Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious of keylogger/ email readers


  • This topic is locked This topic is locked
10 replies to this topic

#1 nitneo

nitneo

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:39 PM

Posted 15 August 2017 - 08:27 AM

Hi there,

 

I am suspected a key logger or email reader on my computer. Are you able to tell me if my computer is safe or not after reading this DDS analysis ?

 

Thank you

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.14393.953
Run by Corentin at 15:21:03 on 2017-08-15
Microsoft Windows 10 Professionnel  10.0.14393.0.1252.33.1036.18.16269.10946 [GMT 2:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Malwarebytes *Disabled/Outdated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Windows\System32\WScript.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\dashost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\IntelCpHDCPSvc.exe
C:\Windows\system32\DbxSvc.exe
C:\Windows\system32\Intel\DPTF\esif_uf.exe
C:\Program Files\Killer Networking\Network Manager\KillerService.exe
c:\Program Files\Microsoft SQL Server\MSSQL10_50.CDVI_CENTAUR\MSSQL\Binn\sqlservr.exe
C:\ProgramData\myCANAL\nssm.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\TrueKey\McTkSchedulerService.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\system32\svchost.exe -k imgsvc
C:\ProgramData\myCANAL\myCANAL.Service.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\IntelCpHeciSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\TEMP\DPTF\esif_assist_64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\System32\sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
C:\Windows\System32\taskhostw.exe
C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igfxEM.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\PROGRA~1\TrueKey\MCAFEE~2.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\Corentin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Corentin\AppData\Local\slack\app-2.7.0\slack.exe
C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Corentin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Corentin\AppData\Local\slack\app-2.7.0\slack.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\Corentin\AppData\Local\slack\app-2.7.0\slack.exe
C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Users\Corentin\AppData\Local\slack\app-2.7.0\slack.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Users\Corentin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Users\Corentin\AppData\Local\Apps\2.0\ZJR6OO8N.YVH\75OE0OP1.MCZ\dell..tion_831211ca63b981c5_0008.0004_3d463ceeb98aa2c1\DellSystemDetect.exe
C:\Program Files (x86)\CDVI Group\Centaur\Centaur Server\svrmgr.exe
C:\Users\Corentin\AppData\Local\slack\app-2.7.0\slack.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\fontdrvhost.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\ApplicationFrameHost.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Users\Corentin\Downloads\HijackThis(1).exe
C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
C:\Program Files (x86)\Dell Update\DellUpService.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Windows\System32\msdtc.exe
C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
C:\Windows\System32\svchost.exe -k smphost
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
svchost.exe
C:\Windows\System32\smartscreen.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
mWinlogon: Userinit = C:\Windows\System32\userinit.exe
BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
uRun: [OneDrive] "C:\Users\Corentin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [com.squirrel.slack.slack] "C:\Users\Corentin\AppData\Local\slack\Update.exe" --processStart "slack.exe" --process-start-args "--startup"
uRun: [Spotify] C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe --autostart
uRun: [gSyncit] C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
uRun: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
uRun: [Spotify Web Helper] C:\Users\Corentin\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
uRun: [DellSystemDetect] C:\Users\Corentin\AppData\Local\Apps\2.0\ZJR6OO8N.YVH\75OE0OP1.MCZ\dell..tion_831211ca63b981c5_0008.0004_3d463ceeb98aa2c1\DellSystemDetect.exe 4zZn5oeQk9WMM5ZBt7fsYA==
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\CENTAU~1.LNK - C:\Program Files (x86)\CDVI Group\Centaur\Centaur Server\svrmgr.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SERVIC~1.LNK - C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{0026bcf6-6b36-41f1-8bcc-26252b41950f} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{f3fafbc1-cdb6-4718-ba80-9b312306e4fa} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{f3fafbc1-cdb6-4718-ba80-9b312306e4fa}\6427565626F687D2033414135444 : DHCPNameServer = 192.168.1.254
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
LSA: Security Packages =  ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
x64-BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
x64-TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg_WAVES_SKYLAKE] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /WAVES_SKYLAKE
x64-Run: [WavesSvc] "c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe" -Jack
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
x64-Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Corentin\AppData\Roaming\Mozilla\Firefox\Profiles\ltlw43sw.default\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2017-4-26 795664]
R0 intelpep;Pilote de plug-in du moteur d’alimentation Intel®;C:\Windows\System32\drivers\intelpep.sys [2016-7-16 48152]
R0 iorate;iorate;C:\Windows\System32\drivers\iorate.sys [2017-4-26 48992]
R0 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2017-7-31 253856]
R0 volume;Pilote de volume;C:\Windows\System32\drivers\volume.sys [2016-7-16 16224]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]
R0 WindowsTrustedRTProxy;Service sécurisé d'exécution approuvée Microsoft Windows;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2017-4-26 199008]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2017-4-26 227328]
R1 aswbidsdriver;aswbidsdriver;C:\Windows\System32\drivers\aswbidsdrivera.sys [2017-5-3 320008]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2017-5-3 41800]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2017-5-3 1015880]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2017-5-3 585608]
R1 BfLwf;Killer Bandwidth Control;C:\Windows\System32\drivers\bwcW10x64.sys [2016-9-19 145736]
R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2016-7-16 88576]
R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-4-3 83768]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswmonflt.sys [2017-5-3 146704]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2017-5-3 198768]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2016-9-7 338312]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-7-26 263312]
R2 CDPSvc;Service de plateforme des appareils connectés;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
R2 CDPUserSvc_6cb9c;CDPUserSvc_6cb9c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 ClickToRunSvc;Service Microsoft Office « Démarrer en un clic »;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2017-4-26 4412104]
R2 clreg;Virtual Registry for Containers;C:\Windows\System32\drivers\registry.sys [2016-7-16 70144]
R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]
R2 cplspcon;Intel® Content Protection HDCP Service;C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\IntelCpHDCPSvc.exe [2017-6-3 462848]
R2 DbxSvc;DbxSvc;C:\Windows\System32\DbxSvc.exe [2017-8-10 49992]
R2 DDVCollectorSvcApi;Dell Data Vault Service API;C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [2017-7-27 208760]
R2 DDVDataCollector;Dell Data Vault Collector;C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [2017-7-27 3294584]
R2 DDVRulesProcessor;Dell Data Vault Processor;C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [2017-7-27 217464]
R2 Dell Foundation Services;Dell Foundation Services;C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [2017-1-11 97616]
R2 Dell SupportAssist Remediation;Dell SupportAssist Remediation;C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [2017-6-16 119336]
R2 DellUpdate;Dell Update Service;C:\Program Files (x86)\Dell Update\DellUpService.exe [2017-5-1 230248]
R2 DiagTrack;Expériences des utilisateurs connectés et télémétrie;C:\Windows\System32\svchost.exe -k utcsvc [2016-7-16 44496]
R2 DoSvc;Optimisation de livraison;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 esifsvc;ESIF Upper Framework Service;C:\Windows\System32\Intel\DPTF\esif_uf.exe [2017-4-26 2208888]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2016-10-31 17992]
R2 igfxCUIService2.0.0.0;Intel® HD Graphics Control Panel Service;C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igfxCUIService.exe [2017-6-3 324608]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2016-12-19 196200]
R2 Killer Service V2;Killer Service V2;C:\Program Files\Killer Networking\Network Manager\KillerService.exe [2016-9-22 457432]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-7-31 4470736]
R2 MSSQL$CDVI_CENTAUR;SQL Server (CDVI_CENTAUR);C:\Program Files\Microsoft SQL Server\MSSQL10_50.CDVI_CENTAUR\MSSQL\Binn\sqlservr.exe [2015-3-19 62275248]
R2 myCANAL Server;myCANAL Server;C:\ProgramData\myCANAL\nssm.exe [2017-5-10 294912]
R2 OneSyncSvc_6cb9c;Hôte de synchronisation_6cb9c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 Product Registration;Product Registration;C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [2017-4-6 47144]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2017-4-26 329736]
R2 storqosflt;Pilote de filtre de qualité de service de stockage;C:\Windows\System32\drivers\storqosflt.sys [2016-7-16 78336]
R2 SupportAssistAgent;Dell SupportAssist Agent;C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2017-8-4 53208]
R2 tiledatamodelsvc;Serveur de modèles de données de vignette;C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
R2 TrueKey;Intel Security True Key;C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-7-13 1001920]
R2 TrueKeyScheduler;Intel Security True Key Scheduler;C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-5-4 16928]
R2 UserManager;Gestionnaire des utilisateurs;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 WavesSysSvc;Waves Audio Services;C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [2016-11-19 410032]
R2 wcifs;Windows Container Isolation;C:\Windows\System32\drivers\wcifs.sys [2017-4-26 119648]
R2 WpnService;Service du système de notifications Push Windows;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-7-26 7430992]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2016-9-6 605624]
R3 BthLEEnum;Pilote Bluetooth Low Energy;C:\Windows\System32\drivers\BthLEEnum.sys [2017-8-9 250880]
R3 buttonconverter;Service pour appareils Portable Device Control;C:\Windows\System32\drivers\buttonconverter.sys [2016-7-16 38912]
R3 ClipSVC;Service de licences de client (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx [2016-7-16 44496]
R3 DDDriver;DDDriver;C:\Windows\System32\drivers\DDDriver64Dcsa.sys [2017-4-11 32960]
R3 DellProf;DellProf;C:\Windows\System32\drivers\DellProf.sys [2017-4-11 32568]
R3 dptf_acpi;dptf_acpi;C:\Windows\System32\drivers\dptf_acpi.sys [2017-4-26 71232]
R3 dptf_cpu;dptf_cpu;C:\Windows\System32\drivers\dptf_cpu.sys [2017-4-26 66624]
R3 esif_lf;esif_lf;C:\Windows\System32\drivers\esif_lf.sys [2017-4-26 350272]
R3 HidEventFilter;Intel® HID Event Filter;C:\Windows\System32\drivers\HidEventFilter.sys [2017-4-26 54800]
R3 iaLPSS2_GPIO2;Intel® Serial IO GPIO Driver v2;C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [2017-4-26 89912]
R3 iaLPSS2_I2C;Intel® Serial IO I2C Driver v2;C:\Windows\System32\drivers\iaLPSS2_I2C.sys [2017-4-26 184632]
R3 IntcAudioBus;Bus de la technologie Intel® Smart Sound;C:\Windows\System32\drivers\IntcAudioBus.sys [2017-4-26 225888]
R3 IntcDAud;Son Intel® pour écrans;C:\Windows\System32\drivers\IntcDAud.sys [2017-4-26 820752]
R3 IntcOED;Pilote OED de la technologie Intel® Smart Sound;C:\Windows\System32\drivers\IntcOED.sys [2017-4-26 728672]
R3 lfsvc;Service de géolocalisation;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 LicenseManager;Serveur Gestionnaire de licences Windows;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
R3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2017-7-31 93600]
R3 NcbService;Service Broker pour les connexions réseau;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 NdisVirtualBus;Énumérateur de cartes réseau virtuelles Microsoft;C:\Windows\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]
R3 PimIndexMaintenanceSvc_6cb9c;Données de contacts_6cb9c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 Qcamain10x64;Qualcomm Atheros Extensible Wireless LAN 11AC device driver;C:\Windows\System32\drivers\Qcamain10x64.sys [2017-4-26 2412976]
R3 RTSPER;Realtek PCIE Card Reader - PER;C:\Windows\System32\drivers\RtsPer.sys [2017-4-26 796672]
R3 rtux64w10;Realtek USB FE/GbE NIC Family Windows 10 64-bit Driver;C:\Windows\System32\drivers\rtux64w10.sys [2017-4-26 375296]
R3 smphost;SMP de l’Espace de stockages Microsoft;C:\Windows\System32\svchost.exe -k smphost [2016-7-16 44496]
R3 SmsRouter;Service Routeur SMS Microsoft Windows.;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 StateRepository;Service State Repository (StateRepository);C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
R3 TimeBrokerSvc;Service Broker pour les événements horaires;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
R3 UEFI;Pilote UEFI Microsoft;C:\Windows\System32\drivers\uefi.sys [2016-7-16 28512]
R3 UnistoreSvc_6cb9c;Stockage des données utilisateur_6cb9c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UserDataSvc_6cb9c;Accès aux données utilisateur_6cb9c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UsoSvc;Service Update Orchestrator pour Windows Update;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 VirtualButtons;Intel® Virtual Buttons;C:\Windows\System32\drivers\VirtualButtons.sys [2017-4-26 40008]
R3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2017-7-12 719872]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\drivers\WUDFRd.sys [2016-7-16 216064]
S2 dbupdate;Service Mise à jour Dropbox (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-5-3 143144]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2016-5-2 217976]
S2 InstallerService;Service Installer TrueKey;C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe --> C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [?]
S2 MapsBroker;Gestionnaire des cartes téléchargées;C:\Windows\System32\svchost.exe -k NetworkService [2016-7-16 44496]
S2 MSSEARCH;Microsoft Search;C:\Program Files (x86)\Common Files\System\MSSearch\Bin\mssearch.exe [2017-6-27 73728]
S3 AcpiDev;Pilote d’appareils ACPI;C:\Windows\System32\drivers\AcpiDev.sys [2016-7-16 18432]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2016-7-16 1135456]
S3 AJRouter;Service de routeur AllJoyn;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 applockerfltr;Pilote de filtre Smartlocker;C:\Windows\System32\drivers\applockerfltr.sys [2016-7-16 15360]
S3 AppReadiness;Préparation des applications;C:\Windows\System32\svchost.exe -k AppReadiness [2016-7-16 44496]
S3 AppvStrm;AppvStrm;C:\Windows\System32\drivers\AppVStrm.sys [2017-4-26 127328]
S3 AppvVemgr;AppvVemgr;C:\Windows\System32\drivers\AppvVemgr.sys [2016-7-16 157024]
S3 AppvVfs;AppvVfs;C:\Windows\System32\drivers\AppvVfs.sys [2016-7-16 141152]
S3 AppXSvc;Service de déploiement AppX (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2016-7-16 44496]
S3 aswHwid;aswHwid;C:\Windows\System32\drivers\aswHwid.sys [2017-5-3 46984]
S3 bcmfn;bcmfn Service;C:\Windows\System32\drivers\bcmfn.sys [2016-7-16 9728]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2016-7-16 9728]
S3 BthHFSrv;Service mains libres Bluetooth;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]
S3 CapImg;Pilote HID pour écran tactile CapImg;C:\Windows\System32\drivers\capimg.sys [2017-4-26 118272]
S3 cht4iscsi;cht4iscsi;C:\Windows\System32\drivers\cht4sx64.sys [2016-7-16 346976]
S3 cht4vbd;Pilote de bus virtuel Chelsio;C:\Windows\System32\drivers\cht4vx64.sys [2016-7-16 2104160]
S3 dbupdatem;Service Mise à jour Dropbox (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-5-3 143144]
S3 dcpm-notify;Dell Command | Power Manager Notify;C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [2016-6-2 94136]
S3 DcpSvc;DataCollectionPublishingService;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 Dell.CommandPowerManager.Service;Dell.CommandPowerManager.Service;C:\Windows\System32\dllhost.exe [2016-7-16 21344]
S3 DevQueryBroker;Service Broker de découverte en arrière-plan DevQuery;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 diagnosticshub.standardcollector.service;Service Collecteur standard du concentrateur de diagnostic Microsoft ®;C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]
S3 DmEnrollmentSvc;Service d'inscription de la gestion des périphériques;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DsSvc;Service de partage des données;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 embeddedmode;Mode incorporé;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 EntAppSvc;Service de gestion des applications d'entreprise;C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 FrameServer;Serveur de trame de la Caméra Windows;C:\Windows\System32\svchost.exe -k Camera [2016-7-16 44496]
S3 genericusbfn;Classe de fonction USB générique;C:\Windows\System32\drivers\genericusbfn.sys [2016-7-16 20480]
S3 hidinterrupt;Pilote global pour les boutons HID implémentés avec des interruptions;C:\Windows\System32\drivers\hidinterrupt.sys [2016-7-16 50016]
S3 HvHost;Service d'hôte HV;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iagpio.sys [2016-7-16 33280]
S3 iai2c;Contrôleur hôte I2C d’E/S série Intel®;C:\Windows\System32\drivers\iai2c.sys [2016-7-16 81408]
S3 iaLPSS2_SPI;Intel® Serial IO SPI Driver v2;C:\Windows\System32\drivers\iaLPSS2_SPI.sys [2017-4-26 151352]
S3 iaLPSS2_UART2;Intel® Serial IO UART Driver v2;C:\Windows\System32\drivers\iaLPSS2_UART2.sys [2017-4-26 282424]
S3 iaLPSS2i_GPIO2;Intel® Serial IO GPIO Driver v2;C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]
S3 iaLPSS2i_I2C;Pilote v2 I2C d’E/S série Intel®;C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]
S3 iaLPSSi_GPIO;Pilote de contrôleur GPIO d’E/S série Intel®;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]
S3 iaLPSSi_I2C;Pilote de contrôleur I2C d’E/S série Intel®;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]
S3 iaStorAV;Contrôleur RAID SATA Intel® pour Windows;C:\Windows\System32\drivers\iaStorAV.sys [2016-7-16 673120]
S3 ibbus;Bus/AL Mellanox InfiniBand (pilote de filtre);C:\Windows\System32\drivers\ibbus.sys [2016-7-16 526176]
S3 icssvc;Service Point d'accès sans fil mobile Windows;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 IndirectKmd;Pilote en mode noyau pour affichages indirects;C:\Windows\System32\drivers\IndirectKmd.sys [2016-7-16 35840]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-10-13 630048]
S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]
S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]
S3 megasas2i;megasas2i;C:\Windows\System32\drivers\MegaSas2i.sys [2017-4-26 64352]
S3 MessagingService_6cb9c;MessagingService_6cb9c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 mlx4_bus;Énumérateur de bus Mellanox ConnectX;C:\Windows\System32\drivers\mlx4_bus.sys [2016-7-16 842584]
S3 mosuport;USB Serial/Parallel Ports;C:\Windows\System32\drivers\mosuport.sys [2017-4-26 367744]
S3 MsSecFlt;Minifiltre du composant Événements de sécurité de Microsoft;C:\Windows\System32\drivers\mssecflt.sys [2016-7-16 179040]
S3 ndfltr;Service NetworkDirect;C:\Windows\System32\drivers\ndfltr.sys [2016-7-16 108896]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2016-12-21 23040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\Windows\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]
S3 NetSetupSvc;Service Configuration du réseau;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 NgcCtnrSvc;Conteneur Microsoft Passport;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 NgcSvc;Microsoft Passport;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2016-7-16 58720]
S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2016-7-16 61792]
S3 PhoneSvc;Service téléphonique;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2016-7-16 928608]
S3 RetailDemo;Service de démo du magasin;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 ScDeviceEnum;Service d’énumération de périphériques de carte à puce;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 scmbus;Pilote de bus de mémoire de classe stockage Microsoft;C:\Windows\System32\drivers\scmbus.sys [2017-7-12 88416]
S3 scmdisk0101;Pilote de disque NVDIMM-N Microsoft;C:\Windows\System32\drivers\scmdisk0101.sys [2017-8-9 124928]
S3 Sense;Service Protection avancée contre les menaces Windows Defender;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-8-9 2889888]
S3 SensorDataService;Service Données de capteur;C:\Windows\System32\SensorDataService.exe [2017-5-3 1312768]
S3 SensorService;Service de capteur;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2016-7-16 151904]
S3 stornvme;Pilote NVM Express standard de Microsoft;C:\Windows\System32\drivers\stornvme.sys [2017-8-9 81760]
S3 storufs;Pilote Universal Flash Storage (UFS) Microsoft;C:\Windows\System32\drivers\storufs.sys [2016-7-16 32096]
S3 ThunderboltService;Thunderbolt™ Service;C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2016-11-16 2018024]
S3 TieringEngineService;Gestion des niveaux de stockage;C:\Windows\System32\TieringEngineService.exe [2016-7-16 287744]
S3 TrueKeyServiceHelper;Intel Security True Key Helper Service;C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-7-13 87760]
S3 tzautoupdate;Programme de mise à jour automatique du fuseau horaire;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2016-7-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\Windows\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]
S3 UcmUcsi;Client UCSI du gestionnaire de connecteur USB;C:\Windows\System32\drivers\UcmUcsi.sys [2016-7-16 50688]
S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2016-7-16 45568]
S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2016-7-16 263008]
S3 UfxChipidea;Contrôleur Chipidea USB;C:\Windows\System32\drivers\UfxChipidea.sys [2016-7-16 96608]
S3 ufxsynopsys;Contrôleur Synopsys USB;C:\Windows\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]
S3 UrsChipidea;Pilote de commutateur de rôle Chipidea USB;C:\Windows\System32\drivers\urschipidea.sys [2016-7-16 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2016-7-16 57696]
S3 UrsSynopsys;Pilote de commutateur de rôle Synopsys USB;C:\Windows\System32\drivers\urssynopsys.sys [2016-7-16 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2016-12-21 54784]
S3 vhf;Pilote d'infrastructure HID virtuelle (VHF);C:\Windows\System32\drivers\vhf.sys [2016-7-16 32256]
S3 vmgid;Pilote d’infrastructure invité Microsoft Hyper-V;C:\Windows\System32\drivers\vmgid.sys [2016-7-16 10240]
S3 vmicguestinterface;Interface de services d’invité Hyper-V;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 vmicvmsession;Service Hyper-V PowerShell Direct;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 wcnfs;Windows Container Name Virtualization;C:\Windows\System32\drivers\wcnfs.sys [2017-8-9 66560]
S3 WdNisDrv;Pilote du système d’inspection du réseau Windows Defender;C:\Windows\System32\drivers\WdNisDrv.sys [2016-7-16 123232]
S3 WdNisSvc;Service Inspection du réseau Windows Defender;C:\Program Files\Windows Defender\NisSrv.exe [2017-5-19 347320]
S3 WEPHOSTSVC;Service hôte du fournisseur de chiffrement Windows;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2016-7-16 44496]
S3 WinMad;Service WinMad;C:\Windows\System32\drivers\winmad.sys [2016-7-16 32096]
S3 WinVerbs;Service WinVerbs;C:\Windows\System32\drivers\winverbs.sys [2016-7-16 64864]
S3 wisvc;Service Windows Insider;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 workfolderssvc;Dossiers de travail;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 WpnUserService_6cb9c;Service utilisateur de notifications Push Windows_6cb9c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 WSDScan;Prise en charge de la numérisation WSD;C:\Windows\System32\drivers\WSDScan.sys [2016-7-16 24576]
S3 XblAuthManager;Gestionnaire d'authentification Xbox Live;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 XblGameSave;Jeu sauvegardé sur Xbox Live;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2017-5-3 258560]
S3 XboxNetApiSvc;Service de mise en réseau Xbox Live;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2017-4-26 43520]
S4 AppVClient;Microsoft App-V Client;C:\Windows\System32\AppVClient.exe [2017-7-12 822624]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 59744]
S4 RsFx0153;RsFx0153 Driver;C:\Windows\System32\drivers\RsFx0153.sys [2014-8-23 322736]
S4 shpamsvc;Shared PC Account Manager;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S4 SQLAgent$CDVI_CENTAUR;SQL Server Agent (CDVI_CENTAUR);C:\Program Files\Microsoft SQL Server\MSSQL10_50.CDVI_CENTAUR\MSSQL\Binn\SQLAGENT.EXE [2014-8-23 443576]
S4 UevAgentDriver;UevAgentDriver;C:\Windows\System32\drivers\UevAgentDriver.sys [2016-7-16 40288]
S4 UevAgentService;Service User Experience Virtualization;C:\Windows\System32\AgentService.exe [2016-7-16 1227264]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: SZBrowser.exe: open="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2017-08-15 13:09:39    --------    d--h--w-    C:\$WINDOWS.~BT
2017-08-15 13:06:04    --------    d-----w-    C:\ProgramData\SWCUTemp
2017-08-14 12:53:45    --------    d-sh--w-    C:\$RECYCLE.BIN
2017-08-10 17:03:40    49992    ----a-w-    C:\Windows\System32\DbxSvc.exe
2017-08-10 17:03:40    45672    ----a-w-    C:\Windows\System32\drivers\dbx-dev.sys
2017-08-10 17:03:40    45640    ----a-w-    C:\Windows\System32\drivers\dbx-stable.sys
2017-08-10 17:03:40    45640    ----a-w-    C:\Windows\System32\drivers\dbx-canary.sys
2017-08-09 18:31:42    --------    d--h--w-    C:\ProgramData\CanonIJFAX
2017-08-09 18:31:40    303104    ----a-w-    C:\Windows\System32\CNCALCG.DLL
2017-08-09 18:30:18    30208    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\CNMPDCG.DLL
2017-08-09 18:30:18    102912    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\CNMPPCG.DLL
2017-08-09 18:30:12    406016    ----a-w-    C:\Windows\System32\CNMLMCG.DLL
2017-08-09 10:24:58    98304    ----a-w-    C:\Windows\System32\MusNotificationUx.exe
2017-08-09 10:23:58    629248    ----a-w-    C:\Windows\System32\uReFS.dll
2017-08-07 10:32:42    --------    d-----r-    C:\Users\Corentin\3D Objects
2017-08-01 19:22:11    --------    d-----w-    C:\Users\Corentin\AppData\Local\FaceGen
2017-08-01 19:21:51    --------    d-----w-    C:\Program Files\FaceGen
2017-08-01 10:38:00    --------    d-----w-    C:\Users\Corentin\AppData\Roaming\Dell
2017-08-01 10:28:06    --------    d-----w-    C:\Program Files\iPod
2017-08-01 10:28:05    --------    d---a-w-    C:\Program Files\iTunes
2017-07-31 11:14:31    188352    ----a-w-    C:\Windows\System32\drivers\MBAMChameleon.sys
2017-07-31 11:14:16    93600    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2017-07-31 11:14:16    101784    ----a-w-    C:\Windows\System32\drivers\farflt.sys
2017-07-31 11:14:13    45472    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2017-07-31 11:14:04    253856    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2017-07-31 11:14:01    77376    ----a-w-    C:\Windows\System32\drivers\mbae64.sys
2017-07-31 11:13:58    --------    d-----w-    C:\ProgramData\Malwarebytes
2017-07-31 11:13:58    --------    d-----w-    C:\Program Files\Malwarebytes
2017-07-28 19:04:25    30912    ----a-w-    C:\Windows\System32\aspnet_counters.dll
2017-07-28 19:04:24    29376    ----a-w-    C:\Windows\SysWow64\aspnet_counters.dll
2017-07-28 19:04:20    18592    ----a-w-    C:\Windows\System32\msvcr100_clr0400.dll
2017-07-28 19:04:17    18600    ----a-w-    C:\Windows\SysWow64\msvcr100_clr0400.dll
2017-07-24 15:33:56    --------    d-----w-    C:\Users\Corentin\AppData\Roaming\XMind
2017-07-24 15:33:56    --------    d-----w-    C:\Users\Corentin\.oracle_jre_usage
2017-07-24 15:33:22    --------    d---a-w-    C:\Program Files (x86)\XMind
2017-07-24 15:33:07    --------    d-----w-    C:\Users\Corentin\AppData\Local\Programs
2017-07-19 10:24:20    --------    d-----w-    C:\Users\Corentin\AppData\Roaming\gSyncit
2017-07-19 10:24:14    --------    d-----w-    C:\Program Files (x86)\Fieldston Software
2017-07-19 09:28:09    --------    d-----w-    C:\Users\Corentin\AppData\Roaming\GoContactSyncMOD
2017-07-17 23:11:46    451264    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2017-07-17 23:11:08    28352    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2017-07-17 23:00:52    213704    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
.
==================== Find3M  ====================
.
2017-08-10 10:13:44    146704    ----a-w-    C:\Windows\System32\drivers\aswmonflt.sys
2017-08-10 10:13:44    1015880    ----a-w-    C:\Windows\System32\drivers\aswsnx.sys
2017-08-01 19:32:52    133984    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2017-08-01 19:31:28    7780192    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2017-08-01 19:29:47    376672    ----a-w-    C:\Windows\System32\drivers\clfs.sys
2017-08-01 19:27:28    118112    ----a-w-    C:\Windows\System32\drivers\tdx.sys
2017-08-01 19:25:59    168800    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2017-08-01 19:22:37    360040    ----a-w-    C:\Windows\System32\SystemSettingsAdminFlows.exe
2017-08-01 19:22:09    1860288    ----a-w-    C:\Windows\System32\Windows.ApplicationModel.Store.dll
2017-08-01 19:21:59    857440    ----a-w-    C:\Windows\System32\WWAHost.exe
2017-08-01 19:21:51    146784    ----a-w-    C:\Windows\System32\CloudExperienceHostCommon.dll
2017-08-01 19:21:41    26976    ----a-w-    C:\Windows\System32\browser_broker.exe
2017-08-01 19:21:12    295264    ----a-w-    C:\Windows\System32\WerFault.exe
2017-08-01 19:21:10    124072    ----a-w-    C:\Windows\System32\WerFaultSecure.exe
2017-08-01 19:21:04    624048    ----a-w-    C:\Windows\System32\drivers\cng.sys
2017-08-01 19:20:55    383776    ----a-w-    C:\Windows\System32\Faultrep.dll
2017-08-01 19:20:51    557408    ----a-w-    C:\Windows\System32\drivers\spaceport.sys
2017-08-01 19:20:49    684344    ----a-w-    C:\Windows\System32\wer.dll
2017-08-01 19:20:46    79712    ----a-w-    C:\Windows\System32\drivers\vmbkmcl.sys
2017-08-01 19:20:45    144736    ----a-w-    C:\Windows\System32\wermgr.exe
2017-08-01 19:20:44    2446704    ----a-w-    C:\Windows\System32\msxml6.dll
2017-08-01 19:18:53    92512    ----a-w-    C:\Windows\System32\rdpudd.dll
2017-08-01 19:18:20    8169536    ----a-w-    C:\Windows\System32\Windows.Media.Protection.PlayReady.dll
2017-08-01 19:18:06    4260064    ----a-w-    C:\Windows\System32\mfcore.dll
2017-08-01 19:18:04    1983408    ----a-w-    C:\Windows\System32\mfmp4srcsnk.dll
2017-08-01 19:18:03    1702392    ----a-w-    C:\Windows\System32\mfasfsrcsnk.dll
2017-08-01 19:17:56    1072248    ----a-w-    C:\Windows\System32\mfnetcore.dll
2017-08-01 19:17:54    244816    ----a-w-    C:\Windows\System32\mfps.dll
2017-08-01 19:17:31    241504    ----a-w-    C:\Windows\System32\CloudExperienceHost.dll
2017-08-01 19:17:09    1600632    ----a-w-    C:\Windows\System32\sppobjs.dll
2017-08-01 19:13:51    2532192    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2017-08-01 19:13:48    1102176    ----a-w-    C:\Windows\System32\drivers\http.sys
2017-08-01 19:13:35    387872    ----a-w-    C:\Windows\System32\wmpps.dll
2017-08-01 19:01:00    7218176    ----a-w-    C:\Windows\System32\Windows.Data.Pdf.dll
2017-08-01 18:58:18    299008    ----a-w-    C:\Windows\System32\rdpinit.exe
2017-08-01 18:57:57    415744    ----a-w-    C:\Windows\System32\rdpshell.exe
2017-08-01 18:57:49    372736    ----a-w-    C:\Windows\System32\RDXTaskFactory.dll
2017-08-01 18:54:09    42496    ----a-w-    C:\Windows\System32\tokenbinding.dll
2017-08-01 18:53:02    123904    ----a-w-    C:\Windows\System32\mssprxy.dll
2017-08-01 18:52:46    237568    ----a-w-    C:\Windows\System32\Windows.Web.Diagnostics.dll
2017-08-01 18:52:38    22569472    ----a-w-    C:\Windows\System32\edgehtml.dll
2017-08-01 18:52:35    80896    ----a-w-    C:\Windows\System32\drivers\vmbkmclr.sys
2017-08-01 18:51:09    113664    ----a-w-    C:\Windows\System32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-01 18:50:45    99328    ----a-w-    C:\Windows\System32\browserbroker.dll
2017-08-01 18:48:56    211968    ----a-w-    C:\Windows\System32\InstallAgent.exe
2017-08-01 18:48:40    289792    ----a-w-    C:\Windows\System32\DeveloperOptionsSettingsHandlers.dll
2017-08-01 18:47:47    49664    ----a-w-    C:\Windows\System32\TokenBrokerUI.dll
2017-08-01 18:47:46    651264    ----a-w-    C:\Windows\System32\Windows.Devices.AllJoyn.dll
2017-08-01 18:47:33    268800    ----a-w-    C:\Windows\System32\UserMgrProxy.dll
2017-08-01 18:47:31    223744    ----a-w-    C:\Windows\System32\Windows.Networking.HostName.dll
2017-08-01 18:47:29    748544    ----a-w-    C:\Windows\System32\StoreAgent.dll
2017-08-01 18:47:13    691200    ----a-w-    C:\Windows\System32\ieproxy.dll
2017-08-01 18:46:59    147456    ----a-w-    C:\Windows\System32\winsrv.dll
2017-08-01 18:46:58    260608    ----a-w-    C:\Windows\System32\InstallAgentUserBroker.exe
2017-08-01 18:46:54    94720    ----a-w-    C:\Windows\System32\wercplsupport.dll
2017-08-01 18:46:49    590336    ----a-w-    C:\Windows\System32\efswrt.dll
2017-08-01 18:46:41    379904    ----a-w-    C:\Windows\System32\apprepsync.dll
2017-08-01 18:46:13    349184    ----a-w-    C:\Windows\System32\SearchProtocolHost.exe
2017-08-01 18:46:06    176128    ----a-w-    C:\Windows\System32\apprepapi.dll
2017-08-01 18:46:04    78336    ----a-w-    C:\Windows\System32\wsqmcons.exe
2017-08-01 18:46:03    315904    ----a-w-    C:\Windows\System32\Phoneutil.dll
2017-08-01 18:45:42    456192    ----a-w-    C:\Windows\System32\puiobj.dll
2017-08-01 18:45:39    561664    ----a-w-    C:\Windows\System32\Windows.ApplicationModel.Wallet.dll
2017-08-01 18:45:35    805888    ----a-w-    C:\Windows\System32\jscript9diag.dll
2017-08-01 18:45:32    472064    ----a-w-    C:\Windows\System32\schannel.dll
2017-08-01 18:45:24    451072    ----a-w-    C:\Windows\System32\werui.dll
2017-08-01 18:45:23    171008    ----a-w-    C:\Windows\System32\DWWIN.EXE
2017-08-01 18:45:14    425984    ----a-w-    C:\Windows\System32\aadcloudap.dll
2017-08-01 18:44:07    642048    ----a-w-    C:\Windows\System32\Windows.UI.Xaml.InkControls.dll
2017-08-01 18:44:03    1010176    ----a-w-    C:\Windows\System32\enterprisecsps.dll
2017-08-01 18:43:57    156672    ----a-w-    C:\Windows\System32\wersvc.dll
2017-08-01 18:43:39    963584    ----a-w-    C:\Windows\System32\WebcamUi.dll
2017-08-01 18:43:09    966144    ----a-w-    C:\Windows\System32\sbe.dll
2017-08-01 18:43:01    945664    ----a-w-    C:\Windows\System32\iphlpsvc.dll
2017-08-01 18:42:47    6288384    ----a-w-    C:\Windows\System32\Windows.Media.dll
2017-08-01 18:42:43    775168    ----a-w-    C:\Windows\System32\GamePanel.exe
2017-08-01 18:41:05    2222080    ----a-w-    C:\Windows\System32\certmgr.dll
2017-08-01 18:41:05    2112512    ----a-w-    C:\Windows\System32\wbem\DMWmiBridgeProv.dll
2017-08-01 18:40:56    2716672    ----a-w-    C:\Windows\System32\WsmSvc.dll
2017-08-01 18:40:54    945664    ----a-w-    C:\Windows\System32\WpcWebFilter.dll
2017-08-01 18:40:23    800768    ----a-w-    C:\Windows\System32\Windows.Security.Authentication.Web.Core.dll
2017-08-01 18:39:56    9129984    ----a-w-    C:\Windows\System32\twinui.dll
2017-08-01 18:39:50    323072    ----a-w-    C:\Windows\System32\ncryptprov.dll
2017-08-01 18:39:48    1281536    ----a-w-    C:\Windows\System32\werconcpl.dll
2017-08-01 18:39:43    353280    ----a-w-    C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2017-08-01 18:38:29    1589760    ----a-w-    C:\Windows\System32\msdtctm.dll
2017-08-01 18:36:18    295424    ----a-w-    C:\Windows\System32\dlnashext.dll
2017-08-01 18:35:09    1908224    ----a-w-    C:\Windows\System32\AzureSettingSyncProvider.dll
2017-08-01 18:34:11    1837056    ----a-w-    C:\Windows\System32\workfolderssvc.dll
2017-08-01 18:33:56    4749824    ----a-w-    C:\Windows\System32\SettingsHandlers_nt.dll
2017-08-01 18:33:31    230400    ----a-w-    C:\Windows\System32\windowslivelogin.dll
2017-08-01 18:33:12    167936    ----a-w-    C:\Windows\System32\ErrorDetails.dll
2017-08-01 18:32:46    821248    ----a-w-    C:\Windows\System32\comuid.dll
2017-08-01 18:32:44    4596224    ----a-w-    C:\Windows\System32\xpsrchvw.exe
2017-08-01 18:32:19    3401216    ----a-w-    C:\Windows\System32\tquery.dll
2017-08-01 18:32:12    8114688    ----a-w-    C:\Windows\System32\Chakra.dll
2017-08-01 18:30:47    305152    ----a-w-    C:\Windows\System32\srvsvc.dll
2017-08-01 18:30:42    1643008    ----a-w-    C:\Windows\System32\Windows.Media.Speech.dll
2017-08-01 18:30:26    913920    ----a-w-    C:\Windows\System32\Windows.Networking.dll
2017-08-01 18:30:13    2916864    ----a-w-    C:\Windows\System32\CertEnroll.dll
.
============= FINISH: 15:21:27,68 ===============
 



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:39 AM

Posted 17 August 2017 - 06:10 PM

Greetings nitneo and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your Desktop. <<< Important
  • Double click the icon
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of each report in separate reply windows
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#3 nitneo

nitneo
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:39 PM

Posted 19 August 2017 - 07:56 PM

Hello Gary,

 

Sorry for my late reply ! Here are the results.

 

Nitneo



#4 nitneo

nitneo
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:39 PM

Posted 19 August 2017 - 08:00 PM

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Exécuté par Corentin (administrateur) sur DESKTOP-VJT2FBS (20-08-2017 02:55:23)
Exécuté depuis C:\Users\Corentin\Desktop
Profils chargés: Corentin (Profils disponibles: defaultuser0 & Corentin)
Platform: Windows 10 Pro Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\IntelCpHDCPSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
() C:\ProgramData\myCANAL\nssm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.CDVI_CENTAUR\MSSQL\Binn\sqlservr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\ProgramData\myCANAL\myCANAL.Service.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\IntelCpHeciSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igfxEM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Slack Technologies) C:\Users\Corentin\AppData\Local\slack\app-2.7.1\slack.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Slack Technologies) C:\Users\Corentin\AppData\Local\slack\app-2.7.1\slack.exe
(Fieldston Software) C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
(Slack Technologies) C:\Users\Corentin\AppData\Local\slack\app-2.7.1\slack.exe
(Slack Technologies) C:\Users\Corentin\AppData\Local\slack\app-2.7.1\slack.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Slack Technologies) C:\Users\Corentin\AppData\Local\slack\app-2.7.1\slack.exe
(Dell) C:\Users\Corentin\AppData\Local\Apps\2.0\ZJR6OO8N.YVH\75OE0OP1.MCZ\dell..tion_831211ca63b981c5_0008.0004_3d463ceeb98aa2c1\DellSystemDetect.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(CDVI Group) C:\Program Files (x86)\CDVI Group\Centaur\Centaur Server\svrmgr.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\sfc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1561_none_7ef6e89821f9a6be\TiWorker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9080848 2016-11-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_WAVES_SKYLAKE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1480712 2016-11-23] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [940976 2016-11-19] (Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-31] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-26] (AVAST Software)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-08-10] (Dropbox, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [com.squirrel.slack.slack] => "C:\Users\Corentin\AppData\Local\slack\Update.exe" --processStart "slack.exe" --process-start-args "--startup"
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [Spotify] => C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe [15866480 2017-08-07] (Spotify Ltd)
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [gSyncit] => C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [227328 2017-07-16] (Fieldston Software)
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [Spotify Web Helper] => C:\Users\Corentin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-07] (Spotify Ltd)
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [DellSystemDetect] => C:\Users\Corentin\AppData\Local\Apps\2.0\ZJR6OO8N.YVH\75OE0OP1.MCZ\dell..tion_831211ca63b981c5_0008.0004_3d463ceeb98aa2c1\DellSystemDetect.exe [313264 2017-05-07] (Dell)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Centaur Service Manager.lnk [2017-06-28]
ShortcutTarget: Centaur Service Manager.lnk -> C:\Program Files (x86)\CDVI Group\Centaur\Centaur Server\svrmgr.exe (CDVI Group)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0026bcf6-6b36-41f1-8bcc-26252b41950f}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{f3fafbc1-cdb6-4718-ba80-9b312306e4fa}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-961603994-2917682709-4187222462-1001 -> DefaultScope {6BA6D03C-2EAF-4D22-923F-25E140A1B650} URL =
SearchScopes: HKU\S-1-5-21-961603994-2917682709-4187222462-1001 -> {6BA6D03C-2EAF-4D22-923F-25E140A1B650} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-08-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-08-16] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKU\S-1-5-21-961603994-2917682709-4187222462-1001 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ltlw43sw.default
FF ProfilePath: C:\Users\Corentin\AppData\Roaming\Mozilla\Firefox\Profiles\ltlw43sw.default [2017-08-20]
FF Extension: (Avast SafePrice) - C:\Users\Corentin\AppData\Roaming\Mozilla\Firefox\Profiles\ltlw43sw.default\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Avast Online Security) - C:\Users\Corentin\AppData\Roaming\Mozilla\Firefox\Profiles\ltlw43sw.default\Extensions\wrc@avast.com.xpi [2017-08-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-10] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-08-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default [2017-08-15]
CHR Extension: (Google Slides) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-03]
CHR Extension: (Google Docs) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-03]
CHR Extension: (Google Drive) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-03]
CHR Extension: (YouTube) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-23]
CHR Extension: (Avast SafePrice) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-23]
CHR Extension: (Google Sheets) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-27]
CHR Extension: (Avast Online Security) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-03]
CHR Extension: (Gmail) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-26] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-09-07] (Windows ® Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-26] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-08-10] (Microsoft Corporation)
R3 cphs; C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\IntelCpHeciSvc.exe [285696 2017-06-03] (Intel Corporation)
R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\IntelCpHDCPSvc.exe [462848 2017-06-03] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-08-10] (Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [94136 2016-06-02] (Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [119336 2017-06-16] (Dell)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-02] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-10-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igfxCUIService.exe [324608 2017-06-03] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457432 2016-09-22] (Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S2 MSSEARCH; C:\Program Files (x86)\Common Files\System\MSSearch\Bin\mssearch.exe [73728 2000-07-12] (Microsoft Corporation) [Fichier non signé]
R2 MSSQL$CDVI_CENTAUR; c:\Program Files\Microsoft SQL Server\MSSQL10_50.CDVI_CENTAUR\MSSQL\Binn\sqlservr.exe [62275248 2015-03-19] (Microsoft Corporation)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2017-05-10] () [Fichier non signé]
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [329736 2016-11-23] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889888 2017-08-01] (Microsoft Corporation)
S4 SQLAgent$CDVI_CENTAUR; c:\Program Files\Microsoft SQL Server\MSSQL10_50.CDVI_CENTAUR\MSSQL\Binn\SQLAGENT.EXE [443576 2014-08-23] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-08-04] (Dell Inc.)
S3 ThunderboltService; c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2018024 2016-11-16] (Intel Corporation)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [410032 2016-11-19] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{65954A00-3033-4F72-A598-12CBECCC5815}
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320008 2017-07-26] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-07-26] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-07-26] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57728 2017-07-26] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [46984 2017-07-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41800 2017-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [146704 2017-08-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110352 2017-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84392 2017-07-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1015880 2017-08-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [585608 2017-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [198768 2017-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-07-11] (AVAST Software)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [145736 2016-09-19] (Rivet Networks, LLC.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [71232 2016-08-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2016-08-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [350272 2016-08-13] (Intel Corporation)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-30] (Intel Corporation)
R3 igfx; C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igdkmd64.sys [11073480 2017-06-03] (Intel Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253856 2017-08-20] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [93600 2017-08-15] (Malwarebytes)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [367744 2016-12-23] (ASIX Electronics Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 Qcamain10x64; C:\Windows\system32\DRIVERS\Qcamain10x64.sys [2412976 2017-04-15] (Qualcomm Atheros, Inc.)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-08-23] (Microsoft Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [796672 2016-12-15] (Realsil Semiconductor Corporation)
S3 rtux64w10; C:\Windows\System32\drivers\rtux64w10.sys [375296 2017-01-18] (Realtek )
S3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [40376 2017-05-11] (USBPcap)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [40008 2016-08-16] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-08-20 02:55 - 2017-08-20 02:55 - 000027991 _____ C:\Users\Corentin\Desktop\FRST.txt
2017-08-20 02:54 - 2017-08-20 02:55 - 000000000 ____D C:\FRST
2017-08-20 02:54 - 2017-08-20 02:54 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-20 02:53 - 2017-08-20 02:54 - 002395648 _____ (Farbar) C:\Users\Corentin\Desktop\FRST64.exe
2017-08-20 02:53 - 2017-08-20 02:54 - 001792512 _____ (Farbar) C:\Users\Corentin\Downloads\FRST.exe
2017-08-20 02:52 - 2017-08-20 02:52 - 002395648 _____ (Farbar) C:\Users\Corentin\Downloads\FRST64.exe
2017-08-17 13:10 - 2017-08-20 02:22 - 000000000 ____D C:\Users\Corentin\.sapvi
2017-08-17 13:10 - 2017-08-17 13:14 - 477187440 _____ (SAP SE) C:\Users\Corentin\Downloads\SAPLUMIRA6431P_4-20009491.EXE
2017-08-17 13:10 - 2017-08-17 13:10 - 000001926 _____ C:\Users\Public\Desktop\SAP Lumira.lnk
2017-08-17 13:10 - 2017-08-17 13:10 - 000000000 ____D C:\Users\Public\sapvi
2017-08-17 13:10 - 2017-08-17 13:10 - 000000000 ____D C:\Users\Corentin\Documents\SAP Lumira Documents
2017-08-17 13:10 - 2017-08-17 13:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAP Business Intelligence
2017-08-17 13:10 - 2017-08-17 13:10 - 000000000 ____D C:\Program Files\SAP Lumira
2017-08-17 13:08 - 2017-08-17 13:09 - 478708816 _____ (SAP SE) C:\Users\Corentin\Downloads\SAPLUMIRA6431P_7-20009491(1).EXE
2017-08-17 13:05 - 2017-08-17 13:08 - 478708816 _____ (SAP SE) C:\Users\Corentin\Downloads\SAPLUMIRA6431P_7-20009491.EXE
2017-08-16 19:10 - 2017-08-16 19:10 - 000628420 _____ C:\Users\Corentin\Downloads\Startup-Studio-Playbook-v1.2.epub
2017-08-16 14:04 - 2017-08-16 14:04 - 000229237 _____ C:\Users\Corentin\Downloads\document.pdf
2017-08-15 17:03 - 2017-08-15 17:03 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Waves Audio
2017-08-15 16:18 - 2017-08-15 17:08 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Wireshark
2017-08-15 16:17 - 2017-08-15 16:17 - 000001829 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-08-15 16:17 - 2017-08-15 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-08-15 16:17 - 2017-08-15 16:17 - 000000000 ____D C:\Program Files\USBPcap
2017-08-15 16:17 - 2017-08-15 16:17 - 000000000 ____D C:\Program Files (x86)\WinPcap
2017-08-15 16:16 - 2017-08-15 16:17 - 000000000 ____D C:\Program Files\Wireshark
2017-08-15 16:11 - 2017-08-15 16:16 - 059110928 _____ (Wireshark development team) C:\Users\Corentin\Downloads\Wireshark-win64-2.4.0.exe
2017-08-15 15:58 - 2017-08-15 15:58 - 000000000 ____D C:\Users\Corentin\Documents\ProcAlyzer Dumps
2017-08-15 15:50 - 2017-08-15 15:50 - 000001462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-08-15 15:50 - 2017-08-15 15:50 - 000001450 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-08-15 15:50 - 2017-08-15 15:50 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2017-08-15 15:50 - 2017-08-15 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-08-15 15:50 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2017-08-15 15:49 - 2017-08-15 17:10 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-08-15 15:49 - 2017-08-15 15:51 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-08-15 15:49 - 2017-08-15 15:49 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\Corentin\Downloads\spybotsd-2.6.46.exe
2017-08-15 15:34 - 2017-08-18 19:08 - 000544424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-08-15 15:29 - 2017-08-15 15:29 - 001445888 _____ (Option^Explicit Software Solutions) C:\Users\Corentin\Downloads\winsockxpfix.exe
2017-08-15 15:29 - 2017-08-15 15:29 - 001445888 _____ (Option^Explicit Software Solutions) C:\Users\Corentin\Downloads\winsockxpfix(1).exe
2017-08-15 15:21 - 2017-08-15 15:35 - 000050675 _____ C:\Users\Corentin\Desktop\dds.txt
2017-08-15 15:21 - 2017-08-15 15:35 - 000004854 _____ C:\Users\Corentin\Desktop\attach.txt
2017-08-15 15:20 - 2017-08-15 15:20 - 000688992 ____R (Swearware) C:\Users\Corentin\Downloads\dds.exe
2017-08-15 15:05 - 2017-08-15 15:06 - 000388608 _____ (Trend Micro Inc.) C:\Users\Corentin\Downloads\HijackThis(1).exe
2017-08-14 13:53 - 2017-08-14 13:53 - 000003934 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-08-10 22:26 - 2017-08-10 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-08-10 21:26 - 2017-08-10 21:47 - 000000000 ____D C:\Users\Corentin\Desktop\AA
2017-08-10 19:03 - 2017-08-10 19:03 - 000049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-08-10 19:03 - 2017-08-10 19:03 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-08-10 19:03 - 2017-08-10 19:03 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-08-10 19:03 - 2017-08-10 19:03 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-08-09 20:36 - 2017-08-09 22:23 - 000003282 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry
2017-08-09 20:31 - 2017-08-09 20:31 - 000000000 ___HD C:\ProgramData\CanonIJFAX
2017-08-09 20:31 - 2014-04-28 05:00 - 000303104 _____ (CANON INC.) C:\Windows\system32\CNCALCG.DLL
2017-08-09 20:30 - 2017-08-09 20:30 - 000000000 ___HD C:\ProgramData\CanonBJ
2017-08-09 20:30 - 2014-04-23 05:00 - 000406016 _____ (CANON INC.) C:\Windows\system32\CNMLMCG.DLL
2017-08-09 12:25 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-08-09 12:25 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-08-09 12:25 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-08-09 12:25 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2017-08-09 12:25 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-08-09 12:25 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-08-09 12:25 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-08-09 12:25 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-08-09 12:25 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-08-09 12:25 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-08-09 12:25 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-08-09 12:25 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-09 12:25 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-08-09 12:25 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-08-09 12:25 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-08-09 12:25 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-08-09 12:25 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2017-08-09 12:25 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2017-08-09 12:25 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2017-08-09 12:25 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-08-09 12:25 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-09 12:25 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-08-09 12:25 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-08-09 12:25 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-08-09 12:25 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-08-09 12:25 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-08-09 12:25 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-08-09 12:25 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2017-08-09 12:25 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-08-09 12:25 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tokenbinding.dll
2017-08-09 12:25 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-08-09 12:25 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-09 12:25 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll
2017-08-09 12:25 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-09 12:25 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-08-09 12:25 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-08-09 12:25 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-08-09 12:25 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-08-09 12:25 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2017-08-09 12:25 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-08-09 12:25 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-09 12:25 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-09 12:25 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-08-09 12:25 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-08-09 12:25 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2017-08-09 12:25 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-08-09 12:25 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-08-09 12:25 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Phoneutil.dll
2017-08-09 12:25 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-08-09 12:25 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-08-09 12:25 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-08-09 12:25 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2017-08-09 12:25 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-08-09 12:25 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2017-08-09 12:25 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2017-08-09 12:25 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2017-08-09 12:25 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-08-09 12:25 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-08-09 12:25 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2017-08-09 12:25 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-08-09 12:25 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-08-09 12:25 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-08-09 12:25 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2017-08-09 12:25 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-08-09 12:25 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-08-09 12:25 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comuid.dll
2017-08-09 12:25 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-09 12:25 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-08-09 12:25 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-08-09 12:25 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-08-09 12:25 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-08-09 12:25 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-08-09 12:25 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-08-09 12:25 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2017-08-09 12:25 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-08-09 12:25 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-08-09 12:25 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-08-09 12:25 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-08-09 12:25 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-08-09 12:25 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-08-09 12:25 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-08-09 12:25 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-08-09 12:25 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-08-09 12:25 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2017-08-09 12:25 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2017-08-09 12:25 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-08-09 12:25 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-08-09 12:25 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-08-09 12:25 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2017-08-09 12:25 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-08-09 12:25 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-08-09 12:25 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2017-08-09 12:25 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-08-09 12:25 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dabapi.dll
2017-08-09 12:25 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2017-08-09 12:25 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\frprov.dll
2017-08-09 12:25 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2017-08-09 12:25 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
2017-08-09 12:25 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshhttp.dll
2017-08-09 12:25 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-08-09 12:25 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
2017-08-09 12:25 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2017-08-09 12:25 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmdisk0101.sys
2017-08-09 12:25 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-08-09 12:25 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-08-09 12:25 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-08-09 12:25 - 2017-07-12 07:21 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthLEEnum.sys
2017-08-09 12:25 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-08-09 12:25 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2017-08-09 12:25 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2017-08-09 12:25 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2017-08-09 12:25 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2017-08-09 12:25 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2017-08-09 12:25 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-08-09 12:25 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-08-09 12:25 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2017-08-09 12:25 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2017-08-09 12:25 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-08-09 12:25 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-08-09 12:25 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-08-09 12:25 - 2017-07-12 04:49 - 000448629 _____ C:\Windows\system32\ApnDatabase.xml
2017-08-09 12:25 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-08-09 12:24 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-08-09 12:24 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-08-09 12:24 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-08-09 12:24 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-08-09 12:24 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-08-09 12:24 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-08-09 12:24 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-08-09 12:24 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-08-09 12:24 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-08-09 12:24 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-08-09 12:24 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-08-09 12:24 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-08-09 12:24 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-08-09 12:24 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-08-09 12:24 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-08-09 12:24 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-08-09 12:24 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-08-09 12:24 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-08-09 12:24 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-08-09 12:24 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-08-09 12:24 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-08-09 12:24 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-08-09 12:24 - 2017-08-01 20:58 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-08-09 12:24 - 2017-08-01 20:57 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-08-09 12:24 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-08-09 12:24 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-08-09 12:24 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-09 12:24 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-08-09 12:24 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-09 12:24 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-08-09 12:24 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-08-09 12:24 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-08-09 12:24 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-08-09 12:24 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-08-09 12:24 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.HostName.dll
2017-08-09 12:24 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-08-09 12:24 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\Phoneutil.dll
2017-08-09 12:24 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-08-09 12:24 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2017-08-09 12:24 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-08-09 12:24 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-08-09 12:24 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-08-09 12:24 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-08-09 12:24 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll
2017-08-09 12:24 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2017-08-09 12:24 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-08-09 12:24 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-08-09 12:24 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-09 12:24 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2017-08-09 12:24 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2017-08-09 12:24 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-08-09 12:24 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-08-09 12:24 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-08-09 12:24 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-08-09 12:24 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-08-09 12:24 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2017-08-09 12:24 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-08-09 12:24 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-08-09 12:24 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-08-09 12:24 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2017-08-09 12:24 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-08-09 12:24 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-08-09 12:24 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-08-09 12:24 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-09 12:24 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-08-09 12:24 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-08-09 12:24 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-08-09 12:24 - 2017-08-01 20:26 - 001949696 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2017-08-09 12:24 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-08-09 12:24 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2017-08-09 12:24 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-08-09 12:24 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-08-09 12:24 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-08-09 12:24 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-09 12:24 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-08-09 12:24 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-08-09 12:24 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-08-09 12:24 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-08-09 12:24 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-08-09 12:24 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-08-09 12:24 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-08-09 12:24 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-08-09 12:24 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-08-09 12:24 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-08-09 12:24 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-08-09 12:24 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-08-09 12:24 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-08-09 12:24 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-08-09 12:24 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2017-08-09 12:24 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-08-09 12:24 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2017-08-09 12:24 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-08-09 12:24 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2017-08-09 12:24 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2017-08-09 12:24 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll
2017-08-09 12:24 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
2017-08-09 12:24 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-08-09 12:24 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2017-08-09 12:24 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-08-09 12:24 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\frprov.dll
2017-08-09 12:24 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2017-08-09 12:24 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2017-08-09 12:24 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2017-08-09 12:24 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2017-08-09 12:24 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2017-08-09 12:24 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2017-08-09 12:24 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-08-09 12:24 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-08-09 12:24 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-08-09 12:24 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-08-09 12:24 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-08-09 12:24 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-08-09 12:24 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-08-09 12:24 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-08-09 12:24 - 2017-07-12 07:03 - 000779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-08-09 12:24 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2017-08-09 12:24 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-08-09 12:24 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-08-09 12:24 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-08-09 12:24 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-08-09 12:24 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-08-09 12:24 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-08-09 12:24 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-08-09 12:24 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2017-08-09 12:24 - 2017-03-04 08:14 - 000588288 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2017-08-09 12:24 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-08-09 12:24 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-08-09 12:24 - 2016-09-07 07:24 - 000057400 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-08-09 12:24 - 2016-08-02 10:13 - 001081856 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-08-09 12:23 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-08-09 12:23 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-08-09 12:23 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2017-08-09 12:23 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2017-08-09 12:23 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-08-09 12:23 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-08-09 12:23 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2017-08-09 12:23 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-08-09 12:23 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
2017-08-09 12:23 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-08-09 12:23 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\tokenbinding.dll
2017-08-09 12:23 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2017-08-09 12:23 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-08-09 12:23 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-08-09 12:23 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-08-09 12:23 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-08-09 12:23 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-08-09 12:23 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2017-08-09 12:23 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-08-09 12:23 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2017-08-09 12:23 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2017-08-09 12:23 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2017-08-09 12:23 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2017-08-09 12:23 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-08-09 12:23 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2017-08-09 12:23 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-08-09 12:23 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-08-09 12:23 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2017-08-09 12:23 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-08-09 12:23 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-08-09 12:23 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\windowslivelogin.dll
2017-08-09 12:23 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-08-09 12:23 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2017-08-09 12:23 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-08-09 12:23 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-08-09 12:23 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-08-09 12:23 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-08-09 12:23 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-08-09 12:23 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-08-09 12:23 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-08-09 12:23 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-08-09 12:23 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-08-09 12:23 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2017-08-09 12:23 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-08-09 12:23 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\dabapi.dll
2017-08-09 12:23 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2017-08-09 12:23 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-08-09 12:23 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2017-08-09 12:23 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\profsvcext.dll
2017-08-09 12:23 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2017-08-09 12:23 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2017-08-09 12:23 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2017-08-09 12:23 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2017-08-09 12:23 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2017-08-09 12:23 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-08-09 12:23 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-08-09 12:23 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2017-08-09 12:23 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2017-08-09 12:23 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-08-09 12:23 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-08-09 12:23 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-08-09 12:23 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2017-08-09 12:23 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-08-09 12:23 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2017-08-08 18:00 - 2017-08-10 21:36 - 000000000 ____D C:\Users\Corentin\Desktop\MWG
2017-08-07 12:32 - 2017-08-07 12:32 - 000000000 ___RD C:\Users\Corentin\3D Objects
2017-08-01 21:22 - 2017-08-01 21:22 - 000000000 ____D C:\Users\Corentin\AppData\Local\FaceGen
2017-08-01 21:21 - 2017-08-01 21:21 - 000001234 _____ C:\Users\Corentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FaceGen 3D Print Demo.lnk
2017-08-01 21:21 - 2017-08-01 21:21 - 000001108 _____ C:\Users\Corentin\Desktop\FaceGen 3D Print Demo.lnk
2017-08-01 21:21 - 2017-08-01 21:21 - 000000000 ____D C:\Program Files\FaceGen
2017-08-01 21:20 - 2017-08-01 21:21 - 188895232 _____ C:\Users\Corentin\Downloads\fg3DPrint19Demo64.msi
2017-08-01 12:38 - 2017-08-01 12:38 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Dell
2017-08-01 12:29 - 2017-08-01 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-08-01 12:28 - 2017-08-01 12:28 - 000001824 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-08-01 12:28 - 2017-08-01 12:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-08-01 12:28 - 2017-08-01 12:28 - 000000000 ____D C:\Program Files\iTunes
2017-08-01 12:28 - 2017-08-01 12:28 - 000000000 ____D C:\Program Files\iPod
2017-07-31 13:58 - 2017-07-31 13:58 - 000388608 _____ (Trend Micro Inc.) C:\Users\Corentin\Downloads\HijackThis.exe
2017-07-31 13:14 - 2017-08-20 02:27 - 000253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-31 13:14 - 2017-08-15 15:04 - 000101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-07-31 13:14 - 2017-08-15 15:04 - 000093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-07-31 13:14 - 2017-08-15 15:04 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-07-31 13:14 - 2017-07-31 13:14 - 000188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-07-31 13:14 - 2017-07-31 13:14 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-31 13:14 - 2017-07-31 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-31 13:14 - 2017-06-27 12:06 - 000077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-31 13:13 - 2017-07-31 13:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-07-31 13:13 - 2017-07-31 13:13 - 000000000 ____D C:\Program Files\Malwarebytes
2017-07-31 13:12 - 2017-07-31 13:13 - 065033984 _____ (Malwarebytes ) C:\Users\Corentin\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-28 21:04 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-07-28 21:04 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-07-28 21:04 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-07-28 21:04 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000400464 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-07-25 17:42 - 2017-07-25 17:42 - 000176912 _____ C:\Users\Corentin\Downloads\Untitled Diagram(3).pdf
2017-07-24 18:28 - 2017-07-24 18:28 - 000002781 _____ C:\Users\Corentin\Downloads\Untitled Diagram(3).xml
2017-07-24 18:21 - 2017-07-24 18:21 - 000002605 _____ C:\Users\Corentin\Downloads\Untitled Diagram(2).xml
2017-07-24 18:12 - 2017-07-24 18:12 - 000002137 _____ C:\Users\Corentin\Downloads\Untitled Diagram(1).xml
2017-07-24 17:48 - 2017-07-24 17:48 - 000002737 _____ C:\Users\Corentin\Downloads\Untitled Diagram.xml
2017-07-24 17:33 - 2017-07-24 17:34 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\XMind
2017-07-24 17:33 - 2017-07-24 17:34 - 000000000 ____D C:\Program Files (x86)\XMind
2017-07-24 17:33 - 2017-07-24 17:33 - 000001060 _____ C:\Users\Corentin\Desktop\XMind 8 Update 2.lnk
2017-07-24 17:33 - 2017-07-24 17:33 - 000000000 ____D C:\Users\Corentin\.oracle_jre_usage
2017-07-24 17:33 - 2017-07-24 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2017-07-24 17:29 - 2017-07-24 17:32 - 162293262 _____ (XMind Ltd. ) C:\Users\Corentin\Downloads\xmind-8-update2-windows.exe
2017-07-23 14:54 - 2017-07-23 14:54 - 000003382 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-961603994-2917682709-4187222462-1001

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-08-20 02:44 - 2017-07-19 12:24 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\gSyncit
2017-08-20 02:43 - 2017-05-04 04:35 - 000000000 ____D C:\Users\Corentin\Documents\Fichiers Outlook
2017-08-20 02:33 - 2017-04-26 10:58 - 003764348 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-20 02:33 - 2016-07-30 18:19 - 001627118 _____ C:\Windows\system32\perfh00C.dat
2017-08-20 02:33 - 2016-07-30 18:19 - 000425870 _____ C:\Windows\system32\perfc00C.dat
2017-08-20 02:28 - 2017-06-27 21:10 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Slack
2017-08-20 02:28 - 2017-05-19 02:26 - 000000000 ____D C:\Users\Corentin\AppData\Local\Spotify
2017-08-20 02:28 - 2017-05-19 02:25 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Spotify
2017-08-20 02:28 - 2017-05-03 20:58 - 000000000 ____D C:\Users\Corentin\AppData\LocalLow\Mozilla
2017-08-20 02:27 - 2017-05-03 20:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-20 02:27 - 2017-05-03 20:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-20 02:27 - 2017-05-03 13:40 - 000000000 __SHD C:\Users\Corentin\IntelGraphicsProfiles
2017-08-20 02:27 - 2017-04-26 10:49 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-20 02:26 - 2016-07-16 08:04 - 000524288 _____ C:\Windows\system32\config\BBI
2017-08-20 01:20 - 2017-04-26 10:49 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-08-19 22:18 - 2017-05-24 05:12 - 000004182 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{02EB694A-D2EB-47C7-A6CD-2AE091028C4C}
2017-08-19 19:25 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness
2017-08-19 15:55 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\LiveKernelReports
2017-08-18 19:09 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-18 19:05 - 2017-06-27 21:10 - 000002222 _____ C:\Users\Corentin\Desktop\Slack.lnk
2017-08-18 19:05 - 2017-06-27 21:10 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2017-08-18 19:05 - 2017-06-27 21:10 - 000000000 ____D C:\Users\Corentin\AppData\Local\SquirrelTemp
2017-08-18 19:05 - 2017-06-27 21:10 - 000000000 ____D C:\Users\Corentin\AppData\Local\slack
2017-08-18 19:03 - 2017-04-26 11:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-08-17 21:28 - 2017-05-03 21:06 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-17 21:28 - 2017-05-03 21:06 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-17 14:30 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF
2017-08-17 13:10 - 2017-05-03 13:39 - 000000000 ____D C:\Users\Corentin
2017-08-16 19:10 - 2017-05-03 22:37 - 000000000 ___RD C:\Users\Corentin\Dropbox (Personnelle)
2017-08-16 17:43 - 2017-07-11 04:01 - 000000000 ___HD C:\$WINDOWS.~BT
2017-08-16 13:24 - 2017-04-26 20:20 - 000000000 ____D C:\Windows\Panther
2017-08-15 15:34 - 2016-07-16 08:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2017-08-15 15:33 - 2016-07-16 13:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-08-15 15:07 - 2017-05-03 13:40 - 000000000 ____D C:\Users\Corentin\AppData\Local\VirtualStore
2017-08-15 01:19 - 2017-05-20 19:22 - 000000000 ____D C:\Users\Corentin\Desktop\Travail
2017-08-14 20:03 - 2017-05-03 23:54 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-14 14:44 - 2017-07-16 02:00 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Apple Computer
2017-08-14 13:53 - 2017-07-01 18:45 - 000000000 ____D C:\ProgramData\SupportAssist
2017-08-12 16:45 - 2017-05-03 21:06 - 000004048 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1493838400
2017-08-12 16:45 - 2017-05-03 21:06 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-11 19:36 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\rescache
2017-08-11 00:22 - 2017-05-03 13:40 - 000000000 ____D C:\Users\Corentin\AppData\Local\Packages
2017-08-10 22:27 - 2017-05-03 22:14 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-08-10 18:04 - 2017-05-03 23:54 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-10 17:49 - 2017-04-26 11:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-10 12:13 - 2017-05-03 20:52 - 001015880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-08-10 12:13 - 2017-05-03 20:52 - 000146704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2017-08-10 12:05 - 2017-04-26 10:49 - 000339736 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-10 12:05 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-10 12:05 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-10 12:03 - 2017-04-26 20:21 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\oobe
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\ShellExperiences
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\Provisioning
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\bcastdvr
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-09 20:31 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-08-09 12:36 - 2016-07-16 13:36 - 000000000 ____D C:\Windows\CbsTemp
2017-08-09 12:29 - 2017-05-05 18:59 - 000000000 ____D C:\Windows\system32\MRT
2017-08-09 12:27 - 2017-05-05 18:59 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-08-09 11:56 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\NDF
2017-08-01 15:28 - 2017-07-16 02:00 - 000000000 ____D C:\Users\Corentin\AppData\Local\Apple Computer
2017-08-01 15:27 - 2017-04-26 11:04 - 000016942 _____ C:\Windows\system32\results.xml
2017-08-01 12:38 - 2017-04-26 10:59 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-01 12:36 - 2017-04-26 10:59 - 000000000 ____D C:\Program Files\Intel
2017-08-01 12:29 - 2017-07-16 01:58 - 000000000 ____D C:\Program Files\Common Files\Apple
2017-08-01 10:59 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\Registration
2017-07-31 17:14 - 2016-07-16 13:49 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:14 - 2016-07-16 13:49 - 000177648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-31 13:17 - 2017-05-03 13:38 - 000000000 ____D C:\Users\defaultuser0
2017-07-29 00:18 - 2017-05-03 20:52 - 000004268 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-07-26 18:02 - 2017-06-08 08:52 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2017-07-26 18:01 - 2017-05-03 20:52 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-07-26 18:01 - 2017-05-03 20:52 - 000320008 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-07-26 18:01 - 2017-05-03 20:52 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-07-26 18:01 - 2017-05-03 20:52 - 000146664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.150108492117103
2017-07-26 18:01 - 2017-05-03 20:52 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-07-23 14:54 - 2017-05-03 13:42 - 000002418 _____ C:\Users\Corentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-23 14:54 - 2017-05-03 13:42 - 000000000 ___RD C:\Users\Corentin\OneDrive
2017-07-22 17:10 - 2017-07-16 01:59 - 000000000 ____D C:\ProgramData\myCANAL

Certains fichiers dans TEMP:
====================
2017-08-20 02:17 - 2017-08-20 02:17 - 000040448 ____N () C:\Users\Corentin\AppData\Local\Temp\proxy_vole1979695918367992798.dll
2017-08-18 01:49 - 2017-08-18 01:49 - 000040448 ____N () C:\Users\Corentin\AppData\Local\Temp\proxy_vole3085830543993802530.dll

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-08-15 18:56

==================== Fin de FRST.txt ============================


Edited by nitneo, 19 August 2017 - 10:11 PM.


#5 nitneo

nitneo
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:39 PM

Posted 19 August 2017 - 08:04 PM

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Exécuté par Corentin (20-08-2017 02:56:06)
Exécuté depuis C:\Users\Corentin\Desktop
Windows 10 Pro Version 1607 (X64) (2017-05-03 11:39:11)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-961603994-2917682709-4187222462-500 - Administrator - Disabled)
Corentin (S-1-5-21-961603994-2917682709-4187222462-1001 - Administrator - Enabled) => C:\Users\Corentin
DefaultAccount (S-1-5-21-961603994-2917682709-4187222462-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-961603994-2917682709-4187222462-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invité (S-1-5-21-961603994-2917682709-4187222462-501 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

 Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.1 - Dell Inc.)
 Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.3.0 - Dell Inc.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 17.012.20095 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.41.3 - Asmedia Technology)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDVI Group (Centaur Access Control System - Version 6.0.0.17) (HKLM-x32\...\{EBEA39A2-7F96-4D4B-88A0-273036C5C40F}) (Version: 6.0.0.17 - CDVI Group)
Centaur Database Engine  (HKLM\...\{93088306-F403-4E2A-9E50-FDB6E4B06190}) (Version:  - Microsoft)
Dell Command
Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell)
Dell SupportAssist Remediation (HKLM\...\{8F663BAC-2B6F-4B86-86F4-8067F4B71ACC}) (Version: 3.0.1.2905 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{8aa806c2-2787-490f-ac75-cd8f4d50585f}) (Version: 3.0.1.2905 - Dell Inc.)
Dell SupportAssistAgent (HKLM\...\{E1AA62F7-B32A-4090-814E-83BC7C3DF1FB}) (Version: 2.0.2.21 - Dell)
Dell System Detect (HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\d24084d039586cae) (Version: 8.4.0.5 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{EEA45885-F3E3-4E7D-8435-E9C21D36C141}) (Version: 3.0.0.2840 - Dell Inc.)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 32.4.23 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Enregistrement du produit (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
Enregistrement du produit Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
FaceGen 3D Print Demo (HKLM\...\{71453EDA-9E3E-4A6C-B476-C75DF5B3ADDE}) (Version: 1.9.0.0 - Singular Inversions Inc.)
GDR 6220 pour SQL Server 2008 R2 (KB3045316) (64-bit) (HKLM\...\KB3045316) (Version: 10.53.6220.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{DE706580-82C7-4B1A-ABA4-EA48AC15B045}) (Version: 7.1.8.3036 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
gSyncit (HKLM-x32\...\{7397A501-B4D1-42FA-A237-6ECB487A3A00}) (Version: 4.3.38 - Fieldston Software)
hilo.desktop.lumira-4.0-core-64 (HKLM\...\{3286BADF-F1A9-4443-8056-AE8AF1128357}) (Version: 1.31.7.166 - SAP BusinessObjects) Hidden
iCloud (HKLM\...\{C510BB61-AE0B-4420-87AF-9CF646E86364}) (Version: 6.2.3.17 - Apple Inc.)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel® HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4664 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.2.1030 - Intel Corporation)
Intel® Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Keylogger Detector (HKLM-x32\...\Keylogger Detector) (Version:  - )
Killer Bandwidth Control Filter Driver (HKLM\...\{A35733B2-A7FD-4FA9-BCB7-3DC27DC9D23D}) (Version: 1.1.64.1312 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{45076194-FF5E-4ACF-B499-39CA7A7EDCD8}) (Version: 1.1.64.1312 - Rivet Networks) Hidden
Killer Wireless Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.64.1312 - Rivet Networks)
Killer Wireless-AC Drivers (HKLM\...\{B9888CC1-5613-4DFD-A413-1AC193D7FEB8}) (Version: 1.1.64.1312 - Rivet Networks) Hidden
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{5f5c7829-a6ba-4fc6-9f47-d068f51ed99b}) (Version: 10.1.1.35 - Intel® Corporation) Hidden
Logiciel Thunderbolt™ (HKLM-x32\...\{10877131-EC3F-4F2F-97CD-2B8341D461D7}) (Version: 16.2.55.275 - Intel Corporation)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.8942.2 - Waves Audio Ltd.) Hidden
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A22EED3F-6DB6-4987-8023-6C6B7030E554}) (Version: 12.2.5000.0 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.8326.2073 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Platform SDK (3790.1830) (HKLM\...\{BA96A695-E9CE-4B2A-919A-540B73E7A78E}) (Version: 5.2.3790.1830 - Microsoft Corporation)
Microsoft SQL Server 2000 (CDVI) (HKLM-x32\...\Microsoft SQL Server 2000 (CDVI)) (Version: 8.00.194 - Microsoft)
Microsoft SQL Server 2000 (HKLM-x32\...\Microsoft SQL Server 2000) (Version: 8.00.194 - Microsoft)
Microsoft SQL Server 2000 (INSTANCE) (HKLM-x32\...\Microsoft SQL Server 2000 (INSTANCE)) (Version: 8.00.194 - Microsoft)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E534493E-80D2-4E37-8020-3ECAC55D9DB5}) (Version: 10.53.6000.34 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{2E06399C-2517-484D-B6C9-3B1113AFCD19}) (Version: 10.53.6220.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.53.6000.34 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.53.6000.34 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 55.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 55.0.2 (x86 fr)) (Version: 55.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
myCANAL (HKLM-x32\...\myCANAL) (Version:  - UCAYA)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8326.2073 - Microsoft Corporation) Hidden
product.hilo.icons-4.0-core-nu (HKLM\...\{E4B5BFFB-C77C-45BF-B910-2D3D6E2C971B}) (Version: 1.31.7.166 - SAP BusinessObjects) Hidden
product.shared.hilo.installiverse.reg-4.0-core-nu (HKLM\...\{5467EC22-9E2D-4C94-99DA-287C4445E513}) (Version: 1.31.7.166 - SAP BusinessObjects) Hidden
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SAP Lumira 1.31 (HKLM-x32\...\{25B75D92-098D-4616-9C50-96287EBECA75}) (Version: 1.31.7.166 - SAP SE)
Service Pack 2 for SQL Server 2014 (KB3171021) (64-bit) (HKLM\...\KB3171021) (Version: 12.2.5000.0 - Microsoft Corporation)
Service Pack 3 pour SQL Server 2008 R2 (KB2979597) (64-bit) (HKLM\...\KB2979597) (Version: 10.53.6000.34 - Microsoft Corporation)
Slack (HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\slack) (Version: 2.7.1 - Slack Technologies)
Spotify (HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SysTools Outlook Recovery v4.5 (HKLM-x32\...\{272EA7CD-0C03-4032-8505-96B3E4A2FD63}_is1) (Version:  - SysTools Software Pvt. Ltd.)
TextEdit 3 (HKLM-x32\...\{81C71501-D10F-4DE8-AFD9-E718E82B1D41}_is1) (Version: 3.0.0.4825 - Core Software Solutions)
USBPcap 1.2.0.1 (HKLM\...\USBPcap) (Version: 1.2.0.1 - Tomasz Mon)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wireshark 2.4.0 64-bit (HKLM-x32\...\Wireshark) (Version: 2.4.0 - The Wireshark developer community, hxxps://www.wireshark.org)
XMind 8 Update 2 (v3.7.2) (HKLM-x32\...\XMind_is1) (Version: 3.7.2.201705011955 - XMind Ltd.)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-961603994-2917682709-4187222462-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-26] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-26] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-07-14] (Apple Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [TextEdit] -> {81C71501-D10F-4DE8-AFD9-E718E82B1D41} => C:\Program Files (x86)\TextEdit\ShellExt.dll [2006-06-19] (Core Software Solutions)
ContextMenuHandlers1-x32: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-26] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igfxDTCM.dll [2017-06-03] (Intel Corporation)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-26] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {000D8787-9C11-45F6-8CA2-E805B547B95F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-13] (AVAST Software)
Task: {01AAC196-701D-4D47-936F-D9FB1BE58010} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {08A30C11-2DD8-4BF0-ACD4-E545E0485581} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {1538C0BE-B904-4F96-ADE7-F388D67C3646} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {19126646-FB77-46A0-8EE0-6F1545F13CA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-03] (Google Inc.)
Task: {1EADF188-7E5A-4449-931B-61204931ED80} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-03] (Dropbox, Inc.)
Task: {217606CC-9F98-45B7-ADCD-FC885C5EA76B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {287DF05D-2149-456F-9019-0C54AE162775} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {2F09C498-BCA3-42B8-BE44-0CA67D220C86} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {30BBF4B3-FFA5-47BC-8693-3C2D666CA099} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {3FD7C34A-A074-43E2-8349-95E557E4D300} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-08-04] (Dell Inc.)
Task: {493BE018-45A0-4B54-A889-A500E52BC9CC} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {5A8D4FF2-1834-40E9-AC1F-F1736C09A9FB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-10] (Microsoft Corporation)
Task: {66F55B77-D82D-4CC8-868A-0C6C11E1E194} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {69498289-019D-4620-81F3-C1A6F0745C6F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {7242D42B-B50E-49D6-96FD-AAC439E9676D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-10] (Microsoft Corporation)
Task: {7411F29B-3CF4-4D0F-8F70-715AF2EFE5A6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-15] ()
Task: {7466D3E2-67E2-4A1D-AC04-D41356DD8A4A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-10] (Adobe Systems Incorporated)
Task: {816FC249-C9F1-44CC-8D0D-298734B99C49} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe
Task: {8324931D-E5F4-4018-ABBD-DA6D3216FD27} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-11-23] (Realtek Semiconductor)
Task: {8328F279-40D9-4BF0-B7E1-B4434F814A98} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {86C522A9-20C8-4BEF-8BF2-967171DE4753} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-03] (Dropbox, Inc.)
Task: {90CD49C6-2894-4D0A-87D0-5F3C2DF4697E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-07-26] (AVAST Software)
Task: {AD829B1F-6873-402C-BA9E-8B82A4F4D919} - System32\Tasks\SafeZone scheduled Autoupdate 1493838400 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {B8957036-CA5C-4225-9D8E-478E3B4A1C5F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe
Task: {BAEE21DD-8D01-4514-8168-82461D6EF4CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-03] (Google Inc.)
Task: {BB1F5B3D-B094-4345-8AC0-60B655CA1283} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {C181E3BB-0EFA-4114-8CBA-2AE47D14FF70} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {C2C19DCB-A84B-42EC-877B-A2D85A5C862B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {C5587157-13B7-4B7C-9D47-9FFFBF18BEE2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {C8660602-22B3-415E-A4B5-658D931EA309} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-08-15] (Microsoft Corporation)
Task: {D1E49B80-A450-4E82-8B1C-C810DBEC871D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-08-04] (Dell Inc.)
Task: {D5E2AB8F-E2B6-499F-A969-555AAD4234C0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {F31A836B-C769-417F-9EC8-124B33247E62} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-15] ()
Task: {F53F2CAF-8FE5-4040-AE9A-648A326F4958} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel® Corporation)
Task: {F64E2B70-A399-473B-8673-80C90F8FE3B7} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] ()
Task: {FCBD3C3A-E4A7-401F-9CB8-F7DEC3424133} - System32\Tasks\{F90A3255-149F-4564-AEF7-4FCF11DC4B35} => C:\Windows\system32\pcalua.exe -a C:\Users\Corentin\Downloads\PSDK-x86.exe -d C:\Users\Corentin\Downloads

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer:
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer:

==================== Modules chargés (Avec liste blanche) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-07-12 17:21 - 2017-06-21 09:48 - 002681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-10 16:12 - 2017-05-10 16:12 - 000294912 _____ () C:\ProgramData\myCANAL\nssm.exe
2017-05-29 10:21 - 2017-05-29 10:21 - 005059864 _____ () C:\ProgramData\myCANAL\myCANAL.Service.exe
2017-04-26 20:43 - 2017-04-26 20:43 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-05-03 21:33 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-05-03 21:34 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-05-03 21:34 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-03 21:34 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-09 12:24 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-09 12:24 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-09 12:24 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-07-18 11:49 - 2017-07-18 11:50 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-18 11:49 - 2017-07-18 11:50 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-18 11:49 - 2017-07-18 11:50 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-18 11:49 - 2017-07-18 11:50 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-14 10:27 - 2017-07-14 10:27 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-07-14 10:26 - 2017-07-14 10:26 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 002140160 _____ () C:\Users\Corentin\AppData\Local\slack\app-2.7.1\ffmpeg.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 000211968 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\nslog\build\Release\nslog.node
2017-08-18 19:05 - 2017-08-18 19:05 - 000109568 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2017-08-18 19:05 - 2017-08-18 19:05 - 002551808 _____ () C:\Users\Corentin\AppData\Local\slack\app-2.7.1\libglesv2.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 000093184 _____ () C:\Users\Corentin\AppData\Local\slack\app-2.7.1\libegl.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 000089088 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@paulcbetts\system-idle-time\build\Release\system_idle_time.node
2017-08-18 19:05 - 2017-08-18 19:05 - 000418304 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\slack-calls.node
2017-08-18 19:05 - 2017-08-18 19:05 - 007560704 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\CallsCore.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 001484288 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\boringssl.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 000223744 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\protobuf_lite.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 000482816 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2017-08-18 19:05 - 2017-08-18 19:05 - 000157184 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2017-08-15 15:49 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-08-15 15:49 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-08-15 15:49 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-08-15 15:49 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-07-11 16:51 - 2017-07-11 16:51 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-05-19 02:26 - 2017-08-07 11:12 - 067117168 _____ () C:\Users\Corentin\AppData\Roaming\Spotify\libcef.dll
2017-05-19 02:26 - 2017-08-07 11:12 - 002253424 _____ () C:\Users\Corentin\AppData\Roaming\Spotify\libglesv2.dll
2017-05-19 02:26 - 2017-08-07 11:12 - 000086640 _____ () C:\Users\Corentin\AppData\Roaming\Spotify\libegl.dll
2017-04-26 11:04 - 2017-08-16 13:19 - 000164552 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll
2017-07-13 20:51 - 2017-07-13 20:51 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-05-09 00:45 - 2017-05-09 00:45 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-08-10 22:26 - 2017-08-10 19:03 - 000753472 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-08-10 22:26 - 2017-08-10 19:03 - 001787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-05-03 22:16 - 2017-08-10 19:03 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-05-03 22:16 - 2017-08-10 19:06 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 001862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000020432 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-05-03 22:16 - 2017-08-10 19:03 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-05-03 22:16 - 2017-08-10 19:06 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-18 17:16 - 2017-08-10 19:07 - 000082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-08-10 22:26 - 2017-08-10 19:06 - 003928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 001826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 001972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-08-10 22:26 - 2017-08-10 19:06 - 000224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-08-10 22:26 - 2017-08-10 19:06 - 000103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-08-10 22:26 - 2017-08-10 19:05 - 000033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-08-10 22:26 - 2017-08-10 19:05 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-05-03 22:16 - 2017-08-10 19:07 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-08-10 22:26 - 2017-08-10 19:05 - 001637688 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-03 22:16 - 2017-08-10 19:07 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-05-01 15:27 - 2017-05-01 15:27 - 000133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2016-12-19 09:38 - 2016-12-19 09:38 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-04-26 11:04 - 2017-08-16 13:19 - 001009864 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\event.bak:com.dropbox.attributes [168]
AlternateDataStreams: C:\main.bak:com.dropbox.attributes [168]

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)


==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2016-07-16 13:47 - 2017-07-11 16:52 - 000000832 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-961603994-2917682709-4187222462-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\Dino_Screenfill_3200x1800.tif
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==


==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{8E360648-D695-4132-8436-55CB949F6400}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{12D3B91F-EAE1-4B5D-A812-A512D5F987D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2DEA3B69-DFBC-4699-8A78-DF9F447C52E4}C:\users\corentin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\corentin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{16D436C1-7DE4-491E-9405-6D0F93EB6792}C:\users\corentin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\corentin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{36FF709B-D086-4FC0-9E43-07BCBB89ACBA}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [UDP Query User{C641CF95-1DC6-43D1-A1BC-08D23A62B9C5}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [{0D421CCA-B2AB-48CA-9CFD-EBD017BAC384}] => (Allow) %ProgramFiles% (x86)\CDVI Group\Centaur\Centaur Server\spxsvr.exe
FirewallRules: [{B110EE01-5C5B-4A84-B548-88970532D8E8}] => (Allow) LPort=135
FirewallRules: [{EC30AD15-CE95-4840-8CD0-04126D3FCD8A}] => (Allow) %ProgramFiles% (x86)\CDVI Group\Centaur\Centaur Server\spxsvr.exe
FirewallRules: [{CDBC126E-6FA0-4E4B-BFF7-1F20547932E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7CAEFC64-BCB2-4A00-8CD4-55A6062176EE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3F521A4-AFF5-4233-A2CF-6A776778DC18}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B7F3426C-504F-41D1-B33A-BD9DF69E930C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{25B54242-E918-478F-81A0-D57D3D02A899}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{A94CAD75-EE53-41AE-A283-63BC7A2661F8}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [{322BFEA0-8C62-4BBF-ABB1-09F72F5CACAE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe
FirewallRules: [{11161BFF-9DA2-444D-8479-0A576920596C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{6262D4E6-7DD9-42F5-8A86-A385FE2D7519}C:\users\corentin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\corentin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{ECD8BBA6-1FF3-41CB-8A6D-37B45B71F20C}C:\users\corentin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\corentin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{91F22912-D0A2-4885-B019-0199B0891682}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{28C3FD49-0CD4-485E-99B2-191649455871}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{3AA34C18-28AD-47B2-A95B-1472A360FC03}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A8BA00F6-D8B3-47BD-9995-C1DAE60C3C6D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DEEBE4C5-FACB-4A98-8D96-8C90AAFCC15A}C:\program files\sap lumira\desktop\saplumira.exe] => (Allow) C:\program files\sap lumira\desktop\saplumira.exe
FirewallRules: [UDP Query User{D9BD9769-0BF2-4887-97BA-25D95E10D44E}C:\program files\sap lumira\desktop\saplumira.exe] => (Allow) C:\program files\sap lumira\desktop\saplumira.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Points de restauration =========================


==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (08/19/2017 03:45:00 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[Le caractère '/', valeur hexadécimale 0x2F, ne peut pas être inclus dans un nom.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   à System.Xml.XmlDocument.CheckName(String name)
   à System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
   à System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
   à System.Xml.XmlDocument.CreateElement(String name)
   à eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="HKPK2H2" SMBIOSMajVer="3" SMBIOSMinVer="0" SMBIOSBIOSVer="1.3.2" SMBIOSPresent="True" Rel_Date="20170118000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="XPS 13 9360" Ident_Num="DESKTOP-VJT2FBS" TimeZone="(UTC+01:00) Bruxelles, Copenhague, Madrid, Paris" OSName="Microsoft Windows 10 Professionnel"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.1.12</HostIP></Exception>

Error: (08/19/2017 03:45:00 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[Le caractère '/', valeur hexadécimale 0x2F, ne peut pas être inclus dans un nom.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   à System.Xml.XmlDocument.CheckName(String name)
   à System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
   à System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
   à System.Xml.XmlDocument.CreateElement(String name)
   à eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="HKPK2H2" SMBIOSMajVer="3" SMBIOSMinVer="0" SMBIOSBIOSVer="1.3.2" SMBIOSPresent="True" Rel_Date="20170118000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="XPS 13 9360" Ident_Num="DESKTOP-VJT2FBS" TimeZone="(UTC+01:00) Bruxelles, Copenhague, Madrid, Paris" OSName="Microsoft Windows 10 Professionnel"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.1.12</HostIP></Exception>

Error: (08/19/2017 03:44:56 PM) (Source: MsiInstaller) (EventID: 1013) (User: DESKTOP-VJT2FBS)
Description: Product: Logiciel Thunderbolt™ -- Newer version already installed

Error: (08/19/2017 03:36:05 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Windows\System32\sdnclean64.exe ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\System32\sdnclean64.exe » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/19/2017 03:36:05 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/19/2017 03:36:05 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/19/2017 03:36:04 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\Tools.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\Tools.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/19/2017 03:36:04 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/19/2017 03:36:04 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/19/2017 03:36:04 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.


Erreurs système:
=============
Error: (08/20/2017 02:27:41 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (08/20/2017 02:27:34 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Le service MSSEARCH dépend du service suivant : NTLMSSP. Ce dernier n’est peut-être pas installé.

Error: (08/20/2017 02:27:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service InstallerService n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (08/20/2017 02:27:30 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: AUTORITE NT)
Description: Échec du chargement de la DLL de notification du mot de passe "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" avec l’erreur 126. Vérifiez que le chemin d’accès de la DLL de notification défini dans le Registre, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, fait référence à un chemin d’accès correct et absolu (<lecteur>:\<chemin_d’accès>\<nom_fichier>.<ext>) et non à un chemin d’accès relatif ou non valide. Si le chemin d’accès de la DLL est correct, vérifiez que tous les fichiers de prise en charge se trouvent dans le même répertoire et que le compte système dispose d’un accès en lecture au chemin d’accès de la DLL et aux fichiers de prise en charge. Contactez le fournisseur de la DLL de notification pour une assistance supplémentaire. D’autres détails sont disponibles sur le Web à l’adresse http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (08/20/2017 02:26:41 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (08/20/2017 02:19:08 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (08/19/2017 11:57:59 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (08/19/2017 03:50:46 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (08/19/2017 03:24:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VJT2FBS)
Description: Le serveur {260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (08/19/2017 03:22:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VJT2FBS)
Description: Le serveur {260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.


CodeIntegrity:
===================================
  Date: 2017-08-20 02:27:25.651
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\USBPcap.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-08-18 19:02:54.456
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\USBPcap.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-08-16 13:00:22.891
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\USBPcap.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-08-16 13:00:22.849
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\USBPcap.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Infos Mémoire ===========================

Processeur: Intel® Core™ i7-7560U CPU @ 2.40GHz
Pourcentage de mémoire utilisée: 38%
Mémoire physique - RAM - totale: 16269.05 MB
Mémoire physique - RAM - disponible: 9976.49 MB
Mémoire virtuelle totale: 18701.05 MB
Mémoire virtuelle disponible: 11388.72 MB

==================== Lecteurs ================================

Drive c: (OS) (Fixed) (Total:464.59 GB) (Free:13.82 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: A49A639B)

Partition: GPT.

==================== Fin de Addition.txt ============================



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:39 AM

Posted 19 August 2017 - 10:03 PM

Thank you but I need you to run a scan again after renaming FRST64.exe to FRST64english.exe. Post both reports please.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#7 nitneo

nitneo
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:39 PM

Posted 19 August 2017 - 10:07 PM

Sorry ! Here you go !

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Corentin (20-08-2017 05:04:54)
Running from C:\Users\Corentin\Desktop
Windows 10 Pro Version 1607 (X64) (2017-05-03 11:39:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-961603994-2917682709-4187222462-500 - Administrator - Disabled)
Corentin (S-1-5-21-961603994-2917682709-4187222462-1001 - Administrator - Enabled) => C:\Users\Corentin
DefaultAccount (S-1-5-21-961603994-2917682709-4187222462-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-961603994-2917682709-4187222462-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invité (S-1-5-21-961603994-2917682709-4187222462-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.1 - Dell Inc.)
 Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.3.0 - Dell Inc.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 17.012.20095 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.41.3 - Asmedia Technology)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDVI Group (Centaur Access Control System - Version 6.0.0.17) (HKLM-x32\...\{EBEA39A2-7F96-4D4B-88A0-273036C5C40F}) (Version: 6.0.0.17 - CDVI Group)
Centaur Database Engine  (HKLM\...\{93088306-F403-4E2A-9E50-FDB6E4B06190}) (Version:  - Microsoft)
Dell Command
Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell)
Dell SupportAssist Remediation (HKLM\...\{8F663BAC-2B6F-4B86-86F4-8067F4B71ACC}) (Version: 3.0.1.2905 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{8aa806c2-2787-490f-ac75-cd8f4d50585f}) (Version: 3.0.1.2905 - Dell Inc.)
Dell SupportAssistAgent (HKLM\...\{E1AA62F7-B32A-4090-814E-83BC7C3DF1FB}) (Version: 2.0.2.21 - Dell)
Dell System Detect (HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\d24084d039586cae) (Version: 8.4.0.5 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{EEA45885-F3E3-4E7D-8435-E9C21D36C141}) (Version: 3.0.0.2840 - Dell Inc.)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 32.4.23 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Enregistrement du produit (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
Enregistrement du produit Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
FaceGen 3D Print Demo (HKLM\...\{71453EDA-9E3E-4A6C-B476-C75DF5B3ADDE}) (Version: 1.9.0.0 - Singular Inversions Inc.)
GDR 6220 pour SQL Server 2008 R2 (KB3045316) (64-bit) (HKLM\...\KB3045316) (Version: 10.53.6220.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{DE706580-82C7-4B1A-ABA4-EA48AC15B045}) (Version: 7.1.8.3036 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
gSyncit (HKLM-x32\...\{7397A501-B4D1-42FA-A237-6ECB487A3A00}) (Version: 4.3.38 - Fieldston Software)
hilo.desktop.lumira-4.0-core-64 (HKLM\...\{3286BADF-F1A9-4443-8056-AE8AF1128357}) (Version: 1.31.7.166 - SAP BusinessObjects) Hidden
iCloud (HKLM\...\{C510BB61-AE0B-4420-87AF-9CF646E86364}) (Version: 6.2.3.17 - Apple Inc.)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel® HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4664 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.2.1030 - Intel Corporation)
Intel® Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Keylogger Detector (HKLM-x32\...\Keylogger Detector) (Version:  - )
Killer Bandwidth Control Filter Driver (HKLM\...\{A35733B2-A7FD-4FA9-BCB7-3DC27DC9D23D}) (Version: 1.1.64.1312 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{45076194-FF5E-4ACF-B499-39CA7A7EDCD8}) (Version: 1.1.64.1312 - Rivet Networks) Hidden
Killer Wireless Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.64.1312 - Rivet Networks)
Killer Wireless-AC Drivers (HKLM\...\{B9888CC1-5613-4DFD-A413-1AC193D7FEB8}) (Version: 1.1.64.1312 - Rivet Networks) Hidden
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{5f5c7829-a6ba-4fc6-9f47-d068f51ed99b}) (Version: 10.1.1.35 - Intel® Corporation) Hidden
Logiciel Thunderbolt™ (HKLM-x32\...\{10877131-EC3F-4F2F-97CD-2B8341D461D7}) (Version: 16.2.55.275 - Intel Corporation)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.8942.2 - Waves Audio Ltd.) Hidden
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A22EED3F-6DB6-4987-8023-6C6B7030E554}) (Version: 12.2.5000.0 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.8326.2073 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Platform SDK (3790.1830) (HKLM\...\{BA96A695-E9CE-4B2A-919A-540B73E7A78E}) (Version: 5.2.3790.1830 - Microsoft Corporation)
Microsoft SQL Server 2000 (CDVI) (HKLM-x32\...\Microsoft SQL Server 2000 (CDVI)) (Version: 8.00.194 - Microsoft)
Microsoft SQL Server 2000 (HKLM-x32\...\Microsoft SQL Server 2000) (Version: 8.00.194 - Microsoft)
Microsoft SQL Server 2000 (INSTANCE) (HKLM-x32\...\Microsoft SQL Server 2000 (INSTANCE)) (Version: 8.00.194 - Microsoft)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E534493E-80D2-4E37-8020-3ECAC55D9DB5}) (Version: 10.53.6000.34 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{2E06399C-2517-484D-B6C9-3B1113AFCD19}) (Version: 10.53.6220.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.53.6000.34 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.53.6000.34 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 55.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 55.0.2 (x86 fr)) (Version: 55.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
myCANAL (HKLM-x32\...\myCANAL) (Version:  - UCAYA)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8326.2073 - Microsoft Corporation) Hidden
product.hilo.icons-4.0-core-nu (HKLM\...\{E4B5BFFB-C77C-45BF-B910-2D3D6E2C971B}) (Version: 1.31.7.166 - SAP BusinessObjects) Hidden
product.shared.hilo.installiverse.reg-4.0-core-nu (HKLM\...\{5467EC22-9E2D-4C94-99DA-287C4445E513}) (Version: 1.31.7.166 - SAP BusinessObjects) Hidden
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SAP Lumira 1.31 (HKLM-x32\...\{25B75D92-098D-4616-9C50-96287EBECA75}) (Version: 1.31.7.166 - SAP SE)
Service Pack 2 for SQL Server 2014 (KB3171021) (64-bit) (HKLM\...\KB3171021) (Version: 12.2.5000.0 - Microsoft Corporation)
Service Pack 3 pour SQL Server 2008 R2 (KB2979597) (64-bit) (HKLM\...\KB2979597) (Version: 10.53.6000.34 - Microsoft Corporation)
Slack (HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\slack) (Version: 2.7.1 - Slack Technologies)
Spotify (HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.53.6000.34 - Microsoft Corporation) Hidden
SysTools Outlook Recovery v4.5 (HKLM-x32\...\{272EA7CD-0C03-4032-8505-96B3E4A2FD63}_is1) (Version:  - SysTools Software Pvt. Ltd.)
TextEdit 3 (HKLM-x32\...\{81C71501-D10F-4DE8-AFD9-E718E82B1D41}_is1) (Version: 3.0.0.4825 - Core Software Solutions)
USBPcap 1.2.0.1 (HKLM\...\USBPcap) (Version: 1.2.0.1 - Tomasz Mon)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wireshark 2.4.0 64-bit (HKLM-x32\...\Wireshark) (Version: 2.4.0 - The Wireshark developer community, hxxps://www.wireshark.org)
XMind 8 Update 2 (v3.7.2) (HKLM-x32\...\XMind_is1) (Version: 3.7.2.201705011955 - XMind Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-961603994-2917682709-4187222462-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-26] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-26] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-07-14] (Apple Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [TextEdit] -> {81C71501-D10F-4DE8-AFD9-E718E82B1D41} => C:\Program Files (x86)\TextEdit\ShellExt.dll [2006-06-19] (Core Software Solutions)
ContextMenuHandlers1-x32: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-26] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igfxDTCM.dll [2017-06-03] (Intel Corporation)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-26] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {000D8787-9C11-45F6-8CA2-E805B547B95F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-13] (AVAST Software)
Task: {01AAC196-701D-4D47-936F-D9FB1BE58010} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {08A30C11-2DD8-4BF0-ACD4-E545E0485581} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {1538C0BE-B904-4F96-ADE7-F388D67C3646} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {19126646-FB77-46A0-8EE0-6F1545F13CA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-03] (Google Inc.)
Task: {1EADF188-7E5A-4449-931B-61204931ED80} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-03] (Dropbox, Inc.)
Task: {217606CC-9F98-45B7-ADCD-FC885C5EA76B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {287DF05D-2149-456F-9019-0C54AE162775} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {2F09C498-BCA3-42B8-BE44-0CA67D220C86} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {30BBF4B3-FFA5-47BC-8693-3C2D666CA099} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {3FD7C34A-A074-43E2-8349-95E557E4D300} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-08-04] (Dell Inc.)
Task: {493BE018-45A0-4B54-A889-A500E52BC9CC} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {5A8D4FF2-1834-40E9-AC1F-F1736C09A9FB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-10] (Microsoft Corporation)
Task: {66F55B77-D82D-4CC8-868A-0C6C11E1E194} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {69498289-019D-4620-81F3-C1A6F0745C6F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {7242D42B-B50E-49D6-96FD-AAC439E9676D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-10] (Microsoft Corporation)
Task: {7411F29B-3CF4-4D0F-8F70-715AF2EFE5A6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-15] ()
Task: {7466D3E2-67E2-4A1D-AC04-D41356DD8A4A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-10] (Adobe Systems Incorporated)
Task: {816FC249-C9F1-44CC-8D0D-298734B99C49} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe
Task: {8324931D-E5F4-4018-ABBD-DA6D3216FD27} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-11-23] (Realtek Semiconductor)
Task: {8328F279-40D9-4BF0-B7E1-B4434F814A98} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {86C522A9-20C8-4BEF-8BF2-967171DE4753} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-03] (Dropbox, Inc.)
Task: {90CD49C6-2894-4D0A-87D0-5F3C2DF4697E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-07-26] (AVAST Software)
Task: {AD829B1F-6873-402C-BA9E-8B82A4F4D919} - System32\Tasks\SafeZone scheduled Autoupdate 1493838400 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {B8957036-CA5C-4225-9D8E-478E3B4A1C5F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe
Task: {BAEE21DD-8D01-4514-8168-82461D6EF4CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-03] (Google Inc.)
Task: {BB1F5B3D-B094-4345-8AC0-60B655CA1283} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {C181E3BB-0EFA-4114-8CBA-2AE47D14FF70} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {C2C19DCB-A84B-42EC-877B-A2D85A5C862B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {C5587157-13B7-4B7C-9D47-9FFFBF18BEE2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {C8660602-22B3-415E-A4B5-658D931EA309} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-08-15] (Microsoft Corporation)
Task: {D1E49B80-A450-4E82-8B1C-C810DBEC871D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-08-04] (Dell Inc.)
Task: {D5E2AB8F-E2B6-499F-A969-555AAD4234C0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {F31A836B-C769-417F-9EC8-124B33247E62} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-15] ()
Task: {F53F2CAF-8FE5-4040-AE9A-648A326F4958} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel® Corporation)
Task: {F64E2B70-A399-473B-8673-80C90F8FE3B7} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] ()
Task: {FCBD3C3A-E4A7-401F-9CB8-F7DEC3424133} - System32\Tasks\{F90A3255-149F-4564-AEF7-4FCF11DC4B35} => C:\Windows\system32\pcalua.exe -a C:\Users\Corentin\Downloads\PSDK-x86.exe -d C:\Users\Corentin\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer:
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer:

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-07-12 17:21 - 2017-06-21 09:48 - 002681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-10 16:12 - 2017-05-10 16:12 - 000294912 _____ () C:\ProgramData\myCANAL\nssm.exe
2017-05-29 10:21 - 2017-05-29 10:21 - 005059864 _____ () C:\ProgramData\myCANAL\myCANAL.Service.exe
2017-04-26 20:43 - 2017-04-26 20:43 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-05-03 21:33 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-07-18 11:49 - 2017-07-18 11:50 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-18 11:49 - 2017-07-18 11:50 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-18 11:49 - 2017-07-18 11:50 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-18 11:49 - 2017-07-18 11:50 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-14 10:27 - 2017-07-14 10:27 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-07-14 10:26 - 2017-07-14 10:26 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 002140160 _____ () C:\Users\Corentin\AppData\Local\slack\app-2.7.1\ffmpeg.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 000211968 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\nslog\build\Release\nslog.node
2017-08-18 19:05 - 2017-08-18 19:05 - 000109568 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2017-08-18 19:05 - 2017-08-18 19:05 - 002551808 _____ () C:\Users\Corentin\AppData\Local\slack\app-2.7.1\libglesv2.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 000093184 _____ () C:\Users\Corentin\AppData\Local\slack\app-2.7.1\libegl.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 000089088 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@paulcbetts\system-idle-time\build\Release\system_idle_time.node
2017-08-18 19:05 - 2017-08-18 19:05 - 000418304 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\slack-calls.node
2017-08-18 19:05 - 2017-08-18 19:05 - 007560704 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\CallsCore.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 001484288 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\boringssl.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 000223744 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\protobuf_lite.dll
2017-08-18 19:05 - 2017-08-18 19:05 - 000482816 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2017-08-18 19:05 - 2017-08-18 19:05 - 000157184 _____ () \\?\C:\Users\Corentin\AppData\Local\slack\app-2.7.1\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2017-07-13 20:31 - 2017-06-27 11:15 - 066355808 _____ () C:\Program Files\Intel Security\True Key\Application\libcef.dll
2017-05-03 21:34 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-05-03 21:34 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-03 21:34 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-09 12:24 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-09 12:24 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-09 12:24 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-08-15 15:49 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-08-15 15:49 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-08-15 15:49 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-08-15 15:49 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-07-11 16:51 - 2017-07-11 16:51 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-05-19 02:26 - 2017-08-07 11:12 - 067117168 _____ () C:\Users\Corentin\AppData\Roaming\Spotify\libcef.dll
2017-05-19 02:26 - 2017-08-07 11:12 - 002253424 _____ () C:\Users\Corentin\AppData\Roaming\Spotify\libglesv2.dll
2017-05-19 02:26 - 2017-08-07 11:12 - 000086640 _____ () C:\Users\Corentin\AppData\Roaming\Spotify\libegl.dll
2017-04-26 11:04 - 2017-08-16 13:19 - 000164552 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll
2017-07-13 20:51 - 2017-07-13 20:51 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-05-09 00:45 - 2017-05-09 00:45 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-08-10 22:26 - 2017-08-10 19:03 - 000753472 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-08-10 22:26 - 2017-08-10 19:03 - 001787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-05-03 22:16 - 2017-08-10 19:03 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-05-03 22:16 - 2017-08-10 19:06 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 001862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000020432 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-05-03 22:16 - 2017-08-10 19:03 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-05-03 22:16 - 2017-08-10 19:06 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-18 17:16 - 2017-08-10 19:07 - 000082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-08-10 22:26 - 2017-08-10 19:06 - 003928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 001826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 001972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-08-10 22:26 - 2017-08-10 19:06 - 000224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-08-10 22:26 - 2017-08-10 19:06 - 000103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-08-10 22:26 - 2017-08-10 19:05 - 000033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-08-10 22:26 - 2017-08-10 19:03 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-08-10 22:26 - 2017-08-10 19:05 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-05-03 22:16 - 2017-08-10 19:07 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-08-10 22:26 - 2017-08-10 19:05 - 001637688 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-03 22:16 - 2017-08-10 19:07 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-05-03 22:16 - 2017-08-10 19:07 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-08-10 22:26 - 2017-08-10 19:05 - 000357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-05-03 22:16 - 2017-08-10 19:03 - 000697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-05-01 15:27 - 2017-05-01 15:27 - 000133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2016-12-19 09:38 - 2016-12-19 09:38 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-04-26 11:04 - 2017-08-16 13:19 - 001009864 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\event.bak:com.dropbox.attributes [168]
AlternateDataStreams: C:\main.bak:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2017-07-11 16:52 - 000000832 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-961603994-2917682709-4187222462-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\Dino_Screenfill_3200x1800.tif
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8E360648-D695-4132-8436-55CB949F6400}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{12D3B91F-EAE1-4B5D-A812-A512D5F987D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2DEA3B69-DFBC-4699-8A78-DF9F447C52E4}C:\users\corentin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\corentin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{16D436C1-7DE4-491E-9405-6D0F93EB6792}C:\users\corentin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\corentin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{36FF709B-D086-4FC0-9E43-07BCBB89ACBA}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [UDP Query User{C641CF95-1DC6-43D1-A1BC-08D23A62B9C5}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [{0D421CCA-B2AB-48CA-9CFD-EBD017BAC384}] => (Allow) %ProgramFiles% (x86)\CDVI Group\Centaur\Centaur Server\spxsvr.exe
FirewallRules: [{B110EE01-5C5B-4A84-B548-88970532D8E8}] => (Allow) LPort=135
FirewallRules: [{EC30AD15-CE95-4840-8CD0-04126D3FCD8A}] => (Allow) %ProgramFiles% (x86)\CDVI Group\Centaur\Centaur Server\spxsvr.exe
FirewallRules: [{CDBC126E-6FA0-4E4B-BFF7-1F20547932E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7CAEFC64-BCB2-4A00-8CD4-55A6062176EE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3F521A4-AFF5-4233-A2CF-6A776778DC18}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B7F3426C-504F-41D1-B33A-BD9DF69E930C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{25B54242-E918-478F-81A0-D57D3D02A899}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{A94CAD75-EE53-41AE-A283-63BC7A2661F8}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [{322BFEA0-8C62-4BBF-ABB1-09F72F5CACAE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe
FirewallRules: [{11161BFF-9DA2-444D-8479-0A576920596C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{6262D4E6-7DD9-42F5-8A86-A385FE2D7519}C:\users\corentin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\corentin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{ECD8BBA6-1FF3-41CB-8A6D-37B45B71F20C}C:\users\corentin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\corentin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{91F22912-D0A2-4885-B019-0199B0891682}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{28C3FD49-0CD4-485E-99B2-191649455871}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{3AA34C18-28AD-47B2-A95B-1472A360FC03}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A8BA00F6-D8B3-47BD-9995-C1DAE60C3C6D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DEEBE4C5-FACB-4A98-8D96-8C90AAFCC15A}C:\program files\sap lumira\desktop\saplumira.exe] => (Allow) C:\program files\sap lumira\desktop\saplumira.exe
FirewallRules: [UDP Query User{D9BD9769-0BF2-4887-97BA-25D95E10D44E}C:\program files\sap lumira\desktop\saplumira.exe] => (Allow) C:\program files\sap lumira\desktop\saplumira.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/20/2017 04:53:47 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Windows\System32\sdnclean64.exe ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\System32\sdnclean64.exe » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/20/2017 04:53:47 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/20/2017 04:53:47 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/20/2017 04:53:46 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\Tools.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\Tools.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/20/2017 04:53:46 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/20/2017 04:53:46 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/20/2017 04:53:46 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/20/2017 04:53:46 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunizeLibrary.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunizeLibrary.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/20/2017 04:53:46 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/20/2017 04:53:46 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanHelper.exe ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanHelper.exe » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.


System errors:
=============
Error: (08/20/2017 02:27:41 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (08/20/2017 02:27:34 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Le service MSSEARCH dépend du service suivant : NTLMSSP. Ce dernier n’est peut-être pas installé.

Error: (08/20/2017 02:27:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service InstallerService n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (08/20/2017 02:27:30 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: AUTORITE NT)
Description: Échec du chargement de la DLL de notification du mot de passe "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" avec l’erreur 126. Vérifiez que le chemin d’accès de la DLL de notification défini dans le Registre, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, fait référence à un chemin d’accès correct et absolu (<lecteur>:\<chemin_d’accès>\<nom_fichier>.<ext>) et non à un chemin d’accès relatif ou non valide. Si le chemin d’accès de la DLL est correct, vérifiez que tous les fichiers de prise en charge se trouvent dans le même répertoire et que le compte système dispose d’un accès en lecture au chemin d’accès de la DLL et aux fichiers de prise en charge. Contactez le fournisseur de la DLL de notification pour une assistance supplémentaire. D’autres détails sont disponibles sur le Web à l’adresse http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (08/20/2017 02:26:41 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (08/20/2017 02:19:08 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (08/19/2017 11:57:59 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (08/19/2017 03:50:46 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (08/19/2017 03:24:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VJT2FBS)
Description: Le serveur {260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (08/19/2017 03:22:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VJT2FBS)
Description: Le serveur {260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.


CodeIntegrity:
===================================
  Date: 2017-08-20 02:27:25.651
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\USBPcap.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-08-18 19:02:54.456
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\USBPcap.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-08-16 13:00:22.891
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\USBPcap.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-08-16 13:00:22.849
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\USBPcap.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-7560U CPU @ 2.40GHz
Percentage of memory in use: 42%
Total physical RAM: 16269.05 MB
Available physical RAM: 9409.8 MB
Total Virtual: 18701.05 MB
Available Virtual: 10395.62 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:464.59 GB) (Free:31.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: A49A639B)

Partition: GPT.

==================== End of Addition.txt ============================



#8 nitneo

nitneo
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:39 PM

Posted 19 August 2017 - 10:10 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Corentin (administrator) on DESKTOP-VJT2FBS (20-08-2017 05:04:22)
Running from C:\Users\Corentin\Desktop
Loaded Profiles: Corentin (Available Profiles: defaultuser0 & Corentin)
Platform: Windows 10 Pro Version 1607 (X64) Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\IntelCpHDCPSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
() C:\ProgramData\myCANAL\nssm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.CDVI_CENTAUR\MSSQL\Binn\sqlservr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\ProgramData\myCANAL\myCANAL.Service.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\IntelCpHeciSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igfxEM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Slack Technologies) C:\Users\Corentin\AppData\Local\slack\app-2.7.1\slack.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Slack Technologies) C:\Users\Corentin\AppData\Local\slack\app-2.7.1\slack.exe
(Fieldston Software) C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
(Slack Technologies) C:\Users\Corentin\AppData\Local\slack\app-2.7.1\slack.exe
(Slack Technologies) C:\Users\Corentin\AppData\Local\slack\app-2.7.1\slack.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Spotify Ltd) C:\Users\Corentin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Slack Technologies) C:\Users\Corentin\AppData\Local\slack\app-2.7.1\slack.exe
(Dell) C:\Users\Corentin\AppData\Local\Apps\2.0\ZJR6OO8N.YVH\75OE0OP1.MCZ\dell..tion_831211ca63b981c5_0008.0004_3d463ceeb98aa2c1\DellSystemDetect.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(CDVI Group) C:\Program Files (x86)\CDVI Group\Centaur\Centaur Server\svrmgr.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Security) C:\Program Files\Intel Security\True Key\application\truekey.exe
(Intel Security) C:\Program Files\Intel Security\True Key\application\truekey.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Farbar) C:\Users\Corentin\Desktop\FRST64english.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9080848 2016-11-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_WAVES_SKYLAKE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1480712 2016-11-23] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [940976 2016-11-19] (Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-31] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-26] (AVAST Software)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-08-10] (Dropbox, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [com.squirrel.slack.slack] => "C:\Users\Corentin\AppData\Local\slack\Update.exe" --processStart "slack.exe" --process-start-args "--startup"
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [Spotify] => C:\Users\Corentin\AppData\Roaming\Spotify\Spotify.exe [15866480 2017-08-07] (Spotify Ltd)
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [gSyncit] => C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [227328 2017-07-16] (Fieldston Software)
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [Spotify Web Helper] => C:\Users\Corentin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-07] (Spotify Ltd)
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\...\Run: [DellSystemDetect] => C:\Users\Corentin\AppData\Local\Apps\2.0\ZJR6OO8N.YVH\75OE0OP1.MCZ\dell..tion_831211ca63b981c5_0008.0004_3d463ceeb98aa2c1\DellSystemDetect.exe [313264 2017-05-07] (Dell)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Centaur Service Manager.lnk [2017-06-28]
ShortcutTarget: Centaur Service Manager.lnk -> C:\Program Files (x86)\CDVI Group\Centaur\Centaur Server\svrmgr.exe (CDVI Group)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0026bcf6-6b36-41f1-8bcc-26252b41950f}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{f3fafbc1-cdb6-4718-ba80-9b312306e4fa}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-961603994-2917682709-4187222462-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-961603994-2917682709-4187222462-1001 -> DefaultScope {6BA6D03C-2EAF-4D22-923F-25E140A1B650} URL =
SearchScopes: HKU\S-1-5-21-961603994-2917682709-4187222462-1001 -> {6BA6D03C-2EAF-4D22-923F-25E140A1B650} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-08-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-08-16] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKU\S-1-5-21-961603994-2917682709-4187222462-1001 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ltlw43sw.default
FF ProfilePath: C:\Users\Corentin\AppData\Roaming\Mozilla\Firefox\Profiles\ltlw43sw.default [2017-08-20]
FF Extension: (Avast SafePrice) - C:\Users\Corentin\AppData\Roaming\Mozilla\Firefox\Profiles\ltlw43sw.default\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Avast Online Security) - C:\Users\Corentin\AppData\Roaming\Mozilla\Firefox\Profiles\ltlw43sw.default\Extensions\wrc@avast.com.xpi [2017-08-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-10] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-08-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default [2017-08-15]
CHR Extension: (Google Slides) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-03]
CHR Extension: (Google Docs) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-03]
CHR Extension: (Google Drive) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-03]
CHR Extension: (YouTube) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-23]
CHR Extension: (Avast SafePrice) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-23]
CHR Extension: (Google Sheets) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-27]
CHR Extension: (Avast Online Security) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-03]
CHR Extension: (Gmail) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\Corentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-26] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-09-07] (Windows ® Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-26] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-08-10] (Microsoft Corporation)
R3 cphs; C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\IntelCpHeciSvc.exe [285696 2017-06-03] (Intel Corporation)
R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\IntelCpHDCPSvc.exe [462848 2017-06-03] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-08-10] (Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [94136 2016-06-02] (Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [119336 2017-06-16] (Dell)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-02] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-10-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igfxCUIService.exe [324608 2017-06-03] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457432 2016-09-22] (Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S2 MSSEARCH; C:\Program Files (x86)\Common Files\System\MSSearch\Bin\mssearch.exe [73728 2000-07-12] (Microsoft Corporation) [File not signed]
R2 MSSQL$CDVI_CENTAUR; c:\Program Files\Microsoft SQL Server\MSSQL10_50.CDVI_CENTAUR\MSSQL\Binn\sqlservr.exe [62275248 2015-03-19] (Microsoft Corporation)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2017-05-10] () [File not signed]
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [329736 2016-11-23] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889888 2017-08-01] (Microsoft Corporation)
S4 SQLAgent$CDVI_CENTAUR; c:\Program Files\Microsoft SQL Server\MSSQL10_50.CDVI_CENTAUR\MSSQL\Binn\SQLAGENT.EXE [443576 2014-08-23] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-08-04] (Dell Inc.)
S3 ThunderboltService; c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2018024 2016-11-16] (Intel Corporation)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [410032 2016-11-19] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{65954A00-3033-4F72-A598-12CBECCC5815}
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320008 2017-07-26] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-07-26] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-07-26] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57728 2017-07-26] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [46984 2017-07-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41800 2017-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [146704 2017-08-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110352 2017-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84392 2017-07-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1015880 2017-08-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [585608 2017-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [198768 2017-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-07-11] (AVAST Software)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [145736 2016-09-19] (Rivet Networks, LLC.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [71232 2016-08-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2016-08-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [350272 2016-08-13] (Intel Corporation)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-30] (Intel Corporation)
R3 igfx; C:\Windows\System32\DriverStore\FileRepository\ki122459.inf_amd64_e5494748d53088c1\igdkmd64.sys [11073480 2017-06-03] (Intel Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253856 2017-08-20] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [93600 2017-08-15] (Malwarebytes)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [367744 2016-12-23] (ASIX Electronics Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 Qcamain10x64; C:\Windows\system32\DRIVERS\Qcamain10x64.sys [2412976 2017-04-15] (Qualcomm Atheros, Inc.)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-08-23] (Microsoft Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [796672 2016-12-15] (Realsil Semiconductor Corporation)
S3 rtux64w10; C:\Windows\System32\drivers\rtux64w10.sys [375296 2017-01-18] (Realtek )
S3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [40376 2017-05-11] (USBPcap)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [40008 2016-08-16] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-20 03:10 - 2017-08-01 15:27 - 000016942 _____ C:\Users\Corentin\Desktop\results.xml
2017-08-20 02:56 - 2017-08-20 03:05 - 000068450 _____ C:\Users\Corentin\Desktop\Addition.txt
2017-08-20 02:55 - 2017-08-20 05:04 - 000027955 _____ C:\Users\Corentin\Desktop\FRST.txt
2017-08-20 02:54 - 2017-08-20 05:04 - 000000000 ____D C:\FRST
2017-08-20 02:54 - 2017-08-20 02:54 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-20 02:53 - 2017-08-20 02:54 - 002395648 _____ (Farbar) C:\Users\Corentin\Desktop\FRST64english.exe
2017-08-20 02:53 - 2017-08-20 02:54 - 001792512 _____ (Farbar) C:\Users\Corentin\Downloads\FRST.exe
2017-08-20 02:52 - 2017-08-20 02:52 - 002395648 _____ (Farbar) C:\Users\Corentin\Downloads\FRST64.exe
2017-08-17 13:10 - 2017-08-20 02:22 - 000000000 ____D C:\Users\Corentin\.sapvi
2017-08-17 13:10 - 2017-08-17 13:14 - 477187440 _____ (SAP SE) C:\Users\Corentin\Downloads\SAPLUMIRA6431P_4-20009491.EXE
2017-08-17 13:10 - 2017-08-17 13:10 - 000001926 _____ C:\Users\Public\Desktop\SAP Lumira.lnk
2017-08-17 13:10 - 2017-08-17 13:10 - 000000000 ____D C:\Users\Public\sapvi
2017-08-17 13:10 - 2017-08-17 13:10 - 000000000 ____D C:\Users\Corentin\Documents\SAP Lumira Documents
2017-08-17 13:10 - 2017-08-17 13:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAP Business Intelligence
2017-08-17 13:10 - 2017-08-17 13:10 - 000000000 ____D C:\Program Files\SAP Lumira
2017-08-17 13:08 - 2017-08-17 13:09 - 478708816 _____ (SAP SE) C:\Users\Corentin\Downloads\SAPLUMIRA6431P_7-20009491(1).EXE
2017-08-17 13:05 - 2017-08-17 13:08 - 478708816 _____ (SAP SE) C:\Users\Corentin\Downloads\SAPLUMIRA6431P_7-20009491.EXE
2017-08-16 19:10 - 2017-08-16 19:10 - 000628420 _____ C:\Users\Corentin\Downloads\Startup-Studio-Playbook-v1.2.epub
2017-08-16 14:04 - 2017-08-16 14:04 - 000229237 _____ C:\Users\Corentin\Downloads\document.pdf
2017-08-15 17:03 - 2017-08-15 17:03 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Waves Audio
2017-08-15 16:18 - 2017-08-15 17:08 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Wireshark
2017-08-15 16:17 - 2017-08-15 16:17 - 000001829 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-08-15 16:17 - 2017-08-15 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-08-15 16:17 - 2017-08-15 16:17 - 000000000 ____D C:\Program Files\USBPcap
2017-08-15 16:17 - 2017-08-15 16:17 - 000000000 ____D C:\Program Files (x86)\WinPcap
2017-08-15 16:16 - 2017-08-15 16:17 - 000000000 ____D C:\Program Files\Wireshark
2017-08-15 16:11 - 2017-08-15 16:16 - 059110928 _____ (Wireshark development team) C:\Users\Corentin\Downloads\Wireshark-win64-2.4.0.exe
2017-08-15 15:58 - 2017-08-15 15:58 - 000000000 ____D C:\Users\Corentin\Documents\ProcAlyzer Dumps
2017-08-15 15:50 - 2017-08-15 15:50 - 000001462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-08-15 15:50 - 2017-08-15 15:50 - 000001450 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-08-15 15:50 - 2017-08-15 15:50 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2017-08-15 15:50 - 2017-08-15 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-08-15 15:50 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2017-08-15 15:49 - 2017-08-15 17:10 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-08-15 15:49 - 2017-08-15 15:51 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-08-15 15:49 - 2017-08-15 15:49 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\Corentin\Downloads\spybotsd-2.6.46.exe
2017-08-15 15:47 - 2017-08-15 15:47 - 000613292 _____ C:\Users\Corentin\Downloads\inst_antispy.exe
2017-08-15 15:47 - 2017-08-15 15:47 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Keylogger Detector
2017-08-15 15:47 - 2017-08-15 15:47 - 000000000 ____D C:\ProgramData\Keylogger Detector
2017-08-15 15:47 - 2017-08-15 15:47 - 000000000 ____D C:\Program Files\Keylogger Detector
2017-08-15 15:34 - 2017-08-18 19:08 - 000544424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-08-15 15:29 - 2017-08-15 15:29 - 001445888 _____ (Option^Explicit Software Solutions) C:\Users\Corentin\Downloads\winsockxpfix.exe
2017-08-15 15:29 - 2017-08-15 15:29 - 001445888 _____ (Option^Explicit Software Solutions) C:\Users\Corentin\Downloads\winsockxpfix(1).exe
2017-08-15 15:21 - 2017-08-15 15:35 - 000050675 _____ C:\Users\Corentin\Desktop\dds.txt
2017-08-15 15:21 - 2017-08-15 15:35 - 000004854 _____ C:\Users\Corentin\Desktop\attach.txt
2017-08-15 15:20 - 2017-08-15 15:20 - 000688992 ____R (Swearware) C:\Users\Corentin\Downloads\dds.exe
2017-08-15 15:05 - 2017-08-15 15:06 - 000388608 _____ (Trend Micro Inc.) C:\Users\Corentin\Downloads\HijackThis(1).exe
2017-08-14 13:53 - 2017-08-14 13:53 - 000003934 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-08-10 22:26 - 2017-08-10 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-08-10 19:03 - 2017-08-10 19:03 - 000049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-08-10 19:03 - 2017-08-10 19:03 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-08-10 19:03 - 2017-08-10 19:03 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-08-10 19:03 - 2017-08-10 19:03 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-08-09 20:36 - 2017-08-09 22:23 - 000003282 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry
2017-08-09 20:31 - 2017-08-09 20:31 - 000000000 ___HD C:\ProgramData\CanonIJFAX
2017-08-09 20:31 - 2014-04-28 05:00 - 000303104 _____ (CANON INC.) C:\Windows\system32\CNCALCG.DLL
2017-08-09 20:30 - 2017-08-09 20:30 - 000000000 ___HD C:\ProgramData\CanonBJ
2017-08-09 20:30 - 2014-04-23 05:00 - 000406016 _____ (CANON INC.) C:\Windows\system32\CNMLMCG.DLL
2017-08-09 12:25 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-08-09 12:25 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-08-09 12:25 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-08-09 12:25 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2017-08-09 12:25 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-08-09 12:25 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-08-09 12:25 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-08-09 12:25 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-08-09 12:25 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-08-09 12:25 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-08-09 12:25 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-08-09 12:25 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-09 12:25 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-08-09 12:25 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-08-09 12:25 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-08-09 12:25 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-08-09 12:25 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2017-08-09 12:25 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2017-08-09 12:25 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2017-08-09 12:25 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-08-09 12:25 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-09 12:25 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-08-09 12:25 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-08-09 12:25 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-08-09 12:25 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-08-09 12:25 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-08-09 12:25 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-08-09 12:25 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2017-08-09 12:25 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-08-09 12:25 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tokenbinding.dll
2017-08-09 12:25 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-08-09 12:25 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-09 12:25 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll
2017-08-09 12:25 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-09 12:25 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-08-09 12:25 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-08-09 12:25 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-08-09 12:25 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-08-09 12:25 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2017-08-09 12:25 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-08-09 12:25 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-09 12:25 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-09 12:25 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-08-09 12:25 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-08-09 12:25 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2017-08-09 12:25 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-08-09 12:25 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-08-09 12:25 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Phoneutil.dll
2017-08-09 12:25 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-08-09 12:25 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-08-09 12:25 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-08-09 12:25 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2017-08-09 12:25 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-08-09 12:25 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2017-08-09 12:25 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2017-08-09 12:25 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2017-08-09 12:25 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-08-09 12:25 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-08-09 12:25 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2017-08-09 12:25 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-08-09 12:25 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-08-09 12:25 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-08-09 12:25 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2017-08-09 12:25 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-08-09 12:25 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-08-09 12:25 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comuid.dll
2017-08-09 12:25 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-09 12:25 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-08-09 12:25 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-08-09 12:25 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-08-09 12:25 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-08-09 12:25 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-08-09 12:25 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-08-09 12:25 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2017-08-09 12:25 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-08-09 12:25 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-08-09 12:25 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-08-09 12:25 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-08-09 12:25 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-08-09 12:25 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-08-09 12:25 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-08-09 12:25 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-09 12:25 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-08-09 12:25 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-08-09 12:25 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-08-09 12:25 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2017-08-09 12:25 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2017-08-09 12:25 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-08-09 12:25 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-08-09 12:25 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-08-09 12:25 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2017-08-09 12:25 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-08-09 12:25 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-08-09 12:25 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2017-08-09 12:25 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-08-09 12:25 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dabapi.dll
2017-08-09 12:25 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2017-08-09 12:25 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\frprov.dll
2017-08-09 12:25 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2017-08-09 12:25 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
2017-08-09 12:25 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshhttp.dll
2017-08-09 12:25 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-08-09 12:25 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
2017-08-09 12:25 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2017-08-09 12:25 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmdisk0101.sys
2017-08-09 12:25 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-08-09 12:25 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-08-09 12:25 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-08-09 12:25 - 2017-07-12 07:21 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthLEEnum.sys
2017-08-09 12:25 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-08-09 12:25 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2017-08-09 12:25 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2017-08-09 12:25 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2017-08-09 12:25 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2017-08-09 12:25 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2017-08-09 12:25 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-08-09 12:25 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-08-09 12:25 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2017-08-09 12:25 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2017-08-09 12:25 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-08-09 12:25 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-08-09 12:25 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-08-09 12:25 - 2017-07-12 04:49 - 000448629 _____ C:\Windows\system32\ApnDatabase.xml
2017-08-09 12:25 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-08-09 12:24 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-08-09 12:24 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-08-09 12:24 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-08-09 12:24 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-08-09 12:24 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-08-09 12:24 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-08-09 12:24 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-08-09 12:24 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-08-09 12:24 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-08-09 12:24 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-08-09 12:24 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-08-09 12:24 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-08-09 12:24 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-08-09 12:24 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-08-09 12:24 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-08-09 12:24 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-08-09 12:24 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-08-09 12:24 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-08-09 12:24 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-08-09 12:24 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-08-09 12:24 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-08-09 12:24 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-08-09 12:24 - 2017-08-01 20:58 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-08-09 12:24 - 2017-08-01 20:57 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-08-09 12:24 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-08-09 12:24 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-08-09 12:24 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-09 12:24 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-08-09 12:24 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-09 12:24 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-08-09 12:24 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-08-09 12:24 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-08-09 12:24 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-08-09 12:24 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-08-09 12:24 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.HostName.dll
2017-08-09 12:24 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-08-09 12:24 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\Phoneutil.dll
2017-08-09 12:24 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-08-09 12:24 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2017-08-09 12:24 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-08-09 12:24 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-08-09 12:24 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-08-09 12:24 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-08-09 12:24 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll
2017-08-09 12:24 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2017-08-09 12:24 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-08-09 12:24 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-08-09 12:24 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-09 12:24 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2017-08-09 12:24 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2017-08-09 12:24 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-08-09 12:24 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-08-09 12:24 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-08-09 12:24 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-08-09 12:24 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-08-09 12:24 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2017-08-09 12:24 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-08-09 12:24 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-08-09 12:24 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-08-09 12:24 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2017-08-09 12:24 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-08-09 12:24 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-08-09 12:24 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-08-09 12:24 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-09 12:24 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-08-09 12:24 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-08-09 12:24 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-08-09 12:24 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-08-09 12:24 - 2017-08-01 20:26 - 001949696 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2017-08-09 12:24 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-08-09 12:24 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2017-08-09 12:24 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-08-09 12:24 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-08-09 12:24 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-08-09 12:24 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-09 12:24 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-08-09 12:24 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-08-09 12:24 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-08-09 12:24 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-08-09 12:24 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-08-09 12:24 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-08-09 12:24 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-08-09 12:24 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-08-09 12:24 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-08-09 12:24 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-08-09 12:24 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-08-09 12:24 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-08-09 12:24 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-08-09 12:24 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-08-09 12:24 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2017-08-09 12:24 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-08-09 12:24 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2017-08-09 12:24 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-08-09 12:24 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2017-08-09 12:24 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2017-08-09 12:24 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll
2017-08-09 12:24 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
2017-08-09 12:24 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-08-09 12:24 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2017-08-09 12:24 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-08-09 12:24 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\frprov.dll
2017-08-09 12:24 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2017-08-09 12:24 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2017-08-09 12:24 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2017-08-09 12:24 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2017-08-09 12:24 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2017-08-09 12:24 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2017-08-09 12:24 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-08-09 12:24 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-08-09 12:24 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-08-09 12:24 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-08-09 12:24 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-08-09 12:24 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-08-09 12:24 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-08-09 12:24 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-08-09 12:24 - 2017-07-12 07:03 - 000779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-08-09 12:24 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2017-08-09 12:24 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-08-09 12:24 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-08-09 12:24 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-08-09 12:24 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-08-09 12:24 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-08-09 12:24 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-08-09 12:24 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-08-09 12:24 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2017-08-09 12:24 - 2017-03-04 08:14 - 000588288 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2017-08-09 12:24 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-08-09 12:24 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-08-09 12:24 - 2016-09-07 07:24 - 000057400 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-08-09 12:24 - 2016-08-02 10:13 - 001081856 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-08-09 12:23 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-08-09 12:23 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-08-09 12:23 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2017-08-09 12:23 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2017-08-09 12:23 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-08-09 12:23 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-08-09 12:23 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2017-08-09 12:23 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-08-09 12:23 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
2017-08-09 12:23 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-08-09 12:23 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\tokenbinding.dll
2017-08-09 12:23 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2017-08-09 12:23 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-08-09 12:23 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-08-09 12:23 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-08-09 12:23 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-08-09 12:23 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-08-09 12:23 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2017-08-09 12:23 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-08-09 12:23 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2017-08-09 12:23 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2017-08-09 12:23 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2017-08-09 12:23 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2017-08-09 12:23 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-08-09 12:23 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2017-08-09 12:23 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-08-09 12:23 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-08-09 12:23 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2017-08-09 12:23 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-08-09 12:23 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-08-09 12:23 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\windowslivelogin.dll
2017-08-09 12:23 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-08-09 12:23 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2017-08-09 12:23 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-08-09 12:23 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-08-09 12:23 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-08-09 12:23 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-08-09 12:23 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-08-09 12:23 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-08-09 12:23 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-08-09 12:23 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-08-09 12:23 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-08-09 12:23 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2017-08-09 12:23 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-08-09 12:23 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\dabapi.dll
2017-08-09 12:23 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2017-08-09 12:23 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-08-09 12:23 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2017-08-09 12:23 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\profsvcext.dll
2017-08-09 12:23 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2017-08-09 12:23 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2017-08-09 12:23 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2017-08-09 12:23 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2017-08-09 12:23 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2017-08-09 12:23 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-08-09 12:23 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-08-09 12:23 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2017-08-09 12:23 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2017-08-09 12:23 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-08-09 12:23 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-08-09 12:23 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-08-09 12:23 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2017-08-09 12:23 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-08-09 12:23 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2017-08-08 18:00 - 2017-08-10 21:36 - 000000000 ____D C:\Users\Corentin\Desktop\MWG
2017-08-07 12:32 - 2017-08-07 12:32 - 000000000 ___RD C:\Users\Corentin\3D Objects
2017-08-01 21:22 - 2017-08-01 21:22 - 000000000 ____D C:\Users\Corentin\AppData\Local\FaceGen
2017-08-01 21:21 - 2017-08-01 21:21 - 000001234 _____ C:\Users\Corentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FaceGen 3D Print Demo.lnk
2017-08-01 21:21 - 2017-08-01 21:21 - 000001108 _____ C:\Users\Corentin\Desktop\FaceGen 3D Print Demo.lnk
2017-08-01 21:21 - 2017-08-01 21:21 - 000000000 ____D C:\Program Files\FaceGen
2017-08-01 21:20 - 2017-08-01 21:21 - 188895232 _____ C:\Users\Corentin\Downloads\fg3DPrint19Demo64.msi
2017-08-01 12:38 - 2017-08-01 12:38 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Dell
2017-08-01 12:29 - 2017-08-01 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-08-01 12:28 - 2017-08-01 12:28 - 000001824 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-08-01 12:28 - 2017-08-01 12:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-08-01 12:28 - 2017-08-01 12:28 - 000000000 ____D C:\Program Files\iTunes
2017-08-01 12:28 - 2017-08-01 12:28 - 000000000 ____D C:\Program Files\iPod
2017-07-31 13:58 - 2017-07-31 13:58 - 000388608 _____ (Trend Micro Inc.) C:\Users\Corentin\Downloads\HijackThis.exe
2017-07-31 13:14 - 2017-08-20 02:27 - 000253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-31 13:14 - 2017-08-15 15:04 - 000101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-07-31 13:14 - 2017-08-15 15:04 - 000093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-07-31 13:14 - 2017-08-15 15:04 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-07-31 13:14 - 2017-07-31 13:14 - 000188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-07-31 13:14 - 2017-07-31 13:14 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-31 13:14 - 2017-07-31 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-31 13:14 - 2017-06-27 12:06 - 000077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-31 13:13 - 2017-07-31 13:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-07-31 13:13 - 2017-07-31 13:13 - 000000000 ____D C:\Program Files\Malwarebytes
2017-07-31 13:12 - 2017-07-31 13:13 - 065033984 _____ (Malwarebytes ) C:\Users\Corentin\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-28 21:04 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-07-28 21:04 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-07-28 21:04 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-07-28 21:04 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-07-26 18:01 - 2017-07-26 18:01 - 000400464 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-07-25 17:42 - 2017-07-25 17:42 - 000176912 _____ C:\Users\Corentin\Downloads\Untitled Diagram(3).pdf
2017-07-24 18:28 - 2017-07-24 18:28 - 000002781 _____ C:\Users\Corentin\Downloads\Untitled Diagram(3).xml
2017-07-24 18:21 - 2017-07-24 18:21 - 000002605 _____ C:\Users\Corentin\Downloads\Untitled Diagram(2).xml
2017-07-24 18:12 - 2017-07-24 18:12 - 000002137 _____ C:\Users\Corentin\Downloads\Untitled Diagram(1).xml
2017-07-24 17:48 - 2017-07-24 17:48 - 000002737 _____ C:\Users\Corentin\Downloads\Untitled Diagram.xml
2017-07-24 17:33 - 2017-07-24 17:34 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\XMind
2017-07-24 17:33 - 2017-07-24 17:34 - 000000000 ____D C:\Program Files (x86)\XMind
2017-07-24 17:33 - 2017-07-24 17:33 - 000001060 _____ C:\Users\Corentin\Desktop\XMind 8 Update 2.lnk
2017-07-24 17:33 - 2017-07-24 17:33 - 000000000 ____D C:\Users\Corentin\.oracle_jre_usage
2017-07-24 17:33 - 2017-07-24 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2017-07-24 17:29 - 2017-07-24 17:32 - 162293262 _____ (XMind Ltd. ) C:\Users\Corentin\Downloads\xmind-8-update2-windows.exe
2017-07-23 14:54 - 2017-07-23 14:54 - 000003382 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-961603994-2917682709-4187222462-1001

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-20 04:54 - 2017-05-03 22:00 - 000000000 ____D C:\Users\Corentin\Desktop\DD
2017-08-20 04:50 - 2017-07-19 12:24 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\gSyncit
2017-08-20 04:50 - 2017-05-04 04:35 - 000000000 ____D C:\Users\Corentin\Documents\Fichiers Outlook
2017-08-20 04:45 - 2017-05-03 13:40 - 000000000 ____D C:\Users\Corentin\AppData\Local\Packages
2017-08-20 04:40 - 2017-05-24 05:12 - 000004182 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{02EB694A-D2EB-47C7-A6CD-2AE091028C4C}
2017-08-20 03:09 - 2017-05-04 00:05 - 000000000 ____D C:\Users\Corentin\AppData\Local\tkdata
2017-08-20 02:57 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\LiveKernelReports
2017-08-20 02:33 - 2017-04-26 10:58 - 003764348 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-20 02:33 - 2016-07-30 18:19 - 001627118 _____ C:\Windows\system32\perfh00C.dat
2017-08-20 02:33 - 2016-07-30 18:19 - 000425870 _____ C:\Windows\system32\perfc00C.dat
2017-08-20 02:28 - 2017-06-27 21:10 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Slack
2017-08-20 02:28 - 2017-05-19 02:26 - 000000000 ____D C:\Users\Corentin\AppData\Local\Spotify
2017-08-20 02:28 - 2017-05-19 02:25 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Spotify
2017-08-20 02:28 - 2017-05-03 20:58 - 000000000 ____D C:\Users\Corentin\AppData\LocalLow\Mozilla
2017-08-20 02:27 - 2017-05-03 20:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-20 02:27 - 2017-05-03 20:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-20 02:27 - 2017-05-03 13:40 - 000000000 __SHD C:\Users\Corentin\IntelGraphicsProfiles
2017-08-20 02:27 - 2017-04-26 10:49 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-20 02:26 - 2016-07-16 08:04 - 000524288 _____ C:\Windows\system32\config\BBI
2017-08-20 01:20 - 2017-04-26 10:49 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-08-19 19:25 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness
2017-08-18 19:09 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-18 19:05 - 2017-06-27 21:10 - 000002222 _____ C:\Users\Corentin\Desktop\Slack.lnk
2017-08-18 19:05 - 2017-06-27 21:10 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2017-08-18 19:05 - 2017-06-27 21:10 - 000000000 ____D C:\Users\Corentin\AppData\Local\SquirrelTemp
2017-08-18 19:05 - 2017-06-27 21:10 - 000000000 ____D C:\Users\Corentin\AppData\Local\slack
2017-08-18 19:03 - 2017-04-26 11:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-08-17 21:28 - 2017-05-03 21:06 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-17 21:28 - 2017-05-03 21:06 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-17 14:30 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF
2017-08-17 13:10 - 2017-05-03 13:39 - 000000000 ____D C:\Users\Corentin
2017-08-16 19:10 - 2017-05-03 22:37 - 000000000 ___RD C:\Users\Corentin\Dropbox (Personnelle)
2017-08-16 17:43 - 2017-07-11 04:01 - 000000000 ___HD C:\$WINDOWS.~BT
2017-08-16 13:24 - 2017-04-26 20:20 - 000000000 ____D C:\Windows\Panther
2017-08-15 15:34 - 2016-07-16 08:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2017-08-15 15:33 - 2016-07-16 13:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-08-15 15:07 - 2017-05-03 13:40 - 000000000 ____D C:\Users\Corentin\AppData\Local\VirtualStore
2017-08-15 01:19 - 2017-05-20 19:22 - 000000000 ____D C:\Users\Corentin\Desktop\Travail
2017-08-14 20:03 - 2017-05-03 23:54 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-14 14:44 - 2017-07-16 02:00 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Apple Computer
2017-08-14 13:53 - 2017-07-01 18:45 - 000000000 ____D C:\ProgramData\SupportAssist
2017-08-12 16:45 - 2017-05-03 21:06 - 000004048 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1493838400
2017-08-12 16:45 - 2017-05-03 21:06 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-11 19:36 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\rescache
2017-08-10 22:27 - 2017-05-03 22:14 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-08-10 18:04 - 2017-05-03 23:54 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-10 17:49 - 2017-04-26 11:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-10 12:13 - 2017-05-03 20:52 - 001015880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-08-10 12:13 - 2017-05-03 20:52 - 000146704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2017-08-10 12:05 - 2017-04-26 10:49 - 000339736 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-10 12:05 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-10 12:05 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-10 12:03 - 2017-04-26 20:21 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\oobe
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\ShellExperiences
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\Provisioning
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\bcastdvr
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-10 12:03 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-09 20:31 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-08-09 12:36 - 2016-07-16 13:36 - 000000000 ____D C:\Windows\CbsTemp
2017-08-09 12:29 - 2017-05-05 18:59 - 000000000 ____D C:\Windows\system32\MRT
2017-08-09 12:27 - 2017-05-05 18:59 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-08-09 11:56 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\NDF
2017-08-01 15:28 - 2017-07-16 02:00 - 000000000 ____D C:\Users\Corentin\AppData\Local\Apple Computer
2017-08-01 15:27 - 2017-04-26 11:04 - 000016942 _____ C:\Windows\system32\results.xml
2017-08-01 12:38 - 2017-04-26 10:59 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-01 12:36 - 2017-04-26 10:59 - 000000000 ____D C:\Program Files\Intel
2017-08-01 12:29 - 2017-07-16 01:58 - 000000000 ____D C:\Program Files\Common Files\Apple
2017-08-01 10:59 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\Registration
2017-07-31 17:14 - 2016-07-16 13:49 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:14 - 2016-07-16 13:49 - 000177648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-31 13:17 - 2017-05-03 13:38 - 000000000 ____D C:\Users\defaultuser0
2017-07-29 00:18 - 2017-05-03 20:52 - 000004268 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-07-26 18:02 - 2017-06-08 08:52 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2017-07-26 18:01 - 2017-05-03 20:52 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-07-26 18:01 - 2017-05-03 20:52 - 000320008 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-07-26 18:01 - 2017-05-03 20:52 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-07-26 18:01 - 2017-05-03 20:52 - 000146664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.150108492117103
2017-07-26 18:01 - 2017-05-03 20:52 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-07-23 14:54 - 2017-05-03 13:42 - 000002418 _____ C:\Users\Corentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-23 14:54 - 2017-05-03 13:42 - 000000000 ___RD C:\Users\Corentin\OneDrive
2017-07-22 17:10 - 2017-07-16 01:59 - 000000000 ____D C:\ProgramData\myCANAL

Some files in TEMP:
====================
2017-08-20 02:17 - 2017-08-20 02:17 - 000040448 ____N () C:\Users\Corentin\AppData\Local\Temp\proxy_vole1979695918367992798.dll
2017-08-18 01:49 - 2017-08-18 01:49 - 000040448 ____N () C:\Users\Corentin\AppData\Local\Temp\proxy_vole3085830543993802530.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-15 18:56

==================== End of FRST.txt ============================



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:39 AM

Posted 19 August 2017 - 10:34 PM

Thank you for helping me by running it in English.

I am happy to report your computer is clean but while we are here let's mop up a few entries.

I am logging off for the evening but please do this and I will review it first thing in the morning.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
Start::
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKU\S-1-5-21-961603994-2917682709-4187222462-1001 -> DefaultScope {6BA6D03C-2EAF-4D22-923F-25E140A1B650} URL =
SearchScopes: HKU\S-1-5-21-961603994-2917682709-4187222462-1001 -> {6BA6D03C-2EAF-4D22-923F-25E140A1B650} URL =
2017-08-20 02:17 - 2017-08-20 02:17 - 000040448 ____N () C:\Users\Corentin\AppData\Local\Temp\proxy_vole1979695918367992798.dll
2017-08-18 01:49 - 2017-08-18 01:49 - 000040448 ____N () C:\Users\Corentin\AppData\Local\Temp\proxy_vole3085830543993802530.dll
Task: {08A30C11-2DD8-4BF0-ACD4-E545E0485581} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation)
Task: {1538C0BE-B904-4F96-ADE7-F388D67C3646} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation)
Task: {217606CC-9F98-45B7-ADCD-FC885C5EA76B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation)
Task: {69498289-019D-4620-81F3-C1A6F0745C6F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation)
emptytemp:
End::
  • Click Fix
  • Copy and paste the contents of the Fixlog.txt file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Any issues?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:39 AM

Posted 22 August 2017 - 08:47 AM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:39 AM

Posted 24 August 2017 - 09:37 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users