Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by Antoine on 18/10/2016 at 10:52:12,09. Microsoft Windows 10 Famille 10.0.14393 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Antoine\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 18/10/2016 10:52:38 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Windows Installer Info ====================== Adobe Acrobat Reader DC - Fran‡ais [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA76301B744CAF070E41400]C:\WINDOWS\Installer\28969.msi Adobe Refresh Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA408033019195008142020244]C:\WINDOWS\Installer\bf9d7.msi Google Chrome [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\71C8FABB4A1525A39A7C8022B98343E6]C:\WINDOWS\Installer\46e7a.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\WINDOWS\Installer\711608.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A089CE062ADB6BC44A720BA745894BAC]C:\WINDOWS\Installer\46e80.msi Java 8 Update 101 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2238110100F]C:\WINDOWS\Installer\ad60db0.msi LibreOffice 5.1.5.2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F5A3E30C2B26FC4C981BF2BA8AF15B2]C:\WINDOWS\Installer\e9009.msi Newshosting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EF748C8BFB13D540811D70D714BB325]C:\WINDOWS\Installer\150cd6dd.msi ==== Empty Folders Check ====================== C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully C:\Users\Antoine\AppData\Local\ActiveSync deleted successfully C:\Users\Antoine\AppData\Local\VirtualStore deleted successfully C:\Users\Domitille\AppData\Local\ActiveSync deleted successfully C:\Users\Domitille\AppData\Local\VirtualStore deleted successfully C:\Users\Emile\AppData\Local\ActiveSync deleted successfully C:\Users\Emile\AppData\Local\VirtualStore deleted successfully ==== Checking Systemdrive for Symlinks ====================== Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 746E-7D73 R‚pertoire de C:\ 14/07/2009 07:08 Documents and Settings [C:\Users] 0 fichier(s) 0 octets R‚pertoire de C:\Program Files 12/08/2016 16:45 Fichiers communs [C:\Program Files\Common Files] 0 fichier(s) 0 octets R‚pertoire de C:\Program Files\Windows NT 27/09/2016 22:07 Accessoires [C:\Program Files\Windows NT\Accessories] 0 fichier(s) 0 octets R‚pertoire de C:\ProgramData 27/09/2016 22:07 Application Data [C:\ProgramData] 12/08/2016 16:45 Bureau [C:\Users\Public\Desktop] 27/09/2016 22:07 Documents [C:\Users\Public\Documents] 12/08/2016 16:45 Favoris [C:\Users\Public\Favorites] 12/08/2016 16:45 Menu D‚marrer [C:\ProgramData\Microsoft\Windows\Start Menu] 12/08/2016 16:45 ModŠles [C:\ProgramData\Microsoft\Windows\Templates] 0 fichier(s) 0 octets R‚pertoire de C:\ProgramData\Microsoft\Windows\Start Menu 12/08/2016 16:45 Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\ProgramData\Oracle\Java\javapath 17/09/2016 15:28 java.exe [C:\Program Files (x86)\Java\jre1.8.0_101\bin\java.exe] 17/09/2016 15:28 javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaw.exe] 17/09/2016 15:28 javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaws.exe] 3 fichier(s) 0 octets R‚pertoire de C:\Users 16/07/2016 14:40 All Users [C:\ProgramData] 16/07/2016 14:40 Default User [C:\Users\Default] 0 fichier(s) 0 octets R‚pertoire de C:\Users\All Users 27/09/2016 22:07 Application Data [C:\ProgramData] 12/08/2016 16:45 Bureau [C:\Users\Public\Desktop] 27/09/2016 22:07 Documents [C:\Users\Public\Documents] 12/08/2016 16:45 Favoris [C:\Users\Public\Favorites] 12/08/2016 16:45 Menu D‚marrer [C:\ProgramData\Microsoft\Windows\Start Menu] 12/08/2016 16:45 ModŠles [C:\ProgramData\Microsoft\Windows\Templates] 0 fichier(s) 0 octets R‚pertoire de C:\Users\All Users\Microsoft\Windows\Start Menu 12/08/2016 16:45 Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\All Users\Oracle\Java\javapath 17/09/2016 15:28 java.exe [C:\Program Files (x86)\Java\jre1.8.0_101\bin\java.exe] 17/09/2016 15:28 javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaw.exe] 17/09/2016 15:28 javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaws.exe] 3 fichier(s) 0 octets R‚pertoire de C:\Users\Antoine 27/09/2016 21:59 Application Data [C:\Users\Antoine\AppData\Roaming] 27/09/2016 21:59 Cookies [C:\Users\Antoine\AppData\Local\Microsoft\Windows\INetCookies] 27/09/2016 21:59 Local Settings [C:\Users\Antoine\AppData\Local] 27/09/2016 21:59 Menu D‚marrer [C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu] 27/09/2016 21:59 Mes documents [C:\Users\Antoine\Documents] 27/09/2016 21:59 ModŠles [C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Templates] 27/09/2016 21:59 Recent [C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Recent] 27/09/2016 21:59 SendTo [C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\SendTo] 27/09/2016 21:59 Voisinage d'impression [C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 27/09/2016 21:59 Voisinage r‚seau [C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Antoine\AppData\Local 27/09/2016 21:59 Application Data [C:\Users\Antoine\AppData\Local] 27/09/2016 21:59 Historique [C:\Users\Antoine\AppData\Local\Microsoft\Windows\History] 27/09/2016 21:59 Temporary Internet Files [C:\Users\Antoine\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Antoine\AppData\Local\Microsoft\Windows 27/09/2016 21:59 Temporary Internet Files [C:\Users\Antoine\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Antoine\AppData\Local\Microsoft\Windows\INetCache 27/09/2016 22:12 Content.IE5 [C:\Users\Antoine\AppData\Local\Microsoft\Windows\INetCache\IE] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Antoine\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe 01/09/2016 11:42 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1000\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\AC] 01/09/2016 11:42 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1000\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\AppData] 01/09/2016 11:42 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1000\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\LocalCache] 01/09/2016 11:42 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1000\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\LocalState] 01/09/2016 11:42 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1000\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\RoamingState] 01/09/2016 11:42 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1000\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\Settings] 01/09/2016 11:42 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1000\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu 27/09/2016 21:59 Programmes [C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Antoine\Documents 27/09/2016 21:59 Ma musique [C:\Users\Antoine\Music] 27/09/2016 21:59 Mes images [C:\Users\Antoine\Pictures] 27/09/2016 21:59 Mes vid‚os [C:\Users\Antoine\Videos] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default 27/09/2016 22:07 Application Data [C:\Users\Default\AppData\Roaming] 27/09/2016 22:07 Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies] 27/09/2016 22:07 Local Settings [C:\Users\Default\AppData\Local] 27/09/2016 22:07 Menu D‚marrer [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 27/09/2016 22:07 Mes documents [C:\Users\Default\Documents] 27/09/2016 22:07 ModŠles [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 27/09/2016 22:07 Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 27/09/2016 22:07 SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 27/09/2016 22:07 Voisinage d'impression [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 27/09/2016 22:07 Voisinage r‚seau [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default\AppData\Local 27/09/2016 22:07 Application Data [C:\Users\Default\AppData\Local] 27/09/2016 22:07 Historique [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 27/09/2016 22:07 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default\AppData\Local\Microsoft\Windows 27/09/2016 22:07 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu 27/09/2016 22:07 Programmes [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default\Documents 27/09/2016 22:07 Ma musique [C:\Users\Default\Music] 27/09/2016 22:07 Mes images [C:\Users\Default\Pictures] 27/09/2016 22:07 Mes vid‚os [C:\Users\Default\Videos] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default.migrated 12/08/2016 16:45 Menu D‚marrer [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 12/08/2016 16:45 Mes documents [C:\Users\Default\Documents] 12/08/2016 16:45 ModŠles [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 12/08/2016 16:45 Voisinage d'impression [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 12/08/2016 16:45 Voisinage r‚seau [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default.migrated\AppData\Local 12/08/2016 16:45 Historique [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default.migrated\AppData\Local\Microsoft\Windows 12/08/2016 16:45 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu 12/08/2016 16:45 Programmes [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default.migrated\Documents 12/08/2016 16:45 Ma musique [C:\Users\Default\Music] 12/08/2016 16:45 Mes images [C:\Users\Default\Pictures] 12/08/2016 16:45 Mes vid‚os [C:\Users\Default\Videos] 0 fichier(s) 0 octets R‚pertoire de C:\Users\DefaultAppPool 12/08/2016 16:45 Application Data [C:\Users\DefaultAppPool\AppData\Roaming] 12/08/2016 16:45 Cookies [C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCookies] 12/08/2016 16:45 Local Settings [C:\Users\DefaultAppPool\AppData\Local] 12/08/2016 16:45 Menu D‚marrer [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu] 12/08/2016 16:45 Mes documents [C:\Users\DefaultAppPool\Documents] 12/08/2016 16:45 ModŠles [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Templates] 12/08/2016 16:45 Recent [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Recent] 12/08/2016 16:45 SendTo [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo] 12/08/2016 16:45 Voisinage d'impression [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 12/08/2016 16:45 Voisinage r‚seau [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R‚pertoire de C:\Users\DefaultAppPool\AppData\Local 12/08/2016 16:45 Application Data [C:\Users\DefaultAppPool\AppData\Local] 12/08/2016 16:45 Historique [C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\History] 12/08/2016 16:45 Temporary Internet Files [C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows 12/08/2016 16:45 Temporary Internet Files [C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu 12/08/2016 16:45 Programmes [C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\DefaultAppPool\Documents 12/08/2016 16:45 Ma musique [C:\Users\DefaultAppPool\Music] 12/08/2016 16:45 Mes images [C:\Users\DefaultAppPool\Pictures] 12/08/2016 16:45 Mes vid‚os [C:\Users\DefaultAppPool\Videos] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille 27/09/2016 21:59 Application Data [C:\Users\Domitille\AppData\Roaming] 27/09/2016 21:59 Cookies [C:\Users\Domitille\AppData\Local\Microsoft\Windows\INetCookies] 27/09/2016 21:59 Local Settings [C:\Users\Domitille\AppData\Local] 27/09/2016 21:59 Menu D‚marrer [C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Start Menu] 27/09/2016 21:59 Mes documents [C:\Users\Domitille\Documents] 27/09/2016 21:59 ModŠles [C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Templates] 27/09/2016 21:59 Recent [C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Recent] 27/09/2016 21:59 SendTo [C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\SendTo] 27/09/2016 21:59 Voisinage d'impression [C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 27/09/2016 21:59 Voisinage r‚seau [C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local 27/09/2016 21:59 Application Data [C:\Users\Domitille\AppData\Local] 27/09/2016 21:59 Historique [C:\Users\Domitille\AppData\Local\Microsoft\Windows\History] 27/09/2016 21:59 Temporary Internet Files [C:\Users\Domitille\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Microsoft\Windows 27/09/2016 21:59 Temporary Internet Files [C:\Users\Domitille\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Microsoft\Windows\INetCache 02/10/2016 16:20 Content.IE5 [C:\Users\Domitille\AppData\Local\Microsoft\Windows\INetCache\IE] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\king.com.CandyCrushSodaSaga_kgqvnymyfvs32 14/09/2016 15:26 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\king.com.CandyCrushSodaSaga_kgqvnymyfvs32\AC] 14/09/2016 15:26 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\king.com.CandyCrushSodaSaga_kgqvnymyfvs32\AppData] 14/09/2016 15:26 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\king.com.CandyCrushSodaSaga_kgqvnymyfvs32\LocalCache] 14/09/2016 15:26 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\king.com.CandyCrushSodaSaga_kgqvnymyfvs32\LocalState] 14/09/2016 15:26 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\king.com.CandyCrushSodaSaga_kgqvnymyfvs32\RoamingState] 14/09/2016 15:26 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\king.com.CandyCrushSodaSaga_kgqvnymyfvs32\Settings] 14/09/2016 15:26 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\king.com.CandyCrushSodaSaga_kgqvnymyfvs32\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe 28/08/2016 12:25 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC] 28/08/2016 12:25 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AppData] 28/08/2016 12:25 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:25 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\LocalState] 28/08/2016 12:25 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:25 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\Settings] 28/08/2016 12:25 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe 28/08/2016 12:25 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC] 28/08/2016 12:25 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AppData] 28/08/2016 12:25 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:25 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\LocalState] 28/08/2016 12:25 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:25 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\Settings] 28/08/2016 12:25 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe 28/08/2016 12:26 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC] 28/08/2016 12:26 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AppData] 28/08/2016 12:26 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:26 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\LocalState] 28/08/2016 12:26 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:26 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\Settings] 28/08/2016 12:26 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe 28/08/2016 12:25 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC] 28/08/2016 12:25 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AppData] 28/08/2016 12:25 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:25 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState] 28/08/2016 12:25 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:25 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\Settings] 28/08/2016 12:25 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe 28/08/2016 12:26 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC] 28/08/2016 12:26 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AppData] 28/08/2016 12:26 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:26 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState] 28/08/2016 12:26 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:26 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\Settings] 28/08/2016 12:26 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe 06/09/2016 08:47 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\AC] 06/09/2016 08:47 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\AppData] 06/09/2016 08:47 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\LocalCache] 06/09/2016 08:47 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\LocalState] 06/09/2016 08:47 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\RoamingState] 06/09/2016 08:47 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\Settings] 06/09/2016 08:47 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.Office.Sway_8wekyb3d8bbwe 14/09/2016 15:26 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.Sway_8wekyb3d8bbwe\AC] 14/09/2016 15:26 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.Sway_8wekyb3d8bbwe\AppData] 14/09/2016 15:26 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.Sway_8wekyb3d8bbwe\LocalCache] 14/09/2016 15:26 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.Sway_8wekyb3d8bbwe\LocalState] 14/09/2016 15:26 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.Sway_8wekyb3d8bbwe\RoamingState] 14/09/2016 15:26 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.Sway_8wekyb3d8bbwe\Settings] 14/09/2016 15:26 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.Office.Sway_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe 28/08/2016 12:27 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\AC] 28/08/2016 12:27 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\AppData] 28/08/2016 12:27 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:27 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\LocalState] 28/08/2016 12:27 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:27 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\Settings] 28/08/2016 12:27 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe 28/08/2016 12:27 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\AC] 28/08/2016 12:27 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\AppData] 28/08/2016 12:27 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:27 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\LocalState] 28/08/2016 12:27 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:27 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\Settings] 28/08/2016 12:27 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe 28/08/2016 12:26 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\AC] 28/08/2016 12:26 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\AppData] 28/08/2016 12:26 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:26 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\LocalState] 28/08/2016 12:26 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:26 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\Settings] 28/08/2016 12:26 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe 28/08/2016 12:28 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC] 28/08/2016 12:28 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AppData] 28/08/2016 12:28 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:28 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState] 28/08/2016 12:28 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:28 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings] 28/08/2016 12:28 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.WindowsMaps_8wekyb3d8bbwe 28/08/2016 12:26 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsMaps_8wekyb3d8bbwe\AC] 28/08/2016 12:26 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsMaps_8wekyb3d8bbwe\AppData] 28/08/2016 12:26 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsMaps_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:26 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsMaps_8wekyb3d8bbwe\LocalState] 28/08/2016 12:26 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsMaps_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:26 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsMaps_8wekyb3d8bbwe\Settings] 28/08/2016 12:26 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsMaps_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.WindowsPhone_8wekyb3d8bbwe 28/08/2016 12:26 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsPhone_8wekyb3d8bbwe\AC] 28/08/2016 12:26 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsPhone_8wekyb3d8bbwe\AppData] 28/08/2016 12:26 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsPhone_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:26 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsPhone_8wekyb3d8bbwe\LocalState] 28/08/2016 12:26 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsPhone_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:26 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsPhone_8wekyb3d8bbwe\Settings] 28/08/2016 12:26 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsPhone_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe 28/08/2016 12:26 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\AC] 28/08/2016 12:26 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\AppData] 28/08/2016 12:26 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:26 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\LocalState] 28/08/2016 12:26 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:26 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\Settings] 28/08/2016 12:26 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe 17/09/2016 12:18 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\AC] 17/09/2016 12:18 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\AppData] 17/09/2016 12:18 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\LocalCache] 17/09/2016 12:18 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\LocalState] 17/09/2016 12:18 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\RoamingState] 17/09/2016 12:18 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\Settings] 17/09/2016 12:18 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe 14/09/2016 15:10 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\AC] 14/09/2016 15:10 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\AppData] 14/09/2016 15:10 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\LocalCache] 14/09/2016 15:10 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\LocalState] 14/09/2016 15:10 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\RoamingState] 14/09/2016 15:10 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\Settings] 14/09/2016 15:10 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe 28/08/2016 12:27 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC] 28/08/2016 12:27 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AppData] 28/08/2016 12:27 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:27 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState] 28/08/2016 12:27 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:27 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings] 28/08/2016 12:27 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe 28/08/2016 12:27 AC [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC] 28/08/2016 12:27 AppData [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AppData] 28/08/2016 12:27 LocalCache [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalCache] 28/08/2016 12:27 LocalState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState] 28/08/2016 12:27 RoamingState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\RoamingState] 28/08/2016 12:27 Settings [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings] 28/08/2016 12:27 TempState [D:\WpSystem\S-1-5-21-720330006-1225765978-308963393-1002\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\TempState] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Start Menu 27/09/2016 21:59 Programmes [C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Domitille\Documents 27/09/2016 21:59 Ma musique [C:\Users\Domitille\Music] 27/09/2016 21:59 Mes images [C:\Users\Domitille\Pictures] 27/09/2016 21:59 Mes vid‚os [C:\Users\Domitille\Videos] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Emile 27/09/2016 21:59 Application Data [C:\Users\Emile\AppData\Roaming] 27/09/2016 21:59 Cookies [C:\Users\Emile\AppData\Local\Microsoft\Windows\INetCookies] 27/09/2016 21:59 Local Settings [C:\Users\Emile\AppData\Local] 27/09/2016 21:59 Menu D‚marrer [C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu] 27/09/2016 21:59 Mes documents [C:\Users\Emile\Documents] 27/09/2016 21:59 ModŠles [C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Templates] 27/09/2016 21:59 Recent [C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Recent] 27/09/2016 21:59 SendTo [C:\Users\Emile\AppData\Roaming\Microsoft\Windows\SendTo] 27/09/2016 21:59 Voisinage d'impression [C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 27/09/2016 21:59 Voisinage r‚seau [C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Emile\AppData\Local 27/09/2016 21:59 Application Data [C:\Users\Emile\AppData\Local] 27/09/2016 21:59 Historique [C:\Users\Emile\AppData\Local\Microsoft\Windows\History] 27/09/2016 21:59 Temporary Internet Files [C:\Users\Emile\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Emile\AppData\Local\Microsoft\Windows 27/09/2016 21:59 Temporary Internet Files [C:\Users\Emile\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Emile\AppData\Local\Microsoft\Windows\INetCache 01/10/2016 10:20 Content.IE5 [C:\Users\Emile\AppData\Local\Microsoft\Windows\INetCache\IE] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu 27/09/2016 21:59 Programmes [C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Emile\Documents 27/09/2016 21:59 Ma musique [C:\Users\Emile\Music] 27/09/2016 21:59 Mes images [C:\Users\Emile\Pictures] 27/09/2016 21:59 Mes vid‚os [C:\Users\Emile\Videos] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Lucien 27/09/2016 21:59 Application Data [C:\Users\Lucien\AppData\Roaming] 27/09/2016 21:59 Cookies [C:\Users\Lucien\AppData\Local\Microsoft\Windows\INetCookies] 27/09/2016 21:59 Local Settings [C:\Users\Lucien\AppData\Local] 27/09/2016 21:59 Menu D‚marrer [C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Start Menu] 27/09/2016 21:59 Mes documents [C:\Users\Lucien\Documents] 27/09/2016 21:59 ModŠles [C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Templates] 27/09/2016 21:59 Recent [C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Recent] 27/09/2016 21:59 SendTo [C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\SendTo] 27/09/2016 21:59 Voisinage d'impression [C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 27/09/2016 21:59 Voisinage r‚seau [C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Lucien\AppData\Local 27/09/2016 21:59 Application Data [C:\Users\Lucien\AppData\Local] 27/09/2016 21:59 Historique [C:\Users\Lucien\AppData\Local\Microsoft\Windows\History] 27/09/2016 21:59 Temporary Internet Files [C:\Users\Lucien\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Lucien\AppData\Local\Microsoft\Windows 27/09/2016 21:59 Temporary Internet Files [C:\Users\Lucien\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Start Menu 27/09/2016 21:59 Programmes [C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Lucien\Documents 27/09/2016 21:59 Ma musique [C:\Users\Lucien\Music] 27/09/2016 21:59 Mes images [C:\Users\Lucien\Pictures] 27/09/2016 21:59 Mes vid‚os [C:\Users\Lucien\Videos] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Musique 27/09/2016 21:59 Application Data [C:\Users\Musique\AppData\Roaming] 27/09/2016 21:59 Cookies [C:\Users\Musique\AppData\Local\Microsoft\Windows\INetCookies] 27/09/2016 21:59 Local Settings [C:\Users\Musique\AppData\Local] 27/09/2016 21:59 Menu D‚marrer [C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Start Menu] 27/09/2016 21:59 Mes documents [C:\Users\Musique\Documents] 27/09/2016 21:59 ModŠles [C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Templates] 27/09/2016 21:59 Recent [C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Recent] 27/09/2016 21:59 SendTo [C:\Users\Musique\AppData\Roaming\Microsoft\Windows\SendTo] 27/09/2016 21:59 Voisinage d'impression [C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 27/09/2016 21:59 Voisinage r‚seau [C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Musique\AppData\Local 27/09/2016 21:59 Application Data [C:\Users\Musique\AppData\Local] 27/09/2016 21:59 Historique [C:\Users\Musique\AppData\Local\Microsoft\Windows\History] 27/09/2016 21:59 Temporary Internet Files [C:\Users\Musique\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Musique\AppData\Local\Microsoft\Windows 27/09/2016 21:59 Temporary Internet Files [C:\Users\Musique\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Start Menu 27/09/2016 21:59 Programmes [C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Musique\Documents 27/09/2016 21:59 Ma musique [C:\Users\Musique\Music] 27/09/2016 21:59 Mes images [C:\Users\Musique\Pictures] 27/09/2016 21:59 Mes vid‚os [C:\Users\Musique\Videos] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Public\Documents 10/02/2016 17:20 Ma musique [C:\Users\Public\Music] 10/02/2016 17:20 Mes images [C:\Users\Public\Pictures] 10/02/2016 17:20 Mes vid‚os [C:\Users\Public\Videos] 14/07/2009 07:08 My Music [C:\Users\Public\Music] 14/07/2009 07:08 My Pictures [C:\Users\Public\Pictures] 14/07/2009 07:08 My Videos [C:\Users\Public\Videos] 0 fichier(s) 0 octets Total des fichiers list‚sÿ: 6 fichier(s) 0 octets 305 R‚p(s) 19ÿ509ÿ149ÿ696 octets libres ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 7-Zip 16.02 (x64) Adobe Acrobat Reader DC - Fran‡ais Adobe Flash Player 23 NPAPI Adobe Refresh Manager Any Video Converter 6.0.4 Avast Antivirus Gratuit AviSynth CCleaner Chromium devolo Cockpit Exact Audio Copy 1.1 Google Chrome Google Update Helper Java 8 Update 101 Java Auto Updater LibreOffice 5.1.5.2 Malwarebytes Anti-Malware version 2.2.1.1043 MKVToolNix 9.4.2 (64bit) Mozilla Firefox 49.0.1 (x86 fr) Mozilla Maintenance Service Mozilla Thunderbird 45.4.0 (x86 fr) Mp3tag v2.78 Newshosting newshosting Realtek High Definition Audio Driver SafeZone Stable 1.51.2220.62 SyncBackFree Universal Media Server VLC media player ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\WINDOWS\SysWoW64\ctfmon.exe C:\WINDOWS\SysWoW64\NOTEPAD.EXE C:\Users\Antoine\Desktop\zoek.exe C:\WINDOWS\SysWoW64\cmd.exe C:\WINDOWS\SysWoW64\cmd.exe C:\WINDOWS\SysWoW64\cmd.exe ==== Services(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe R2 - [igfxCUIService2.0.0.0] - Intel(R) HD Graphics Control Panel Service - c:\windows\system32\igfxcuiservice.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [FontCache3.0.0.0] - Cache de police de Windows Presentation Foundation 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S2 - [gupdate] - Service Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [sppsvc] - Protection logicielle - c:\windows\system32\sppsvc.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Service de la passerelle de la couche Application - c:\windows\system32\alg.exe S3 - [COMSysApp] - Application système COM+ - c:\windows\system32\dllhost.exe S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe S3 - [diagnosticshub.standardcollector.service] - Service Collecteur standard du concentrateur de diagnostic Microsoft (R) - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe S3 - [Fax] - Télécopie - c:\windows\system32\fxssvc.exe S3 - [gupdatem] - Service Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Coordinateur de transactions distribuées - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [PerfHost] - Hôte de DLL de compteur de performance - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Localisateur d’appels de procédure distante (RPC) - c:\windows\system32\locator.exe S3 - [SensorDataService] - Service Données de capteur - c:\windows\system32\sensordataservice.exe S3 - [SNMPTRAP] - Interruption SNMP - c:\windows\system32\snmptrap.exe S3 - [TieringEngineService] - Gestion des niveaux de stockage - c:\windows\system32\tieringengineservice.exe S3 - [TrustedInstaller] - Programme d’installation pour les modules Windows - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Disque virtuel - c:\windows\system32\vds.exe S3 - [VSS] - Cliché instantané des volumes - c:\windows\system32\vssvc.exe S3 - [wbengine] - Service de moteur de sauvegarde en mode bloc - c:\windows\system32\wbengine.exe S3 - [WdNisSvc] - Service Inspection du réseau Windows Defender - c:\program files\windows defender\nissrv.exe S3 - [WinDefend] - Service Windows Defender - c:\program files\windows defender\msmpeng.exe S3 - [wmiApSrv] - Carte de performance WMI - c:\windows\system32\wbem\wmiapsrv.exe S3 - [WMPNetworkSvc] - Service Partage réseau du Lecteur Windows Media - c:\program files\windows media player\wmpnetwk.exe ==== Drivers(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\Drivers\Wof.sys R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys R2 - [srv] - Pilote de serveur SMB 1.xxx - C:\WINDOWS\system32\Drivers\srv.sys R3 - [srv2] - Pilote de serveur SMB 2.xxx - C:\WINDOWS\system32\Drivers\srv2.sys R0 - [ACPI] - Pilote ACPI Microsoft - C:\WINDOWS\system32\Drivers\ACPI.sys R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys R0 - [aswRvrt] - avast! Revert - C:\WINDOWS\system32\Drivers\aswRvrt.sys R0 - [aswVmm] - avast! VM Monitor - C:\WINDOWS\system32\Drivers\aswVmm.sys R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys R0 - [disk] - Pilote de disque - C:\WINDOWS\system32\Drivers\disk.sys R0 - [fvevol] - Pilote de filtre de chiffrement de lecteur BitLocker - C:\WINDOWS\system32\Drivers\fvevol.sys R0 - [intelpep] - Pilote de plug-in du moteur d’alimentation Intel(R) - C:\WINDOWS\system32\Drivers\intelpep.sys R0 - [iorate] - iorate - C:\WINDOWS\system32\Drivers\iorate.sys R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys R0 - [mountmgr] - Gestionnaire des points de montage - C:\WINDOWS\system32\Drivers\mountmgr.sys R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys R0 - [NDIS] - Pilote système NDIS - C:\WINDOWS\system32\Drivers\NDIS.sys R0 - [partmgr] - Gestionnaire de partitions - C:\WINDOWS\system32\Drivers\partmgr.sys R0 - [pci] - Pilote de bus PCI - C:\WINDOWS\system32\Drivers\pci.sys R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys R0 - [pdc] - CDP - C:\WINDOWS\system32\Drivers\pdc.sys R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys R0 - [spaceport] - Pilote des espaces de stockage - C:\WINDOWS\system32\Drivers\spaceport.sys R0 - [storahci] - Lecteur AHCI SATA Microsoft standard - C:\WINDOWS\system32\Drivers\storahci.sys R0 - [Tcpip] - Pilote du protocole TCP/IP - C:\WINDOWS\system32\Drivers\Tcpip.sys R0 - [vdrvroot] - Énumérateur de lecteur virtuel Microsoft - C:\WINDOWS\system32\Drivers\vdrvroot.sys R0 - [volmgr] - Pilote du gestionnaire de volumes - C:\WINDOWS\system32\Drivers\volmgr.sys R0 - [volmgrx] - Gestionnaire de volumes dynamiques - C:\WINDOWS\system32\Drivers\volmgrx.sys R0 - [volsnap] - Volume Shadow Copy driver - C:\WINDOWS\system32\Drivers\volsnap.sys R0 - [volume] - Pilote de volume - C:\WINDOWS\system32\Drivers\volume.sys R0 - [Wdf01000] - Service Infrastructure de pilote en mode noyau - C:\WINDOWS\system32\Drivers\Wdf01000.sys R0 - [WFPLWFS] - Plateforme de filtrage Microsoft Windows - C:\WINDOWS\system32\Drivers\WFPLWFS.sys R0 - [WindowsTrustedRT] - Windows Trusted Execution Environment Class Extension - C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys R0 - [WindowsTrustedRTProxy] - Service sécurisé d'exécution approuvée Microsoft Windows - C:\WINDOWS\system32\Drivers\WindowsTrustedRTProxy.sys R1 - [AFD] - Pilote de fonction connexe pour Winsock - C:\WINDOWS\system32\Drivers\AFD.sys R1 - [Beep] - Beep - C:\WINDOWS\system32\Drivers\Beep.sys R1 - [tdx] - Pilote de prise en charge TDI héritée NetIO - C:\WINDOWS\system32\Drivers\tdx.sys R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys S0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys S3 - [atapi] - Canal IDE - C:\WINDOWS\system32\Drivers\atapi.sys S3 - [Tcpip6] - @todo.dll,-100;Microsoft IPv6 Protocol Driver - C:\WINDOWS\system32\Drivers\Tcpip6.sys [x] ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\hiotkzhq.default\prefs.js: user_pref("browser.startup.homepage", "www.google.fr/"); Added to C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\hiotkzhq.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Deleted from C:\Users\Antoine\AppData\Roaming\Thunderbird\Profiles\g24556iz.default\prefs.js: Added to C:\Users\Antoine\AppData\Roaming\Thunderbird\Profiles\g24556iz.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Deleted from C:\Users\DOMITI~1\AppData\Roaming\Mozilla\Firefox\Profiles\praj8tbd.default\prefs.js: user_pref("browser.newtab.url", "about:newtab"); Added to C:\Users\DOMITI~1\AppData\Roaming\Mozilla\Firefox\Profiles\praj8tbd.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Deleted from C:\Users\DOMITI~1\AppData\Roaming\Thunderbird\Profiles\tc2vj3j3.default\prefs.js: Added to C:\Users\DOMITI~1\AppData\Roaming\Thunderbird\Profiles\tc2vj3j3.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Deleted from C:\Users\Emile\AppData\Roaming\Mozilla\Firefox\Profiles\stsnrlz5.default\prefs.js: user_pref("browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl"); user_pref("browser.newtab.url", "about:newtab"); Added to C:\Users\Emile\AppData\Roaming\Mozilla\Firefox\Profiles\stsnrlz5.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Configuration IP de Windows Cache de r‚solution DNS vid‚. ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\Users\Antoine\.android deleted C:\PROGRA~3\{4A9B8FF8-C0D9-053E-461F-9B7CDC5D10B2} deleted C:\Users\Antoine\AppData\Local\CrashRpt deleted C:\windows\SysNative\GroupPolicy\User deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8058 MB CPU Info: Intel(R) Core(TM) i5-4570S CPU @ 2.90GHz CPU Speed: 2940,9 MHz Sound Card: Haut-parleurs (Realtek High Def | Display Adapters: Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 Monitors: 1x; SyncMaster 2032BW/2032GW,SyncMaster Magic CX2032GW(Digital) | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (F: | ) F: PIONEER DVD-RW DVR-216 Ports: COM1 LPT1 Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 118,7GB | D: 465,8GB | E: 1863,0GB Hard Disks - Free: C: 18,1GB | D: 212,3GB | E: 925,4GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 08/12/15 | ALASKA - 1072009 Time Zone: Paris, Madrid Motherboard *: MSI H97M-E35 (MS-7846) Country: France Language: FRA ==== System Specs (Software) ====================== Default Browser: Firefox 49.0.1 Internet Explorer Version: 11.321.14393.0 Mozilla Firefox version: 49.0.1 (x86 fr) Google Chrome version: 54.0.2840.59 Adobe Reader version: 15.20.20039.203716 Sun Java version: 1.8.0_101 (32-bit) Sun Java version: 1.8.0_101 (64-bit) Flash Player version: 23.0.0.185 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-09-30 16:29:00 FC689BE36FA4254D8576A23B697B6B17 130560 ----a-w- C:\WINDOWS\splwow64.exe 2016-09-30 16:28:49 13BE475DA00AB05866CC3632F5AD54B0 4673296 ----a-w- C:\WINDOWS\explorer.exe 2016-09-27 20:06:31 050C668A459D689E7C033DBCA4417642 22863 ----a-w- C:\WINDOWS\diagwrn.xml 2016-09-27 20:06:31 050C668A459D689E7C033DBCA4417642 22863 ----a-w- C:\WINDOWS\diagerr.xml 2016-09-27 19:59:08 2F82E60B2425C798D32C1231750D30A8 67584 --s-a-w- C:\WINDOWS\bootstat.dat ====== C:\Users\Antoine\AppData\Local\Temp ==== ====== Java Cache ===== 2016-10-06 10:04:21 46FCE7EAEA3294ADD1EB32D96BF7C477 38 ----a-w- C:\Users\Antoine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\552a0e01-45ab6d1b3403175588b0d3659cd7a71900d2295f25d7e33c66ebe48888d08910-6.0.lap 2016-10-06 10:04:21 F833AC07ED6C33A1B45766F7B5AA50FF 16940 ----a-w- C:\Users\Antoine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\8db0fcb-1c923341 ====== C:\WINDOWS\SysWOW64 ===== 2016-10-12 07:23:39 E9B97084F697B86201B806DDCCD61A66 88576 ----a-w- C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2016-10-12 07:23:39 1B79E6C75FBB444D8DFAFECE2B531533 426496 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2016-10-12 07:23:38 E8D162BD3E2BBB989CB62397D65D3558 566784 ----a-w- C:\WINDOWS\SysWOW64\ShareHost.dll 2016-10-12 07:23:38 E2A881762265DB7F7B6A5A8E956A399A 156672 ----a-w- C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2016-10-12 07:23:38 E2333F2B0B8703DDFE5AD2819F0750F5 483840 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2016-10-12 07:23:38 86EA9C1176BDA42F6C9C66568732505C 2005504 ----a-w- C:\WINDOWS\SysWOW64\DWrite.dll 2016-10-12 07:23:38 82204FBC3AFC6313FDD1C0BD0B2C79F2 873472 ----a-w- C:\WINDOWS\SysWOW64\aadtb.dll 2016-10-12 07:23:38 1F058E25DCECC6320C4BDCEDCE9F1EBC 327680 ----a-w- C:\WINDOWS\SysWOW64\daxexec.dll 2016-10-12 07:23:38 0AED554D8EF07E5084A2DFBD860896A7 6474752 ----a-w- C:\WINDOWS\SysWOW64\mspaint.exe 2016-10-12 07:23:37 CBB5BFC926BAA8764F57504C0CA0FC23 404992 ----a-w- C:\WINDOWS\SysWOW64\dsreg.dll 2016-10-12 07:23:37 91EFFACD1CBBB4E2F10FC6CEBA1ECC22 184320 ----a-w- C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-10-12 07:23:37 4F18FBFEA9072A8B7FDF45A9FD6A2AA5 7625728 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-10-12 07:23:37 4A7AD501B449CED36AC774EE6A6FF0B0 117760 ----a-w- C:\WINDOWS\SysWOW64\AuthBroker.dll 2016-10-12 07:23:36 581E42C73DFE22F2F508CAE792C495C0 12174848 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-10-12 07:23:34 FC8718208DEC3C78D639E34312468348 691712 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2016-10-12 07:23:33 A6F3613C9B4E4D4253850E296800F7FE 2256592 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-10-12 07:23:30 D0D95F33F633EF118A8E20DF418F81F6 141312 ----a-w- C:\WINDOWS\SysWOW64\dialclient.dll 2016-10-12 07:23:30 A7BE9485CFF9D25C244CD3E527AF521D 19418624 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-10-12 07:23:30 6D5748534C4B97B454B3C7F43D7EF848 431616 ----a-w- C:\WINDOWS\SysWOW64\efswrt.dll 2016-10-12 07:23:29 C76D78A0E91AEF7B1AE6538AE8598EA9 19416576 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-10-12 07:23:28 E9635D385A8CDDC82661C2E6546E6C2F 822784 ----a-w- C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-10-12 07:23:28 77B047B6D08AFC1578D03BC35FD94FA4 2682880 ----a-w- C:\WINDOWS\SysWOW64\netshell.dll 2016-10-12 07:23:28 3DA9BB2E4A08120757234C0B96905F95 6043136 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-10-12 07:23:27 C856C469D9459E6AF98224FC6A30742B 125952 ----a-w- C:\WINDOWS\SysWOW64\apprepapi.dll 2016-10-12 07:23:27 73C3BEC894A2B2CE2C434D4995C36095 284672 ----a-w- C:\WINDOWS\SysWOW64\apprepsync.dll 2016-10-12 07:23:26 F3EC40332BD488E66EF008018023B0C0 3667456 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-10-12 07:23:26 0E4840CFB644AFD4DCABE47C373FA06C 6108672 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2016-10-12 07:23:25 C8D375B53A863F5CDD3220E4F3A232D5 55808 ----a-w- C:\WINDOWS\SysWOW64\offreg.dll 2016-10-12 07:23:25 B65E65E8A58F68FCC8230E450DDD5C2B 3689984 ----a-w- C:\WINDOWS\SysWOW64\msi.dll 2016-10-12 07:23:25 B0DA5BABD745E9D07DA0B36E46C6CA8F 1456640 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-10-12 07:23:25 53014B10D80AB2697CBD24FAD80EB477 884224 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll 2016-10-12 07:23:25 39809F1A942E32FDFA115944754A180E 137216 ----a-w- C:\WINDOWS\SysWOW64\credprovs.dll 2016-10-12 07:23:25 18C0DF852EB4BAE839E94410F49CF6F0 545944 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-10-12 07:23:24 989DDA548FBD96F5D3637976022CE5D0 661504 ----a-w- C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2016-10-12 07:23:24 426B59A08D30F2EC996AABFEDF994165 850944 ----a-w- C:\WINDOWS\SysWOW64\ContactApis.dll 2016-10-12 07:23:24 355B607EF9E48A76B4E262CFDBAD4162 710144 ----a-w- C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-10-12 07:23:24 312DC38536876B54D006CD45E6193C78 858112 ----a-w- C:\WINDOWS\SysWOW64\EmailApis.dll 2016-10-12 07:23:24 309953E2C926A475986B0B8D2C945BE0 299520 ----a-w- C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-10-12 07:23:23 F6E114D3392384C0D7B4004809166D75 1255936 ----a-w- C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-10-12 07:23:23 AA977093E4B741600108FBBDC539EC8F 567808 ----a-w- C:\WINDOWS\SysWOW64\ChatApis.dll 2016-10-12 07:23:23 9D2B100882C4225550374967544779B2 2646016 ----a-w- C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-10-12 07:23:23 9A2D5638547777085AC41A24D28DE2E5 640000 ----a-w- C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-10-12 07:23:23 3852A1127B4934202FB81932EC9A2307 1594368 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-10-12 07:23:23 1B95B6FE7406C76BEE2ED550BBB9E20D 2254336 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-10-12 07:23:22 4F323A3D28BEEA3645A51CE2EB222EC4 1430720 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-10-12 07:23:22 29532C1C7CD2DACE2CDA15769B98F016 7467520 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll 2016-10-12 07:23:22 074C04D763F4FAFD9FF3E82603CD3075 3105792 ----a-w- C:\WINDOWS\SysWOW64\mstsc.exe 2016-10-12 07:23:21 B2061476B9CE8E9D504A3B83F2B13EFA 20965240 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-10-12 07:23:14 3A9383E849C3A408391B6AB32E74EFE6 508416 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2016-10-12 07:23:12 A09950019C01AE9C1BC1CD49958C1DC6 980824 ----a-w- C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-10-12 07:23:12 93A7E6EFEE6F70010663065DC9C181D7 1705976 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2016-10-12 07:23:11 DEAE6FA53B601224940E28F52B7536EE 3892352 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2016-10-12 07:23:10 4944BA3DB07BC661C9825F7514164480 12345856 ----a-w- C:\WINDOWS\SysWOW64\wmp.dll 2016-10-12 07:23:10 486CEF1D0526E7F396CE3B47246F36EF 2999296 ----a-w- C:\WINDOWS\SysWOW64\win32kfull.sys 2016-10-12 07:23:09 B71A310E62ED5C40D3D61091075994CD 711680 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-10-12 07:23:09 A97B65A743CAD206E9637919150A3605 4612608 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-10-12 07:23:09 7ED19E4C5FE25DA46CBFE9D83510D40D 751104 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2016-10-12 07:23:09 6F6040B6156104113B9D8686ED65A74B 3369984 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-10-12 07:23:09 0800BAC03625DDA09ED5134EB226DD57 94208 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-10-12 07:23:07 F79810F082DA8542CA7BD7394223FE00 87040 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2016-10-12 07:23:07 E6675810782667FBA2625507FF212717 1013248 ----a-w- C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-10-12 07:23:07 BAD53ACABFC3A61C8C8521CAB2701CDA 674304 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-10-12 07:23:07 917FA3842E22439BFA78C24C1A1F64D5 116576 ----a-w- C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2016-10-12 07:23:07 1C9D6D7A8056D311F21E3983E7CBF96A 584192 ----a-w- C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2016-10-12 07:23:06 A6ED9DDE24E8A8DD91D371C30FB63195 598528 ----a-w- C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-10-12 07:23:05 C962B8C0799A37CDEB09CE15BF57B62B 1360456 ----a-w- C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-10-12 07:23:05 9B89A211062056BAF0DE213D084715A3 310272 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-10-12 07:23:05 818F687B7E0E3897FB073DB045E19C5C 123904 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2016-10-12 07:23:05 413A5EEDF6F48663B3F0926DD6BA0F1C 2356736 ----a-w- C:\WINDOWS\SysWOW64\MSVidCtl.dll 2016-10-12 07:23:05 255DA8853C0D48A5D90CA836E8C6DE1E 58880 ----a-w- C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll 2016-10-12 07:23:05 1FA30DD7A757FE41B3F5E9ECC6A1C923 1022304 ----a-w- C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-10-12 07:23:05 1EF08BE9541B7C738823EEDDF578D091 542208 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-10-12 07:23:04 2C63A048F00606F957C2504C82EF36BD 182784 ----a-w- C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2016-10-12 07:22:59 02B299257EFA78B690E5CDADEE8E17E5 1980768 ----a-w- C:\WINDOWS\SysWOW64\msxml6.dll 2016-10-12 07:22:57 C154CDD5F23922C5FF0BE5F68E281B99 589312 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2016-10-12 07:22:56 F968F7F6E379371EC2BCCBF1738829B3 89088 ----a-w- C:\WINDOWS\SysWOW64\adsmsext.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-10-12 07:23:37 91B1285AD75D2D7024ECB76853009E30 146432 ----a-w- C:\WINDOWS\Sysnative\AuthBroker.dll 2016-10-12 07:23:37 7722CBEFB4D140D5C443CC5D03F9778A 480768 ----a-w- C:\WINDOWS\Sysnative\dsreg.dll 2016-10-12 07:23:37 71C446BA0E327922E81D44DC7C92A3E9 268800 ----a-w- C:\WINDOWS\Sysnative\UserMgrProxy.dll 2016-10-12 07:23:37 47A88A58D75E255E06AE6BDCE5255D21 196096 ----a-w- C:\WINDOWS\Sysnative\UserDeviceRegistration.dll 2016-10-12 07:23:37 42C292AA69762E4C630208064E412311 113664 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.ServiceDiscovery.Dnssd.dll 2016-10-12 07:23:37 170F8253749208D7C431F91676CD36EC 101888 ----a-w- C:\WINDOWS\Sysnative\UserDeviceRegistration.Ngc.dll 2016-10-12 07:23:37 16747F22F593122590CC9B21964E20EA 759296 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2016-10-12 07:23:36 8B11CF0C3371BDC7C115E9E1DBF6DE3A 2800128 ----a-w- C:\WINDOWS\Sysnative\netshell.dll 2016-10-12 07:23:36 70C298C6990F5A0BBF60F5C035BAA0B9 2446696 ----a-w- C:\WINDOWS\Sysnative\msxml6.dll 2016-10-12 07:23:36 424A70711226098D38F09CEEE96984B6 2914304 ----a-w- C:\WINDOWS\Sysnative\CertEnroll.dll 2016-10-12 07:23:36 351979684DF4DBCEA8A0838E1124C6DE 1589248 ----a-w- C:\WINDOWS\Sysnative\msdtctm.dll 2016-10-12 07:23:35 CB55967A8A21117D5A37334D65352A2A 13081088 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-10-12 07:23:34 F1649FDFAD6FD8F8F96FEA0F51751404 1364992 ----a-w- C:\WINDOWS\Sysnative\wpncore.dll 2016-10-12 07:23:34 BB23DF07C549E3CBE21AA0D8E2CFCF2E 396800 ----a-w- C:\WINDOWS\Sysnative\ncsi.dll 2016-10-12 07:23:33 E010703EC49A1EBD7B90F57E0A9E6846 1322848 ----a-w- C:\WINDOWS\Sysnative\wpx.dll 2016-10-12 07:23:33 B568DDB9AF50A7AFB67EE2BEF2D026B3 2667520 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-10-12 07:23:33 A6B63498681612EC54DA054F8CD58D4B 982528 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll 2016-10-12 07:23:33 9B9F520C72EE33EAEC857124BB800243 368640 ----a-w- C:\WINDOWS\Sysnative\nlasvc.dll 2016-10-12 07:23:33 979E1E43F50D4BA6EAD46DC54EAB57BA 157696 ----a-w- C:\WINDOWS\Sysnative\credprovs.dll 2016-10-12 07:23:33 92F0CBB6CE03C7B2933B39177C20962D 1778176 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-10-12 07:23:33 72669C6C0B70C7617B32D123C72EF41C 425472 ----a-w- C:\WINDOWS\Sysnative\bcdedit.exe 2016-10-12 07:23:33 3D3A3AE7C5CA417783209E6D6D4F42A8 2750384 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-10-12 07:23:32 C9677E068A2ED52CA477307E32DABB89 2476544 ----a-w- C:\WINDOWS\Sysnative\DWrite.dll 2016-10-12 07:23:32 6F06965A9905BBE41FCC898DDF7647F6 22568960 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-10-12 07:23:32 54C31C2B815E2E26BB8158022F837C9C 983040 ----a-w- C:\WINDOWS\Sysnative\ngcsvc.dll 2016-10-12 07:23:31 D85192BF73C2894D35CF1666B3AA70A2 23680512 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-10-12 07:23:31 3CB955AD94B312D7D2F38966C9FC219B 22219328 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-10-12 07:23:28 218BC40B61A88460E0BC827848CE0AAC 8126464 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-10-12 07:23:27 DC1A05FBCB4CDD88208EDD7B06F77628 4747776 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-10-12 07:23:27 BC45C66ABEF4756F68F51B14C975F7CD 2265088 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-10-12 07:23:27 B2B36750E1DCB530CFA44883AFDD5EDC 1509376 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-10-12 07:23:27 AD09954F09246C4C0DEC0CF08E0125BF 1690112 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.onecore.dll 2016-10-12 07:23:27 45F740736878E8C84E392B455B110199 237568 ----a-w- C:\WINDOWS\Sysnative\Windows.Web.Diagnostics.dll 2016-10-12 07:23:27 39C70F43C4E7591DD196586388244974 1107456 ----a-w- C:\WINDOWS\Sysnative\aadtb.dll 2016-10-12 07:23:26 8D958808853BE6D12997F8290879820C 2390016 ----a-w- C:\WINDOWS\Sysnative\smartscreen.exe 2016-10-12 07:23:25 E4BBECEFAE8FC9E2C7386183056D1EF5 590848 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2016-10-12 07:23:25 4597AFDD76E4E579838F5FE80CF61B51 99328 ----a-w- C:\WINDOWS\Sysnative\adsmsext.dll 2016-10-12 07:23:24 E3044670C8B617A95D621E4AC222F511 590336 ----a-w- C:\WINDOWS\Sysnative\efswrt.dll 2016-10-12 07:23:24 A164374BB90548E6A83C94E04F8A7769 146784 ----a-w- C:\WINDOWS\Sysnative\CloudExperienceHostCommon.dll 2016-10-12 07:23:24 7BAEE438AC832D68028EF7E5FFEBA46E 956416 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.desktop.dll 2016-10-12 07:23:24 44F8011B39DC01607109C76DAE6AD7AF 765440 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Sensors.dll 2016-10-12 07:23:23 DF7DDFB4040CED82E53FB72052C50253 651264 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.AllJoyn.dll 2016-10-12 07:23:23 AC5E9BE667E7F68E5A9B057503DA20B9 187904 ----a-w- C:\WINDOWS\Sysnative\dialclient.dll 2016-10-12 07:23:23 89F4C6306FE1A29A21DBFE3287CC1885 1859264 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll 2016-10-12 07:23:22 F78870C8520BC47B5B83083356A59316 360040 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe 2016-10-12 07:23:19 A337C6D516D394982FCEC5A2312C9CFA 327680 ----a-w- C:\WINDOWS\Sysnative\wc_storage.dll 2016-10-12 07:23:19 62255F0593C9967DCE38EBD4B959A823 945664 ----a-w- C:\WINDOWS\Sysnative\WpcWebFilter.dll 2016-10-12 07:23:19 243A4F48B12243616A083627DC4C0F01 463360 ----a-w- C:\WINDOWS\Sysnative\daxexec.dll 2016-10-12 07:23:18 AE204AEE1408DA5F82B0BC26CBB43C5C 1980416 ----a-w- C:\WINDOWS\Sysnative\diagtrack.dll 2016-10-12 07:23:16 BD5FE88F1FF0BD851FE998433FCC133D 1493504 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-10-12 07:23:15 7C4FAE7A8D55C897E5AE681B245A005F 837632 ----a-w- C:\WINDOWS\Sysnative\wbiosrvc.dll 2016-10-12 07:23:12 30F8D6458D30226A7522A65BFA8A4DAA 8075264 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll 2016-10-12 07:23:12 2FDA49BA58F24FC431C5D46203ACB316 296960 ----a-w- C:\WINDOWS\Sysnative\mfsensorgroup.dll 2016-10-12 07:23:12 2D6CC779108F3D10EFEB68694F56AA94 804864 ----a-w- C:\WINDOWS\Sysnative\FrameServer.dll 2016-10-12 07:23:12 145ABEEB1CAA6A07D090AB760A6C5D28 2213248 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2016-10-12 07:23:11 098690861CBA1D56884DB74A33FECB50 13434368 ----a-w- C:\WINDOWS\Sysnative\wmp.dll 2016-10-12 07:23:10 C9AFCF17166ED68CD50C6161FA3E1754 911872 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.dll 2016-10-12 07:23:10 99607AB70A9CC717523527F07943E312 561664 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Wallet.dll 2016-10-12 07:23:10 05DDFD4E50E504766028069EC42AE1DC 774656 ----a-w- C:\WINDOWS\Sysnative\Windows.Web.dll 2016-10-12 07:23:09 A0356DC83D0B5C020151ACD9C3017392 1328128 ----a-w- C:\WINDOWS\Sysnative\Windows.Web.Http.dll 2016-10-12 07:23:09 5AC5896E64AA17EE1BBDC28BBDDC3101 909312 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll 2016-10-12 07:23:09 19986DF1B9394BA1A20D4C62A6CEA53C 924672 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.BackgroundTransfer.dll 2016-10-12 07:23:08 CC8251F2487453DEFB832EF91BA93B53 1172472 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2016-10-12 07:23:08 B08A20D27A4D94FF21F91E6FB1092340 894088 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2016-10-12 07:23:08 805EA1685BAC83FE9364DF82DBBB790A 1353768 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2016-10-12 07:23:08 3BF5DB41703D883563327AF3DF851350 1051104 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2016-10-12 07:23:07 AEB4FF628102E6DE554B972229655EFD 223744 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.HostName.dll 2016-10-12 07:23:07 A9C60295BC9E7C7477F7BCC83356336B 584192 ----a-w- C:\WINDOWS\Sysnative\UIRibbonRes.dll 2016-10-12 07:23:07 2ED2E96B5A6744E67BFFEDAD8965881F 775168 ----a-w- C:\WINDOWS\Sysnative\GamePanel.exe 2016-10-12 07:23:07 2EB168A050569ECEBF6BAEDED2FBB0AB 998912 ----a-w- C:\WINDOWS\Sysnative\TSWorkspace.dll 2016-10-12 07:23:07 1AB84F1CEF3ABFD49CB2C01FD7F9CBE8 176128 ----a-w- C:\WINDOWS\Sysnative\apprepapi.dll 2016-10-12 07:23:07 035F0F0664AE01624691026C784A2CA5 379904 ----a-w- C:\WINDOWS\Sysnative\apprepsync.dll 2016-10-12 07:23:06 E21E74D118E16FF9BA42A6F87F34E9B0 446124 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2016-10-12 07:23:06 B2BF860EBDC02527F334E9E6F0F34C30 1112928 ----a-w- C:\WINDOWS\Sysnative\AppxPackaging.dll 2016-10-12 07:23:06 82663CF47C9958D83F56A410F1012F44 701952 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.Connectivity.dll 2016-10-12 07:23:06 69125F2E2E6E7C7A246A1207246CADC5 241504 ----a-w- C:\WINDOWS\Sysnative\CloudExperienceHost.dll 2016-10-12 07:23:06 5DCBEBB77512F737A6D11D798AAC47E2 3496960 ----a-w- C:\WINDOWS\Sysnative\MSVidCtl.dll 2016-10-12 07:23:05 89AC2029CAFB373A3A4248284A52CEEF 3059200 ----a-w- C:\WINDOWS\Sysnative\msi.dll 2016-10-12 07:23:05 7B1488C91CB52BA774D077D602974D7C 73216 ----a-w- C:\WINDOWS\Sysnative\offreg.dll 2016-10-12 07:23:05 37A5ADE7C82A85A0B9991880733C5060 3617792 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-10-12 07:23:04 FF17F3A49C3C3F1DF98ED419E209A5DB 4129928 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2016-10-12 07:23:04 DC09A8F384BD1ADD0D2265C4BF41AEC8 1145856 ----a-w- C:\WINDOWS\Sysnative\EmailApis.dll 2016-10-12 07:23:04 C86B21E18545F2A00BE8438B3F64E5E7 1071728 ----a-w- C:\WINDOWS\Sysnative\mfnetcore.dll 2016-10-12 07:23:04 A1D6EAC6622B351212AC52621ABD3D9B 771072 ----a-w- C:\WINDOWS\Sysnative\AppointmentApis.dll 2016-10-12 07:23:04 2F338D525BCA71DC06FA83E72025CBBB 748544 ----a-w- C:\WINDOWS\Sysnative\ChatApis.dll 2016-10-12 07:23:04 27841A3507A27233E7BD6CA99FB76839 7812448 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-10-12 07:23:03 C1205EEBE05A10394B3C7C22890F9263 1013760 ----a-w- C:\WINDOWS\Sysnative\ContactApis.dll 2016-10-12 07:23:03 BB3DF8AED949BEFB5248D7F1A2846E66 936960 ----a-w- C:\WINDOWS\Sysnative\MCRecvSrc.dll 2016-10-12 07:23:03 9830DF79D9A9D647039820FFA5050FFD 406016 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll 2016-10-12 07:23:03 667CE851EBDF393E0131D51141C7AA13 6664192 ----a-w- C:\WINDOWS\Sysnative\mspaint.exe 2016-10-12 07:23:03 5513BF049FD7DF493CBA8C80346557FC 6285312 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2016-10-12 07:23:03 1CB218C1D60DE781649AD307BDD4423F 73216 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepositoryBroker.dll 2016-10-12 07:23:02 FD881B87C853EB2F0B8B7B5CC71D6FE3 4136960 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepository.dll 2016-10-12 07:23:02 9ACA7C29C3D81A2D0810517F070B447F 1840640 ----a-w- C:\WINDOWS\Sysnative\FntCache.dll 2016-10-12 07:23:02 21A82A267DE3E0EC597D1C34037E6496 833024 ----a-w- C:\WINDOWS\Sysnative\win32spl.dll 2016-10-12 07:23:02 0C70BD1400822C375B62C48BF25042CC 122880 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepositoryClient.dll 2016-10-12 07:23:01 CD788633B6BE81B1C6029C8E8D9ABBA8 716800 ----a-w- C:\WINDOWS\Sysnative\ShareHost.dll 2016-10-12 07:23:01 7EE23535A2FDA5DBD91D570F3D569E82 9129984 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-10-12 07:23:00 C21AE05FEF386D35EC28D029ED7E7BFC 1908224 ----a-w- C:\WINDOWS\Sysnative\AzureSettingSyncProvider.dll 2016-10-12 07:23:00 6DBF399C89DC88C1D878A4A6AFAA0D47 4749312 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2016-10-12 07:22:57 3ABBE234D9AC21471711AE5BC08C290E 7654912 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2016-10-12 07:22:56 9D931EB26EBD5E8647BD9884CBF93BBB 244816 ----a-w- C:\WINDOWS\Sysnative\mfps.dll 2016-10-12 07:22:56 77553E78EBDEE5BB415611E7D0C9834D 628032 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2016-10-12 07:22:56 1A285D1020E3D6FC310A1D68FC8CBA9C 1656832 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll 2016-10-12 07:22:56 0072D9AFFB4BE25A6E766A0124599073 352768 ----a-w- C:\WINDOWS\Sysnative\cloudAP.dll 2016-10-12 07:22:55 94FB38121322D6D728722778270DD9E6 167936 ----a-w- C:\WINDOWS\Sysnative\ErrorDetails.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-10-18 06:54:46 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2016-10-18 06:54:12 898415AC0B5F1D2A9A48ABCB68A6DC4B 65408 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2016-10-18 06:54:12 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2016-10-18 06:54:12 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2016-10-12 07:23:33 25D32BE04FE0A23FDF57FD5382757672 143872 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2016-10-12 07:23:26 2CF0CB2A0ED68C5455371E84C16F9627 64352 ----a-w- C:\WINDOWS\Sysnative\drivers\MegaSas2i.sys 2016-10-12 07:23:14 8F5C24F4F47120157AB6D889B96A2AC2 619368 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-10-12 07:23:05 E5E5D9E317739CEE510EAF46C88A7C38 128864 ----a-w- C:\WINDOWS\Sysnative\drivers\tm.sys 2016-10-12 07:23:05 D5564FC81350458ED570528C4E3B1CCF 1181536 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2016-10-12 07:23:05 0D1D392ED2597F295956D058D33BD7C3 144896 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2016-10-12 07:22:57 7C3D10BEC8B0DBA00A78C78EB10B3AE2 279904 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2016-10-12 07:22:56 FFFBB40B9C7AD811AA6EA74A0A6168B1 187232 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2016-10-12 07:22:56 FE33B645A2E0F5AB0B42318355B85178 2537824 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2016-09-30 16:29:15 3D04046C468AD2868A093925B5E2AA0A 218976 ----a-w- C:\WINDOWS\Sysnative\drivers\tpm.sys 2016-09-30 16:29:14 E330144B97D493AA886000DCAAA8DAF5 119648 ----a-w- C:\WINDOWS\Sysnative\drivers\wcifs.sys 2016-09-30 16:29:12 0B779E9FC426CA2268D28181FA6C222F 39424 ----a-w- C:\WINDOWS\Sysnative\drivers\kbdhid.sys 2016-09-30 16:28:47 D2EC2AD9C2F514AEECD5EC2B46107228 2190176 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-09-30 16:28:47 B66D8C75C9BC59D637177AB3B1C569A6 81760 ----a-w- C:\WINDOWS\Sysnative\drivers\stornvme.sys 2016-09-30 16:28:47 8EEC4925C03E375C4EC496E45C44139A 649568 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys 2016-09-30 16:28:47 33ADC48D971260DD3DAA264CB7CF145C 657760 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-09-30 16:28:45 BAFD8946905DF03E6ECDDB154A4BAA9C 1046880 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-09-30 16:28:45 964943933D448935595C450AC4E8A5B1 23392 ----a-w- C:\WINDOWS\Sysnative\drivers\cmimcext.sys 2016-09-30 16:28:44 53EB8CE34B55A1EE63424C8DB7388BFC 130912 ----a-w- C:\WINDOWS\Sysnative\drivers\storahci.sys 2016-09-30 16:28:43 88B66D75B0D26B449C83D54C87F30553 51712 ----a-w- C:\WINDOWS\Sysnative\drivers\winhvr.sys 2016-09-30 16:28:43 0108B58F6CD981EEEB5FFA25D1B75228 401760 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-09-30 16:28:33 F7C22604CD8AFB9AF1C1E3CE39A5A09F 223584 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2016-09-30 16:28:33 9DB326B54C03EF2892E7551D8B354036 128352 ----a-w- C:\WINDOWS\Sysnative\drivers\partmgr.sys 2016-09-30 16:28:32 EDAF0E161BE98CCC4FC9671481600745 435040 ----a-w- C:\WINDOWS\Sysnative\drivers\rdbss.sys 2016-09-30 16:28:32 8CB606A3057355FD5A9DBDD1A0AC94EF 719360 ----a-w- C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys 2016-09-30 16:28:25 43AC4C5CC233BCE9D7C46DA0E7EC0676 557408 ----a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2016-09-30 16:28:24 1312896CAE6AF0D4557DB7B37283C116 713216 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2016-09-30 16:28:23 D723D2C98598B0DF5832427740B2825D 335712 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-09-30 16:28:22 92F6E3E6D3F1795263EB34B37F74AEF7 74080 ----a-w- C:\WINDOWS\Sysnative\drivers\vpci.sys 2016-09-27 20:55:53 E83830BB74AE8CBECEA0ECD94DE436F9 409088 ----a-w- C:\WINDOWS\Sysnative\drivers\srv.sys 2016-09-27 20:55:53 9EA203A07EFA6D74F07F32EF0DAB5CA6 108384 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys 2016-09-27 20:55:53 705C0F8BCCEF6E7CB704CCB454192D7E 133472 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecdd.sys 2016-09-27 20:55:53 68FDFCE44D29EE8AE52E3CCB46BB0554 409944 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2016-09-27 20:55:53 5DD8CB01C0394F8D052763D2E3C6E684 2256224 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-09-27 20:55:53 5008FF3BBB078956C60DCA0044CF175B 379744 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2016-09-27 20:55:53 200E4A385F5F370D8866BAE25B0D9D32 282624 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2016-09-27 20:55:50 F13EE0DB1FB1D6946AC3228D7EFCFC8F 248320 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2016-09-27 20:55:50 E671EDAB0726E05ECEF4058B4CD73C4D 450392 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2016-09-27 20:55:47 68B1E0DA1BB1680494227E88CE821E2F 62816 ----a-w- C:\WINDOWS\Sysnative\drivers\dam.sys 2016-09-27 20:55:42 D8536CB438CC4CCDAE047B768EED22B2 38400 ----a-w- C:\WINDOWS\Sysnative\drivers\hidusb.sys 2016-09-27 20:55:42 D82592B327C43AC9381E9FBEF79C7F68 156672 ----a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2016-09-27 20:55:42 B9A33B9298BAFCE11E9823B1056D5BB0 40960 ----a-w- C:\WINDOWS\Sysnative\drivers\hidparse.sys 2016-09-27 20:55:42 8833A059270A60CE347FEB9A7951B3F4 681304 ----a-w- C:\WINDOWS\Sysnative\drivers\ClipSp.sys 2016-09-27 20:55:42 74FC79C52395B10FFD0B55CF22CF88FC 73568 ----a-w- C:\WINDOWS\Sysnative\drivers\hvservice.sys 2016-09-27 20:55:42 63088A3361D9A308F328F11E9099DD87 43520 ----a-w- C:\WINDOWS\Sysnative\drivers\xinputhid.sys 2016-09-27 20:55:42 55AD13E2BAFC5AB53A10F8C271F5D242 168800 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2016-09-27 20:55:42 2A9817B5A9260D8F60D52E36BEF10443 118112 ----a-w- C:\WINDOWS\Sysnative\drivers\EhStorTcgDrv.sys 2016-09-27 20:52:32 43C8D087B31C592163B33A4BDA540E40 199008 ----a-w- C:\WINDOWS\Sysnative\drivers\wof.sys 2016-09-27 19:58:50 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2016-09-27 19:58:42 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf ====== C:\WINDOWS\Tasks ====== 2016-10-18 07:08:23 B5E385E50F66976E1A99763C9CDC04D8 3912 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2016-10-18 07:08:23 97007326BF187C8F7108751C7A89BC76 1086 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-10-18 07:08:23 0512D9E3ABE702BF81173E2BCDF86F18 1082 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-10-17 17:12:00 4BC6EE6AABFFD857B2C43C4E29D1DB92 3978 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater 2016-10-17 17:12:00 0CC9154F5C9E04C02158DA730454A848 1002 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-10-17 16:35:47 AB15BD28AE2B67702A58F8F659A6E1B4 3390 ----a-w- C:\WINDOWS\Sysnative\Tasks\{0DC1BB50-57A9-4FEF-8D72-80337CB6781A} 2016-10-02 15:00:31 6E9BDF064C35F63527BC7AD572DF078B 4160 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{F03DEFB6-6E68-48AC-80D7-A026D51CE05E} 2016-09-27 20:06:20 C1A422057500028C482BCC1CE86E5CCA 4144 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2016-09-27 20:06:20 7C660EC7FE739B58BCC36EDD9889E545 2952 ----a-w- C:\WINDOWS\Sysnative\Tasks\avast! Emergency Update 2016-09-27 20:06:20 70BD7343E5FFA6E775D644CC7CC87568 3372 ----a-w- C:\WINDOWS\Sysnative\Tasks\SafeZone scheduled Autoupdate 1471086487 2016-09-27 20:06:20 442E611A8F6BA4C07E9349E64374ED7E 4562 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Acrobat Update Task 2016-09-27 20:06:20 414BE1E38133D0420EF7ADCEFE10BA33 2824 ----a-w- C:\WINDOWS\Sysnative\Tasks\OneDrive Standalone Update Task 2016-09-27 20:06:20 1E74CF7E6A9B79613B3A071D44917E53 3298 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{FCB1998D-2C01-4F9A-B7E5-A8A2E22DBFE4} ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-09-27 20:52:53 -------- d-----w- C:\Program Files\Reference Assemblies 2016-09-27 20:52:53 -------- d-----w- C:\Program Files\MSBuild 2016-09-27 19:58:57 -------- d-----w- C:\Program Files\Realtek 2016-09-27 19:58:55 -------- d-----w- C:\Program Files\Intel ======= C:\PROGRA~2 ===== 2016-10-17 17:12:34 -------- d---a-w- C:\PROGRA~2\Mozilla Thunderbird 2016-09-27 20:52:53 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2016-09-27 20:52:53 -------- d-----w- C:\PROGRA~2\MSBuild 2016-09-27 20:02:10 -------- d--h--w- C:\PROGRA~2\Uninstall Information 2016-09-27 19:58:53 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel ======= C: ===== ====== C:\Users\Antoine\AppData\Roaming ====== 2016-10-18 07:09:22 -------- d-----w- C:\Users\Antoine\AppData\Local\Mozilla 2016-10-14 16:47:13 -------- d-----w- C:\Users\Antoine\AppData\Local\Setup160666875 2016-10-14 16:36:06 -------- d-----w- C:\Users\Antoine\AppData\Local\bunkus.org 2016-10-02 20:02:27 -------- d-----w- C:\Users\Domitille\AppData\Local\Mozilla 2016-10-02 20:00:49 -------- d-----w- C:\Users\Domitille\AppData\Local\Thunderbird 2016-10-02 20:00:11 -------- d-----w- C:\Users\Antoine\AppData\Local\Thunderbird 2016-10-02 14:20:17 -------- d-----w- C:\Users\Domitille\AppData\Local\ConnectedDevicesPlatform 2016-10-01 08:23:49 -------- d-----w- C:\Users\Emile\AppData\Local\Mozilla 2016-10-01 08:20:50 -------- d-----w- C:\Users\Emile\AppData\Local\ConnectedDevicesPlatform 2016-09-30 07:12:59 -------- d-----w- C:\Users\Antoine\AppData\Local\Deployment 2016-09-29 19:53:36 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\speech 2016-09-29 15:42:44 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing 2016-09-27 20:53:36 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft 2016-09-27 20:19:00 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Apps 2016-09-27 20:12:03 -------- d-----w- C:\Users\Antoine\AppData\Local\ConnectedDevicesPlatform 2016-09-27 20:07:18 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\ConnectedDevicesPlatform 2016-09-27 20:06:14 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\ConnectedDevicesPlatform 2016-09-27 20:02:09 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2016-09-27 19:59:50 -------- d-----w- C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-09-27 19:59:50 -------- d-----w- C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-09-27 19:59:50 -------- d-----w- C:\Users\Musique\AppData\Roaming 2016-09-27 19:59:50 -------- d-----w- C:\Users\Musique\AppData\Local\Temp 2016-09-27 19:59:50 -------- d-----w- C:\Users\Musique\AppData\Local\Microsoft 2016-09-27 19:59:50 -------- d-----w- C:\Users\Musique\AppData\Local 2016-09-27 19:59:50 -------- d-----w- C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-09-27 19:59:50 -------- d-----w- C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-09-27 19:59:50 -------- d-----w- C:\Users\Lucien\AppData\Roaming 2016-09-27 19:59:50 -------- d-----w- C:\Users\Lucien\AppData\Local\Temp 2016-09-27 19:59:50 -------- d-----w- C:\Users\Lucien\AppData\Local\Microsoft 2016-09-27 19:59:50 -------- d-----w- C:\Users\Lucien\AppData\Local 2016-09-27 19:59:50 -------- d-----w- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-09-27 19:59:50 -------- d-----w- C:\Users\Antoine\AppData\Roaming 2016-09-27 19:59:50 -------- d-----w- C:\Users\Antoine\AppData\Local\Temp 2016-09-27 19:59:50 -------- d-----w- C:\Users\Antoine\AppData\Local\Microsoft 2016-09-27 19:59:50 -------- d-----w- C:\Users\Antoine\AppData\Local 2016-09-27 19:59:50 -------- d-----r- C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-09-27 19:59:50 -------- d-----r- C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-09-27 19:59:50 -------- d-----r- C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-09-27 19:59:50 -------- d-----r- C:\Users\Musique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-09-27 19:59:50 -------- d-----r- C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-09-27 19:59:50 -------- d-----r- C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-09-27 19:59:50 -------- d-----r- C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-09-27 19:59:50 -------- d-----r- C:\Users\Lucien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-09-27 19:59:50 -------- d-----r- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-09-27 19:59:50 -------- d-----r- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-09-27 19:59:50 -------- d-----r- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-09-27 19:59:50 -------- d-----r- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-09-27 19:59:50 -------- d-----r- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-09-27 19:59:49 -------- d-----w- C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-09-27 19:59:49 -------- d-----w- C:\Users\Emile\AppData\Roaming 2016-09-27 19:59:49 -------- d-----w- C:\Users\Emile\AppData\Local\Temp 2016-09-27 19:59:49 -------- d-----w- C:\Users\Emile\AppData\Local\Microsoft 2016-09-27 19:59:49 -------- d-----w- C:\Users\Emile\AppData\Local 2016-09-27 19:59:49 -------- d-----w- C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-09-27 19:59:49 -------- d-----w- C:\Users\Domitille\AppData\Roaming 2016-09-27 19:59:49 -------- d-----w- C:\Users\Domitille\AppData\Local\Temp 2016-09-27 19:59:49 -------- d-----w- C:\Users\Domitille\AppData\Local\Microsoft 2016-09-27 19:59:49 -------- d-----w- C:\Users\Domitille\AppData\Local 2016-09-27 19:59:49 -------- d-----r- C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-09-27 19:59:49 -------- d-----r- C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-09-27 19:59:49 -------- d-----r- C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-09-27 19:59:49 -------- d-----r- C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-09-27 19:59:49 -------- d-----r- C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-09-27 19:59:49 -------- d-----r- C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-09-27 19:59:49 -------- d-----r- C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-09-27 19:59:49 -------- d-----r- C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-09-27 19:59:49 -------- d-----r- C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-09-27 19:59:49 -------- d-----r- C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-09-27 19:59:37 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages 2016-09-27 19:58:37 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache 2016-09-27 19:58:26 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming 2016-09-27 19:58:26 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2016-09-27 19:58:26 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft 2016-09-27 19:58:26 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local 2016-09-27 19:58:25 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming 2016-09-27 19:58:25 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp 2016-09-27 19:58:25 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft 2016-09-27 19:58:25 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local 2016-09-26 16:41:33 -------- d-----w- C:\Users\Emile\AppData\Local\MicrosoftEdge 2016-09-26 16:28:42 -------- d-----w- C:\Users\Emile\AppData\Local\Comms 2016-09-26 16:22:11 -------- d-----w- C:\Users\Emile\AppData\Local\CEF 2016-09-26 16:11:55 -------- d-----w- C:\Users\Emile\AppData\Local\Publishers 2016-09-26 16:11:47 -------- d-----r- C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2016-09-26 16:11:47 -------- d-----r- C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2016-09-26 16:11:46 -------- d-----w- C:\Users\Emile\AppData\Local\TileDataLayer 2016-09-26 16:11:46 -------- d-----w- C:\Users\Emile\AppData\Local\Packages ====== C:\Users\Antoine ====== 2016-10-18 07:37:26 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2016-10-18 07:06:35 7101FF0673F62B340D6C082039CF4487 1622528 ----a-w- C:\Users\Antoine\Desktop\ResetBrowser.exe 2016-10-18 06:53:41 52F4695C53B02ADA7D648F95F2E2F8B4 22851472 ----a-w- C:\Users\Antoine\Downloads\mbam-setup-2.2.1.1043.exe 2016-10-18 06:28:53 7789B70801B305D3272599245F447003 2463744 ----a-w- C:\Users\Antoine\Desktop\ZHPCleaner.exe 2016-10-17 18:35:58 F802399640BA66CAE43CF68F8B562397 2407424 ----a-w- C:\Users\Antoine\Desktop\FRST64.exe 2016-10-17 18:23:19 AE1190435E36DCE52DC8FD4F46FAB363 3874368 ----a-w- C:\Users\Antoine\Desktop\adwcleaner_6.021.exe 2016-10-17 17:09:44 DB9530DFF0A71D48E4877D47990AF006 8244656 ----a-w- C:\Users\Antoine\Downloads\ccsetup522.exe 2016-10-14 16:47:12 8E1B08222F20E45A3E8DB04C569F9CB7 8 --sha-r- C:\ProgramData\ntuser.pol 2016-10-14 16:45:53 63A484D1B5BE883C69C7B4227F7CA2DE 44564968 ----a-w- C:\Users\Antoine\Downloads\avc-free.exe 2016-10-14 16:41:07 C5EBAED47054A366CC8BAA0D753647A2 1502132 ----a-w- C:\Users\Antoine\Downloads\mkv-to-avi-converter_3-2-1-1_fr_188938.exe 2016-10-14 16:36:49 51E1ADFDF08094EC3CEF66929F82A3FB 14337568 ----a-w- C:\Users\Antoine\Downloads\mkvtoolnix-64bit-9.4.2-setup.exe 2016-10-02 14:20:17 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Domitille\ntuser.ini 2016-10-01 08:20:50 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Emile\ntuser.ini 2016-09-27 20:13:35 -------- d-----w- C:\ProgramData\Microsoft OneDrive 2016-09-27 20:12:40 -------- d-----w- C:\ProgramData\USOShared 2016-09-27 20:12:03 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Antoine\ntuser.ini 2016-09-27 20:02:15 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\.oracle_jre_usage 2016-09-27 19:59:50 -------- d--h--w- C:\Users\Musique\AppData 2016-09-27 19:59:50 -------- d--h--w- C:\Users\Lucien\AppData 2016-09-27 19:59:50 -------- d--h--w- C:\Users\Antoine\AppData 2016-09-27 19:59:49 -------- d--h--w- C:\Users\Emile\AppData 2016-09-27 19:59:49 -------- d--h--w- C:\Users\Domitille\AppData 2016-09-27 19:59:09 -------- d-----w- C:\ProgramData\Brother 2016-09-27 19:59:02 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl 2016-09-27 19:58:26 -------- d--h--w- C:\WINDOWS\serviceprofiles\Localservice\AppData 2016-09-27 19:58:26 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\Saved Games 2016-09-27 19:58:26 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Videos 2016-09-27 19:58:26 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Pictures 2016-09-27 19:58:26 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Music 2016-09-27 19:58:26 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Links 2016-09-27 19:58:26 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Favorites 2016-09-27 19:58:26 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Downloads 2016-09-27 19:58:26 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Documents 2016-09-27 19:58:26 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Desktop 2016-09-27 19:58:25 -------- d--h--w- C:\WINDOWS\serviceprofiles\networkservice\AppData 2016-09-27 19:58:25 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\Saved Games 2016-09-27 19:58:25 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Videos 2016-09-27 19:58:25 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Pictures 2016-09-27 19:58:25 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Music 2016-09-27 19:58:25 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Links 2016-09-27 19:58:25 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Favorites 2016-09-27 19:58:25 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Downloads 2016-09-27 19:58:25 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Documents 2016-09-27 19:58:25 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Desktop 2016-09-26 16:11:47 -------- d-----r- C:\Users\Emile\Searches ====== C: exe-files == 2016-10-18 07:08:57 9BCDE5524F31950B72AE8A03B52AFF05 43721008 ----a-w- C:\Users\Antoine\AppData\Local\Microsoft\Windows\INetCache\IE\GL304QA8\Firefox%20Setup%2049.0.1[1].exe 2016-10-18 07:08:24 7DF531C0371775DD4A58B71F091A1292 44334456 ----atw- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\54.0.2840.59\chrome_installer.exe 2016-10-18 07:08:23 C75B240057A7169179DB2EC9E059D4C5 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateBroker.exe 2016-10-18 07:08:23 BF76E03E95FD83C31B32639472A8EDCC 174232 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateComRegisterShell64.exe 2016-10-18 07:08:23 A8FD9222E4D72596BB37DA8BE95C0BA4 153752 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2016-10-18 07:08:23 A8FD9222E4D72596BB37DA8BE95C0BA4 153752 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdate.exe 2016-10-18 07:08:23 A2AFEE318C51D8A2BF85A4E46E715565 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateOnDemand.exe 2016-10-18 07:08:23 8ECEE61C9EFE194B6ACA6030DFE3990E 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateWebPlugin.exe 2016-10-18 07:08:23 788321A2C0C45F16820E00A8BA8FD3DA 366232 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe 2016-10-18 07:08:23 58332C83C4A329A744B0B98F934934BB 288920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe 2016-10-18 07:08:23 477542E4E64B40EA98553BE093B31157 45986680 ----a-w- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateSetup.exe 2016-10-18 07:06:35 7101FF0673F62B340D6C082039CF4487 1622528 ----a-w- C:\Users\Antoine\Desktop\ResetBrowser.exe 2016-10-18 06:53:41 52F4695C53B02ADA7D648F95F2E2F8B4 22851472 ----a-w- C:\Users\Antoine\Downloads\mbam-setup-2.2.1.1043.exe 2016-10-18 06:34:07 7789B70801B305D3272599245F447003 2463744 ----a-w- C:\Users\Antoine\AppData\Roaming\ZHP\ZHPCleaner.exe 2016-10-18 06:28:53 7789B70801B305D3272599245F447003 2463744 ----a-w- C:\Users\Antoine\Desktop\ZHPCleaner.exe 2016-10-17 18:35:58 F802399640BA66CAE43CF68F8B562397 2407424 ----a-w- C:\Users\Antoine\Desktop\FRST64.exe 2016-10-17 18:35:58 C2B3B862DDD48BF2D05EF0969D315CDB 2406912 ----a-w- C:\Users\Antoine\Desktop\FRST-OlderVersion\FRST64.exe 2016-10-17 18:23:19 AE1190435E36DCE52DC8FD4F46FAB363 3874368 ----a-w- C:\Users\Antoine\Desktop\adwcleaner_6.021.exe 2016-10-17 17:12:34 E5FC70D0757034DF248AFC5900DA869D 288712 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\crashreporter.exe 2016-10-17 17:12:34 AD0709EAC750EC3354BFFDA1E8947673 165808 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe 2016-10-17 17:12:34 60D42896F6C14E9BD2040E86DB1A6BF4 22984 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\WSEnable.exe 2016-10-17 17:12:34 573C2D8D2A005D255A101CFC19855410 147400 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice.exe 2016-10-17 17:12:34 4FBDF3814195983C790E405D63A9C8C0 491464 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe 2016-10-17 17:12:34 2BA7DF10C0AC6D9AD712D4294632642D 284104 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\plugin-container.exe 2016-10-17 17:12:34 27855CCF512BE94792A9C07CF7CE729C 304584 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updater.exe 2016-10-17 17:12:34 1D0D6256644548394FB04F8D5739B4D0 884488 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe 2016-10-17 17:09:44 DB9530DFF0A71D48E4877D47990AF006 8244656 ----a-w- C:\Users\Antoine\Downloads\ccsetup522.exe 2016-10-16 16:43:16 50DB5E0E5DBDDC9ED662FC6B61444D9D 20738752 ----a-w- C:\Users\Emile\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe 2016-10-16 16:43:16 50DB5E0E5DBDDC9ED662FC6B61444D9D 20738752 ----a-w- C:\Users\Emile\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveSetup.exe 2016-10-16 16:43:07 B8A65258FFB70C037195CFBDAD9AF01D 175296 ----a-w- C:\Users\Emile\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncConfig.exe 2016-10-16 16:43:05 ED59204D9A071DED6AEC000050422F73 181448 ----a-w- C:\Users\Emile\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe 2016-10-16 16:43:05 318FF5AFDD3CF2FE366118CDF8DCC59D 481984 ----a-w- C:\Users\Emile\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 2016-10-14 16:48:46 753BD8B51CE31105A56040438BE93437 1219072 ----a-w- C:\FRST\Quarantine\C\Users\Antoine\AppData\Local\chromium\Application\51.0.2683.0\Installer\setup.exe 2016-10-14 16:48:46 562A46474509A0F52C5035727207FD40 1068544 ----a-w- C:\FRST\Quarantine\C\Users\Antoine\AppData\Local\chromium\Application\chrome.exe 2016-10-14 16:48:46 075831B23E263F37CE09E867488B3552 2397696 ----a-w- C:\FRST\Quarantine\C\Users\Antoine\AppData\Local\chromium\Application\51.0.2683.0\nacl64.exe 2016-10-14 16:48:46 00C16A588E45C13C83D3A1E34A832AA9 745472 ----a-w- C:\FRST\Quarantine\C\Users\Antoine\AppData\Local\chromium\Application\51.0.2683.0\delegate_execute.exe 2016-10-14 16:45:53 63A484D1B5BE883C69C7B4227F7CA2DE 44564968 ----a-w- C:\Users\Antoine\Downloads\avc-free.exe 2016-10-14 16:41:07 C5EBAED47054A366CC8BAA0D753647A2 1502132 ----a-w- C:\Users\Antoine\Downloads\mkv-to-avi-converter_3-2-1-1_fr_188938.exe 2016-10-14 16:36:49 51E1ADFDF08094EC3CEF66929F82A3FB 14337568 ----a-w- C:\Users\Antoine\Downloads\mkvtoolnix-64bit-9.4.2-setup.exe 2016-10-13 07:39:38 71E3E4F3566ECAE4E5177BFB50DB9CF3 6888544 ----a-w- C:\Users\Antoine\AppData\Roaming\Anvsoft\Common\youtube-dl.exe 2016-10-12 07:23:38 0AED554D8EF07E5084A2DFBD860896A7 6474752 ----a-w- C:\Windows\SysWOW64\mspaint.exe 2016-10-12 07:23:33 72669C6C0B70C7617B32D123C72EF41C 425472 ----a-w- C:\Windows\System32\bcdedit.exe 2016-10-12 07:23:26 8D958808853BE6D12997F8290879820C 2390016 ----a-w- C:\Windows\System32\smartscreen.exe 2016-10-12 07:23:25 18C0DF852EB4BAE839E94410F49CF6F0 545944 ----a-w- C:\Windows\SysWOW64\fontdrvhost.exe 2016-10-12 07:23:22 F78870C8520BC47B5B83083356A59316 360040 ----a-w- C:\Windows\System32\SystemSettingsAdminFlows.exe 2016-10-12 07:23:22 074C04D763F4FAFD9FF3E82603CD3075 3105792 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2016-10-12 07:23:19 0469D22F7190744DC69CBE78795893F2 10652512 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 2016-10-12 07:23:18 9995140519BD0BE7C687A4E9B8892D83 241664 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe 2016-10-12 07:23:18 0DB7C05678C52D649A988A4DE2804483 578048 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe 2016-10-12 07:23:15 6448D390FC05370C28FE714EB5227740 477696 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersShareTargetApp.exe 2016-10-12 07:23:08 CC8251F2487453DEFB832EF91BA93B53 1172472 ----a-w- C:\Windows\System32\winload.exe 2016-10-12 07:23:08 CC8251F2487453DEFB832EF91BA93B53 1172472 ----a-w- C:\Windows\System32\Boot\winload.exe 2016-10-12 07:23:08 B08A20D27A4D94FF21F91E6FB1092340 894088 ----a-w- C:\Windows\System32\winresume.exe 2016-10-12 07:23:07 2ED2E96B5A6744E67BFFEDAD8965881F 775168 ----a-w- C:\Windows\System32\GamePanel.exe 2016-10-12 07:23:04 27841A3507A27233E7BD6CA99FB76839 7812448 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-10-12 07:23:03 667CE851EBDF393E0131D51141C7AA13 6664192 ----a-w- C:\Windows\System32\mspaint.exe 2016-10-12 07:23:00 E8FE0FA784A645492609431C53824853 7652720 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2016-10-12 07:22:56 77553E78EBDEE5BB415611E7D0C9834D 628032 ----a-w- C:\Windows\System32\fontdrvhost.exe === C: other files == 2016-10-18 07:29:39 B6F0DE7FEB9A69F0E337AB58BDF0C5AA 1036367 ----a-w- C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\hiotkzhq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2016-10-18 07:29:38 B6F0DE7FEB9A69F0E337AB58BDF0C5AA 1036367 ----a-w- C:\Users\Antoine\AppData\Local\Temp\tmp-g6t.xpi 2016-10-18 06:54:46 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2016-10-18 06:54:12 898415AC0B5F1D2A9A48ABCB68A6DC4B 65408 ----a-w- C:\Windows\System32\drivers\mwac.sys 2016-10-18 06:54:12 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys 2016-10-18 06:54:12 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2016-10-17 17:12:34 7279290286D68B578D1DA3C46AEF0EC4 4651 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi 2016-10-16 16:43:04 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Emile\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\CollectOneDriveLogs.bat 2016-10-12 07:23:33 25D32BE04FE0A23FDF57FD5382757672 143872 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2016-10-12 07:23:27 B2B36750E1DCB530CFA44883AFDD5EDC 1509376 ----a-w- C:\Windows\System32\win32kbase.sys 2016-10-12 07:23:26 2CF0CB2A0ED68C5455371E84C16F9627 64352 ----a-w- C:\Windows\System32\drivers\MegaSas2i.sys 2016-10-12 07:23:14 8F5C24F4F47120157AB6D889B96A2AC2 619368 ----a-w- C:\Windows\System32\drivers\cng.sys 2016-10-12 07:23:10 486CEF1D0526E7F396CE3B47246F36EF 2999296 ----a-w- C:\Windows\SysWOW64\win32kfull.sys 2016-10-12 07:23:05 E5E5D9E317739CEE510EAF46C88A7C38 128864 ----a-w- C:\Windows\System32\drivers\tm.sys 2016-10-12 07:23:05 D5564FC81350458ED570528C4E3B1CCF 1181536 ----a-w- C:\Windows\System32\drivers\ndis.sys 2016-10-12 07:23:05 37A5ADE7C82A85A0B9991880733C5060 3617792 ----a-w- C:\Windows\System32\win32kfull.sys 2016-10-12 07:23:05 0D1D392ED2597F295956D058D33BD7C3 144896 ----a-w- C:\Windows\System32\drivers\dfsc.sys 2016-10-12 07:22:57 7C3D10BEC8B0DBA00A78C78EB10B3AE2 279904 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2016-10-12 07:22:56 FFFBB40B9C7AD811AA6EA74A0A6168B1 187232 ----a-w- C:\Windows\System32\drivers\dumpsd.sys 2016-10-12 07:22:56 FE33B645A2E0F5AB0B42318355B85178 2537824 ----a-w- C:\Windows\System32\drivers\tcpip.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-720330006-1225765978-308963393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [17/10/2016 19:12] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/10/2016 09:08] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/10/2016 09:08] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\SafeZone scheduled Autoupdate 1471086487" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{F03DEFB6-6E68-48AC-80D7-A026D51CE05E}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{FCB1998D-2C01-4F9A-B7E5-A8A2E22DBFE4}" [C:\WINDOWS\system32\msfeedssync.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\hiotkzhq.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Antoine\AppData\Roaming\Thunderbird\Profiles\g24556iz.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\DOMITI~1\AppData\Roaming\Mozilla\Firefox\Profiles\praj8tbd.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\DOMITI~1\AppData\Roaming\Thunderbird\Profiles\tc2vj3j3.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Emile\AppData\Roaming\Mozilla\Firefox\Profiles\stsnrlz5.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [30/08/2016 18:22] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [30/08/2016 18:22] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\hiotkzhq.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\Antoine\AppData\Roaming\Thunderbird\Profiles\g24556iz.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} ProfilePath: C:\Users\DOMITI~1\AppData\Roaming\Thunderbird\Profiles\tc2vj3j3.default - Lightning - C:\Users\Domitille\AppData\Roaming\Thunderbird\Profiles\tc2vj3j3.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\hiotkzhq.default 32534FFE70905DD87DDAAF7437897560 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_185.dll - Shockwave Flash ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions daanglpcpkjjlkhcbladppjphglbigam - No path found[] eofcbnmajmjmplflapaojjnihcjkigck - No path found[] fcoadmpfijfcmokecmkgolhbaeclfage - No path found[] gomekmidlodglbbmalcneegieacbdmki - No path found[] Google Slides - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Avast Online Security - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam Avast SafePrice - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck Avast SafePrice - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage Google Sheets - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Avast Online Security - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Chrome Web Store Payments - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm Google Slides - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Avast Online Security - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam Avast SafePrice - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck Avast SafePrice - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage Google Sheets - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Avast Online Security - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Chrome Web Store Payments - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Domitille\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\Domitille\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Domitille\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.fr/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.fr/" "Default_Search_URL"="http://www.google.fr/" "Search Page"="http://www.google.fr/?q={searchTerms}" "Start Page"="http://www.google.fr/" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.fr/" "Default_Search_URL"="http://www.google.fr/" "Search Page"="http://www.google.fr/?q={searchTerms}" "Start Page"="http://www.google.fr/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.fr/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes "DefaultScope"="{96BBC430-9900-4299-9F5D-7951AB36EFDF}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{96BBC430-9900-4299-9F5D-7951AB36EFDF} - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} ==== Reset Google Chrome ====================== C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Domitille\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Domitille\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\Domitille\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Domitille\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Antoine\Desktop\Any Video Converter.lnk - D:\programmes\AVCFree.exe C:\Users\Antoine\Desktop\Slash'EM.lnk - C:\SLM\slashem.exe C:\Users\Antoine\Desktop\ZHPCleaner.lnk - C:\Users\Antoine\AppData\Roaming\ZHP\ZHPCleaner.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk - C:\Program Files\AVAST Software\Avast\avastui.exe C:\Users\Public\Desktop\Avast SafeZone Browser.lnk - C:\Program Files\AVAST Software\SZBrowser\launcher.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\devolo Cockpit.lnk - C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe C:\Users\Public\Desktop\Exact Audio Copy.lnk - D:\programmes\Exact Audio Copy\EAC.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\LibreOffice 5.1.lnk - C:\Program Files (x86)\LibreOffice 5\program\soffice.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\MKVToolNix GUI.lnk - D:\programmes\MKVToolNix\mkvtoolnix-gui.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Users\Public\Desktop\Mp3tag.lnk - D:\programmes\Mp3tag\Mp3tag.exe C:\Users\Public\Desktop\Newshosting Downloads.lnk - C:\Users\Antoine\Downloads\Newshosting C:\Users\Public\Desktop\Newshosting.lnk - D:\programmes\Newshosting\newshosting.exe C:\Users\Public\Desktop\Universal Media Server.lnk - D:\programmes\Universal Media Server\UMS.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth\Uninstall AviSynth.lnk - D:\programmes\AviSynth\Uninstall.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\Domitille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\Emile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk - C:\Program Files\AVAST Software\Avast\avastui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk - C:\Program Files\AVAST Software\SZBrowser\launcher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server.lnk - D:\programmes\Universal Media Server\UMS.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks\SyncBackFree\SyncBack Free.lnk - D:\programmes\SyncBackFree\SyncBackFree.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth\AviSynth Documentation.lnk - D:\programmes\AviSynth\Docs\English\index.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth\Example Scripts.lnk - D:\programmes\AviSynth\Examples C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth\License.lnk - D:\programmes\AviSynth\gpl.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth\Plugin Directory.lnk - D:\programmes\AviSynth\plugins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\devolo\devolo Cockpit.lnk - C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy\Exact Audio Copy.lnk - D:\programmes\Exact Audio Copy\EAC.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy\FAQ.lnk - D:\programmes\Exact Audio Copy\Documentation\FAQ.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy\Legal.lnk - D:\programmes\Exact Audio Copy\Legal.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy\News.lnk - D:\programmes\Exact Audio Copy\News.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy\Uninstall.lnk - D:\programmes\Exact Audio Copy\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurer Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises à jour.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Base.lnk - C:\Program Files (x86)\LibreOffice 5\program\sbase.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Calc.lnk - C:\Program Files (x86)\LibreOffice 5\program\scalc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Draw.lnk - C:\Program Files (x86)\LibreOffice 5\program\sdraw.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Impress.lnk - C:\Program Files (x86)\LibreOffice 5\program\simpress.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Math.lnk - C:\Program Files (x86)\LibreOffice 5\program\smath.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Writer.lnk - C:\Program Files (x86)\LibreOffice 5\program\swriter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice.lnk - C:\Program Files (x86)\LibreOffice 5\program\soffice.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Désinstaller Malwarebytes Anti-Malware.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\mkvinfo GUI.lnk - D:\programmes\MKVToolNix\mkvinfo.exe -g C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\MKVToolNix GUI.lnk - D:\programmes\MKVToolNix\mkvtoolnix-gui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\Uninstall.lnk - D:\programmes\MKVToolNix\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\Website.lnk - D:\programmes\MKVToolNix\MKVToolNix.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\Documentation\ChangeLog - What is new.lnk - D:\programmes\MKVToolNix\doc\ChangeLog.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\Documentation\Command line references.lnk - D:\programmes\MKVToolNix\doc\command_line_references.html C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\Documentation\README.lnk - D:\programmes\MKVToolNix\doc\README.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Aide Mp3tag.lnk - D:\programmes\Mp3tag\help\index.html C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag.lnk - D:\programmes\Mp3tag\Mp3tag.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Nouveautés de cette version (English).lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Newshosting\Newshosting.lnk - D:\programmes\Newshosting\newshosting.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server\Uninstall.lnk - D:\programmes\Universal Media Server\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server\Universal Media Server (Select Profile).lnk - D:\programmes\Universal Media Server\UMS.exe profiles C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server\Universal Media Server.lnk - D:\programmes\Universal Media Server\UMS.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - D:\programmes\videolan\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - D:\programmes\videolan\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - D:\programmes\videolan\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - D:\programmes\videolan\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - D:\programmes\videolan\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - D:\programmes\videolan\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk - C:\FRST\Quarantine\C\Users\Antoine\AppData\Local\chromium\Application\chrome.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Any Video Converter.lnk - D:\programmes\AVCFree.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\devolo Cockpit.lnk - C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Exact Audio Copy.lnk - D:\programmes\Exact Audio Copy\EAC.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\LibreOffice Calc.lnk - C:\Program Files (x86)\LibreOffice 5\program\scalc.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\LibreOffice Writer.lnk - C:\Program Files (x86)\LibreOffice 5\program\swriter.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MKVToolNix GUI.lnk - D:\programmes\MKVToolNix\mkvtoolnix-gui.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mp3tag.lnk - D:\programmes\Mp3tag\Mp3tag.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Newshosting.lnk - D:\programmes\Newshosting\newshosting.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk - C:\WINDOWS\system32\mspaint.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SyncBack Free.lnk - D:\programmes\SyncBackFree\SyncBackFree.exe C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Universal Media Server (Select Profile).lnk - D:\programmes\Universal Media Server\UMS.exe profiles C:\Users\Antoine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VLC media player.lnk - D:\programmes\videolan\vlc.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Domitille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Domitille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Domitille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Domitille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Domitille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk - D:\programmes\Mozilla Thunderbird\thunderbird.exe C:\Users\Emile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Emile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Emile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Emile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Emile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\LibreOffice 5.1.lnk - C:\Program Files (x86)\LibreOffice 5\program\soffice.exe C:\Users\Emile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Emile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk - D:\programmes\Mozilla Thunderbird\thunderbird.exe C:\Users\Lucien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Lucien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Musique\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Musique\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Uninstall List x64 ====================== 7-Zip 16.02 (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\7-Zip] Adobe Acrobat Reader DC - Fran‡ais [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] Adobe Flash Player 23 NPAPI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] Adobe Refresh Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824202044}] Any Video Converter 6.0.4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Any Video Converter] Avast Antivirus Gratuit [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avast] AviSynth [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AviSynth] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] Chromium [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{974C7F8C-C7CC-AE0C-764C-DE8CA6CC0D0C}] devolo Cockpit [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\dlancockpit] Exact Audio Copy 1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Exact Audio Copy] Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BBAF8C17-51A4-3A52-A9C7-08229B38346E}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] Java 8 Update 101 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180101F0}] LibreOffice 5.1.5.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{03E3A5F6-2B2C-4CF6-9C18-FBB28AFA512B}] Malwarebytes Anti-Malware version 2.2.1.1043 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] MKVToolNix 9.4.2 (64bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MKVToolNix] Mozilla Firefox 49.0.1 (x86 fr) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 49.0.1 (x86 fr)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] Mozilla Thunderbird 45.4.0 (x86 fr) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Thunderbird 45.4.0 (x86 fr)] Mp3tag v2.78 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mp3tag] newshosting [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\808e41b563160b28] Newshosting [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C847FE4-1BFB-45D3-8011-7DD017B43B52}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] SafeZone Stable 1.51.2220.62 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SafeZone 1.51.2220.62] SyncBackFree [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SyncBackFree_is1] Universal Media Server [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Universal Media Server] VLC media player [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player] ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVICE RÉSEAU') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\AJRouter.dll,-2 (AJRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cdpsvc.dll,-100 (CDPSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cdpusersvc.dll,-100 (CDPUserSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: CDPUserSvc_4446a - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\ClipSVC.dll,-103 (ClipSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\coremessaging.dll,-1 (CoreMessagingRegistrar) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dcpsvc.dll,-3001 (DcpSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: devolo Network Service (DevoloNetworkService) - devolo AG - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe O23 - Service: @%SystemRoot%\system32\DevQueryBroker.dll,-100 (DevQueryBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\diagtrack.dll,-3001 (DiagTrack) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\Windows.Internal.Management.dll,-100 (DmEnrollmentSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dmwappushsvc.dll,-200 (dmwappushservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dosvc.dll,-100 (DoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dssvc.dll,-10003 (DsSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\embeddedmodesvc.dll,-201 (embeddedmode) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @EnterpriseAppMgmtSvc.dll,-1 (EntAppSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\FrameServer.dll,-100 (FrameServer) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\hvhostsvc.dll,-100 (HvHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\tetheringservice.dll,-4097 (icssvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\irmon.dll,-2000 (irmon) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\lfsvc.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\licensemanagersvc.dll,-200 (LicenseManager) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\moshost.dll,-100 (MapsBroker) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\MessagingService.dll,-100 (MessagingService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: MessagingService_4446a - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\NetSetupSvc.dll,-3 (NetSetupSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\NgcCtnrSvc.dll,-1 (NgcCtnrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\APHostRes.dll,-10002 (OneSyncSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Hôte de synchronisation_4446a (OneSyncSvc_4446a) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe O23 - Service: @%SystemRoot%\system32\PhoneserviceRes.dll,-10000 (PhoneSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-15001 (PimIndexMaintenanceSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Données de contacts_4446a (PimIndexMaintenanceSvc_4446a) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\RDXService.dll,-256 (RetailDemo) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\RMapi.dll,-1001 (RmSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\sensorservice.dll,-1000 (SensorService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\SmsRouterSvc.dll,-10001 (SmsRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\windows.staterepository.dll,-1 (StateRepository) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\tileobjserver.dll,-1 (tiledatamodelsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBrokerSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-10003 (UnistoreSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: Stockage des données utilisateur_4446a (UnistoreSvc_4446a) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-14001 (UserDataSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Accès aux données utilisateur_4446a (UserDataSvc_4446a) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\usermgr.dll,-100 (UserManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\usocore.dll,-102 (UsoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\icsvc.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\icsvc.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\icsvc.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\icsvcext.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\icsvc.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\icsvc.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\icsvc.dll,-901 (vmicvmsession) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\icsvcext.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\WalletService.dll,-1000 (WalletService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\flightsettings.dll,-104 (wisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpnservice.dll,-1 (WpnService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\WpnUserService.dll,-1 (WpnUserService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Service utilisateur de notifications Push Windows_4446a (WpnUserService_4446a) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\XblAuthManager.dll,-100 (XblAuthManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\XblGameSave.dll,-100 (XblGameSave) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\XboxNetApiSvc.dll,-100 (XboxNetApiSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Antoine\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Antoine\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\Domitille\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Domitille\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\Emile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Antoine\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Antoine\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\Domitille\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Domitille\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\Emile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Antoine\AppData\Local\Mozilla\Firefox\Profiles\hiotkzhq.default\cache2 emptied successfully C:\Users\Domitille\AppData\Local\Mozilla\Firefox\Profiles\praj8tbd.default\cache2 emptied successfully C:\Users\Emile\AppData\Local\Mozilla\Firefox\Profiles\stsnrlz5.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Domitille\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=10 folders=6 975819 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Antoine\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 18/10/2016 at 11:11:47,20 ======================