.
 
Error: (10/02/2015 07:30:41 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.
 
Error: (10/02/2015 07:30:39 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.
 
Error: (10/02/2015 07:29:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Accès aux données utilisateur_Session1 s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
 
Error: (10/02/2015 07:29:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Stockage des données utilisateur_Session1 s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
 

CodeIntegrity:
===================================
  Date: 2015-10-03 08:43:34.729
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-03 08:43:34.706
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-03 08:42:21.721
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-03 08:42:21.700
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-02 17:32:12.851
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-02 17:32:12.833
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-02 17:21:46.139
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-02 17:21:46.083
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-02 15:43:21.991
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-02 15:43:21.957
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

==================== Infos Mémoire ===========================
 
Processeur: Intel® Core™ i5-4210U CPU @ 1.70GHz
Pourcentage de mémoire utilisée: 33%
Mémoire physique - RAM - totale: 8115.27 MB
Mémoire physique - RAM - disponible: 5370.96 MB
Mémoire virtuelle totale: 10035.27 MB
Mémoire virtuelle disponible: 7281.34 MB
 
==================== Lecteurs ================================
 
Drive c: (Acer) (Fixed) (Total:913.91 GB) (Free:719.65 GB) NTFS
 
==================== MBR & Table des partitions ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8503DE52)
 
Partition: GPT.
 
==================== Fin de Addition.txt ============================



#5 nelina29

nelina29
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 03 October 2015 - 08:01 AM

FRST.txt report
 
Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version:03-10-2015
Exécuté par Marc (administrateur) sur LAPTOPMARC (03-10-2015 08:50:47)
Exécuté depuis C:\Users\Marc\Downloads
Profils chargés: Marc (Profils disponibles: Marc & nelli & Invité)
Platform: Windows 10 Home (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processus (Avec liste blanche) =================
 
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\NSBU.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\NSBU.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
 

==================== Registre (Avec liste blanche) ===========================
 
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-4134767481-1855000554-3754352258-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-4134767481-1855000554-3754352258-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57864728 2015-09-17] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
 
==================== Internet (Avec liste blanche) ====================
 
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a91c08e2-aebc-48fe-b757-cbc209115955}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-4134767481-1855000554-3754352258-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=85B0FFD7-015C-4C5B-9FD8-5FB08740C9F6&SearchSource=55&CUI=&UM=8&UP=SP5DA9A4D0-BF65-4A44-BE9A-1F70A2070408&D=091615&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-09-29] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-29] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-29] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-09-29] (Microsoft Corporation)
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-09-29] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.2.15\coFFPlgn [2015-10-02]
 
Chrome:
=======
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-29]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-29]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-29]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Recherche Google) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-29]
CHR Extension: (Google Sheets) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-29]
CHR Extension: (Google Docs hors connexion) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-29]
CHR Extension: (Gmail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-29]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\Exts\Chrome.crx [2015-10-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\Exts\Chrome.crx [2015-10-01]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Avec liste blanche) ========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2836056 2015-09-09] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\NSBU.exe [282016 2015-07-16] (Symantec Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 
===================== Pilotes (Avec liste blanche) ==========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
R3 athr; C:\Windows\System32\drivers\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.2.15\Definitions\BASHDefs\20150706.001\BHDrvx64.sys [1648880 2015-07-10] (Symantec Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R1 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
S3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.2.15\Definitions\IPSDefs\20150710.001\IDSVia64.sys [692984 2015-07-10] (Symantec Corporation)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.2.15\Definitions\VirusDefs\20150710.002\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.2.15\Definitions\VirusDefs\20150710.002\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 SRTSP; C:\Windows\system32\drivers\NSBUx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSBUx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NSBUx64\1605020.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-10-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSBUx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NSBUx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\System32\drivers\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 

==================== Un mois - Créés - fichiers et dossiers ========
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2015-10-03 08:50 - 2015-10-03 08:51 - 00015167 _____ C:\Users\Marc\Downloads\FRST.txt
2015-10-03 08:43 - 2015-10-03 08:50 - 00000000 ____D C:\FRST
2015-10-03 08:43 - 2015-10-03 08:43 - 02193408 _____ (Farbar) C:\Users\Marc\Downloads\FRST64.exe
2015-10-03 08:18 - 2015-10-03 08:18 - 00016148 _____ C:\WINDOWS\system32\LAPTOPMARC_Marc_HistoryPrediction.bin
2015-10-02 19:41 - 2015-10-02 19:41 - 00270336 _____ (Microsoft Corporation) C:\Users\Marc\Downloads\dnsapi.dll
2015-10-02 19:27 - 2015-10-02 19:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-10-02 17:54 - 2011-03-21 00:00 - 00148480 _____ (Microsoft Corporation) C:\Users\Marc\Desktop\dnsapi.dll
2015-10-02 17:53 - 2015-10-02 17:54 - 00083548 _____ C:\Users\Marc\Downloads\dnsapi.zip
2015-10-02 17:32 - 2015-10-02 17:32 - 00000000 ____D C:\ProgramData\TEMP
2015-10-02 17:31 - 2015-10-02 17:31 - 05403792 _____ (Dll-Files.com ) C:\Users\Marc\Downloads\dff_avnd0-dnsapi.exe
2015-10-02 17:21 - 2015-10-02 17:23 - 00022574 _____ C:\WINDOWS\SysWOW64\MTB.txt
2015-10-02 17:19 - 2015-10-02 17:19 - 00891392 _____ (Farbar) C:\Users\Marc\Downloads\MiniToolBox.exe
2015-10-02 13:23 - 2015-10-02 13:23 - 00000000 ___HD C:\$Windows.~BT
2015-10-02 11:19 - 2015-10-02 13:35 - 00000000 _____ C:\Recovery.txt
2015-10-02 07:00 - 2015-10-02 07:00 - 00000000 ____D C:\Users\Marc\AppData\Local\AvgSetupLog
2015-10-02 07:00 - 2015-10-02 07:00 - 00000000 ____D C:\Users\Marc\AppData\Local\Avg
2015-10-02 06:59 - 2015-10-02 06:59 - 02895448 _____ (AVG Technologies) C:\Users\Marc\Downloads\AVG_Protection_Free_698.exe
2015-10-01 23:39 - 2015-10-01 23:39 - 00593693 _____ C:\Users\Marc\Downloads\Autoruns.zip
2015-10-01 22:25 - 2015-10-01 22:26 - 06677440 _____ (Piriform Ltd) C:\Users\Marc\Downloads\ccsetup510.exe
2015-10-01 22:09 - 2015-10-01 22:09 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-10-01 21:59 - 2015-10-01 21:59 - 00929872 _____ (Google Inc.) C:\Users\Marc\Downloads\ChromeSetup (1).exe
2015-10-01 21:51 - 2015-10-01 21:52 - 131407120 _____ (Microsoft Corporation) C:\Users\Marc\Downloads\msert.exe
2015-10-01 21:19 - 2015-10-01 21:19 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-10-01 21:19 - 2015-10-01 21:19 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-10-01 21:19 - 2015-10-01 21:19 - 00003410 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-10-01 21:19 - 2015-10-01 21:19 - 00002617 _____ C:\Users\Public\Desktop\Norton Security avec Backup.LNK
2015-10-01 21:19 - 2015-10-01 21:19 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-10-01 21:17 - 2015-10-01 21:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2015-10-01 21:17 - 2015-10-01 21:19 - 00000000 ____D C:\ProgramData\Norton
2015-10-01 21:17 - 2015-10-01 21:17 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSBUx64
2015-10-01 21:17 - 2015-10-01 21:17 - 00000000 ____D C:\Program Files (x86)\Norton Security with Backup
2015-10-01 21:14 - 2015-10-01 21:17 - 144919056 _____ (Symantec Corporation) C:\Users\Marc\Downloads\NSBU_22.5.2.15_SYMTB_PROMO_4_MRFTT_CC035_13035-FR-FR.exe
2015-10-01 21:09 - 2015-09-14 23:31 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-01 21:09 - 2015-09-14 23:31 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-01 21:07 - 2015-10-02 19:30 - 02771754 _____ C:\WINDOWS\PFRO.log
2015-10-01 20:59 - 2015-10-01 21:00 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Marc\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-10-01 17:53 - 2015-10-01 17:54 - 08540502 _____ C:\Users\Marc\Downloads\! Viridi§2§lPack §7§l[UHC] .zip
2015-10-01 17:50 - 2015-09-17 02:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 17:50 - 2015-09-17 02:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 17:50 - 2015-09-17 02:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 17:50 - 2015-09-17 02:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 17:50 - 2015-09-17 02:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 17:50 - 2015-09-17 02:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-01 17:50 - 2015-09-17 01:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 17:50 - 2015-09-17 01:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 17:50 - 2015-09-17 01:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-01 17:50 - 2015-09-17 01:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 17:50 - 2015-09-17 01:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 17:50 - 2015-09-17 01:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-01 17:50 - 2015-09-17 01:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 17:50 - 2015-09-17 01:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-01 17:50 - 2015-09-17 01:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 17:49 - 2015-09-24 20:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 17:49 - 2015-09-24 20:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 17:49 - 2015-09-24 20:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 17:49 - 2015-09-24 19:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-01 17:49 - 2015-09-24 19:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-01 17:49 - 2015-09-24 19:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 17:49 - 2015-09-24 19:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 17:49 - 2015-09-24 19:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-01 17:49 - 2015-09-24 19:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 17:49 - 2015-09-24 19:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-01 17:49 - 2015-09-24 19:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 17:49 - 2015-09-24 19:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-01 17:49 - 2015-09-24 19:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 17:49 - 2015-09-24 19:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-01 17:49 - 2015-09-24 19:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 17:49 - 2015-09-24 19:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-01 17:49 - 2015-09-24 19:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 17:49 - 2015-09-24 19:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-01 17:49 - 2015-09-24 19:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 17:49 - 2015-09-24 18:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 17:49 - 2015-09-24 18:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-01 17:49 - 2015-09-24 18:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-01 17:49 - 2015-09-24 18:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 17:49 - 2015-09-24 18:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-01 17:49 - 2015-09-24 18:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-01 17:49 - 2015-09-24 18:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-01 17:49 - 2015-09-24 18:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-01 17:49 - 2015-09-24 18:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-01 17:49 - 2015-09-24 18:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-01 17:49 - 2015-09-24 18:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-01 17:49 - 2015-09-19 01:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 17:49 - 2015-09-17 02:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 17:49 - 2015-09-17 02:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 17:49 - 2015-09-17 02:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 17:49 - 2015-09-17 02:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 17:49 - 2015-09-17 02:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 17:49 - 2015-09-17 02:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 17:49 - 2015-09-17 02:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 17:49 - 2015-09-17 02:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 17:49 - 2015-09-17 02:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 17:49 - 2015-09-17 02:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 17:49 - 2015-09-17 02:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 17:49 - 2015-09-17 02:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 17:49 - 2015-09-17 02:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 17:49 - 2015-09-17 02:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 17:49 - 2015-09-17 02:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 17:49 - 2015-09-17 02:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 17:49 - 2015-09-17 02:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 17:49 - 2015-09-17 02:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 17:49 - 2015-09-17 02:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 17:49 - 2015-09-17 02:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 17:49 - 2015-09-17 02:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 17:49 - 2015-09-17 02:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 17:49 - 2015-09-17 02:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 17:49 - 2015-09-17 02:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 17:49 - 2015-09-17 02:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 17:49 - 2015-09-17 02:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 17:49 - 2015-09-17 02:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 17:49 - 2015-09-17 02:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 17:49 - 2015-09-17 02:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 17:49 - 2015-09-17 02:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 17:49 - 2015-09-17 02:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 17:49 - 2015-09-17 02:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 17:49 - 2015-09-17 02:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 17:49 - 2015-09-17 02:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 17:49 - 2015-09-17 02:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 17:49 - 2015-09-17 02:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 17:49 - 2015-09-17 02:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 17:49 - 2015-09-17 02:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 17:49 - 2015-09-17 02:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 17:49 - 2015-09-17 02:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 17:49 - 2015-09-17 02:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 17:49 - 2015-09-17 02:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 17:49 - 2015-09-17 02:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 17:49 - 2015-09-17 02:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 17:49 - 2015-09-17 02:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 17:49 - 2015-09-17 02:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 17:49 - 2015-09-17 02:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 17:49 - 2015-09-17 02:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 17:49 - 2015-09-17 02:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 17:49 - 2015-09-17 02:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 17:49 - 2015-09-17 02:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 17:49 - 2015-09-17 02:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 17:49 - 2015-09-17 02:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 17:49 - 2015-09-17 02:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 17:49 - 2015-09-17 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 17:49 - 2015-09-17 02:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 17:49 - 2015-09-17 02:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 17:49 - 2015-09-17 02:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 17:49 - 2015-09-17 02:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 17:49 - 2015-09-17 01:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 17:49 - 2015-09-17 01:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 17:49 - 2015-09-17 01:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 17:49 - 2015-09-17 01:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 17:49 - 2015-09-17 01:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 17:49 - 2015-09-17 01:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 17:49 - 2015-09-17 01:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 17:49 - 2015-09-17 01:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 17:49 - 2015-09-17 01:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 17:49 - 2015-09-17 01:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 17:49 - 2015-09-17 01:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 17:49 - 2015-09-17 01:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 17:49 - 2015-09-17 01:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 17:49 - 2015-09-17 01:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 17:49 - 2015-09-17 01:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 17:49 - 2015-09-17 01:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 17:49 - 2015-09-17 01:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 17:49 - 2015-09-17 01:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 17:49 - 2015-09-17 01:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 17:49 - 2015-09-17 01:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 17:49 - 2015-09-17 01:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 17:49 - 2015-09-17 01:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 17:49 - 2015-09-17 01:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 17:49 - 2015-09-17 01:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 17:49 - 2015-09-17 01:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 17:49 - 2015-09-17 01:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 17:49 - 2015-09-17 01:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 17:49 - 2015-09-17 01:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 17:49 - 2015-09-17 01:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 17:49 - 2015-09-17 01:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-10-01 17:49 - 2015-09-17 01:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 17:49 - 2015-09-17 01:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 17:49 - 2015-09-17 01:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 17:49 - 2015-09-17 01:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 17:49 - 2015-09-17 01:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 17:49 - 2015-09-17 01:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 17:49 - 2015-09-17 01:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 17:49 - 2015-09-17 01:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 17:49 - 2015-09-17 01:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 17:49 - 2015-09-17 01:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 17:49 - 2015-09-17 01:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 17:49 - 2015-09-17 01:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 17:49 - 2015-09-17 01:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 17:49 - 2015-09-17 01:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 17:49 - 2015-09-17 01:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 17:49 - 2015-09-17 01:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 17:49 - 2015-09-17 01:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 17:49 - 2015-09-17 01:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 17:49 - 2015-09-17 01:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 17:49 - 2015-09-17 01:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 17:49 - 2015-09-17 01:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 17:49 - 2015-09-17 01:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 17:49 - 2015-09-17 01:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 17:49 - 2015-09-17 01:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 17:49 - 2015-09-17 01:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 17:49 - 2015-09-17 01:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 17:49 - 2015-09-17 01:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 17:49 - 2015-09-17 01:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 17:49 - 2015-09-17 01:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 17:49 - 2015-09-17 01:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 17:49 - 2015-09-17 01:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 17:49 - 2015-09-17 01:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 17:49 - 2015-09-17 01:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 17:49 - 2015-09-17 01:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 17:49 - 2015-09-17 01:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 17:49 - 2015-09-17 01:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 17:49 - 2015-09-17 01:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 17:49 - 2015-09-17 01:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 17:49 - 2015-09-17 01:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 17:49 - 2015-09-17 01:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 17:49 - 2015-09-17 01:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 17:49 - 2015-09-17 01:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 17:49 - 2015-09-17 01:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 17:49 - 2015-09-17 01:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 17:49 - 2015-09-17 01:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 17:49 - 2015-09-17 01:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 17:49 - 2015-09-17 01:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 17:49 - 2015-09-17 01:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 17:49 - 2015-09-17 01:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 17:49 - 2015-09-17 01:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 17:49 - 2015-09-17 01:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 17:49 - 2015-09-17 01:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 17:49 - 2015-09-17 01:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 17:49 - 2015-09-17 01:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 17:49 - 2015-09-17 01:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-01 17:49 - 2015-09-17 01:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 17:49 - 2015-09-17 01:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 17:49 - 2015-09-17 01:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 17:49 - 2015-09-17 01:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-01 17:49 - 2015-09-17 01:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 17:49 - 2015-09-17 01:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 17:49 - 2015-09-17 01:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 17:49 - 2015-09-17 01:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 17:49 - 2015-09-17 01:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 17:49 - 2015-09-17 01:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 17:49 - 2015-09-17 01:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 17:49 - 2015-09-17 01:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 17:49 - 2015-09-12 22:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 17:49 - 2015-09-12 21:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 17:48 - 2015-10-01 17:49 - 42807199 _____ C:\Users\Marc\Downloads\#REDPack_ V1.rar
2015-10-01 17:48 - 2015-09-17 02:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 17:48 - 2015-09-17 02:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 17:48 - 2015-09-17 02:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 17:48 - 2015-09-17 02:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 17:48 - 2015-09-17 02:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 17:48 - 2015-09-17 02:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 17:48 - 2015-09-17 01:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 17:48 - 2015-09-17 01:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 17:48 - 2015-09-17 01:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 17:48 - 2015-09-17 01:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 17:48 - 2015-09-17 01:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 17:48 - 2015-09-17 01:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 17:48 - 2015-09-17 01:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 17:48 - 2015-09-17 01:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 17:48 - 2015-09-17 01:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 17:48 - 2015-09-17 01:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 17:48 - 2015-09-17 01:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 17:48 - 2015-09-17 01:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 17:48 - 2015-09-17 01:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-01 17:48 - 2015-09-17 01:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 17:48 - 2015-08-11 04:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-10-01 17:48 - 2015-08-02 22:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-10-01 17:48 - 2015-08-02 21:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-10-01 17:48 - 2015-07-30 00:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-10-01 17:45 - 2015-08-20 01:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-10-01 17:45 - 2015-08-02 22:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-10-01 17:45 - 2015-08-02 21:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-10-01 17:45 - 2015-07-30 00:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-10-01 17:44 - 2015-08-11 05:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-10-01 17:44 - 2015-07-30 02:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-10-01 17:44 - 2015-07-29 23:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-10-01 17:44 - 2015-07-29 23:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-09-30 16:48 - 2015-09-30 16:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-09-30 16:10 - 2015-09-30 16:10 - 00001826 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-30 16:10 - 2015-09-30 16:10 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Apple Computer
2015-09-30 16:10 - 2015-09-30 16:10 - 00000000 ____D C:\Users\Marc\AppData\Local\Apple Computer
2015-09-30 16:10 - 2015-09-30 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-30 16:09 - 2015-09-30 16:10 - 00000000 ____D C:\Program Files\iTunes
2015-09-30 16:09 - 2015-09-30 16:09 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-30 16:09 - 2015-09-30 16:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-09-30 16:09 - 2015-09-30 16:09 - 00000000 ____D C:\Users\Marc\AppData\Local\Apple
2015-09-30 16:09 - 2015-09-30 16:09 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-30 16:09 - 2015-09-30 16:09 - 00000000 ____D C:\Program Files\iPod
2015-09-30 16:09 - 2015-09-30 16:09 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-30 16:09 - 2015-09-30 16:09 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-30 16:08 - 2015-09-30 16:09 - 00000000 ____D C:\ProgramData\Apple
2015-09-30 16:08 - 2015-09-30 16:09 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-30 16:08 - 2015-09-30 16:08 - 00000000 ____D C:\Program Files\Bonjour
2015-09-30 16:08 - 2015-09-30 16:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-30 16:04 - 2015-09-30 16:08 - 167601944 _____ (Apple Inc.) C:\Users\Marc\Downloads\iTunes6464Setup (1).exe
2015-09-30 15:14 - 2015-09-30 15:14 - 00031474 _____ C:\Users\Marc\Desktop\2015-09-30 -  UNIVERT - PRICE LIST UK DESTINATIONS.xlsx
2015-09-30 15:13 - 2015-09-30 15:13 - 00031446 _____ C:\Users\Marc\Downloads\2015-09-30 -  UNIVERT - PRICE LIST UK DESTINATIONS.xlsx
2015-09-30 11:48 - 2015-09-30 11:48 - 00347816 _____ (Microsoft Corporation) C:\Users\Marc\Downloads\MicrosoftFixit.HomeGroup.Run.exe
2015-09-30 11:38 - 2015-09-30 11:38 - 00000000 ____D C:\Users\Marc\AppData\Local\NetworkTiles
2015-09-29 21:47 - 2015-09-29 21:47 - 01067418 _____ C:\Users\Marc\Downloads\!Uhc Default Edit.zip
2015-09-29 17:42 - 2015-07-05 06:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-09-29 17:39 - 2015-09-29 17:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-29 17:39 - 2015-08-26 18:37 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-09-29 17:22 - 2015-09-29 17:22 - 00000000 ____D C:\Users\Marc\AppData\Local\Razer_Inc
2015-09-29 17:21 - 2015-09-29 17:21 - 00000000 ____D C:\ProgramData\Razer
2015-09-29 17:12 - 2015-09-29 17:12 - 00000000 ____D C:\Users\Marc\AppData\Roaming\WinRAR
2015-09-29 16:42 - 2015-09-29 16:42 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
2015-09-29 16:42 - 2015-09-29 16:42 - 00000000 ____D C:\Program Files (x86)\Movie Maker 2.6
2015-09-29 16:41 - 2015-09-29 16:42 - 07357440 _____ C:\Users\Marc\Downloads\MM26_ENU.msi
2015-09-29 16:39 - 2015-09-29 17:07 - 898572429 _____ C:\Users\Marc\Downloads\Cinema 4D R14.rar
2015-09-29 16:37 - 2015-09-29 16:37 - 01941744 _____ C:\Users\Marc\Downloads\winrar-x64-521 (1).exe
2015-09-29 16:37 - 2015-09-29 16:37 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-09-29 16:37 - 2015-09-29 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-09-29 16:37 - 2015-09-29 16:37 - 00000000 ____D C:\Program Files\WinRAR
2015-09-29 16:35 - 2015-09-29 16:35 - 01138202 _____ C:\Users\Marc\Downloads\OptiFine_1.8.8_HD_U_F3 (3).jar
2015-09-29 16:34 - 2015-10-01 20:43 - 00000000 ____D C:\Users\Marc\AppData\Roaming\.minecraft
2015-09-29 16:34 - 2015-09-29 16:34 - 00000000 ____D C:\Users\Marc\AppData\Roaming\java
2015-09-29 16:31 - 2015-09-29 16:33 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-09-29 16:31 - 2015-09-29 16:31 - 00001034 _____ C:\Users\Public\Desktop\Minecraft.lnk
2015-09-29 16:31 - 2015-09-29 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-09-29 16:30 - 2015-09-29 16:30 - 00001012 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-09-29 16:30 - 2015-09-29 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-09-29 16:30 - 2015-09-29 16:30 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-09-29 16:27 - 2015-10-01 21:01 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Skype
2015-09-29 16:27 - 2015-09-29 16:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-29 16:27 - 2015-09-29 16:27 - 00000000 ____D C:\Users\Marc\AppData\Local\Skype
2015-09-29 16:27 - 2015-09-29 16:27 - 00000000 ____D C:\ProgramData\Skype
2015-09-29 16:27 - 2015-09-29 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-29 16:26 - 2015-09-29 16:26 - 01505304 _____ (Skype Technologies S.A.) C:\Users\Marc\Downloads\SkypeSetup (1).exe
2015-09-29 16:23 - 2015-10-03 08:22 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FE7A2008-45C0-4D9C-A934-242BE447C374}
2015-09-29 16:22 - 2015-09-29 16:23 - 00000000 ____D C:\ProgramData\Oracle
2015-09-29 16:22 - 2015-09-29 16:22 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-29 16:22 - 2015-09-29 16:22 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Sun
2015-09-29 16:22 - 2015-09-29 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-29 16:22 - 2015-09-29 16:22 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-29 16:21 - 2015-09-29 16:21 - 00584288 _____ (Oracle Corporation) C:\Users\Marc\Downloads\JavaSetup8u60.exe
2015-09-29 15:49 - 2015-09-29 15:49 - 00000000 ____D C:\Users\Marc\AppData\Local\CEF
2015-09-29 15:47 - 2015-10-02 03:32 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-09-29 15:47 - 2015-09-29 15:47 - 00002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2015-09-29 15:47 - 2015-09-29 15:47 - 00002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2015-09-29 15:47 - 2015-09-29 15:47 - 00002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2015-09-29 15:47 - 2015-09-29 15:47 - 00002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2015-09-29 15:47 - 2015-09-29 15:47 - 00002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-09-29 15:47 - 2015-09-29 15:47 - 00002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2015-09-29 15:47 - 2015-09-29 15:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2015-09-29 15:47 - 2015-09-29 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016
2015-09-29 15:46 - 2015-09-29 15:49 - 00000000 ____D C:\ProgramData\Adobe
2015-09-29 15:46 - 2015-09-29 15:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-09-29 15:46 - 2015-09-29 15:46 - 00002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-09-29 15:46 - 2015-09-29 15:46 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-29 15:44 - 2015-09-29 15:49 - 00000000 ____D C:\Users\Marc\AppData\Local\Adobe
2015-09-29 15:38 - 2015-10-01 21:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-09-29 15:38 - 2015-09-29 15:38 - 02877096 _____ (Microsoft Corporation) C:\Users\Marc\Downloads\Setup.X86.fr-FR_O365HomePremRetail_d27930aa-cce7-4c39-b804-b1c6a4f7bb2f_TX_PR_.exe
2015-09-29 15:38 - 2015-09-29 15:38 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-29 15:35 - 2015-10-01 23:06 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-29 15:35 - 2015-09-29 16:15 - 00000000 ____D C:\Users\Marc\AppData\Local\Google
2015-09-29 15:35 - 2015-09-29 15:35 - 00929872 _____ (Google Inc.) C:\Users\Marc\Downloads\ChromeSetup.exe
2015-09-29 15:34 - 2015-09-29 15:34 - 00002339 _____ C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-29 15:34 - 2015-09-29 15:34 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Macromedia
2015-09-29 15:33 - 2015-09-29 15:34 - 00000000 ____D C:\Users\Marc\AppData\Local\MicrosoftEdge
2015-09-29 15:33 - 2015-09-29 15:33 - 00001337 _____ C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gestionnaire audio HD.lnk
2015-09-29 15:33 - 2015-09-29 15:33 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-09-29 15:31 - 2015-09-30 15:34 - 00000000 ____D C:\Users\Marc\AppData\Local\Comms
2015-09-29 15:31 - 2015-09-29 15:31 - 00000000 ____D C:\Users\Marc\AppData\Local\Publishers
2015-09-29 15:30 - 2015-10-03 08:37 - 00000000 ____D C:\Users\Marc\AppData\Local\Packages
2015-09-29 15:30 - 2015-09-29 15:49 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Adobe
2015-09-29 15:30 - 2015-09-29 15:30 - 00000000 ____D C:\Users\Marc\AppData\Local\VirtualStore
2015-09-29 15:30 - 2015-09-29 15:30 - 00000000 ____D C:\Users\Marc\AppData\Local\TileDataLayer
2015-09-29 15:29 - 2015-09-29 15:29 - 00000020 ___SH C:\Users\Marc\ntuser.ini
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default\Modèles
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default\Documents\Mes images
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\ProgramData\Modèles
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\ProgramData\Menu Démarrer
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\ProgramData\Bureau
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 _SHDL C:\Program Files\Fichiers communs
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 __SHD C:\Recovery
2015-09-29 14:33 - 2015-10-02 19:28 - 01835972 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-29 14:31 - 2015-10-01 21:09 - 00000000 ____D C:\Users\Marc
2015-09-29 14:31 - 2015-09-29 15:30 - 00000000 ___RD C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-29 14:31 - 2015-09-29 14:32 - 00000000 ____D C:\Users\nelli
2015-09-29 14:31 - 2015-09-29 14:32 - 00000000 ____D C:\Users\Invité
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\nelli\Voisinage réseau
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\nelli\Voisinage d'impression
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\nelli\Modèles
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\nelli\Menu Démarrer
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\nelli\Documents\Mes vidéos
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\nelli\Documents\Mes images
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\nelli\Documents\Ma musique
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\nelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\nelli\AppData\Local\Historique
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Marc\Voisinage réseau
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Marc\Voisinage d'impression
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Marc\Modèles
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Marc\Menu Démarrer
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Marc\Documents\Mes vidéos
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Marc\Documents\Mes images
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Marc\Documents\Ma musique
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Marc\AppData\Local\Historique
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Invité\Voisinage réseau
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Invité\Voisinage d'impression
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Invité\Modèles
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Invité\Menu Démarrer
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Invité\Documents\Mes vidéos
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Invité\Documents\Mes images
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Invité\Documents\Ma musique
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-09-29 14:31 - 2015-09-29 14:31 - 00000000 _SHDL C:\Users\Invité\AppData\Local\Historique
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 __RSD C:\Users\nelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 __RSD C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 __RSD C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\nelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\nelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\nelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 ____D C:\Users\nelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-29 14:31 - 2015-09-29 08:54 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-29 14:30 - 2015-09-29 14:30 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-29 14:24 - 2015-10-03 08:41 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-29 14:24 - 2015-09-29 14:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-29 14:24 - 2015-09-29 14:24 - 00000000 ____D C:\Program Files\Common Files\Atheros
2015-09-29 14:24 - 2015-07-13 13:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-09-29 14:24 - 2015-07-13 13:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-09-29 14:24 - 2015-07-13 13:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-09-29 14:24 - 2015-07-13 13:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-09-29 14:24 - 2015-07-13 13:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-09-29 14:24 - 2015-07-13 13:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-09-29 14:24 - 2015-07-13 13:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-09-29 14:24 - 2015-07-13 13:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-09-29 14:24 - 2015-07-13 12:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-29 14:23 - 2015-10-02 20:02 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-29 14:23 - 2015-09-29 14:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-29 14:23 - 2015-09-29 14:23 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-09-29 14:23 - 2015-07-17 23:58 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-09-29 14:23 - 2015-07-17 23:58 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-09-29 14:22 - 2015-09-29 14:22 - 00646947 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2015-09-29 14:22 - 2015-09-29 14:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-09-29 14:22 - 2015-09-29 14:22 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-09-29 14:22 - 2015-09-29 14:22 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-09-29 14:22 - 2015-09-29 14:22 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-09-29 14:22 - 2015-09-29 14:22 - 00000000 ____D C:\ProgramData\USOShared
2015-09-29 14:22 - 2015-09-29 14:22 - 00000000 ____D C:\Program Files\Realtek
2015-09-29 14:22 - 2015-09-29 14:22 - 00000000 ____D C:\Program Files\Intel
2015-09-29 14:22 - 2015-06-30 14:00 - 19844096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\SETC87E.tmp
2015-09-29 14:18 - 2015-07-10 06:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-09-29 14:16 - 2015-10-02 19:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-29 14:16 - 2015-10-02 19:27 - 00011539 _____ C:\WINDOWS\setupact.log
2015-09-29 14:16 - 2015-09-29 14:16 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-29 14:15 - 2015-10-01 21:07 - 00331104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-29 09:14 - 2015-10-02 13:35 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-29 09:13 - 2015-10-02 18:06 - 00000000 ____D C:\Windows.old
2015-09-29 09:08 - 2015-09-29 09:08 - 00028672 ___SH C:\WINDOWS\system32\config\BCD-Template.LOG
2015-09-29 09:07 - 2015-09-29 09:07 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-09-29 09:06 - 2015-10-01 21:10 - 00000000 ____D C:\Program Files (x86)\Razer
2015-09-29 09:05 - 2015-09-29 09:05 - 00000000 ____D C:\WINDOWS\Setup
2015-09-29 09:04 - 2015-09-29 09:04 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-09-29 09:04 - 2015-09-29 09:04 - 00000000 ____D C:\WINDOWS\OCR
2015-09-29 09:04 - 2015-09-29 09:04 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-09-29 09:04 - 2015-09-29 09:04 - 00000000 ____D C:\Program Files\MSBuild
2015-09-29 09:04 - 2015-09-29 09:04 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-09-29 09:04 - 2015-09-29 09:04 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-29 09:03 - 2015-10-02 19:28 - 00819560 _____ C:\WINDOWS\system32\perfh00C.dat
2015-09-29 09:03 - 2015-10-02 19:28 - 00152522 _____ C:\WINDOWS\system32\perfc00C.dat
2015-09-29 09:03 - 2015-09-29 09:02 - 00350774 _____ C:\WINDOWS\system32\perfi00C.dat
2015-09-29 09:03 - 2015-09-29 09:02 - 00040528 _____ C:\WINDOWS\system32\perfd00C.dat
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\fr
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\Drivers\fr-CA
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\system32\fr
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\system32\Drivers\fr-CA
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\system32\0409
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\fr-CA
2015-09-29 09:02 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-09-29 08:55 - 2015-09-29 14:26 - 00001189 _____ C:\WINDOWS\DtcInstall.log
2015-09-29 08:54 - 2015-10-03 08:37 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-29 08:54 - 2015-10-03 08:19 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-29 08:54 - 2015-10-02 20:56 - 00000000 ____D C:\WINDOWS\rescache
2015-09-29 08:54 - 2015-10-01 21:31 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-29 08:54 - 2015-10-01 21:19 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\fr-CA
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\WINDOWS\system32\fr-CA
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-09-29 08:54 - 2015-10-01 21:04 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-29 08:54 - 2015-09-30 03:32 - 00000000 ____D C:\WINDOWS\appcompat
2015-09-29 08:54 - 2015-09-29 16:30 - 00000000 ____D C:\WINDOWS\system32\restore
2015-09-29 08:54 - 2015-09-29 15:38 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-29 08:54 - 2015-09-29 15:30 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-09-29 08:54 - 2015-09-29 15:30 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-09-29 08:54 - 2015-09-29 14:38 - 00000000 ____D C:\Program Files\Windows NT
2015-09-29 08:54 - 2015-09-29 14:33 - 00000000 __RHD C:\Users\Public\Libraries
2015-09-29 08:54 - 2015-09-29 14:33 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-09-29 08:54 - 2015-09-29 14:33 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-09-29 08:54 - 2015-09-29 14:33 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-09-29 08:54 - 2015-09-29 14:26 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-09-29 08:54 - 2015-09-29 14:24 - 00000000 ____D C:\WINDOWS\Help
2015-09-29 08:54 - 2015-09-29 14:22 - 00000000 ____D C:\ProgramData\USOPrivate
2015-09-29 08:54 - 2015-09-29 09:14 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-09-29 08:54 - 2015-09-29 09:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-09-29 08:54 - 2015-09-29 09:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\system32\setup
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\system32\Com
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\IME
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-09-29 08:54 - 2015-09-29 09:02 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 __RSD C:\WINDOWS\Media
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 __RSD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 __RSD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___SD C:\WINDOWS\system32\Nui
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___SD C:\Program Files\WindowsPowerShell
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___SD C:\Program Files (x86)\WindowsPowerShell
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\Web
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\Vss
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\tracing
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\TAPI
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\WindowsPowerShell
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\sru
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-CS
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\sppui
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\spp
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech_OneCore
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\restore
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Recovery
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\RasToast
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\networklist
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\MSDRM
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Licenses
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\es-MX
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SystemResources
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\winevt
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\WindowsPowerShell
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\th-TH
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\sppui
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\spp
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\spool
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\Speech_OneCore
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\Speech
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\RasToast
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\ras
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\networklist
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\MSDRM
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\Macromed
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\Licenses
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\IME
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\icsxml
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\ias
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\he-IL
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\es-MX
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\downlevel
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system\Speech
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\System
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\Speech_OneCore
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\Speech
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SKB
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\ShellNew
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\security
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\schemas
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\SchCache
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\Resources
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\Registration
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\PLA
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\Performance
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\InputMethod
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\Globalization
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\Cursors
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\Branding
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\addins
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\ProgramData\Comms
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\Program Files\Common Files\Services
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-09-29 08:54 - 2015-09-29 08:54 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-09-29 08:54 - 2015-09-29 08:52 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-09-29 08:54 - 2015-09-29 08:52 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2015-09-29 08:54 - 2015-09-29 08:52 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2015-09-29 08:54 - 2015-09-29 08:52 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-09-29 08:54 - 2015-09-29 08:52 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2015-09-29 08:54 - 2015-09-29 08:52 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2015-09-29 08:54 - 2015-09-29 08:52 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2015-09-29 08:54 - 2015-09-29 08:52 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2015-09-29 08:54 - 2015-09-29 08:52 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2015-09-29 08:54 - 2015-09-29 08:52 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2015-09-29 08:54 - 2015-09-29 08:52 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2015-09-29 08:54 - 2015-09-29 08:52 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2015-09-29 08:54 - 2015-09-29 08:52 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2015-09-29 08:54 - 2015-09-29 08:52 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2015-09-29 08:54 - 2015-09-29 08:52 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2015-09-29 08:54 - 2015-09-29 08:52 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2015-09-29 08:54 - 2015-09-29 08:52 - 00000219 _____ C:\WINDOWS\system.ini
2015-09-29 08:54 - 2015-09-29 08:52 - 00000092 _____ C:\WINDOWS\win.ini
2015-09-29 08:47 - 2015-10-01 17:53 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-29 08:35 - 2015-10-02 19:29 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-09-29 08:35 - 2015-10-01 21:19 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-29 08:35 - 2015-09-29 14:38 - 00000000 __RHD C:\Users\Default
2015-09-29 08:35 - 2015-09-29 09:02 - 00000000 ____D C:\WINDOWS\servicing
2015-09-29 08:35 - 2015-09-29 08:54 - 00000000 ____D C:\WINDOWS\system32\SMI
2015-09-29 08:35 - 2015-07-10 05:11 - 00000164 _____ C:\WINDOWS\system32\config\FP
2015-09-29 08:34 - 2015-10-02 19:27 - 00000000 ___HD C:\$SysReset
2015-09-28 16:22 - 2015-09-28 16:22 - 08971304 _____ C:\Users\Marc\Downloads\§1§lSmqcked §b§lUHC §1§lBlue §b§lPack (1).zip
2015-09-28 16:22 - 2015-09-28 16:22 - 04036509 _____ C:\Users\Marc\Downloads\Smqcked Red Pack.zip
2015-09-28 16:04 - 2015-09-28 16:07 - 31011848 _____ (TeamSpeak Systems GmbH) C:\Users\Marc\Downloads\TeamSpeak3-Client-win64-3.0.18 (2).exe
2015-09-28 15:59 - 2015-09-29 16:29 - 31011848 _____ (TeamSpeak Systems GmbH) C:\Users\Marc\Downloads\TeamSpeak3-Client-win64-3.0.18 (1).exe
2015-09-28 15:59 - 2015-09-28 16:01 - 31011848 _____ (TeamSpeak Systems GmbH) C:\Users\Marc\Downloads\TeamSpeak3-Client-win64-3.0.18.exe
2015-09-28 14:47 - 2015-09-28 14:47 - 00000000 ___HD C:\OneDriveTemp
2015-09-28 13:29 - 2015-09-28 13:41 - 00000000 ____D C:\Intel
2015-09-28 09:19 - 2015-09-28 09:19 - 02892440 _____ (AVG Technologies) C:\Users\Marc\Downloads\AVG_PCTuneUp_879.exe
2015-09-28 08:57 - 2015-09-28 08:57 - 00000000 ___HD C:\$AVG
2015-09-28 08:51 - 2015-09-28 08:52 - 05053024 _____ (AVG Technologies) C:\Users\Marc\Downloads\avg_avc_stb_all_2015_ltst_531 (1).exe
2015-09-27 11:52 - 2015-09-27 11:52 - 01098160 _____ C:\Users\Marc\Downloads\launcher.pack.lzma
2015-09-27 11:45 - 2015-09-27 11:46 - 56501344 _____ (Oracle Corporation) C:\Users\Marc\Downloads\jre-8u60-windows-x64.exe
2015-09-27 11:28 - 2015-09-27 11:28 - 02314240 _____ C:\Users\Marc\Downloads\MinecraftInstaller (1).msi
2015-09-27 11:25 - 2015-09-27 11:25 - 00675988 _____ C:\Users\Marc\Downloads\Minecraft (1).exe
2015-09-27 09:25 - 2015-09-27 09:25 - 00002501 _____ C:\crossbrowse.lnk
2015-09-26 17:31 - 2015-09-26 17:31 - 00000008 _____ C:\END
2015-09-26 16:43 - 2015-09-26 16:45 - 19849960 _____ (Mirillis Ltd.) C:\Users\Marc\Downloads\action_1_26_1_setup (1).exe
2015-09-25 19:27 - 2015-09-25 19:27 - 00042585 _____ C:\Users\Marc\Downloads\jarfix.exe
2015-09-22 17:05 - 2015-09-22 17:05 - 02721614 _____ C:\Users\Marc\Downloads\Mobs Rig.zip
2015-09-22 17:05 - 2015-09-22 17:05 - 00304164 _____ C:\Users\Marc\Downloads\bunny rig (tobey wan kenobi).lib4d
2015-09-21 21:17 - 2015-09-21 21:18 - 14009720 _____ C:\Users\Marc\Downloads\§4MathoX Red Pack§0 (1).zip
2015-09-21 19:49 - 2015-09-21 19:57 - 135086055 _____ C:\Users\Marc\Downloads\DragiPackV3 (2).rar
2015-09-20 18:16 - 2015-09-20 18:16 - 03903675 _____ ( ) C:\Users\Marc\Downloads\IZArc2Go4.1.6.exe
2015-09-20 18:16 - 2015-09-20 18:16 - 00000000 ____D C:\Users\Marc\Downloads\IZArc2Go
2015-09-20 18:07 - 2015-09-20 18:07 - 00899331 _____ C:\Users\Marc\Downloads\PaladiumIII.jar
2015-09-20 16:17 - 2015-09-20 16:17 - 00000000 ____D C:\Spacekace
2015-09-19 21:46 - 2015-09-19 21:46 - 00082476 _____ C:\Users\Marc\Downloads\Minecraft Cape Pack by Wrstler.rar
2015-09-19 21:41 - 2015-09-19 21:41 - 00386527 _____ C:\Users\Marc\Downloads\Cape.rar
2015-09-19 21:34 - 2015-09-19 21:34 - 898572555 _____ C:\Users\Marc\Downloads\Cinema 4D R14 Studio + Crack - Furtif974NC.rar
2015-09-16 21:58 - 2015-09-16 21:58 - 00000013 _____ C:\Users\Marc\.pluto.tv
2015-09-16 21:28 - 2015-09-16 21:28 - 00283050 _____ C:\Users\Marc\Downloads\Rocket League-FLT.torrent
2015-09-16 21:28 - 2015-09-16 21:28 - 00000000 ____D C:\Users\Marc\Documents\My Games
2015-09-16 20:40 - 2015-09-16 20:51 - 00000000 ____D C:\Users\Marc\Downloads\Rocket_League-FLT
2015-09-16 20:39 - 2015-09-16 20:39 - 00000000 ____D C:\Users\Marc\Downloads\STRICTLY 4 THA CLUB
2015-09-16 20:37 - 2015-09-16 20:38 - 01699936 _____ (BitTorrent Inc.) C:\Users\Marc\Downloads\uTorrent.exe
2015-09-16 20:36 - 2015-09-16 20:36 - 00036053 _____ C:\Users\Marc\Downloads\Rocket League - CJF.rar
2015-09-16 20:34 - 2015-09-16 20:34 - 00036395 _____ C:\Users\Marc\Downloads\[kat.cr]rocket.league.flt.torrent
2015-09-16 20:32 - 2015-09-16 20:32 - 00015841 _____ C:\Users\Marc\Downloads\RocketLeagueFitGirlRepack - ThePirateBay.TO.torrent
2015-09-16 16:22 - 2015-09-16 16:23 - 08140991 _____ C:\Users\Marc\Downloads\Slayers Default Edit.rar
2015-09-16 15:51 - 2015-09-16 15:52 - 14009720 _____ C:\Users\Marc\Downloads\§4MathoX Red Pack§0.zip
2015-09-15 16:57 - 2015-09-15 16:59 - 22163834 _____ C:\Users\Marc\Downloads\#§7PvP Edit - §3Saturation (2).zip
2015-09-15 16:33 - 2015-09-15 16:33 - 00046846 _____ C:\Users\Marc\Downloads\sassy_molassy.zip
2015-09-14 21:40 - 2015-09-14 21:40 - 00692944 _____ C:\Users\Marc\Downloads\Texture Pack World.zip
2015-09-14 21:37 - 2015-09-14 21:41 - 74835472 _____ C:\Users\Marc\Downloads\§4Reptile§c Animated §4Pack.zip
2015-09-14 21:35 - 2015-09-14 21:37 - 30399566 _____ C:\Users\Marc\Downloads\§bSwak§1Pack!.zip
2015-09-14 21:33 - 2015-09-14 21:41 - 109554439 _____ C:\Users\Marc\Downloads\Syphlex Asiimov Pack ^-^.rar
2015-09-14 19:37 - 2015-09-14 19:37 - 08173005 _____ C:\Users\Marc\Downloads\Huzuni 3.5.zip
2015-09-13 17:33 - 2015-09-13 17:33 - 03540778 _____ C:\Users\Marc\Downloads\forge-1.8-11.14.3.1513-installer.jar
2015-09-13 12:08 - 2015-09-13 12:08 - 00000000 ___RD C:\Users\Marc\3D Objects
2015-09-13 10:30 - 2015-09-13 11:03 - 155835672 _____ (Apple Inc.) C:\Users\Marc\Downloads\iTunes6464Setup.exe
2015-09-13 10:28 - 2015-09-13 11:10 - 976158128 _____ (Adobe Systems Incorporated) C:\Users\Marc\Downloads\Lightroom_5_LS11_win_5_6.exe
2015-09-13 10:18 - 2015-09-13 10:19 - 07363584 _____ C:\Users\Marc\Downloads\MM26_FR.msi
2015-09-13 10:15 - 2015-09-13 10:15 - 01244360 _____ (Microsoft Corporation) C:\Users\Marc\Downloads\wlsetup-web.exe
2015-09-13 10:14 - 2015-09-13 10:15 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Marc\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-13 10:07 - 2015-09-13 10:07 - 01105096 _____ (Microsoft Corporation) C:\Users\Marc\Downloads\Setup.X86.fr-FR_O365HomePremRetail_57941a48-476a-4ad0-b231-56757d6bb36e_TX_PR_.exe
2015-09-13 09:52 - 2015-09-13 09:52 - 01138202 _____ C:\Users\Marc\Downloads\OptiFine_1.8.8_HD_U_F3 (2).jar
2015-09-13 09:37 - 2015-09-13 09:37 - 01138202 _____ C:\Users\Marc\Downloads\OptiFine_1.8.8_HD_U_F3 (1).jar
2015-09-13 08:47 - 2015-09-13 08:47 - 01941744 _____ C:\Users\Marc\Downloads\winrar-x64-521.exe
2015-09-13 08:36 - 2015-09-13 08:36 - 00000000 ____D C:\Users\Marc\Downloads\Adobe_Photoshop_CS6
2015-09-12 22:18 - 2015-09-12 22:18 - 00763432 _____ (Google Inc.) C:\Users\Marc\Downloads\GoogleChromeSetup [1].exe
2015-09-12 22:16 - 2015-09-12 22:17 - 01506832 _____ (Skype Technologies S.A.) C:\Users\Marc\Downloads\SkypeSetup.exe
2015-09-12 22:12 - 2015-09-12 22:15 - 29121264 _____ (TeamSpeak Systems GmbH) C:\Users\Marc\Downloads\TeamSpeak3-Client-win32-3.0.17.exe
2015-09-12 22:00 - 2015-09-12 22:00 - 01730328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-09-12 22:00 - 2015-09-12 22:00 - 00202952 _____ (Razer Inc) C:\WINDOWS\system32\Drivers\rzudd.sys
2015-09-12 20:19 - 2015-09-27 09:24 - 00000000 ____D C:\Users\Marc\Documents\Probit Software
2015-09-12 20:08 - 2015-09-12 20:43 - 00000000 ____D C:\qycache
2015-09-12 20:08 - 2015-09-12 20:08 - 00000000 ____D C:\ppsfile
2015-09-10 01:50 - 2015-09-10 01:50 - 00627288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2015-09-10 01:50 - 2015-09-10 01:50 - 00382560 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2015-09-10 01:50 - 2015-09-10 01:50 - 00325232 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2015-09-10 01:50 - 2015-09-10 01:50 - 00080984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2015-09-09 23:55 - 2015-09-09 23:55 - 00431704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2015-09-09 23:55 - 2015-09-09 23:55 - 00259168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2015-09-09 23:55 - 2015-09-09 23:55 - 00235632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2015-09-09 23:55 - 2015-09-09 23:55 - 00075960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2015-09-09 09:45 - 2015-08-27 02:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 09:45 - 2015-08-27 02:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 09:45 - 2015-08-27 01:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 09:45 - 2015-08-27 01:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-09 09:45 - 2015-08-27 01:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 09:45 - 2015-08-27 01:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 09:45 - 2015-08-27 01:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 09:45 - 2015-08-27 01:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 09:45 - 2015-08-27 01:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 09:45 - 2015-08-27 01:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 09:45 - 2015-08-27 01:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 09:45 - 2015-08-27 01:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 09:45 - 2015-08-27 01:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 09:45 - 2015-08-27 01:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 09:45 - 2015-08-27 01:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 09:45 - 2015-08-27 01:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 09:45 - 2015-08-27 01:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 09:45 - 2015-08-27 01:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 09:45 - 2015-08-27 01:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 09:45 - 2015-08-27 01:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 09:45 - 2015-08-27 01:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 09:45 - 2015-08-27 01:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 09:45 - 2015-08-27 01:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 09:45 - 2015-08-27 01:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 15:58 - 2015-09-08 15:58 - 03416013 _____ C:\Users\Marc\Downloads\forge-1-8-11-14-1-1339-installer.jar
2015-09-07 18:49 - 2015-09-07 18:49 - 03534992 _____ C:\Users\Marc\Downloads\forge-1.8-11.14.3.1512-installer (1).jar
2015-09-07 18:46 - 2015-09-07 18:47 - 03534793 _____ C:\Users\Marc\Downloads\forge-1.8-11.14.3.1511-installer.jar
2015-09-07 18:37 - 2015-09-07 18:37 - 00090895 _____ C:\Users\Marc\Downloads\TooManyItems2014_09_07_1.8.zip
2015-09-07 18:29 - 2015-09-07 18:29 - 00046934 _____ C:\Users\Marc\Downloads\CJB-API-1.7.10.jar
2015-09-07 18:00 - 2015-09-07 18:02 - 15060497 _____ C:\Users\Marc\Downloads\WeepCraft 8.2.zip
2015-09-07 17:44 - 2015-09-07 17:45 - 00542038 _____ C:\Users\Marc\Downloads\SinglePlayerCommands-MC1.8.1V2.12.1.zip
2015-09-07 16:49 - 2015-09-07 16:49 - 03534992 _____ C:\Users\Marc\Downloads\forge-1.8-11.14.3.1512-installer.jar
2015-09-07 11:04 - 2015-09-07 11:05 - 00068036 _____ C:\Users\Marc\Downloads\FinderCompass-1.8 (2).jar
2015-09-07 11:04 - 2015-09-07 11:05 - 00068036 _____ C:\Users\Marc\Downloads\FinderCompass-1.8 (1).jar
2015-09-06 13:52 - 2015-09-06 13:53 - 00000000 ____D C:\Users\Marc\Desktop\projets peinture
2015-09-05 21:45 - 2015-09-05 21:45 - 00026671 _____ C:\Users\Marc\Downloads\Xray Ultimate 1.8.zip
2015-09-05 21:42 - 2015-09-05 21:42 - 06815283 _____ C:\Users\Marc\Downloads\MrGrassCows X-ray.zip
2015-09-05 21:38 - 2015-09-05 21:38 - 00407263 _____ C:\Users\Marc\Downloads\X-Ray Texture v2 by CranK.zip
2015-09-05 21:36 - 2015-09-05 21:36 - 00502350 _____ C:\Users\Marc\Downloads\Myz_Pack_20150121.zip
2015-09-05 21:33 - 2015-09-05 21:33 - 00105273 _____ C:\Users\Marc\Downloads\XRay-Fly-Mod-1.8.jar
2015-09-05 21:25 - 2015-09-05 21:25 - 00127820 _____ C:\Users\Marc\Downloads\XRay-4.1.7.jar
2015-09-05 17:14 - 2015-09-05 17:14 - 00000000 ____D C:\Users\Marc\QtPlugins
2015-09-05 17:14 - 2015-09-05 17:14 - 00000000 ____D C:\Users\Marc\plugins
2015-09-05 17:13 - 2015-09-05 17:13 - 16722432 _____ C:\Users\Marc\Downloads\mumble-1.2.10 (2).msi
2015-09-05 17:12 - 2015-09-05 17:12 - 16722432 _____ C:\Users\Marc\Downloads\mumble-1.2.10 (1).msi
2015-09-05 17:07 - 2015-09-05 17:07 - 14636768 _____ C:\Users\Marc\Downloads\mumble-1-2-6_plus_MumbleComSkin (1).exe
2015-09-05 17:05 - 2015-09-05 17:09 - 14636768 _____ C:\Users\Marc\Downloads\mumble-1-2-6_plus_MumbleComSkin.exe
2015-09-05 17:04 - 2015-09-05 17:04 - 16722432 _____ C:\Users\Marc\Downloads\mumble-1.2.10.msi
2015-09-05 16:56 - 2015-09-05 16:57 - 16995328 _____ C:\Users\Marc\Downloads\mumble_1-2-8_fr_43179.msi
2015-09-05 15:09 - 2015-09-05 15:09 - 00953583 _____ C:\Users\Marc\Downloads\OptiFine_1.8.4_HD_U_D6.jar
2015-09-05 15:04 - 2015-09-05 15:05 - 01138202 _____ C:\Users\Marc\Downloads\OptiFine_1.8.8_HD_U_F3.jar
2015-09-05 11:01 - 2015-09-05 11:02 - 04839824 _____ C:\Users\Marc\Downloads\#RazerPack.rar
2015-09-05 10:57 - 2015-09-05 10:58 - 29684326 _____ C:\Users\Marc\Downloads\R3D Phantom PvP.zip
2015-09-05 10:57 - 2015-09-05 10:58 - 18363029 _____ C:\Users\Marc\Downloads\KratosPack  - by Jaba (1).zip
2015-09-05 10:56 - 2015-09-05 10:58 - 66120950 _____ C:\Users\Marc\Downloads\BasherZzPack_5_0.rar
2015-09-05 10:42 - 2015-09-05 10:43 - 12068718 _____ C:\Users\Marc\Downloads\#HiroPack.zip
2015-09-04 17:02 - 2015-09-04 17:04 - 19849960 _____ (Mirillis Ltd.) C:\Users\Marc\Downloads\action_1_26_1_setup.exe
2015-09-04 16:38 - 2015-09-04 16:38 - 00005684 _____ C:\Users\Marc\Downloads\[4186088109] Vous avez un nouveau message vocal.zip
2015-09-03 09:04 - 2015-09-03 09:05 - 22163834 _____ C:\Users\Marc\Downloads\#§7PvP Edit - §3Saturation (1).zip
 
==================== Un mois - Modifiés - fichiers et dossiers ========
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2015-10-02 15:57 - 2014-09-01 10:13 - 00000000 ____D C:\Users\Marc\Desktop\oak
2015-09-29 16:27 - 2014-09-01 04:59 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-29 15:34 - 2014-09-01 04:57 - 00000000 __RDO C:\Users\Marc\OneDrive
2015-09-28 14:56 - 2015-07-24 13:47 - 00000000 ____D C:\Fraps
2015-09-28 12:19 - 2014-09-01 10:14 - 00000000 ____D C:\Users\Marc\Desktop\pele-mele
2015-09-28 10:14 - 2015-03-22 13:06 - 00000000 ____D C:\Users\Marc\.thumbnails
2015-09-28 07:53 - 2015-07-10 06:59 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-09-28 07:53 - 2015-07-10 06:59 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-09-28 07:51 - 2015-07-10 07:00 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-09-28 07:51 - 2015-07-10 07:00 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-09-28 07:51 - 2015-07-10 07:00 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-28 07:51 - 2015-07-10 06:59 - 00008192 _____ C:\WINDOWS\system32\settings.dat
2015-09-27 11:47 - 2015-08-27 14:41 - 00000000 ____D C:\Users\Marc\.oracle_jre_usage
2015-09-27 09:27 - 2015-07-10 07:01 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2015-09-27 09:27 - 2015-07-10 07:01 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2015-09-27 09:27 - 2015-07-10 07:01 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2015-09-27 09:27 - 2015-07-10 07:00 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2015-09-27 09:27 - 2015-07-10 07:00 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-09-27 09:27 - 2015-07-10 07:00 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2015-09-27 09:26 - 2015-01-04 16:04 - 00000826 _____ C:\Users\Marc\Desktop\Video - Raccourci.lnk
2015-09-27 09:26 - 2014-09-08 21:26 - 00002511 _____ C:\Users\Marc\Desktop\Windows Movie Maker 2.6.lnk
2015-09-27 09:26 - 2014-09-06 16:25 - 00001665 _____ C:\Users\Marc\Desktop\saves - Raccourci.lnk
2015-09-26 17:52 - 2015-07-10 07:00 - 00680256 ____N (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-09-26 17:51 - 2015-06-02 21:48 - 00000045 _____ C:\user.js
2015-09-21 17:41 - 2015-07-09 21:18 - 00000000 ____D C:\Users\Marc\Desktop\Music vidéos
2015-09-19 11:49 - 2014-10-06 17:40 - 00000000 ____D C:\Users\Marc\Documents\Fichiers Outlook
2015-09-12 22:19 - 2015-06-27 09:59 - 00000000 ____D C:\Users\Marc\Downloads\game
2015-09-12 20:08 - 2014-12-29 18:14 - 00000000 ____D C:\Users\Marc\AppData\LocalLow\Unity
 
==================== Fichiers à la racine de certains dossiers =======
 
2015-09-29 14:22 - 2015-09-29 14:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Fichiers à déplacer ou supprimer:
====================
C:\Users\Marc\7zxa.dll
C:\Users\Marc\celt0.0.11.0.dll
C:\Users\Marc\celt0.0.11.0.sse2.dll
C:\Users\Marc\celt0.0.7.0.dll
C:\Users\Marc\celt0.0.7.0.sse2.dll
C:\Users\Marc\dbghelp.dll
C:\Users\Marc\libeay32.dll
C:\Users\Marc\libmysql.dll
C:\Users\Marc\libsndfile-1.dll
C:\Users\Marc\msvcp100.dll
C:\Users\Marc\msvcr100.dll
C:\Users\Marc\mumble-g15-helper.exe
C:\Users\Marc\Mumble.exe
C:\Users\Marc\mumble_ol.dll
C:\Users\Marc\opus.dll
C:\Users\Marc\opus.sse2.dll
C:\Users\Marc\QtCore4.dll
C:\Users\Marc\QtGui4.dll
C:\Users\Marc\QtNetwork4.dll
C:\Users\Marc\QtSql4.dll
C:\Users\Marc\QtSvg4.dll
C:\Users\Marc\QtXml4.dll
C:\Users\Marc\Rar.exe
C:\Users\Marc\RarExt.dll
C:\Users\Marc\RarExt64.dll
C:\Users\Marc\rarnew.dat
C:\Users\Marc\speex.dll
C:\Users\Marc\ssleay32.dll
C:\Users\Marc\UNACEV2.DLL
C:\Users\Marc\Uninstall.exe
C:\Users\Marc\UnRAR.exe
C:\Users\Marc\zipnew.dat
C:\Users\Marc\zlib1.dll
 

Certains fichiers dans TEMP:
====================
C:\Users\Marc\AppData\Local\Temp\Uninstall.exe
 

==================== Bamital & volsnap =================
 
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
 
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll
[2015-07-10 07:00] - [2015-09-26 17:52] - 0680256 ____N (Microsoft Corporation) 1D72E7894A8904C89EDE34F8674C8D5B
 
C:\WINDOWS\SysWOW64\dnsapi.dll EST ABSENT <==== ATTENTION
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
 

LastRegBack: 2015-09-29 14:14
 
==================== Fin de FRST.txt ============================



#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:52 PM

Posted 03 October 2015 - 08:14 AM

Hi,

Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Cleaning button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

Step 2

v21logo.PNG

Please download and install Malwarebytes Anti-Malware.

  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].

mbamv21.gif

Step 3

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:

settings.png

  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed, click on Finish.
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.

esetlog.png

Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 nelina29

nelina29
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 03 October 2015 - 09:20 AM

here is Adwcleaner report. There are also a C1 report. Let me know if you need it
 
# AdwCleaner v5.009 - Rapport créé le 03/10/2015 à 10:13:06
# Mis à jour le 27/09/2015 par Xplode
# Base de données : 2015-09-27.1 [Locale]
# Système d'exploitation : Windows 10 Home  (x64)
# Nom d'utilisateur : Marc - LAPTOPMARC
# Exécuté depuis : C:\Users\Marc\Downloads\AdwCleaner.exe
# Option : Scanner
# Support : http://toolslib.net/forum
 
***** [ Services ] *****
 

***** [ Dossiers ] *****
 
Dossier Trouvé : C:\qycache
Dossier Trouvé : C:\ppsfile
Dossier Trouvé : C:\Users\Marc\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Dossier Trouvé : C:\Users\Marc\Documents\Probit Software
Dossier Trouvé : C:\Users\Marc\Documents\MaxComputerCleaner
 
***** [ Fichiers ] *****
 
Fichier Trouvé : C:\crossbrowse.lnk
Fichier Trouvé : C:\END
 
***** [ Raccourcis ] *****
 

***** [ Tâches planifiées ] *****
 

***** [ Registre ] *****
 
Donnée Trouvée : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=85B0FFD7-015C-4C5B-9FD8-5FB08740C9F6&SearchSource=55&CUI=&UM=8&UP=SP5DA9A4D0-BF65-4A44-BE9A-1F70A2070408&D=091615&SSPV=
Donnée Trouvée : HKU\S-1-5-21-4134767481-1855000554-3754352258-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=85B0FFD7-015C-4C5B-9FD8-5FB08740C9F6&SearchSource=55&CUI=&UM=8&UP=SP5DA9A4D0-BF65-4A44-BE9A-1F70A2070408&D=091615&SSPV=
 
***** [ Navigateurs ] *****
 
[C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Trouvé : ask.com
[C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Trouvé : fr.softonic.com
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1710 octets] ##########



#8 nelina29

nelina29
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 03 October 2015 - 09:23 AM

Here is the other Adw report just in case
 
#
AdwCleaner v5.009 - Rapport créé le 03/10/2015 à 10:14:30
# Mis à jour le 27/09/2015 par Xplode
# Base de données : 2015-09-27.1 [Locale]
# Système d'exploitation : Windows 10 Home  (x64)
# Nom d'utilisateur : Marc - LAPTOPMARC
# Exécuté depuis : C:\Users\Marc\Downloads\AdwCleaner.exe
# Option : Nettoyer
# Support : http://toolslib.net/forum
 
***** [ Services ] *****
 

***** [ Dossiers ] *****
 
[-] Dossier Supprimé : C:\qycache
[-] Dossier Supprimé : C:\ppsfile
[-] Dossier Supprimé : C:\Users\Marc\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
[-] Dossier Supprimé : C:\Users\Marc\Documents\Probit Software
[-] Dossier Supprimé : C:\Users\Marc\Documents\MaxComputerCleaner
 
***** [ Fichiers ] *****
 
[-] Fichier Supprimé : C:\crossbrowse.lnk
[-] Fichier Supprimé : C:\END
 
***** [ Raccourcis ] *****
 

***** [ Tâches planifiées ] *****
 

***** [ Registre ] *****
 
[-] Donnée Restaurée : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée Restaurée : HKU\S-1-5-21-4134767481-1855000554-3754352258-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
 
***** [ Navigateurs ] *****
 
[-] [C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Supprimé : ask.com
[-] [C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Supprimé : fr.softonic.com
 
*************************
 
:: Paramètres Winsock réinitialisés
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1463 octets] ##########



#9 nelina29

nelina29
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 03 October 2015 - 09:28 AM

Problem installing Malwarebytes

 

I get a message '' Runtime error (at 92:137)

Could not call proc.



#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:52 PM

Posted 03 October 2015 - 09:32 AM

Please try MBAR instead.
 
Step 1

Download mbar.PNGMalwarebytes Anti-Rootkit to your Desktop.

  • Double-click "mbar.exe" to start the tool.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"

mbar.gif
 
 
 


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 nelina29

nelina29
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 03 October 2015 - 10:51 AM

MBAR reports
 
 
Malwarebytes Anti-Rootkit BETA 1.09.3.1001
 
© Malwarebytes Corporation 2011-2012
 
OS version: 10.0.9200 Windows 10 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.10240.16431
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.400000 GHz
Memory total: 8509480960, free: 5959401472
 
�=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
     10/03/2015 11:01:06
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\HalExtIntcLpioDma.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\System32\Drivers\NTFS.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\system32\drivers\NSBUx64\1605020.00F\SYMEFASI64.SYS
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\NSBUx64\1605020.00F\ccSetx64.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\system32\drivers\NSBUx64\1605020.00F\Ironx64.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\NSBUx64\1605020.00F\SYMNETS.SYS
\??\C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
\SystemRoot\system32\drivers\NSBUx64\1605020.00F\SRTSPX64.SYS
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.2.15\Definitions\IPSDefs\20150710.001\IDSVia64.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.2.15\Definitions\BASHDefs\20150706.001\BHDrvx64.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\TeeDriverx64.sys
\SystemRoot\System32\drivers\Rt630x64.sys
\SystemRoot\System32\drivers\athwbx.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\iaLPSSi_GPIO.sys
\SystemRoot\System32\Drivers\msgpioclx.sys
\SystemRoot\System32\drivers\iaLPSSi_I2C.sys
\SystemRoot\system32\drivers\SpbCx.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\drivers\hidi2c.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\MTConfig.sys
\SystemRoot\System32\drivers\SynRMIHID.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\drivers\vwifimp.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\Drivers\WdNisDrv.sys
\SystemRoot\System32\drivers\tunnel.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
 
Scan started
Database versions:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01
 
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe00021dfb060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe00021dfbb10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe00021dfb060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe0001f0c4e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe0002072e060, DeviceName: \Device\0000002c\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 8503DE52
 
GPT Protective MBR Partition information:
 
    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
GPT Partition information:
 
    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2509360991
    GPT Header CurrentLba = 1 BackupLba 1953525167
    GPT Header FirstUsableLba 34  LastUsableLba 1953525134
    GPT Header Guid a9e24dd9-bee4-4e10-bcf4-ace4c7c292c8
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128
 
    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 3927031838
    Backup GPT header CurrentLba = 1953525167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1953525134
    Backup GPT header Guid f4d39881-6762-4c1e-9c9a-774170dbe9bc
    Backup GPT header Contains 128 partition entries starting at LBA 1953525135
    Backup GPT header Partition entry size = 128
 
    Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 9591a0f0-306c-476c-8998-54556adce7c3
    FirstLBA 2048  Last LBA 1230847
    Attributes 1
    Partition Name                 Basic data partition
 
    Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 2bb0e912-333e-4763-af1a-1eb13b421c6
    FirstLBA 1230848  Last LBA 1845247
    Attributes 0
    Partition Name                 EFI system partition
 
    GPT Partition 1 is bootable
    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID ae482dc1-888a-4b6a-bb1c-fab57969b0d0
    FirstLBA 1845248  Last LBA 2107391
    Attributes 0
    Partition Name         Microsoft reserved partition
 
    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 3117db31-197-4cba-bad1-84b35f2938b
    FirstLBA 2107392  Last LBA 1918707711
    Attributes 0
    Partition Name                 Basic data partition
 
    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 330dc7b5-3d94-49f2-9286-aab940aa4f93
    FirstLBA 1918707712  Last LBA 1953523711
    Attributes 1
    Partition Name                 Basic data partition
 
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
 
Done!
File "C:\Users\Marc\AppData\Local\Comms\UnistoreDB\store.vol" is sparse (flags = 32768)
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe --> [Trojan.Agent]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe --> [Trojan.Agent]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe --> [Security.Hijack]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
 
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
 
Database version:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01
 
Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16431
Marc :: LAPTOPMARC [administrator]
 
2015-10-03 11:01:17
mbar-log-2015-10-03 (11-01-17).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 407605
Time elapsed: 38 minute(s), 53 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 6
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe (Trojan.Agent) -> Delete on reboot. [98a5bd804834fc3a9538c92b7b8802fe]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe (Security.Hijack) -> Delete on reboot. [d66774c987f5d264955153a1f90ad42c]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe (Security.Hijack) -> Delete on reboot. [59e45ae3c2ba1b1b55b1ec0b679c669a]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe (Trojan.Agent) -> Delete on reboot. [ef4ee25bd6a626108f3e2bc936cdd52b]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe (Security.Hijack) -> Delete on reboot. [f34a112cea921d19b72f00f472919c64]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe (Security.Hijack) -> Delete on reboot. [55e8c875710bf2445aac08efe41fa55b]
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 



#12 nelina29

nelina29
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 03 October 2015 - 10:55 AM

Can't download Eset Scanner.

Message says : Cannot get update. Is proxy configured?



#13 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:52 PM

Posted 03 October 2015 - 11:11 AM

Step 1

Don't remove on your own anything that HitmanPro detects!
This scanner, as it is a really good for checking, has been known for deleting files instead of curing them, which in some cases may render the machine unbootable.
Any removals will be done manually after careful analysis of the scan results!


Please download hitmanpro_32.pngHitmanPro 32-bit / HitmanPro 64-bit by SurfRight and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click onhitmanpro.pngicon and select admin.PNGRun as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button (1). You must agree with the terms of EULA (2 - if asked).
  • Check the box beside "No, I only want to perform a one-time scan to check this computer" and click on the Next button. (3)
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click on Save Log (4) and close HitmanPro! (5)
  • Copy and paste the content of the log file in your next reply.
hitman.gif
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#14 nelina29

nelina29
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 03 October 2015 - 11:44 AM

I made the scan. Never had the option to save log !? The program found 4 potential files (including FRST.exe) and 3 others files that were not at high risk.



#15 nelina29

nelina29
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 03 October 2015 - 11:46 AM

By the way, I made a reset of ipv4 and ipv6 yesterday via command prompt. Made a flushdns also. Forgot to mention this at first.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users