Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017 02 Exécuté par Frédéric (administrateur) sur PC-STUDIO (12-09-2017 09:32:17) Exécuté depuis C:\Users\Frédérc\Desktop Profils chargés: Frédéric (Profils disponibles: Frédéric & Administrateur) Platform: Windows 10 Pro Version 1703 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe (Nalpeiron Ltd.) C:\Windows\syswow64\NLSSRV32.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (PreSonus Audio Electronics) C:\Program Files\PreSonus\1394AudioDriver_FirePod\FirePod.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (AutoIt Team) C:\Users\FRDRC~1\zpow\wnxvnt.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-08-15] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [919032 2017-08-02] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-3215772901-2756221293-946906576-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4027504 2017-08-05] (Tonec Inc.) HKU\S-1-5-21-3215772901-2756221293-946906576-1000\...\Run: [IDM trial reset] => C:\Users\Frédérc\Documents\[opensource] IDM trial reset\idm_trial_reset.exe [1179136 2015-04-11] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FP10 Control Panel.lnk [2017-08-30] ShortcutTarget: FP10 Control Panel.lnk -> C:\Program Files\PreSonus\1394AudioDriver_FirePod\FirePod.exe (PreSonus Audio Electronics) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{43edb1e6-823c-4076-ba32-180993aec7db}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3215772901-2756221293-946906576-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-07-12] (Internet Download Manager, Tonec Inc.) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-07-11] (Microsoft Corporation) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-07-12] (Internet Download Manager, Tonec Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-07-11] (Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.) BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Frédérc\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2017-08-29] (Dashlane, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-30] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-30] (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.) Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Frédérc\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2017-08-29] (Dashlane, Inc.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-07-11] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: snap3ara.default FF DefaultProfile: fredericsophro@gmail.com FF ProfilePath: C:\Users\Frédérc\AppData\Roaming\Mozilla\Firefox\Profiles\snap3ara.default [2017-09-11] FF Extension: (Avira Browser Safety) - C:\Users\Frédérc\AppData\Roaming\Mozilla\Firefox\Profiles\snap3ara.default\Extensions\abs@avira.com.xpi [2017-09-07] FF Extension: (Dashlane) - C:\Users\Frédérc\AppData\Roaming\Mozilla\Firefox\Profiles\snap3ara.default\Extensions\jetpack-extension@dashlane.com.xpi [2017-08-30] FF HKU\S-1-5-21-3215772901-2756221293-946906576-1000\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF Extension: (Pas de nom) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2017-07-14] FF HKU\S-1-5-21-3215772901-2756221293-946906576-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Frédérc\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\Frédérc\AppData\Roaming\IDM\idmmzcc5 [2017-09-11] [non signé] FF HKU\S-1-5-21-3215772901-2756221293-946906576-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-30] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-30] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-16] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2016-09-08] (Nitro PDF) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-30] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-30] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2017-05-16] (Microsoft Corporation) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com" CHR Profile: C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default [2017-09-12] CHR Extension: (Google Slides) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-30] CHR Extension: (Google Docs) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-30] CHR Extension: (Google Drive) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-30] CHR Extension: (YouTube) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-30] CHR Extension: (Avira Safe Shopping) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2017-09-05] CHR Extension: (Adblock Plus) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-08-30] CHR Extension: (Dashlane - Gestionnaire de mots de passe sécurisé) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2017-08-30] CHR Extension: (Google Sheets) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-30] CHR Extension: (Google Docs hors connexion) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-30] CHR Extension: (Google Maps) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-08-30] CHR Extension: (IDM Integration Module) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-09-11] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-30] CHR Extension: (Gmail) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-30] CHR Extension: (Chrome Media Router) - C:\Users\Frédérc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-30] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-08-02] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-08-02] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-08-02] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-08-02] (Avira Operations GmbH & Co. KG) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] () R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [404816 2017-08-15] (Avira Operations GmbH & Co. KG) S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation) S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] () S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327360 2016-09-08] (Nitro Software, Inc.) S3 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [418496 2016-09-08] () S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] () R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-08-02] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [173784 2017-08-02] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-02] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-08-02] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-08-02] (Avira Operations GmbH & Co. KG) R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-08-02] (Avira Operations GmbH & Co. KG) S3 CYUSB3; C:\WINDOWS\System32\Drivers\CYUSB3.sys [76520 2015-09-10] (Cypress Semiconductor) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) S3 dot4; C:\WINDOWS\System32\drivers\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider) S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [19968 2014-12-03] (Intel Mobile Communications) R3 MEIx64; C:\WINDOWS\System32\drivers\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) S3 NIWinCDEmu; C:\WINDOWS\System32\drivers\NIWinCDEmu.sys [112408 2015-01-14] () S3 pae_1394; C:\WINDOWS\System32\Drivers\pae_1394_x64.sys [196992 2010-02-03] (Archwave AG) S3 pae_avs; C:\WINDOWS\System32\Drivers\pae_avs_x64.sys [72576 2010-02-03] (Archwave AG) S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2017-06-23] (The OpenVPN Project) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 shspusb; C:\WINDOWS\System32\drivers\HSPUSB.sys [24064 2014-12-03] (MobileTop) S3 sscdserd; C:\WINDOWS\System32\drivers\sscdserd.sys [158024 2014-12-03] (MCCI Corporation) S3 ssceserd; C:\WINDOWS\System32\drivers\ssceserd.sys [158024 2014-12-03] (MCCI Corporation) S3 ssdudfu; C:\WINDOWS\System32\drivers\ssdudfu.sys [101960 2014-12-03] (MCCI) S3 ssm_bus; C:\WINDOWS\System32\drivers\ssm_bus.sys [136192 2014-12-03] (MCCI Corporation) S3 ssm_mdm; C:\WINDOWS\System32\drivers\ssm_mdm.sys [172032 2014-12-03] (MCCI Corporation) S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206104 2014-12-03] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206104 2014-12-03] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (QUALCOMM Incorporated) S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206104 2014-12-03] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ss_bserd; C:\WINDOWS\System32\drivers\ss_bserd.sys [128000 2014-12-03] (MCCI Corporation) S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26392 2014-12-03] (DEVGURU Co., LTD.) R3 synusb64; C:\WINDOWS\System32\drivers\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH) S3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2014-09-17] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation) S1 trkupnmk; \??\C:\WINDOWS\system32\drivers\trkupnmk.sys [X] S1 unpbfyrw; \??\C:\WINDOWS\system32\drivers\unpbfyrw.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-09-12 09:32 - 2017-09-12 09:32 - 000019028 _____ C:\Users\Frédérc\Desktop\FRST.txt 2017-09-11 15:44 - 2017-09-11 15:44 - 000078343 _____ C:\Users\Frédérc\Downloads\IDMGCExt (5).crx 2017-09-11 15:42 - 2017-09-11 15:42 - 000078343 _____ C:\Users\Frédérc\Downloads\IDMGCExt (4).crx 2017-09-11 14:02 - 2017-03-18 23:00 - 000045216 ___SH (Microsoft Corporation) C:\Users\Frédérc\wnxvnt.exe 2017-09-11 13:58 - 2017-09-12 09:32 - 000000000 ____D C:\Users\Frédérc\Desktop\FRST-OlderVersion 2017-09-11 13:48 - 2017-09-11 13:48 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2017-09-11 13:48 - 2017-09-11 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2017-09-11 13:44 - 2017-09-11 13:44 - 000000853 _____ C:\Users\Public\Desktop\BitComet.lnk 2017-09-11 13:42 - 2017-09-12 00:05 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\DMCache 2017-09-11 13:42 - 2017-09-11 15:46 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\IDM 2017-09-11 13:42 - 2017-09-11 13:42 - 000000000 ____D C:\ProgramData\IDM 2017-09-08 16:10 - 2017-09-12 09:32 - 000000000 ____D C:\FRST 2017-09-08 16:09 - 2017-09-12 09:32 - 002397184 _____ (Farbar) C:\Users\Frédérc\Desktop\FRST64.exe 2017-09-08 10:06 - 2017-09-08 10:06 - 002827136 _____ C:\Users\Frédérc\Downloads\zhpdiag_2017.8.31.148 (1).exe 2017-09-07 14:37 - 2017-09-07 14:37 - 001099453 _____ C:\Users\Frédérc\Downloads\module-1_la-cre-ation-et-les-applications-de-la-pnl.pdf 2017-09-07 14:18 - 2017-09-07 14:18 - 000332451 _____ C:\Users\Frédérc\Downloads\Gammes pentatonique et position.pdf 2017-09-07 13:32 - 2017-09-07 13:32 - 000984495 _____ C:\Users\Frédérc\Downloads\Article.pdf 2017-09-07 13:28 - 2017-09-07 13:29 - 004070978 _____ C:\Users\Frédérc\Downloads\Le_Solf_ge_malin.pdf 2017-09-07 12:10 - 2017-09-07 12:10 - 008182736 _____ (Malwarebytes) C:\Users\Frédérc\Downloads\adwcleaner_7.0.2.1 (2).exe 2017-09-07 11:58 - 2017-09-07 11:58 - 008182736 _____ (Malwarebytes) C:\Users\Frédérc\Downloads\adwcleaner_7.0.2.1 (1).exe 2017-09-07 11:57 - 2017-09-07 11:57 - 002869632 _____ C:\Users\Frédérc\Downloads\zhpcleaner_2017.8.31.148 (1).exe 2017-09-07 11:43 - 2017-09-07 11:46 - 000000000 ___HD C:\ProgramData\CanonIJMIG 2017-09-07 11:42 - 2017-09-07 11:43 - 000358222 _____ C:\Users\Frédérc\Documents\IMG_20170907_0001.pdf 2017-09-07 11:42 - 2017-09-07 11:43 - 000000000 ___HD C:\ProgramData\CanonIJScan 2017-09-07 10:33 - 2017-09-07 10:33 - 018264376 _____ C:\Users\Frédérc\Downloads\Native Instruments Komplete 10 Ultimate CRACK et Serial.rar 2017-09-07 10:21 - 2017-09-07 10:21 - 000000000 __HDC C:\ProgramData\{E029E712-815A-4E1D-BA1D-7313E45BF6B5} 2017-09-07 09:42 - 2017-09-07 09:42 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Native Instruments 2017-09-07 09:42 - 2017-09-07 09:42 - 000000000 ____D C:\Users\Frédérc\AppData\Local\cache 2017-09-07 09:41 - 2017-09-07 09:41 - 000001127 _____ C:\Users\Public\Desktop\Native Access.lnk 2017-09-07 09:41 - 2017-09-07 09:41 - 000000000 __HDC C:\ProgramData\{8A55A7B9-A434-4714-A0F4-5EFDD760F38F} 2017-09-07 09:39 - 2017-09-07 09:40 - 064313705 _____ C:\Users\Frédérc\Downloads\Native_Access_Installer.zip 2017-09-07 09:10 - 2017-09-07 12:34 - 000000000 ____D C:\AdwCleaner 2017-09-07 09:09 - 2017-09-07 09:10 - 008182736 _____ (Malwarebytes) C:\Users\Frédérc\Downloads\adwcleaner_7.0.2.1.exe 2017-09-07 09:09 - 2017-09-07 09:09 - 002869632 _____ C:\Users\Frédérc\Downloads\zhpcleaner_2017.8.31.148.exe 2017-09-07 09:07 - 2017-09-11 08:45 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\dclogs 2017-09-06 22:21 - 2017-09-08 10:07 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\ZHP 2017-09-06 22:21 - 2017-09-08 10:07 - 000000000 ____D C:\Users\Frédérc\AppData\Local\ZHP 2017-09-06 22:21 - 2017-09-06 22:21 - 002827136 _____ C:\Users\Frédérc\Downloads\zhpdiag_2017.8.31.148.exe 2017-09-06 11:29 - 2017-09-11 23:20 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-09-06 11:29 - 2017-09-11 14:13 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-09-06 11:29 - 2017-09-11 14:13 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-09-06 11:29 - 2017-09-11 14:13 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-09-06 11:29 - 2017-09-11 14:13 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-09-06 11:29 - 2017-09-06 12:32 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-09-06 11:29 - 2017-09-06 11:29 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-09-06 11:29 - 2017-09-06 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-09-06 11:29 - 2017-09-06 11:29 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-09-06 11:29 - 2017-09-06 11:29 - 000000000 ____D C:\Program Files\Malwarebytes 2017-09-06 11:23 - 2017-09-06 11:23 - 000000025 _____ C:\Users\Frédérc\Desktop\mb-licenseinfo.txt 2017-09-06 11:23 - 2017-09-06 11:23 - 000000000 ____D C:\ProgramData\MB2Migration 2017-09-06 11:21 - 2017-09-06 11:23 - 065942208 _____ (Malwarebytes ) C:\Users\Frédérc\Downloads\mb3-setup-35891.35891-3.2.2.2018.exe 2017-09-05 23:50 - 2017-09-05 23:50 - 000000000 __HDC C:\ProgramData\{B9128DCD-EAF1-4915-8EE4-29A858B9802C} 2017-09-05 23:45 - 2017-09-05 23:45 - 001710680 _____ C:\Users\Frédérc\Downloads\virtual-clonedrive_5-5-0-0_fr_79406.exe 2017-09-05 23:45 - 2017-09-05 23:45 - 000001323 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk 2017-09-05 23:45 - 2017-09-05 23:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes 2017-09-05 02:19 - 2017-09-05 02:19 - 000078343 _____ C:\Users\Frédérc\Downloads\IDMGCExt (3).crx 2017-09-05 02:15 - 2017-09-05 02:15 - 000078343 _____ C:\Users\Frédérc\Downloads\IDMGCExt (2).crx 2017-09-05 02:14 - 2017-09-05 02:14 - 000078343 _____ C:\Users\Frédérc\Downloads\IDMGCExt (1).crx 2017-09-04 15:24 - 2017-09-04 15:24 - 000000000 _____ C:\autoexec.bat 2017-09-04 13:56 - 2017-09-04 13:58 - 000002058 _____ C:\Users\Public\Desktop\EZdrummer-64.lnk 2017-09-04 13:47 - 2016-08-13 08:15 - 000162816 _____ (Fastbird Dev Studio) C:\Users\Frédérc\Desktop\ExploreAtOnce_x64.exe 2017-09-03 23:43 - 2017-09-03 23:43 - 000081650 _____ C:\Users\Frédérc\Downloads\le-communique-de-presse.pdf 2017-09-03 18:34 - 2017-09-03 18:34 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\ExploreAtOnce 2017-09-03 18:21 - 2017-09-03 18:21 - 000000000 ____D C:\Users\Frédérc\Documents\FeedbackHub 2017-09-03 18:06 - 2017-09-03 18:06 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Avira 2017-09-03 18:02 - 2017-08-02 09:34 - 000173784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2017-09-03 18:02 - 2017-08-02 09:34 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2017-09-03 18:02 - 2017-08-02 09:34 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2017-09-03 18:02 - 2017-08-02 09:34 - 000060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys 2017-09-03 18:02 - 2017-08-02 09:34 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2017-09-03 18:02 - 2017-08-02 09:34 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys 2017-09-03 17:57 - 2017-09-03 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-09-03 17:57 - 2017-09-03 18:02 - 000000000 ____D C:\ProgramData\Avira 2017-09-03 17:57 - 2017-09-03 17:57 - 000001267 _____ C:\Users\Public\Desktop\Avira.lnk 2017-09-03 17:56 - 2017-09-03 17:57 - 004916408 _____ (Avira Operations GmbH & Co. KG) C:\Users\Frédérc\Downloads\avira_fr_av_59a6e330a2ca4__ws.exe 2017-09-03 17:37 - 2017-09-03 17:37 - 000000144 _____ C:\Users\Frédérc\Downloads\ActiverWinDefender.reg 2017-09-03 17:10 - 2017-09-03 17:10 - 000083375 _____ C:\Users\Frédérc\Downloads\ExploreAtOnce_1_2_3.zip 2017-09-03 16:46 - 2017-09-03 16:46 - 000001758 _____ C:\Users\Frédérc\Downloads\[APP] Malwarebytes Premium v3.1.2.1733.torrent 2017-09-03 16:44 - 2017-09-03 16:44 - 000020345 _____ C:\Users\Frédérc\Downloads\Malwarebytes Premium 3.2.0.1959 Beta + Keygen.rar (1).torrent 2017-09-03 16:40 - 2017-09-03 16:40 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\6FF465B2.sys 2017-09-03 16:34 - 2017-09-03 16:34 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Obsidium 2017-09-03 16:30 - 2017-09-03 16:30 - 000000000 ____D C:\Program Files (x86)\© 2016 Malwarebytes. All Rights Reserved 2017-09-03 16:27 - 2017-09-05 01:58 - 000000000 ____D C:\Program Files (x86)\Tonec Inc 2017-09-03 16:27 - 2017-09-03 16:27 - 000003644 _____ C:\WINDOWS\System32\Tasks\zpow 2017-09-03 16:27 - 2017-09-03 16:27 - 000000000 __SHD C:\Users\Frédérc\zpow 2017-09-03 16:23 - 2017-09-03 16:23 - 000020345 _____ C:\Users\Frédérc\Downloads\Malwarebytes Premium 3.2.0.1959 Beta + Keygen.rar.torrent 2017-09-03 16:19 - 2017-09-03 16:21 - 066347240 _____ (Malwarebytes ) C:\Users\Frédérc\Downloads\mb3-setup-consumer-3.2.2.2018.exe 2017-09-03 16:13 - 2017-09-03 16:13 - 000015504 _____ C:\Users\Frédérc\Downloads\Internet Download Manager 6.28 Build 16 (CLEAN) + Patch.torrent 2017-09-01 15:14 - 2017-09-01 15:14 - 000000908 _____ C:\Users\Frédérc\Desktop\Toontrack EZkeys (64Bit).lnk 2017-09-01 15:07 - 2017-09-01 15:07 - 000000000 ____D C:\Program Files (x86)\Toontrack 2017-09-01 13:41 - 2017-09-04 14:01 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Toontrack 2017-09-01 13:41 - 2017-09-04 13:58 - 000000000 ____D C:\ProgramData\Toontrack 2017-09-01 13:41 - 2017-09-04 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack 2017-09-01 13:41 - 2017-09-04 13:56 - 000000000 ____D C:\Program Files\Toontrack 2017-09-01 13:41 - 2017-09-01 13:41 - 000002012 _____ C:\Users\Public\Desktop\EZmix-64.lnk 2017-09-01 12:53 - 2017-09-01 12:53 - 000000403 _____ C:\Users\Frédérc\Downloads\restexecute.bat 2017-09-01 09:59 - 2017-09-01 09:59 - 000024615 _____ C:\Users\Frédérc\Downloads\Toontrack - EZkeys Complete v1.2.4 (1).torrent 2017-08-31 23:48 - 2017-08-31 23:48 - 000000000 ____D C:\ProgramData\boost_interprocess 2017-08-31 23:42 - 2017-08-31 23:42 - 000000000 ____D C:\ProgramData\XLN Audio 2017-08-31 23:39 - 2017-08-31 23:39 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2017-08-31 23:39 - 2017-08-31 23:39 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2017-08-31 20:03 - 2017-08-31 20:03 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\iZotope 2017-08-31 20:01 - 2017-08-31 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope 2017-08-31 19:59 - 2017-08-31 19:59 - 000000000 ____D C:\Program Files (x86)\Steinberg 2017-08-31 19:59 - 2017-08-31 19:59 - 000000000 ____D C:\Program Files (x86)\iZotope 2017-08-31 19:54 - 2017-08-31 19:58 - 282132376 _____ (iZotope, Inc.) C:\Users\Frédérc\Downloads\iZotope_Neutron_Advanced_v1_01a.exe 2017-08-31 18:33 - 2017-08-31 18:29 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-08-31 17:38 - 2017-09-07 09:42 - 000000000 ____D C:\Users\Frédérc\AppData\Local\Native Instruments 2017-08-31 17:37 - 2017-08-31 17:37 - 000001087 _____ C:\Users\Public\Desktop\Kontakt 5.lnk 2017-08-31 17:37 - 2017-08-31 17:37 - 000000000 __HDC C:\ProgramData\{0CF1F946-2AAE-48A9-BD6C-DF71FE72E1D1} 2017-08-31 17:36 - 2017-09-07 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2017-08-31 17:36 - 2017-09-07 09:41 - 000000000 ____D C:\Program Files\Native Instruments 2017-08-31 17:36 - 2017-08-31 17:36 - 000000000 ____D C:\ProgramData\Native Instruments 2017-08-31 16:41 - 2017-08-31 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jBridge 2017-08-31 16:41 - 2017-08-31 16:41 - 000000000 ____D C:\Program Files\JBridge 2017-08-31 16:27 - 2017-09-03 19:04 - 000000000 ____D C:\Users\Frédérc\AppData\Local\Spectrasonics 2017-08-31 15:36 - 2017-08-31 15:36 - 000024615 _____ C:\Users\Frédérc\Downloads\Toontrack - EZkeys Complete v1.2.4.torrent 2017-08-31 15:08 - 2017-08-31 15:08 - 000000000 ____D C:\ProgramData\Overloud 2017-08-31 14:57 - 2017-08-31 14:57 - 000000000 ____D C:\Users\Frédérc\AppData\Local\PeerDistRepub 2017-08-31 14:53 - 2017-08-31 16:26 - 000000000 ____D C:\ProgramData\Spectrasonics 2017-08-31 14:53 - 2017-08-31 14:53 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Audio Ease 2017-08-31 14:53 - 2017-08-31 14:53 - 000000000 ____D C:\ProgramData\Soundlib 2017-08-31 14:51 - 2017-08-31 14:51 - 000000000 ____D C:\Users\Frédérc\AppData\Local\DBG 2017-08-31 14:40 - 2017-08-31 14:40 - 000000000 ____D C:\Users\Frédérc\Documents\VSTTransit 2017-08-31 14:12 - 2017-09-07 10:21 - 000000000 ____D C:\Program Files\Common Files\Native Instruments 2017-08-31 14:12 - 2017-08-31 14:12 - 000000000 ____D C:\Program Files\Common Files\Avid 2017-08-31 14:08 - 2017-08-31 14:08 - 001587696 _____ C:\Users\Frédérc\Downloads\SetupVirtualCloneDrive5.exe 2017-08-31 14:08 - 2017-08-31 14:08 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2017-08-31 14:08 - 2017-08-31 14:08 - 000000000 ____D C:\Program Files (x86)\Elaborate Bytes 2017-08-31 13:49 - 2017-08-31 13:49 - 000000000 ____D C:\Users\Frédérc\AppData\Local\MusicLab 2017-08-31 13:49 - 2017-08-31 13:49 - 000000000 ____D C:\ProgramData\MusicLab 2017-08-31 13:48 - 2017-08-31 13:48 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\MusicLab 2017-08-31 13:46 - 2017-08-31 13:46 - 000018360 _____ C:\Users\Frédérc\Downloads\NI Kontakt 5.6.5 NO KEYGEN.torrent 2017-08-31 10:49 - 2017-09-12 09:29 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-08-31 10:37 - 2017-08-31 10:37 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3215772901-2756221293-946906576-500 2017-08-31 10:37 - 2017-08-31 10:37 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\Skype 2017-08-31 10:36 - 2017-08-31 10:37 - 000002434 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-08-31 10:36 - 2017-08-31 10:37 - 000000000 ___RD C:\Users\Administrateur\OneDrive 2017-08-31 10:35 - 2017-09-07 12:07 - 000000000 ____D C:\Users\Administrateur 2017-08-31 10:35 - 2017-08-31 10:41 - 000002330 _____ C:\Users\Administrateur\Desktop\Google Chrome.lnk 2017-08-31 10:35 - 2017-08-31 10:37 - 000000000 ____D C:\Users\Administrateur\AppData\Local\Packages 2017-08-31 10:35 - 2017-08-31 10:35 - 000000020 ___SH C:\Users\Administrateur\ntuser.ini 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 _SHDL C:\Users\Administrateur\Voisinage réseau 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 _SHDL C:\Users\Administrateur\Voisinage d'impression 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 _SHDL C:\Users\Administrateur\Modèles 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 _SHDL C:\Users\Administrateur\Mes documents 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 _SHDL C:\Users\Administrateur\Menu Démarrer 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 _SHDL C:\Users\Administrateur\Documents\Mes vidéos 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 _SHDL C:\Users\Administrateur\Documents\Mes images 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 _SHDL C:\Users\Administrateur\Documents\Ma musique 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 _SHDL C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 _SHDL C:\Users\Administrateur\AppData\Local\Historique 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 __SHD C:\Users\Administrateur\IntelGraphicsProfiles 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\Adobe 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 ____D C:\Users\Administrateur\AppData\Local\TileDataLayer 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 ____D C:\Users\Administrateur\AppData\Local\Publishers 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 ____D C:\Users\Administrateur\AppData\Local\Google 2017-08-31 10:35 - 2017-08-31 10:35 - 000000000 ____D C:\Users\Administrateur\AppData\Local\ConnectedDevicesPlatform 2017-08-31 10:35 - 2017-08-30 23:11 - 000000000 ____D C:\Users\Administrateur\AppData\Local\Microsoft Help 2017-08-31 10:35 - 2017-08-30 16:57 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\Macromedia 2017-08-31 10:10 - 2017-08-31 10:10 - 000000000 ____D C:\Users\Frédérc\Documents\[opensource] IDM trial reset 2017-08-31 09:43 - 2017-09-11 14:12 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager 2017-08-31 09:36 - 2017-08-31 09:36 - 000002976 _____ C:\Users\Frédérc\Downloads\Internet Download Manager 6.xx Build xx.7z.torrent 2017-08-31 00:35 - 2017-08-31 00:35 - 000777108 _____ C:\Users\Frédérc\Downloads\Spitfire.Audio.Chamber.Strings.KONTAKT-MAGNETRiXX.torrent 2017-08-31 00:27 - 2017-08-31 00:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-08-30 23:43 - 2017-08-30 23:43 - 000000000 ____D C:\Users\Frédérc\AppData\Local\ElevatedDiagnostics 2017-08-30 23:43 - 2017-08-30 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreSonus 1394 Driver V5.13.0 2017-08-30 23:43 - 2017-08-30 23:43 - 000000000 ____D C:\Program Files\PreSonus 2017-08-30 23:27 - 2017-08-30 23:47 - 000000000 ____D C:\Users\Frédérc\Documents\Cubase Projects 2017-08-30 23:23 - 2017-08-30 23:24 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-08-30 23:23 - 2017-08-30 23:23 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-08-30 23:11 - 2017-08-30 23:11 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2017-08-30 23:11 - 2017-08-30 23:11 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2017-08-30 22:24 - 2017-08-30 22:25 - 000000000 ____D C:\Program Files (x86)\Ratio master 2017-08-30 22:22 - 2010-08-30 16:11 - 000278528 _____ (www.moofdev.net) C:\Users\Frédérc\Desktop\RM.exe 2017-08-30 22:22 - 2009-07-11 12:46 - 000000000 ____D C:\Program Files (x86)\clients 2017-08-30 22:22 - 2009-03-12 16:37 - 000000000 ____D C:\Program Files (x86)\lng 2017-08-30 22:15 - 2017-08-30 22:15 - 000011130 _____ C:\Users\Frédérc\Downloads\Microsoft Office 2016 pro plus.x64.VL.Fr.17.12.2016.torrent 2017-08-30 22:07 - 2017-08-30 22:07 - 000075799 _____ C:\Users\Frédérc\Downloads\RatioMaster.NET_0.43.zip 2017-08-30 22:01 - 2017-09-11 18:50 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8EE9636A-FD86-417B-AB22-AF9004B1029D} 2017-08-30 22:01 - 2017-08-30 22:01 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Sun 2017-08-30 22:00 - 2017-08-30 22:01 - 000000000 ____D C:\ProgramData\Oracle 2017-08-30 22:00 - 2017-08-30 22:00 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-08-30 22:00 - 2017-08-30 22:00 - 000000752 _____ C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DelayCalculator.lnk 2017-08-30 22:00 - 2017-08-30 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-08-30 22:00 - 2017-08-30 22:00 - 000000000 ____D C:\Program Files (x86)\Java 2017-08-30 21:35 - 2017-08-30 21:35 - 000001383 _____ C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ldrDVDFab.lnk 2017-08-30 21:35 - 2017-08-30 21:35 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\3800 2017-08-30 19:57 - 2017-08-30 19:57 - 000002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro.lnk 2017-08-30 19:57 - 2017-08-30 19:57 - 000000000 ____D C:\Program Files\Common Files\Nitro 2017-08-30 19:57 - 2017-08-30 19:57 - 000000000 ____D C:\Program Files (x86)\Nitro 2017-08-30 19:57 - 2016-09-08 15:48 - 000031936 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalmon11.dll 2017-08-30 19:57 - 2016-09-08 15:48 - 000020160 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalui11.dll 2017-08-30 19:51 - 2017-08-30 19:51 - 000011034 _____ C:\Users\Frédérc\Downloads\Nitro.PDF.Pro.v11.0.1.10.French.Incl.Keymaker-CORE.torrent 2017-08-30 19:38 - 2017-08-30 19:38 - 000000000 ____D C:\Users\Frédérc\AppData\Local\NitroSpoolDir 2017-08-30 19:36 - 2017-08-30 19:36 - 000000000 ____D C:\Users\Frédérc\AppData\Local\CEF 2017-08-30 19:35 - 2017-08-30 19:57 - 000000000 ____D C:\Program Files\Nitro 2017-08-30 19:35 - 2017-08-30 19:35 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Nitro 2017-08-30 19:35 - 2017-08-30 19:35 - 000000000 ____D C:\ProgramData\Nitro 2017-08-30 19:35 - 2017-07-16 21:20 - 000747208 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\NxPrinterMonitor.dll 2017-08-30 19:33 - 2017-08-30 19:33 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\WinRAR 2017-08-30 19:32 - 2017-08-30 19:32 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-08-30 19:32 - 2017-08-30 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-08-30 19:32 - 2017-08-30 19:32 - 000000000 ____D C:\Program Files\WinRAR 2017-08-30 17:58 - 2017-08-30 17:58 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\ElephormDVDPlayer 2017-08-30 17:39 - 2017-08-30 17:39 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2017-08-30 17:37 - 2017-09-08 10:21 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\vlc 2017-08-30 17:23 - 2017-08-30 19:57 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Downloaded Installations 2017-08-30 17:06 - 2017-08-30 18:21 - 000000000 ____D C:\Users\Frédérc\AppData\Local\Mozilla 2017-08-30 17:06 - 2017-08-30 17:06 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-08-30 17:06 - 2017-08-30 17:06 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Mozilla 2017-08-30 17:06 - 2017-08-30 17:06 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-08-30 17:06 - 2017-08-30 17:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-08-30 17:02 - 2017-08-30 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KORG 2017-08-30 17:02 - 2017-08-30 17:02 - 000000000 ____D C:\Program Files (x86)\KORG 2017-08-30 17:00 - 2017-08-30 17:00 - 000000000 ____D C:\Users\Frédérc\AppData\Local\Downloaded Installations 2017-08-30 16:58 - 2017-08-30 16:58 - 000001134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elephorm.lnk 2017-08-30 16:58 - 2017-08-30 16:58 - 000000000 ____D C:\Program Files (x86)\Elephorm applications 2017-08-30 16:57 - 2017-08-30 16:58 - 005083896 _____ C:\Users\Frédérc\Downloads\Elephorm-4.2.24.air 2017-08-30 16:57 - 2017-08-30 16:57 - 010893992 _____ (Adobe Systems Inc.) C:\Users\Frédérc\Downloads\AdobeAIRInstaller.exe 2017-08-30 16:57 - 2017-08-30 16:57 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Macromedia 2017-08-30 16:57 - 2017-08-30 16:57 - 000000000 ____D C:\Users\Frédérc\AppData\Local\Adobe 2017-08-30 16:57 - 2017-08-30 16:57 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2017-08-30 16:57 - 2017-08-30 16:57 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2017-08-30 16:57 - 2017-08-30 16:57 - 000000000 ____D C:\ProgramData\Adobe 2017-08-30 16:57 - 2017-08-30 16:57 - 000000000 ____D C:\Program Files (x86)\Adobe 2017-08-30 16:51 - 2017-09-06 11:54 - 000000000 ____D C:\Program Files (x86)\DVDFab 10 2017-08-30 16:51 - 2017-08-30 21:35 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\DVDFab10 2017-08-30 16:51 - 2017-08-30 16:51 - 000000087 _____ C:\Users\Frédérc\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644 2017-08-30 16:51 - 2017-08-30 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 10 2017-08-30 16:42 - 2017-08-30 16:42 - 000000000 ____D C:\Users\Frédérc\AppData\Local\VS Revo Group 2017-08-30 16:41 - 2017-08-30 16:41 - 000000000 ____D C:\ProgramData\VS Revo Group 2017-08-30 16:41 - 2017-08-30 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2017-08-30 16:41 - 2017-08-30 16:41 - 000000000 ____D C:\Program Files\VS Revo Group 2017-08-30 16:41 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys 2017-08-30 16:34 - 2017-08-30 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2017-08-30 16:34 - 2017-08-30 16:34 - 000000000 ____D C:\Program Files (x86)\VideoLAN 2017-08-30 16:33 - 2017-08-30 16:33 - 030950664 _____ C:\Users\Frédérc\Downloads\vlc-2.2.6-win32.exe 2017-08-30 16:21 - 2017-08-30 16:21 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Google 2017-08-30 16:05 - 2017-09-07 11:43 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Canon 2017-08-30 16:05 - 2017-08-30 16:05 - 000000000 ___HD C:\ProgramData\CanonIJQuickMenu 2017-08-30 16:04 - 2017-09-07 11:43 - 000000000 ____D C:\ProgramData\CanonIJPLM 2017-08-30 15:55 - 2017-08-30 15:55 - 000000000 ____D C:\WINDOWS\system32\STRING 2017-08-30 15:55 - 2017-08-30 15:55 - 000000000 ____D C:\ProgramData\Canon IJ Network Tool 2017-08-30 15:55 - 2014-03-17 19:15 - 000380928 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL 2017-08-30 15:55 - 2014-03-17 19:15 - 000375296 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL 2017-08-30 15:55 - 2014-03-17 19:15 - 000039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL 2017-08-30 15:55 - 2014-01-21 13:15 - 000336896 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_CAL.dll 2017-08-30 15:55 - 2013-12-02 12:51 - 000096000 _____ C:\WINDOWS\SysWOW64\CNC177FD.TBL 2017-08-30 15:55 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll 2017-08-30 15:54 - 2017-08-30 15:54 - 000000000 ____D C:\ProgramData\CanonIJWSpt 2017-08-30 15:53 - 2017-08-30 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2017-08-30 15:53 - 2017-08-30 15:54 - 000000000 ____D C:\Program Files\Canon 2017-08-30 15:53 - 2017-08-30 15:53 - 000000000 ___HD C:\ProgramData\CanonBJ 2017-08-30 15:53 - 2017-08-30 15:53 - 000000000 ___HD C:\Program Files\CanonBJ 2017-08-30 15:53 - 2017-08-30 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5600 series Manual 2017-08-30 15:53 - 2014-03-18 05:00 - 000406016 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMCA.DLL 2017-08-30 15:52 - 2017-08-30 15:52 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-30 15:51 - 2017-08-30 16:56 - 000000000 ____D C:\Users\Frédérc\AppData\Local\Google 2017-08-30 15:51 - 2017-08-30 15:52 - 000000000 ____D C:\Program Files (x86)\Google 2017-08-30 15:51 - 2017-08-30 15:51 - 000003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-08-30 15:51 - 2017-08-30 15:51 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-08-30 15:44 - 2017-09-06 22:32 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Dashlane 2017-08-30 15:44 - 2017-08-30 15:46 - 000000000 ____D C:\Program Files (x86)\Dashlane 2017-08-30 15:40 - 2017-08-31 09:39 - 000000000 ____D C:\Program Files (x86)\Canon 2017-08-30 15:33 - 2017-08-30 15:33 - 000003584 _____ C:\WINDOWS\SECOH-QAD.dll 2017-08-30 15:33 - 2010-12-06 04:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll 2017-08-30 15:32 - 2017-08-31 00:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2017-08-30 15:32 - 2017-08-30 15:32 - 000000000 ____D C:\WINDOWS\PCHEALTH 2017-08-30 15:32 - 2017-08-30 15:32 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2017-08-30 15:32 - 2017-08-30 15:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2017-08-30 15:32 - 2017-08-30 15:32 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2017-08-30 15:31 - 2017-08-30 15:32 - 000000000 ____D C:\WINDOWS\SHELLNEW 2017-08-30 15:31 - 2017-08-30 15:32 - 000000000 ____D C:\Program Files\Microsoft Office 2017-08-30 15:31 - 2017-08-30 15:31 - 000000000 __RHD C:\MSOCache 2017-08-30 15:31 - 2017-08-30 15:31 - 000000000 ____D C:\Program Files\Microsoft Analysis Services 2017-08-30 15:31 - 2017-08-30 15:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2017-08-30 15:31 - 2017-08-30 15:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2017-08-30 15:15 - 2017-08-30 15:15 - 001611944 _____ (Secure Download Ltd. ) C:\Users\Frédérc\Downloads\Registry_Activation 2017-08-30 14:56 - 2017-09-11 13:46 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\BitComet 2017-08-30 14:56 - 2017-08-30 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit) 2017-08-30 14:56 - 2017-08-30 14:56 - 000000000 ____D C:\Program Files\BitComet 2017-08-30 14:53 - 2017-08-30 14:53 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf 2017-08-30 14:49 - 2017-09-01 16:44 - 000000000 ____D C:\Windows.old 2017-08-30 14:49 - 2017-08-30 14:49 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2017-08-30 14:49 - 2017-08-30 14:49 - 000000000 ____D C:\WINDOWS\InfusedApps 2017-08-30 14:49 - 2017-08-30 14:49 - 000000000 ____D C:\Program Files\ASUS 2017-08-30 14:49 - 2017-08-30 13:50 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2017-08-30 14:48 - 2017-09-07 09:41 - 000000000 ____D C:\ProgramData\Package Cache 2017-08-30 14:48 - 2017-08-30 14:48 - 000000000 ____D C:\WINDOWS\Setup 2017-08-30 14:47 - 2017-09-11 14:17 - 001520764 _____ C:\WINDOWS\system32\perfh00C.dat 2017-08-30 14:47 - 2017-09-11 14:17 - 000364914 _____ C:\WINDOWS\system32\perfc00C.dat 2017-08-30 14:47 - 2017-08-30 14:47 - 000351124 _____ C:\WINDOWS\system32\perfi00C.dat 2017-08-30 14:47 - 2017-08-30 14:47 - 000040694 _____ C:\WINDOWS\system32\perfd00C.dat 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\0409 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\system32\winrm 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\system32\WCN 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\system32\slmgr 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\system32\fr 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\system32\0409 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\OCR 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\DigitalLocker 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\Program Files\Reference Assemblies 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\Program Files\MSBuild 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-08-30 14:47 - 2017-08-30 14:47 - 000000000 ____D C:\Program Files (x86)\MSBuild 2017-08-30 14:46 - 2017-07-31 17:15 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-08-30 14:46 - 2017-07-31 17:15 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-08-30 14:45 - 2017-09-11 13:59 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-08-30 14:45 - 2017-09-11 08:21 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-08-30 14:45 - 2017-09-09 14:21 - 000000000 ____D C:\WINDOWS\system32\config\RegBack 2017-08-30 14:45 - 2017-09-09 09:56 - 000000000 ___HD C:\Program Files\WindowsApps 2017-08-30 14:45 - 2017-09-07 21:11 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-08-30 14:45 - 2017-09-07 12:06 - 000000000 ___RD C:\Program Files (x86) 2017-08-30 14:45 - 2017-09-03 18:02 - 000000000 ____D C:\Program Files (x86)\Avira 2017-08-30 14:45 - 2017-09-03 16:34 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-08-30 14:45 - 2017-09-02 17:59 - 000000000 ____D C:\WINDOWS\rescache 2017-08-30 14:45 - 2017-08-31 09:26 - 000000000 ____D C:\WINDOWS\appcompat 2017-08-30 14:45 - 2017-08-31 02:12 - 000000000 ____D C:\WINDOWS\system32\config\TxR 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ___SD C:\WINDOWS\system32\F12 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\WINDOWS\system32\migwiz 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\WINDOWS\system32\Dism 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\WINDOWS\Provisioning 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\Program Files\Windows Defender 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-08-30 14:45 - 2017-08-31 02:11 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2017-08-30 14:45 - 2017-08-31 00:28 - 000000167 _____ C:\WINDOWS\win.ini 2017-08-30 14:45 - 2017-08-30 23:18 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-08-30 14:45 - 2017-08-30 23:14 - 000000000 ____D C:\Program Files\Common Files\System 2017-08-30 14:45 - 2017-08-30 15:55 - 000000000 __RSD C:\WINDOWS\Media 2017-08-30 14:45 - 2017-08-30 15:32 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-08-30 14:45 - 2017-08-30 14:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ___SD C:\WINDOWS\system32\dsc 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\SystemApps 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\system32\setup 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\system32\MUI 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\system32\Com 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\IME 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\Help 2017-08-30 14:45 - 2017-08-30 14:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 __SHD C:\Program Files\Windows Sidebar 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ___SD C:\WINDOWS\system32\Nui 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ___SD C:\WINDOWS\system32\Configuration 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ___SD C:\WINDOWS\system32\AppV 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ___RD C:\WINDOWS\Offline Web Pages 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\Web 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\Vss 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\tracing 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\TAPI 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ras 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\MsDtc 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SystemResources 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\winevt 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\ras 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\ProximityToast 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\PointOfService 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\Ipmi 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\IME 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\icsxml 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\ias 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\Hydrogen 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\downlevel 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\DDFs 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\config\Journal 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\Bthprops 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\System 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SKB 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\security 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\schemas 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\SchCache 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\Resources 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\RemotePackages 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\Registration 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\PLA 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\Performance 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\ModemLogs 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\L2Schemas 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\InputMethod 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\Globalization 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\Cursors 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\CSC 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\Branding 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\bcastdvr 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\addins 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\Program Files\Windows Security 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\Program Files\Windows Portable Devices 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\Program Files\Common Files\Services 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\Program Files (x86)\Windows NT 2017-08-30 14:45 - 2017-08-30 14:45 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2017-08-30 14:45 - 2017-08-30 14:44 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2017-08-30 14:45 - 2017-08-30 14:44 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2017-08-30 14:45 - 2017-08-30 14:44 - 000215943 _____ C:\WINDOWS\system32\dssec.dat 2017-08-30 14:45 - 2017-08-30 14:44 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2017-08-30 14:45 - 2017-08-30 14:44 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services 2017-08-30 14:45 - 2017-08-30 14:44 - 000015940 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2017-08-30 14:45 - 2017-08-30 14:44 - 000004096 _____ C:\WINDOWS\system32\config\VSMIDK 2017-08-30 14:45 - 2017-08-30 14:44 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2017-08-30 14:45 - 2017-08-30 14:44 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol 2017-08-30 14:45 - 2017-08-30 14:44 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2017-08-30 14:45 - 2017-08-30 14:44 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2017-08-30 14:45 - 2017-08-30 14:44 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT 2017-08-30 14:45 - 2017-08-30 14:44 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks 2017-08-30 14:45 - 2017-08-30 14:44 - 000000219 _____ C:\WINDOWS\system.ini 2017-08-30 14:45 - 2017-08-30 13:58 - 000000000 ____D C:\ProgramData\USOPrivate 2017-08-30 14:45 - 2017-08-30 13:57 - 000000000 ____D C:\Program Files\Windows NT 2017-08-30 14:45 - 2017-08-30 13:56 - 000000000 __RHD C:\Users\Public\Libraries 2017-08-30 14:45 - 2017-08-30 13:56 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2017-08-30 14:45 - 2017-08-30 13:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2017-08-30 14:45 - 2017-08-30 13:52 - 000000000 ____D C:\WINDOWS\system32\spool 2017-08-30 14:45 - 2017-08-30 13:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2017-08-30 14:45 - 2017-08-30 13:51 - 000000000 ___RD C:\WINDOWS\PrintDialog 2017-08-30 14:45 - 2017-08-30 13:51 - 000000000 ___RD C:\WINDOWS\MiracastView 2017-08-30 14:45 - 2017-08-30 13:51 - 000000000 ____D C:\WINDOWS\HoloShell 2017-08-30 14:45 - 2016-11-02 00:05 - 000103952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2017-08-30 14:44 - 2017-08-31 19:16 - 000000000 ____D C:\WINDOWS\INF 2017-08-30 14:42 - 2017-08-30 23:24 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-08-30 14:41 - 2017-09-11 14:12 - 091226112 _____ C:\WINDOWS\system32\config\SOFTWARE 2017-08-30 14:41 - 2017-09-11 14:12 - 016252928 _____ C:\WINDOWS\system32\config\SYSTEM 2017-08-30 14:41 - 2017-09-11 14:12 - 001572864 _____ C:\WINDOWS\system32\config\DEFAULT 2017-08-30 14:41 - 2017-09-11 14:12 - 001572864 _____ C:\WINDOWS\system32\config\BBI 2017-08-30 14:41 - 2017-09-11 14:12 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY 2017-08-30 14:41 - 2017-08-30 14:49 - 000139264 _____ C:\WINDOWS\system32\config\SAM 2017-08-30 14:41 - 2017-08-30 14:47 - 000000000 ____D C:\WINDOWS\servicing 2017-08-30 14:41 - 2017-08-30 14:45 - 000000000 ____D C:\WINDOWS\system32\SMI 2017-08-30 14:41 - 2017-08-30 14:41 - 000000000 ____D C:\Users\Frédérc\AppData\Local\Microsoft Help 2017-08-30 14:41 - 2017-08-30 13:58 - 000000000 ____D C:\WINDOWS\Panther 2017-08-30 14:41 - 2017-08-30 13:56 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2017-08-30 14:38 - 2017-08-31 20:00 - 000000000 ____D C:\Program Files\Common Files\VST3 2017-08-30 14:38 - 2017-08-30 14:38 - 000002892 _____ () C:\WINDOWS\SysWOW64\audcon.sys 2017-08-30 14:38 - 2017-08-30 14:38 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\VST3 Presets 2017-08-30 14:38 - 2017-08-30 14:38 - 000000000 ____D C:\Program Files\Common Files\Steinberg 2017-08-30 14:37 - 2017-08-30 14:37 - 000000000 ____D C:\ProgramData\Steinberg 2017-08-30 14:31 - 2017-08-30 14:31 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Steinberg Installation Updater 2017-08-30 14:31 - 2017-08-30 14:31 - 000000000 ____D C:\Users\Frédérc\AppData\Local\Steinberg Installation Updater 2017-08-30 14:30 - 2017-08-30 14:31 - 000000000 ____D C:\Users\Frédérc\Downloads\Cubase 8.5 2017-08-30 14:22 - 2017-08-30 14:22 - 000000000 ____D C:\ProgramData\Yamaha_Uninstaller 2017-08-30 14:22 - 2017-08-30 14:22 - 000000000 ____D C:\Program Files (x86)\Yamaha 2017-08-30 14:19 - 2017-08-31 14:47 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Steinberg 2017-08-30 14:19 - 2017-08-30 14:38 - 000000000 ____D C:\Program Files\Steinberg 2017-08-30 14:19 - 2017-08-30 14:19 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\VST XMLs 2017-08-30 14:19 - 2017-08-30 14:19 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software 2017-08-30 14:16 - 2017-08-30 14:38 - 000000000 ____D C:\ProgramData\Syncrosoft 2017-08-30 14:16 - 2017-08-30 14:37 - 000000049 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe.cfg 2017-08-30 14:16 - 2017-08-30 14:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser 2017-08-30 14:16 - 2017-08-30 14:16 - 000000000 ____D C:\Users\Frédérc\AppData\Local\eLicenser 2017-08-30 14:16 - 2017-08-30 14:16 - 000000000 ____D C:\ProgramData\eLicenser 2017-08-30 14:16 - 2017-08-30 14:16 - 000000000 ____D C:\Program Files\eLicenser 2017-08-30 14:16 - 2017-08-30 14:16 - 000000000 ____D C:\Program Files (x86)\Syncrosoft 2017-08-30 14:16 - 2017-08-30 14:16 - 000000000 ____D C:\Program Files (x86)\eLicenser 2017-08-30 14:16 - 2012-12-07 17:48 - 001714176 _____ (Steinberg Media Technologies GmbH) C:\WINDOWS\system32\SYNSOACC.dll 2017-08-30 14:16 - 2012-12-07 17:48 - 001277952 _____ (Steinberg Media Technologies GmbH) C:\WINDOWS\SysWOW64\SYNSOACC.dll 2017-08-30 14:16 - 2011-12-14 21:21 - 000086016 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe 2017-08-30 14:14 - 2017-08-30 14:42 - 000000000 ____D C:\Users\Frédérc\AppData\Local\MicrosoftEdge 2017-08-30 14:11 - 2017-09-09 14:13 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3215772901-2756221293-946906576-1000 2017-08-30 14:11 - 2017-08-30 20:16 - 000000000 ____D C:\Users\Frédérc\AppData\Local\Comms 2017-08-30 14:11 - 2017-08-30 14:11 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Skype 2017-08-30 14:10 - 2017-09-09 14:13 - 000002413 _____ C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-08-30 14:10 - 2017-08-30 14:10 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2017-08-30 14:09 - 2017-09-04 13:39 - 000000000 ____D C:\Users\Frédérc\AppData\Local\Packages 2017-08-30 14:09 - 2017-08-30 21:58 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Adobe 2017-08-30 14:09 - 2017-08-30 14:09 - 000000020 ___SH C:\Users\Frédérc\ntuser.ini 2017-08-30 14:09 - 2017-08-30 14:09 - 000000000 ____D C:\Users\Frédérc\AppData\Local\VirtualStore 2017-08-30 14:09 - 2017-08-30 14:09 - 000000000 ____D C:\Users\Frédérc\AppData\Local\TileDataLayer 2017-08-30 14:09 - 2017-08-30 14:09 - 000000000 ____D C:\Users\Frédérc\AppData\Local\Publishers 2017-08-30 14:09 - 2017-08-30 14:09 - 000000000 ____D C:\Users\Frédérc\AppData\Local\ConnectedDevicesPlatform 2017-08-30 13:58 - 2017-08-30 13:58 - 000000000 ____D C:\ProgramData\USOShared 2017-08-30 13:57 - 2017-09-11 14:17 - 003166290 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-08-30 13:57 - 2017-08-30 13:57 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique 2017-08-30 13:57 - 2017-08-30 13:57 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historique 2017-08-30 13:57 - 2017-08-30 13:57 - 000000000 _SHDL C:\Users\Default User 2017-08-30 13:57 - 2017-08-30 13:57 - 000000000 _SHDL C:\Users\All Users 2017-08-30 13:57 - 2017-08-30 13:57 - 000000000 _SHDL C:\ProgramData\Modèles 2017-08-30 13:57 - 2017-08-30 13:57 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes 2017-08-30 13:57 - 2017-08-30 13:57 - 000000000 _SHDL C:\ProgramData\Menu Démarrer 2017-08-30 13:57 - 2017-08-30 13:57 - 000000000 _SHDL C:\ProgramData\Favoris 2017-08-30 13:57 - 2017-08-30 13:57 - 000000000 _SHDL C:\ProgramData\Bureau 2017-08-30 13:57 - 2017-08-30 13:57 - 000000000 _SHDL C:\Program Files\Fichiers communs 2017-08-30 13:56 - 2017-09-11 14:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-08-30 13:56 - 2017-08-30 13:56 - 000064432 _____ C:\Users\DefaultAppPool\Desktop\Applications supprimées.html 2017-08-30 13:52 - 2017-09-11 14:02 - 000000000 ____D C:\Users\Frédérc 2017-08-30 13:52 - 2017-08-30 13:53 - 000000000 ____D C:\Users\DefaultAppPool 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\Frédérc\Voisinage réseau 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\Frédérc\Voisinage d'impression 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\Frédérc\Modèles 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\Frédérc\Mes documents 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\Frédérc\Menu Démarrer 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\Frédérc\Documents\Mes vidéos 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\Frédérc\Documents\Mes images 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\Frédérc\Documents\Ma musique 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\Frédérc\AppData\Local\Historique 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\DefaultAppPool\Voisinage réseau 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\DefaultAppPool\Voisinage d'impression 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\DefaultAppPool\Modèles 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\DefaultAppPool\Mes documents 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\DefaultAppPool\Menu Démarrer 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Mes vidéos 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Mes images 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Ma musique 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2017-08-30 13:52 - 2017-08-30 13:52 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historique 2017-08-30 13:51 - 2017-08-30 13:51 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2017-08-30 13:51 - 2017-08-30 13:51 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2017-08-30 13:51 - 2017-08-30 13:51 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf 2017-08-30 13:51 - 2017-08-30 13:51 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2017-08-30 13:51 - 2017-08-30 13:51 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2017-08-30 13:51 - 2017-08-30 13:51 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2017-08-30 13:51 - 2017-08-30 13:51 - 000000000 ____D C:\WINDOWS\system32\DAX2 2017-08-30 13:51 - 2017-08-30 13:51 - 000000000 ____D C:\Program Files\Realtek 2017-08-30 13:51 - 2017-08-30 13:51 - 000000000 ____D C:\Program Files (x86)\ASUS 2017-08-30 13:51 - 2017-08-30 13:51 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2017-08-30 13:51 - 2017-03-18 22:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-08-30 13:51 - 2016-11-02 00:05 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2017-08-30 13:51 - 2014-01-28 05:16 - 000028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll 2017-08-30 13:51 - 2014-01-28 05:16 - 000015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys 2017-08-30 13:50 - 2017-09-12 09:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-08-30 13:50 - 2017-08-31 02:12 - 000392640 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-08-30 13:50 - 2017-08-30 13:50 - 000000000 ____D C:\Program Files\Intel 2017-08-30 13:39 - 2017-08-30 14:49 - 000000000 ___HD C:\$SysReset 2017-08-30 11:53 - 2017-08-30 11:53 - 001695603 _____ C:\Users\Frédérc\Downloads\Revo Uninstaller Help French.pdf 2017-08-30 10:02 - 2017-08-30 10:02 - 000004365 _____ C:\Users\Frédérc\Downloads\FonePawIOSTransfer2.0.0MultilingualCrack_201609_archive.torrent 2017-08-29 16:55 - 2017-08-30 16:51 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10 2017-08-29 16:55 - 2017-08-29 17:06 - 000000000 ____D C:\Users\Frédérc\Documents\DVDFab10 2017-08-25 16:43 - 2017-08-25 16:43 - 006739551 _____ C:\Users\Frédérc\Downloads\Avira Phantom VPN Pro 2.7.1.26756 + Crack Fixed.zip 2017-08-24 10:41 - 2017-08-24 10:41 - 000000000 ____D C:\Users\Frédérc\Documents\Eventide 2017-08-20 12:02 - 2017-08-20 12:00 - 000004857 _____ C:\Users\Frédérc\Downloads\Pink Floyd - Another Brick In The Wall (Part II).zip 2017-08-20 09:05 - 2017-08-20 09:05 - 000000000 ____D C:\Users\Frédérc\Documents\IK Multimedia 2017-08-19 11:20 - 2017-08-19 11:20 - 001947720 _____ C:\Users\Frédérc\Documents\notice-saphir-700-2m25115716-1.pdf 2017-08-17 10:01 - 2017-08-17 10:01 - 000941295 _____ C:\Users\Frédérc\Downloads\1852843.pdf 2017-08-17 09:56 - 2017-08-17 09:56 - 000491477 _____ C:\Users\Frédérc\Downloads\1665637 (1).dxf 2017-08-17 09:54 - 2017-08-17 09:54 - 000491477 _____ C:\Users\Frédérc\Downloads\1665637.dxf 2017-08-14 10:16 - 2017-08-14 10:28 - 000002251 _____ C:\Users\Frédérc\Desktop\Mise en veille.lnk ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-09-11 14:02 - 2015-09-21 10:15 - 000000000 ____D C:\Users\Frédérc\AppData\LocalLow\Temp 2017-09-10 19:37 - 2017-05-10 10:07 - 000000000 ____D C:\Users\Frédérc\AppData\LocalLow\Mozilla 2017-09-09 14:13 - 2015-08-06 19:42 - 000000000 ___RD C:\Users\Frédérc\OneDrive 2017-09-06 22:32 - 2016-10-05 11:03 - 000001962 _____ C:\Users\Frédérc\Desktop\Dashlane.lnk 2017-09-06 22:32 - 2016-10-05 11:02 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane 2017-09-03 18:35 - 2014-12-21 11:08 - 000000000 ____D C:\Intel 2017-09-03 09:45 - 2015-08-06 19:40 - 000000000 __SHD C:\Users\Frédérc\IntelGraphicsProfiles 2017-09-01 13:41 - 2014-12-22 14:48 - 000000000 ____D C:\Users\Frédérc\Documents\Toontrack 2017-08-31 11:18 - 2015-02-23 12:47 - 000000000 ____D C:\Users\Frédérc\Downloads\Video 2017-08-31 10:35 - 2015-08-06 19:41 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-08-30 23:43 - 2009-12-16 18:55 - 000001488 _____ C:\WINDOWS\system32\pae_coinst_FirePod.cfg 2017-08-30 23:17 - 2015-02-23 12:47 - 000000000 ____D C:\Users\Frédérc\Downloads\Compressed 2017-08-30 14:43 - 2017-03-18 22:56 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys 2017-08-30 14:37 - 2016-05-16 17:57 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 8.5 64bit 2017-08-30 14:19 - 2015-02-17 00:32 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 8 64bit 2017-08-30 13:56 - 2017-03-28 08:54 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 9 2017-08-30 13:56 - 2016-12-02 18:19 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HeavenWard 2017-08-30 13:56 - 2015-05-10 16:02 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2017-08-30 13:56 - 2015-05-02 15:54 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ToneLabSE SoundEditor for Windows 2017-08-30 13:56 - 2015-04-20 10:52 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run 2017-08-30 13:56 - 2015-03-31 10:55 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Studio Devil 2017-08-30 13:56 - 2014-12-25 21:08 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waves 2017-08-30 13:56 - 2014-12-22 18:03 - 000000000 ____D C:\Users\Frédérc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XLN Audio ==================== Fichiers à la racine de certains dossiers ======= 2017-07-31 22:13 - 2017-07-31 22:13 - 064414080 _____ (Malwarebytes ) C:\Program Files (x86)\mb3-setup-consumer-3.2.0.1959.exe 2017-08-30 16:51 - 2017-08-30 16:51 - 000000087 _____ () C:\Users\Frédérc\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644 2017-08-30 13:51 - 2017-08-30 13:51 - 000000000 ____H () C:\ProgramData\DP45977C.lfl Fichiers à déplacer ou supprimer: ==================== C:\Users\Frédérc\wnxvnt.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-09-09 14:21 ==================== Fin de FRST.txt ============================