Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2017
Exécuté par Gaëla (administrateur) sur ORDI (14-01-2017 22:10:32)
Exécuté depuis C:\Users\Gaëla\Desktop
Profils chargés: Gaëla & (Profils disponibles: Gaëla & Administrateur)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [256744 2016-07-24] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266176 2016-07-24] (Trend Micro Inc.)
HKLM\...\Run: [WLM] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe [53304 2016-07-24] (Trend Micro Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212018877\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-147751014-2980168111-4115607111-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-147751014-2980168111-4115607111-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2016-07-24] (Trend Micro Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{786fa292-7141-4410-8dde-972f235a92d5}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-147751014-2980168111-4115607111-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-147751014-2980168111-4115607111-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-147751014-2980168111-4115607111-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212024330\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-147751014-2980168111-4115607111-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212024330\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-147751014-2980168111-4115607111-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
BHO: Plug-in de filtre réseau Trend Micro -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.)
BHO: Protection IE Trend Micro -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-26] (Oracle Corporation)
BHO-x32: Plug-in de filtre réseau Trend Micro -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.)
BHO-x32: Protection IE Trend Micro -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-26] (Oracle Corporation)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Pas de fichier
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Pas de fichier
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2016-07-24] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2016-07-24] (Trend Micro Inc.)
FireFox:
========
FF DefaultProfile: danqt8uw.default
FF ProfilePath: C:\Users\Gaëla\AppData\Roaming\Mozilla\Firefox\Profiles\danqt8uw.default [2017-01-14]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
FF Extension: (Trend Micro BEP Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension [2016-12-31]
FF HKLM\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: (Trend Micro Osprey Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2016-12-31]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2016-11-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-23] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2015-08-08] ()
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR Profile: C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default [2017-01-14]
CHR Extension: (Google Slides) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-12]
CHR Extension: (Google Docs) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-12]
CHR Extension: (Google Drive) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-12]
CHR Extension: (YouTube) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-12]
CHR Extension: (Recherche Google) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Google Sheets) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Trend Micro Toolbar) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2016-11-12]
CHR Extension: (Gmail) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-27]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-09-16] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-08-08] (WildTangent)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1145856 2016-07-24] (Trend Micro Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-08-06] (Advanced Micro Devices, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101104 2015-08-06] (Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmdag.sys [26568856 2016-10-26] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmpag.sys [536592 2016-10-26] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [277240 2015-08-06] (Advanced Micro Devices, Inc. )
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [224992 2013-11-01] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2016-03-28] (Advanced Micro Devices)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-14] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 QRDCIO; C:\WINDOWS\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated)
R1 tmactmon; C:\WINDOWS\system32\DRIVERS\tmactmon.sys [142552 2016-08-07] (Trend Micro Inc.)
R0 tmcomm; C:\WINDOWS\System32\DRIVERS\tmcomm.sys [435416 2016-08-07] (Trend Micro Inc.)
R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [72504 2016-01-05] (Trend Micro Inc.)
R3 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [143648 2016-06-21] (Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [39056 2015-06-23] (Trend Micro Inc.)
R1 tmevtmgr; C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys [117984 2016-08-07] (Trend Micro Inc.)
R3 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [561952 2016-06-24] (Trend Micro Inc.)
R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [111840 2016-09-30] (Trend Micro Inc.)
R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [132888 2016-05-16] (Trend Micro Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-01-14 21:56 - 2017-01-14 22:00 - 02419200 _____ (Farbar) C:\Users\Gaëla\Desktop\FRST64.exe
2017-01-14 21:36 - 2017-01-14 21:36 - 00128493 _____ C:\Users\Gaëla\Desktop\ZHPDiag2.txt
2017-01-14 21:07 - 2017-01-14 21:07 - 00002388 _____ C:\Users\Gaëla\Desktop\ZHPFix[R1].txt
2017-01-14 21:06 - 2017-01-14 21:06 - 00002388 _____ C:\Users\Gaëla\Desktop\ZHPFixReport.txt
2017-01-14 21:01 - 2017-01-14 21:01 - 00004974 _____ C:\Users\Gaëla\Desktop\ScriptZHPFix.txt
2017-01-14 20:06 - 2017-01-14 20:06 - 00132638 _____ C:\Users\Gaëla\Desktop\ZHPDiag011417.txt
2017-01-14 19:31 - 2017-01-14 19:31 - 00010193 _____ C:\Users\Gaëla\Desktop\zoek-results.txt
2017-01-14 19:18 - 2017-01-14 18:50 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-01-14 18:50 - 2017-01-14 19:14 - 00000000 ____D C:\zoek_backup
2017-01-14 18:49 - 2017-01-14 18:50 - 01309184 _____ C:\Users\Gaëla\Downloads\zoek.exe
2017-01-14 18:35 - 2017-01-14 18:35 - 00000733 _____ C:\Users\Gaëla\Desktop\JRT011417.txt
2017-01-14 18:34 - 2017-01-14 18:34 - 00000733 _____ C:\Users\Gaëla\Desktop\JRT.txt
2017-01-14 18:30 - 2017-01-14 18:30 - 01663040 _____ (Malwarebytes) C:\Users\Gaëla\Downloads\JRT.exe
2017-01-14 18:25 - 2017-01-14 18:25 - 00004736 _____ C:\Users\Gaëla\Downloads\rapportroguekiller011417.txt
2017-01-14 17:23 - 2017-01-14 17:23 - 00002054 _____ C:\Users\Gaëla\Desktop\AdwCleaner[C0]011417.txt
2017-01-14 17:11 - 2017-01-14 17:11 - 00002617 _____ C:\Users\Gaëla\Desktop\ZHPCleaner011417.txt
2017-01-14 16:47 - 2017-01-14 16:47 - 00000000 ___HD C:\OneDriveTemp
2017-01-12 21:03 - 2017-01-14 21:19 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-12 21:03 - 2017-01-12 21:03 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-12 21:03 - 2017-01-12 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-12 21:02 - 2017-01-12 21:02 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-12 21:02 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-12 20:45 - 2017-01-12 20:51 - 00001289 _____ C:\Users\Gaëla\Desktop\MBAM.txt
2017-01-12 20:14 - 2016-12-30 13:18 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-01-12 20:06 - 2017-01-12 21:02 - 54199488 _____ (Malwarebytes ) C:\Users\Gaëla\Downloads\mb3-setup-consumer-3.0.5.1299 (1).exe
2017-01-12 19:52 - 2017-01-12 19:54 - 54199488 _____ (Malwarebytes ) C:\Users\Gaëla\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-12 19:45 - 2017-01-12 19:45 - 00004420 _____ C:\Users\Gaëla\Desktop\rk_2557.tmp.txt
2017-01-12 19:44 - 2017-01-12 19:44 - 00004420 _____ C:\Users\Gaëla\Desktop\rk_C49E.tmp.txt
2017-01-11 20:54 - 2017-01-14 17:29 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-01-11 20:54 - 2017-01-11 21:06 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-11 20:52 - 2017-01-11 20:53 - 25924168 _____ C:\Users\Gaëla\Downloads\RogueKillerX64.exe
2017-01-11 20:48 - 2017-01-11 20:48 - 00002082 _____ C:\Users\Gaëla\Desktop\AdwCleaner[S7].txt
2017-01-11 20:38 - 2017-01-11 20:39 - 03988944 _____ C:\Users\Gaëla\Downloads\adwcleaner_6.042.exe
2017-01-11 20:32 - 2017-01-14 17:10 - 00002614 _____ C:\Users\Gaëla\Desktop\ZHPCleaner.txt
2017-01-11 19:31 - 2017-01-11 19:31 - 00068893 _____ C:\Users\Gaëla\Downloads\Shortcut.txt
2017-01-11 19:27 - 2017-01-11 19:31 - 00064133 _____ C:\Users\Gaëla\Downloads\Addition.txt
2017-01-11 19:26 - 2017-01-11 19:31 - 00160815 _____ C:\Users\Gaëla\Downloads\FRST.txt
2017-01-11 19:23 - 2017-01-14 22:08 - 00064720 _____ C:\Users\Gaëla\Desktop\Addition.txt
2017-01-11 19:19 - 2017-01-14 22:11 - 00024389 _____ C:\Users\Gaëla\Desktop\FRST.txt
2017-01-11 19:13 - 2017-01-14 22:10 - 00000000 ____D C:\FRST
2017-01-11 19:06 - 2017-01-11 19:06 - 00000802 _____ C:\Users\Gaëla\Desktop\WinChk.txt
2017-01-11 19:04 - 2017-01-11 19:05 - 00000802 _____ C:\WinChk.txt
2017-01-11 19:03 - 2017-01-11 19:04 - 00315000 _____ C:\Users\Gaëla\Downloads\winchk_2.0.exe
2017-01-11 17:18 - 2017-01-14 21:35 - 00128490 _____ C:\Users\Gaëla\Desktop\ZHPDiag.txt
2017-01-05 21:33 - 2017-01-05 21:33 - 00001922 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-01-05 21:33 - 2017-01-05 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-01-05 21:33 - 2017-01-05 21:33 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2017-01-05 21:32 - 2017-01-05 21:33 - 03521617 _____ (Nicolas Coolman ) C:\Users\Gaëla\Downloads\ZHPFix.exe
2017-01-05 21:24 - 2017-01-14 19:52 - 00000903 _____ C:\Users\Gaëla\Desktop\ZHPDiag.lnk
2017-01-05 21:23 - 2017-01-14 19:51 - 02631168 _____ C:\Users\Gaëla\Downloads\ZHPDiag3.exe
2017-01-05 20:09 - 2017-01-14 21:28 - 00000000 ____D C:\Users\Gaëla\AppData\Roaming\ZHP
2017-01-05 20:09 - 2017-01-14 16:50 - 00000913 _____ C:\Users\Gaëla\Desktop\ZHPCleaner.lnk
2017-01-05 20:09 - 2017-01-05 20:09 - 02661888 _____ C:\Users\Gaëla\Downloads\ZHPCleaner.exe
2017-01-05 19:24 - 2017-01-05 19:26 - 54199488 _____ (Malwarebytes ) C:\Users\Gaëla\Downloads\mb3-setup-35891.35891-3.0.5.1299.exe
2017-01-05 18:54 - 2017-01-05 18:54 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-01-05 18:53 - 2017-01-05 18:55 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-05 18:53 - 2017-01-05 18:54 - 00000000 ____D C:\Program Files\CCleaner
2017-01-05 18:53 - 2017-01-05 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-01-05 18:50 - 2017-01-05 18:53 - 08803648 _____ (Piriform Ltd) C:\Users\Gaëla\Downloads\ccsetup525.exe
2017-01-05 14:07 - 2017-01-14 17:19 - 00000000 ____D C:\AdwCleaner
2017-01-05 14:06 - 2017-01-05 14:07 - 03977168 _____ C:\Users\Gaëla\Downloads\adwcleaner_6.041.exe
2017-01-04 19:10 - 2017-01-04 19:10 - 00600658 _____ (driverlibs.com ) C:\Users\Gaëla\Downloads\DriverUpdateTools.exe
2016-12-30 16:27 - 2016-12-30 16:27 - 00000000 ____D C:\Users\Gaëla\AppData\Roaming\CareCenter
2016-12-30 16:27 - 2016-12-30 16:27 - 00000000 ____D C:\Users\Gaëla\AppData\Local\CareCenter
2016-12-30 12:04 - 2016-12-30 12:22 - 00000000 ____D C:\Users\Gaëla\Documents\MOBICLIC
2016-12-27 04:09 - 2017-01-14 21:10 - 00025819 ____H C:\Users\Gaëla\AppData\Local\IconCache.db
2016-12-27 01:12 - 2016-12-27 01:12 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-ORDI-Windows-10-Home-(64-bit).dat
2016-12-27 01:11 - 2016-12-27 01:11 - 00000000 ____D C:\RegBackup
2016-12-26 22:49 - 2016-12-27 03:41 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-12-26 21:40 - 2017-01-14 19:52 - 00000000 ____D C:\Users\Gaëla\AppData\LocalLow\Mozilla
2016-12-26 21:19 - 2016-12-26 22:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-26 19:25 - 2016-12-26 19:25 - 00000000 ____D C:\Program Files (x86)\Windows Resource Kits
2016-12-23 00:36 - 2016-12-23 00:36 - 00000000 ___HD C:\$SysReset
2016-12-22 23:29 - 2016-12-22 23:29 - 00011556 ____H C:\Users\Administrateur\AppData\Local\IconCache.db
2016-12-22 23:25 - 2016-12-22 23:25 - 00000000 ____D C:\Users\Administrateur\AppData\Local\ElevatedDiagnostics
2016-12-22 23:22 - 2016-12-22 23:22 - 00002472 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-22 23:22 - 2016-12-22 23:22 - 00000000 ___RD C:\Users\Administrateur\OneDrive
2016-12-22 23:21 - 2016-12-22 23:21 - 00001333 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gestionnaire audio HD.lnk
2016-12-22 23:21 - 2016-12-22 23:21 - 00001294 _____ C:\Users\Administrateur\Desktop\Trend Micro Internet Security.lnk
2016-12-22 23:21 - 2016-12-22 23:21 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security
2016-12-22 23:19 - 2016-12-22 23:19 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Publishers
2016-12-22 23:19 - 2016-12-22 23:19 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Comms
2016-12-22 23:18 - 2017-01-14 19:52 - 00524288 ____H C:\Users\Administrateur\NTUSER.DAT
2016-12-22 23:18 - 2017-01-14 19:13 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Google
2016-12-22 23:18 - 2016-12-26 21:27 - 00000000 ____D C:\Users\Administrateur
2016-12-22 23:18 - 2016-12-22 23:29 - 00524288 ___SH C:\Users\Administrateur\NTUSER.DAT{a4fa0dcd-8e0f-11e6-bd29-9199ffef194b}.TMContainer00000000000000000002.regtrans-ms
2016-12-22 23:18 - 2016-12-22 23:29 - 00524288 ___SH C:\Users\Administrateur\NTUSER.DAT{a4fa0dcd-8e0f-11e6-bd29-9199ffef194b}.TMContainer00000000000000000001.regtrans-ms
2016-12-22 23:18 - 2016-12-22 23:29 - 00065536 ___SH C:\Users\Administrateur\NTUSER.DAT{a4fa0dcd-8e0f-11e6-bd29-9199ffef194b}.TM.blf
2016-12-22 23:18 - 2016-12-22 23:29 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Packages
2016-12-22 23:18 - 2016-12-22 23:29 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Microsoft
2016-12-22 23:18 - 2016-12-22 23:29 - 00000000 ____D C:\Users\Administrateur\AppData\Local
2016-12-22 23:18 - 2016-12-22 23:27 - 00000000 ___SD C:\Users\Administrateur\AppData\Roaming\Microsoft
2016-12-22 23:18 - 2016-12-22 23:27 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Temp
2016-12-22 23:18 - 2016-12-22 23:22 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-22 23:18 - 2016-12-22 23:21 - 00000000 ___RD C:\Users\Administrateur\Desktop
2016-12-22 23:18 - 2016-12-22 23:21 - 00000000 ____D C:\Users\Administrateur\AppData\Local\AMD
2016-12-22 23:18 - 2016-12-22 23:20 - 00000000 ___RD C:\Users\Administrateur\Searches
2016-12-22 23:18 - 2016-12-22 23:18 - 00147456 ___SH C:\Users\Administrateur\ntuser.dat.LOG2
2016-12-22 23:18 - 2016-12-22 23:18 - 00049152 ___SH C:\Users\Administrateur\ntuser.dat.LOG1
2016-12-22 23:18 - 2016-12-22 23:18 - 00000402 ___SH C:\Users\Administrateur\Documents\desktop.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000282 ___SH C:\Users\Administrateur\Downloads\desktop.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000282 ___SH C:\Users\Administrateur\Desktop\desktop.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000174 ___SH C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000174 ___SH C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000020 ___SH C:\Users\Administrateur\ntuser.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Voisinage réseau
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Voisinage d'impression
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\SendTo
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Recent
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Modèles
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Mes documents
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Menu Démarrer
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Local Settings
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Documents\Mes vidéos
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Documents\Mes images
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Documents\Ma musique
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Cookies
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Application Data
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Local\Temporary Internet Files
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Local\Historique
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Local\Application Data
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___SD C:\Users\Administrateur\AppData\LocalLow\Microsoft
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Videos
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Saved Games
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Pictures
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Music
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Links
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Favorites
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Downloads
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Documents
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Contacts
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___HD C:\Users\Administrateur\AppData
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\Adobe
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\LocalLow
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Local\TileDataLayer
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Local\OEM
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Local\ConnectedDevicesPlatform
2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\ATI
2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ____D C:\Users\Administrateur\AppData\Local\ATI
2016-12-22 23:18 - 2016-07-16 12:47 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-12-22 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-22 21:58 - 2015-08-23 14:57 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20161222-215833.backup
2016-12-22 21:45 - 2016-12-22 21:45 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-22 20:22 - 2016-12-22 20:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-12-22 20:21 - 2016-12-26 21:21 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-12-22 20:21 - 2016-12-22 23:54 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-12-22 19:33 - 2017-01-12 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-22 19:32 - 2016-12-22 19:32 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Programs
2016-12-22 06:49 - 2016-12-22 06:49 - 00000017 _____ C:\Users\Gaëla\AppData\Local\resmon.resmoncfg
2016-12-22 06:40 - 2016-12-30 16:10 - 00000000 ____D C:\Users\Gaëla\AppData\Local\ElevatedDiagnostics
2016-12-21 20:29 - 2016-12-21 20:29 - 00524288 ___SH C:\Users\Gaëla\ntuser.dat{f11f8689-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000002.regtrans-ms
2016-12-21 20:29 - 2016-12-21 20:29 - 00524288 ___SH C:\Users\Gaëla\ntuser.dat{f11f8689-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000001.regtrans-ms
2016-12-21 20:29 - 2016-12-21 20:29 - 00065536 ___SH C:\Users\Gaëla\ntuser.dat{f11f8689-c7b2-11e6-82b5-2c600c2d3634}.TM.blf
2016-12-21 20:25 - 2017-01-14 21:20 - 00524288 ___SH C:\WINDOWS\system32\config\components{f11f85f8-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000002.regtrans-ms
2016-12-21 20:25 - 2017-01-14 21:20 - 00065536 ___SH C:\WINDOWS\system32\config\components{f11f85f8-c7b2-11e6-82b5-2c600c2d3634}.TM.blf
2016-12-21 20:25 - 2017-01-14 19:28 - 00524288 ___SH C:\WINDOWS\system32\config\components{f11f85f8-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000001.regtrans-ms
2016-12-21 20:24 - 2016-12-21 20:29 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{f11f85da-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000002.regtrans-ms
2016-12-21 20:24 - 2016-12-21 20:29 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{f11f85da-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000001.regtrans-ms
2016-12-21 20:24 - 2016-12-21 20:29 - 00065536 ___SH C:\WINDOWS\system32\config\drivers{f11f85da-c7b2-11e6-82b5-2c600c2d3634}.TM.blf
2016-12-18 17:08 - 2016-12-18 17:08 - 01048576 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.2.regtrans-ms
2016-12-18 17:08 - 2016-12-18 17:08 - 01048576 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.1.regtrans-ms
2016-12-18 17:08 - 2016-12-18 17:08 - 01048576 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.0.regtrans-ms
2016-12-18 17:08 - 2016-12-18 17:08 - 00065536 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.blf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-01-14 22:11 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-14 21:25 - 2015-05-03 10:28 - 00000000 __RDO C:\Users\Gaëla\OneDrive
2017-01-14 21:24 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-14 21:19 - 2014-12-06 11:38 - 04784038 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2017-01-14 21:18 - 2016-10-09 11:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-14 21:18 - 2016-10-09 11:04 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-01-14 21:18 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-14 19:26 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-14 19:13 - 2016-10-09 11:11 - 00000000 ____D C:\Users\Gaëla
2017-01-14 19:13 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-01-14 16:45 - 2016-10-09 11:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-13 19:12 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-12 18:54 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-12 18:50 - 2014-12-06 12:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-12 18:19 - 2015-05-02 06:42 - 00000000 ____D C:\Users\Gaëla\AppData\Local\CrashDumps
2017-01-11 20:35 - 2015-05-29 19:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 20:30 - 2015-05-29 19:16 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-11 19:24 - 2015-08-23 14:59 - 00407608 _____ (Trend Micro Inc.) C:\WINDOWS\RegBootClean64.exe
2017-01-11 19:24 - 2015-05-03 11:13 - 00000000 ____D C:\ProgramData\Trend Micro
2017-01-05 19:32 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-05 19:02 - 2016-10-09 12:00 - 00000000 ___DC C:\WINDOWS\Panther
2017-01-05 14:06 - 2015-06-14 18:51 - 00000000 ____D C:\Users\Gaëla\AppData\Roaming\Skype
2017-01-05 13:47 - 2015-04-29 18:02 - 00000000 ____D C:\Users\Gaëla\AppData\Local\clear.fi
2017-01-04 12:02 - 2015-05-03 18:05 - 00000000 ____D C:\Users\Gaëla\Documents\Personnel
2016-12-30 15:07 - 2016-04-11 19:50 - 00000000 ____D C:\Users\Gaëla\Documents\CyberLink
2016-12-30 15:07 - 2014-12-06 12:04 - 00000000 ____D C:\Users\Public\CyberLink
2016-12-30 12:04 - 2015-04-29 17:58 - 00000000 ___RD C:\Users\Gaëla\Documents
2016-12-30 11:07 - 2015-04-29 17:59 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Packages
2016-12-28 20:41 - 2014-12-06 11:53 - 00000000 ____D C:\ProgramData\CyberLink
2016-12-27 02:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-27 01:45 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-27 01:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\config\TxR
2016-12-27 01:19 - 2015-06-21 17:20 - 00000000 ____D C:\Users\Gaëla\Documents\photo
2016-12-27 01:19 - 2015-06-17 15:05 - 00000000 ____D C:\Users\Gaëla\Documents\BEC
2016-12-27 01:19 - 2015-05-03 15:15 - 00000000 ____D C:\Users\Gaëla\Documents\Festival du livre
2016-12-27 01:19 - 2015-04-29 17:58 - 00000000 ___RD C:\Users\Gaëla\Pictures
2016-12-27 01:13 - 2016-07-16 07:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-26 23:50 - 2016-07-16 12:47 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-26 22:50 - 2016-06-20 18:57 - 00000298 ___SH C:\Users\Gaëla\Downloads\desktop.ini
2016-12-26 22:50 - 2015-04-29 18:00 - 00000282 ___SH C:\Users\Gaëla\Desktop\desktop.ini
2016-12-26 22:39 - 2016-07-16 07:04 - 00131072 _____ C:\WINDOWS\system32\config\sam
2016-12-26 22:25 - 2015-04-30 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-26 21:40 - 2015-08-23 08:40 - 00000000 ____D C:\ProgramData\Oracle
2016-12-26 21:40 - 2015-04-29 17:59 - 00000000 ____D C:\Users\Gaëla\AppData\LocalLow
2016-12-26 21:39 - 2015-08-23 08:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-26 21:39 - 2015-08-23 08:40 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-26 21:38 - 2015-08-23 08:41 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-12-26 21:21 - 2015-04-30 17:36 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-26 21:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\Logs
2016-12-26 19:35 - 2015-11-12 19:19 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-26 19:35 - 2015-11-12 19:19 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-23 01:32 - 2016-10-09 11:52 - 00003988 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-12-23 01:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-23 01:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-22 23:18 - 2016-07-16 07:04 - 00000000 ___RD C:\Users
2016-12-22 23:18 - 2015-04-30 00:48 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-22 21:58 - 2013-08-22 14:25 - 00453742 ____R C:\WINDOWS\system32\Drivers\etc\hosts
2016-12-22 21:45 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files\Common Files
2016-12-22 21:39 - 2016-07-16 23:40 - 00710640 _____ C:\WINDOWS\system32\perfh00C.dat
2016-12-22 21:39 - 2016-07-16 23:40 - 00137202 _____ C:\WINDOWS\system32\perfc00C.dat
2016-12-22 21:39 - 2016-07-16 12:49 - 00789078 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-22 21:39 - 2016-07-16 12:49 - 00190556 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-22 21:39 - 2015-08-05 21:30 - 01825302 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-22 21:30 - 2016-07-16 12:47 - 00000000 ___RD C:\Users\Public
2016-12-22 21:30 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default\AppData\Local
2016-12-22 21:30 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default User\AppData\Local
2016-12-22 19:42 - 2016-10-09 11:52 - 00003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-22 19:42 - 2016-10-09 11:52 - 00003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-22 19:17 - 2015-08-24 08:49 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Diagnostics
2016-12-22 06:55 - 2016-10-09 11:11 - 00000000 ___SD C:\Users\Gaëla\AppData\Roaming\Microsoft
2016-12-22 06:41 - 2016-10-09 11:11 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Microsoft
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\migration
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\fr-FR
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migration
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Drivers\UMDF
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Media Player
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Mail
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Media Player
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Mail
2016-12-21 20:22 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-21 20:22 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SystemResources
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sru
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\fr-FR
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\CodeIntegrity
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-21 20:21 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-21 20:21 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-21 20:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
2016-12-21 20:00 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-21 19:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2016-12-15 06:37 - 2016-10-09 11:10 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{77d05f1f-4ba5-11e6-80c5-0026b956d466}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 06:37 - 2016-10-09 11:10 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{77d05f1f-4ba5-11e6-80c5-0026b956d466}.TM.blf
==================== Fichiers à la racine de certains dossiers =======
2015-05-03 11:13 - 2015-05-03 11:13 - 0000036 _____ () C:\Users\Gaëla\AppData\Local\housecall.guid.cache
2016-12-22 06:49 - 2016-12-22 06:49 - 0000017 _____ () C:\Users\Gaëla\AppData\Local\resmon.resmoncfg
2016-10-09 11:06 - 2016-10-09 11:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-01-14 18:44
==================== Fin de FRST.txt ============================
Exécuté par Gaëla (administrateur) sur ORDI (14-01-2017 22:10:32)
Exécuté depuis C:\Users\Gaëla\Desktop
Profils chargés: Gaëla & (Profils disponibles: Gaëla & Administrateur)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [256744 2016-07-24] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266176 2016-07-24] (Trend Micro Inc.)
HKLM\...\Run: [WLM] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe [53304 2016-07-24] (Trend Micro Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212018877\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-147751014-2980168111-4115607111-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-147751014-2980168111-4115607111-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2016-07-24] (Trend Micro Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{786fa292-7141-4410-8dde-972f235a92d5}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-147751014-2980168111-4115607111-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-147751014-2980168111-4115607111-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-147751014-2980168111-4115607111-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212024330\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-147751014-2980168111-4115607111-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212024330\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-147751014-2980168111-4115607111-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
BHO: Plug-in de filtre réseau Trend Micro -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.)
BHO: Protection IE Trend Micro -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-26] (Oracle Corporation)
BHO-x32: Plug-in de filtre réseau Trend Micro -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.)
BHO-x32: Protection IE Trend Micro -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-26] (Oracle Corporation)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Pas de fichier
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Pas de fichier
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2016-07-24] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2016-07-24] (Trend Micro Inc.)
FireFox:
========
FF DefaultProfile: danqt8uw.default
FF ProfilePath: C:\Users\Gaëla\AppData\Roaming\Mozilla\Firefox\Profiles\danqt8uw.default [2017-01-14]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
FF Extension: (Trend Micro BEP Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension [2016-12-31]
FF HKLM\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: (Trend Micro Osprey Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2016-12-31]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2016-11-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-23] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2015-08-08] ()
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR Profile: C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default [2017-01-14]
CHR Extension: (Google Slides) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-12]
CHR Extension: (Google Docs) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-12]
CHR Extension: (Google Drive) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-12]
CHR Extension: (YouTube) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-12]
CHR Extension: (Recherche Google) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Google Sheets) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Trend Micro Toolbar) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2016-11-12]
CHR Extension: (Gmail) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-27]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-09-16] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-08-08] (WildTangent)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1145856 2016-07-24] (Trend Micro Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-08-06] (Advanced Micro Devices, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101104 2015-08-06] (Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmdag.sys [26568856 2016-10-26] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmpag.sys [536592 2016-10-26] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [277240 2015-08-06] (Advanced Micro Devices, Inc. )
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [224992 2013-11-01] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2016-03-28] (Advanced Micro Devices)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-14] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 QRDCIO; C:\WINDOWS\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated)
R1 tmactmon; C:\WINDOWS\system32\DRIVERS\tmactmon.sys [142552 2016-08-07] (Trend Micro Inc.)
R0 tmcomm; C:\WINDOWS\System32\DRIVERS\tmcomm.sys [435416 2016-08-07] (Trend Micro Inc.)
R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [72504 2016-01-05] (Trend Micro Inc.)
R3 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [143648 2016-06-21] (Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [39056 2015-06-23] (Trend Micro Inc.)
R1 tmevtmgr; C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys [117984 2016-08-07] (Trend Micro Inc.)
R3 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [561952 2016-06-24] (Trend Micro Inc.)
R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [111840 2016-09-30] (Trend Micro Inc.)
R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [132888 2016-05-16] (Trend Micro Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-01-14 21:56 - 2017-01-14 22:00 - 02419200 _____ (Farbar) C:\Users\Gaëla\Desktop\FRST64.exe
2017-01-14 21:36 - 2017-01-14 21:36 - 00128493 _____ C:\Users\Gaëla\Desktop\ZHPDiag2.txt
2017-01-14 21:07 - 2017-01-14 21:07 - 00002388 _____ C:\Users\Gaëla\Desktop\ZHPFix[R1].txt
2017-01-14 21:06 - 2017-01-14 21:06 - 00002388 _____ C:\Users\Gaëla\Desktop\ZHPFixReport.txt
2017-01-14 21:01 - 2017-01-14 21:01 - 00004974 _____ C:\Users\Gaëla\Desktop\ScriptZHPFix.txt
2017-01-14 20:06 - 2017-01-14 20:06 - 00132638 _____ C:\Users\Gaëla\Desktop\ZHPDiag011417.txt
2017-01-14 19:31 - 2017-01-14 19:31 - 00010193 _____ C:\Users\Gaëla\Desktop\zoek-results.txt
2017-01-14 19:18 - 2017-01-14 18:50 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-01-14 18:50 - 2017-01-14 19:14 - 00000000 ____D C:\zoek_backup
2017-01-14 18:49 - 2017-01-14 18:50 - 01309184 _____ C:\Users\Gaëla\Downloads\zoek.exe
2017-01-14 18:35 - 2017-01-14 18:35 - 00000733 _____ C:\Users\Gaëla\Desktop\JRT011417.txt
2017-01-14 18:34 - 2017-01-14 18:34 - 00000733 _____ C:\Users\Gaëla\Desktop\JRT.txt
2017-01-14 18:30 - 2017-01-14 18:30 - 01663040 _____ (Malwarebytes) C:\Users\Gaëla\Downloads\JRT.exe
2017-01-14 18:25 - 2017-01-14 18:25 - 00004736 _____ C:\Users\Gaëla\Downloads\rapportroguekiller011417.txt
2017-01-14 17:23 - 2017-01-14 17:23 - 00002054 _____ C:\Users\Gaëla\Desktop\AdwCleaner[C0]011417.txt
2017-01-14 17:11 - 2017-01-14 17:11 - 00002617 _____ C:\Users\Gaëla\Desktop\ZHPCleaner011417.txt
2017-01-14 16:47 - 2017-01-14 16:47 - 00000000 ___HD C:\OneDriveTemp
2017-01-12 21:03 - 2017-01-14 21:19 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-12 21:03 - 2017-01-12 21:03 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-12 21:03 - 2017-01-12 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-12 21:02 - 2017-01-12 21:02 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-12 21:02 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-12 20:45 - 2017-01-12 20:51 - 00001289 _____ C:\Users\Gaëla\Desktop\MBAM.txt
2017-01-12 20:14 - 2016-12-30 13:18 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-01-12 20:06 - 2017-01-12 21:02 - 54199488 _____ (Malwarebytes ) C:\Users\Gaëla\Downloads\mb3-setup-consumer-3.0.5.1299 (1).exe
2017-01-12 19:52 - 2017-01-12 19:54 - 54199488 _____ (Malwarebytes ) C:\Users\Gaëla\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-12 19:45 - 2017-01-12 19:45 - 00004420 _____ C:\Users\Gaëla\Desktop\rk_2557.tmp.txt
2017-01-12 19:44 - 2017-01-12 19:44 - 00004420 _____ C:\Users\Gaëla\Desktop\rk_C49E.tmp.txt
2017-01-11 20:54 - 2017-01-14 17:29 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-01-11 20:54 - 2017-01-11 21:06 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-11 20:52 - 2017-01-11 20:53 - 25924168 _____ C:\Users\Gaëla\Downloads\RogueKillerX64.exe
2017-01-11 20:48 - 2017-01-11 20:48 - 00002082 _____ C:\Users\Gaëla\Desktop\AdwCleaner[S7].txt
2017-01-11 20:38 - 2017-01-11 20:39 - 03988944 _____ C:\Users\Gaëla\Downloads\adwcleaner_6.042.exe
2017-01-11 20:32 - 2017-01-14 17:10 - 00002614 _____ C:\Users\Gaëla\Desktop\ZHPCleaner.txt
2017-01-11 19:31 - 2017-01-11 19:31 - 00068893 _____ C:\Users\Gaëla\Downloads\Shortcut.txt
2017-01-11 19:27 - 2017-01-11 19:31 - 00064133 _____ C:\Users\Gaëla\Downloads\Addition.txt
2017-01-11 19:26 - 2017-01-11 19:31 - 00160815 _____ C:\Users\Gaëla\Downloads\FRST.txt
2017-01-11 19:23 - 2017-01-14 22:08 - 00064720 _____ C:\Users\Gaëla\Desktop\Addition.txt
2017-01-11 19:19 - 2017-01-14 22:11 - 00024389 _____ C:\Users\Gaëla\Desktop\FRST.txt
2017-01-11 19:13 - 2017-01-14 22:10 - 00000000 ____D C:\FRST
2017-01-11 19:06 - 2017-01-11 19:06 - 00000802 _____ C:\Users\Gaëla\Desktop\WinChk.txt
2017-01-11 19:04 - 2017-01-11 19:05 - 00000802 _____ C:\WinChk.txt
2017-01-11 19:03 - 2017-01-11 19:04 - 00315000 _____ C:\Users\Gaëla\Downloads\winchk_2.0.exe
2017-01-11 17:18 - 2017-01-14 21:35 - 00128490 _____ C:\Users\Gaëla\Desktop\ZHPDiag.txt
2017-01-05 21:33 - 2017-01-05 21:33 - 00001922 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-01-05 21:33 - 2017-01-05 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-01-05 21:33 - 2017-01-05 21:33 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2017-01-05 21:32 - 2017-01-05 21:33 - 03521617 _____ (Nicolas Coolman ) C:\Users\Gaëla\Downloads\ZHPFix.exe
2017-01-05 21:24 - 2017-01-14 19:52 - 00000903 _____ C:\Users\Gaëla\Desktop\ZHPDiag.lnk
2017-01-05 21:23 - 2017-01-14 19:51 - 02631168 _____ C:\Users\Gaëla\Downloads\ZHPDiag3.exe
2017-01-05 20:09 - 2017-01-14 21:28 - 00000000 ____D C:\Users\Gaëla\AppData\Roaming\ZHP
2017-01-05 20:09 - 2017-01-14 16:50 - 00000913 _____ C:\Users\Gaëla\Desktop\ZHPCleaner.lnk
2017-01-05 20:09 - 2017-01-05 20:09 - 02661888 _____ C:\Users\Gaëla\Downloads\ZHPCleaner.exe
2017-01-05 19:24 - 2017-01-05 19:26 - 54199488 _____ (Malwarebytes ) C:\Users\Gaëla\Downloads\mb3-setup-35891.35891-3.0.5.1299.exe
2017-01-05 18:54 - 2017-01-05 18:54 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-01-05 18:53 - 2017-01-05 18:55 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-05 18:53 - 2017-01-05 18:54 - 00000000 ____D C:\Program Files\CCleaner
2017-01-05 18:53 - 2017-01-05 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-01-05 18:50 - 2017-01-05 18:53 - 08803648 _____ (Piriform Ltd) C:\Users\Gaëla\Downloads\ccsetup525.exe
2017-01-05 14:07 - 2017-01-14 17:19 - 00000000 ____D C:\AdwCleaner
2017-01-05 14:06 - 2017-01-05 14:07 - 03977168 _____ C:\Users\Gaëla\Downloads\adwcleaner_6.041.exe
2017-01-04 19:10 - 2017-01-04 19:10 - 00600658 _____ (driverlibs.com ) C:\Users\Gaëla\Downloads\DriverUpdateTools.exe
2016-12-30 16:27 - 2016-12-30 16:27 - 00000000 ____D C:\Users\Gaëla\AppData\Roaming\CareCenter
2016-12-30 16:27 - 2016-12-30 16:27 - 00000000 ____D C:\Users\Gaëla\AppData\Local\CareCenter
2016-12-30 12:04 - 2016-12-30 12:22 - 00000000 ____D C:\Users\Gaëla\Documents\MOBICLIC
2016-12-27 04:09 - 2017-01-14 21:10 - 00025819 ____H C:\Users\Gaëla\AppData\Local\IconCache.db
2016-12-27 01:12 - 2016-12-27 01:12 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-ORDI-Windows-10-Home-(64-bit).dat
2016-12-27 01:11 - 2016-12-27 01:11 - 00000000 ____D C:\RegBackup
2016-12-26 22:49 - 2016-12-27 03:41 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-12-26 21:40 - 2017-01-14 19:52 - 00000000 ____D C:\Users\Gaëla\AppData\LocalLow\Mozilla
2016-12-26 21:19 - 2016-12-26 22:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-26 19:25 - 2016-12-26 19:25 - 00000000 ____D C:\Program Files (x86)\Windows Resource Kits
2016-12-23 00:36 - 2016-12-23 00:36 - 00000000 ___HD C:\$SysReset
2016-12-22 23:29 - 2016-12-22 23:29 - 00011556 ____H C:\Users\Administrateur\AppData\Local\IconCache.db
2016-12-22 23:25 - 2016-12-22 23:25 - 00000000 ____D C:\Users\Administrateur\AppData\Local\ElevatedDiagnostics
2016-12-22 23:22 - 2016-12-22 23:22 - 00002472 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-22 23:22 - 2016-12-22 23:22 - 00000000 ___RD C:\Users\Administrateur\OneDrive
2016-12-22 23:21 - 2016-12-22 23:21 - 00001333 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gestionnaire audio HD.lnk
2016-12-22 23:21 - 2016-12-22 23:21 - 00001294 _____ C:\Users\Administrateur\Desktop\Trend Micro Internet Security.lnk
2016-12-22 23:21 - 2016-12-22 23:21 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security
2016-12-22 23:19 - 2016-12-22 23:19 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Publishers
2016-12-22 23:19 - 2016-12-22 23:19 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Comms
2016-12-22 23:18 - 2017-01-14 19:52 - 00524288 ____H C:\Users\Administrateur\NTUSER.DAT
2016-12-22 23:18 - 2017-01-14 19:13 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Google
2016-12-22 23:18 - 2016-12-26 21:27 - 00000000 ____D C:\Users\Administrateur
2016-12-22 23:18 - 2016-12-22 23:29 - 00524288 ___SH C:\Users\Administrateur\NTUSER.DAT{a4fa0dcd-8e0f-11e6-bd29-9199ffef194b}.TMContainer00000000000000000002.regtrans-ms
2016-12-22 23:18 - 2016-12-22 23:29 - 00524288 ___SH C:\Users\Administrateur\NTUSER.DAT{a4fa0dcd-8e0f-11e6-bd29-9199ffef194b}.TMContainer00000000000000000001.regtrans-ms
2016-12-22 23:18 - 2016-12-22 23:29 - 00065536 ___SH C:\Users\Administrateur\NTUSER.DAT{a4fa0dcd-8e0f-11e6-bd29-9199ffef194b}.TM.blf
2016-12-22 23:18 - 2016-12-22 23:29 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Packages
2016-12-22 23:18 - 2016-12-22 23:29 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Microsoft
2016-12-22 23:18 - 2016-12-22 23:29 - 00000000 ____D C:\Users\Administrateur\AppData\Local
2016-12-22 23:18 - 2016-12-22 23:27 - 00000000 ___SD C:\Users\Administrateur\AppData\Roaming\Microsoft
2016-12-22 23:18 - 2016-12-22 23:27 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Temp
2016-12-22 23:18 - 2016-12-22 23:22 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-22 23:18 - 2016-12-22 23:21 - 00000000 ___RD C:\Users\Administrateur\Desktop
2016-12-22 23:18 - 2016-12-22 23:21 - 00000000 ____D C:\Users\Administrateur\AppData\Local\AMD
2016-12-22 23:18 - 2016-12-22 23:20 - 00000000 ___RD C:\Users\Administrateur\Searches
2016-12-22 23:18 - 2016-12-22 23:18 - 00147456 ___SH C:\Users\Administrateur\ntuser.dat.LOG2
2016-12-22 23:18 - 2016-12-22 23:18 - 00049152 ___SH C:\Users\Administrateur\ntuser.dat.LOG1
2016-12-22 23:18 - 2016-12-22 23:18 - 00000402 ___SH C:\Users\Administrateur\Documents\desktop.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000282 ___SH C:\Users\Administrateur\Downloads\desktop.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000282 ___SH C:\Users\Administrateur\Desktop\desktop.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000174 ___SH C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000174 ___SH C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000020 ___SH C:\Users\Administrateur\ntuser.ini
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Voisinage réseau
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Voisinage d'impression
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\SendTo
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Recent
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Modèles
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Mes documents
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Menu Démarrer
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Local Settings
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Documents\Mes vidéos
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Documents\Mes images
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Documents\Ma musique
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Cookies
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Application Data
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Local\Temporary Internet Files
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Local\Historique
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Local\Application Data
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___SD C:\Users\Administrateur\AppData\LocalLow\Microsoft
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Videos
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Saved Games
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Pictures
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Music
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Links
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Favorites
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Downloads
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Documents
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Contacts
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___HD C:\Users\Administrateur\AppData
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\Adobe
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\LocalLow
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Local\TileDataLayer
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Local\OEM
2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Local\ConnectedDevicesPlatform
2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\ATI
2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ____D C:\Users\Administrateur\AppData\Local\ATI
2016-12-22 23:18 - 2016-07-16 12:47 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-12-22 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-22 21:58 - 2015-08-23 14:57 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20161222-215833.backup
2016-12-22 21:45 - 2016-12-22 21:45 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-22 20:22 - 2016-12-22 20:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-12-22 20:21 - 2016-12-26 21:21 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-12-22 20:21 - 2016-12-22 23:54 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-12-22 19:33 - 2017-01-12 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-22 19:32 - 2016-12-22 19:32 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Programs
2016-12-22 06:49 - 2016-12-22 06:49 - 00000017 _____ C:\Users\Gaëla\AppData\Local\resmon.resmoncfg
2016-12-22 06:40 - 2016-12-30 16:10 - 00000000 ____D C:\Users\Gaëla\AppData\Local\ElevatedDiagnostics
2016-12-21 20:29 - 2016-12-21 20:29 - 00524288 ___SH C:\Users\Gaëla\ntuser.dat{f11f8689-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000002.regtrans-ms
2016-12-21 20:29 - 2016-12-21 20:29 - 00524288 ___SH C:\Users\Gaëla\ntuser.dat{f11f8689-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000001.regtrans-ms
2016-12-21 20:29 - 2016-12-21 20:29 - 00065536 ___SH C:\Users\Gaëla\ntuser.dat{f11f8689-c7b2-11e6-82b5-2c600c2d3634}.TM.blf
2016-12-21 20:25 - 2017-01-14 21:20 - 00524288 ___SH C:\WINDOWS\system32\config\components{f11f85f8-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000002.regtrans-ms
2016-12-21 20:25 - 2017-01-14 21:20 - 00065536 ___SH C:\WINDOWS\system32\config\components{f11f85f8-c7b2-11e6-82b5-2c600c2d3634}.TM.blf
2016-12-21 20:25 - 2017-01-14 19:28 - 00524288 ___SH C:\WINDOWS\system32\config\components{f11f85f8-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000001.regtrans-ms
2016-12-21 20:24 - 2016-12-21 20:29 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{f11f85da-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000002.regtrans-ms
2016-12-21 20:24 - 2016-12-21 20:29 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{f11f85da-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000001.regtrans-ms
2016-12-21 20:24 - 2016-12-21 20:29 - 00065536 ___SH C:\WINDOWS\system32\config\drivers{f11f85da-c7b2-11e6-82b5-2c600c2d3634}.TM.blf
2016-12-18 17:08 - 2016-12-18 17:08 - 01048576 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.2.regtrans-ms
2016-12-18 17:08 - 2016-12-18 17:08 - 01048576 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.1.regtrans-ms
2016-12-18 17:08 - 2016-12-18 17:08 - 01048576 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.0.regtrans-ms
2016-12-18 17:08 - 2016-12-18 17:08 - 00065536 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.blf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-01-14 22:11 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-14 21:25 - 2015-05-03 10:28 - 00000000 __RDO C:\Users\Gaëla\OneDrive
2017-01-14 21:24 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-14 21:19 - 2014-12-06 11:38 - 04784038 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2017-01-14 21:18 - 2016-10-09 11:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-14 21:18 - 2016-10-09 11:04 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-01-14 21:18 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-14 19:26 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-14 19:13 - 2016-10-09 11:11 - 00000000 ____D C:\Users\Gaëla
2017-01-14 19:13 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-01-14 16:45 - 2016-10-09 11:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-13 19:12 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-12 18:54 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-12 18:50 - 2014-12-06 12:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-12 18:19 - 2015-05-02 06:42 - 00000000 ____D C:\Users\Gaëla\AppData\Local\CrashDumps
2017-01-11 20:35 - 2015-05-29 19:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 20:30 - 2015-05-29 19:16 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-11 19:24 - 2015-08-23 14:59 - 00407608 _____ (Trend Micro Inc.) C:\WINDOWS\RegBootClean64.exe
2017-01-11 19:24 - 2015-05-03 11:13 - 00000000 ____D C:\ProgramData\Trend Micro
2017-01-05 19:32 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-05 19:02 - 2016-10-09 12:00 - 00000000 ___DC C:\WINDOWS\Panther
2017-01-05 14:06 - 2015-06-14 18:51 - 00000000 ____D C:\Users\Gaëla\AppData\Roaming\Skype
2017-01-05 13:47 - 2015-04-29 18:02 - 00000000 ____D C:\Users\Gaëla\AppData\Local\clear.fi
2017-01-04 12:02 - 2015-05-03 18:05 - 00000000 ____D C:\Users\Gaëla\Documents\Personnel
2016-12-30 15:07 - 2016-04-11 19:50 - 00000000 ____D C:\Users\Gaëla\Documents\CyberLink
2016-12-30 15:07 - 2014-12-06 12:04 - 00000000 ____D C:\Users\Public\CyberLink
2016-12-30 12:04 - 2015-04-29 17:58 - 00000000 ___RD C:\Users\Gaëla\Documents
2016-12-30 11:07 - 2015-04-29 17:59 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Packages
2016-12-28 20:41 - 2014-12-06 11:53 - 00000000 ____D C:\ProgramData\CyberLink
2016-12-27 02:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-27 01:45 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-27 01:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\config\TxR
2016-12-27 01:19 - 2015-06-21 17:20 - 00000000 ____D C:\Users\Gaëla\Documents\photo
2016-12-27 01:19 - 2015-06-17 15:05 - 00000000 ____D C:\Users\Gaëla\Documents\BEC
2016-12-27 01:19 - 2015-05-03 15:15 - 00000000 ____D C:\Users\Gaëla\Documents\Festival du livre
2016-12-27 01:19 - 2015-04-29 17:58 - 00000000 ___RD C:\Users\Gaëla\Pictures
2016-12-27 01:13 - 2016-07-16 07:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-26 23:50 - 2016-07-16 12:47 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-26 22:50 - 2016-06-20 18:57 - 00000298 ___SH C:\Users\Gaëla\Downloads\desktop.ini
2016-12-26 22:50 - 2015-04-29 18:00 - 00000282 ___SH C:\Users\Gaëla\Desktop\desktop.ini
2016-12-26 22:39 - 2016-07-16 07:04 - 00131072 _____ C:\WINDOWS\system32\config\sam
2016-12-26 22:25 - 2015-04-30 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-26 21:40 - 2015-08-23 08:40 - 00000000 ____D C:\ProgramData\Oracle
2016-12-26 21:40 - 2015-04-29 17:59 - 00000000 ____D C:\Users\Gaëla\AppData\LocalLow
2016-12-26 21:39 - 2015-08-23 08:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-26 21:39 - 2015-08-23 08:40 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-26 21:38 - 2015-08-23 08:41 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-12-26 21:21 - 2015-04-30 17:36 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-26 21:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\Logs
2016-12-26 19:35 - 2015-11-12 19:19 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-26 19:35 - 2015-11-12 19:19 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-23 01:32 - 2016-10-09 11:52 - 00003988 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-12-23 01:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-23 01:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-22 23:18 - 2016-07-16 07:04 - 00000000 ___RD C:\Users
2016-12-22 23:18 - 2015-04-30 00:48 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-22 21:58 - 2013-08-22 14:25 - 00453742 ____R C:\WINDOWS\system32\Drivers\etc\hosts
2016-12-22 21:45 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files\Common Files
2016-12-22 21:39 - 2016-07-16 23:40 - 00710640 _____ C:\WINDOWS\system32\perfh00C.dat
2016-12-22 21:39 - 2016-07-16 23:40 - 00137202 _____ C:\WINDOWS\system32\perfc00C.dat
2016-12-22 21:39 - 2016-07-16 12:49 - 00789078 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-22 21:39 - 2016-07-16 12:49 - 00190556 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-22 21:39 - 2015-08-05 21:30 - 01825302 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-22 21:30 - 2016-07-16 12:47 - 00000000 ___RD C:\Users\Public
2016-12-22 21:30 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default\AppData\Local
2016-12-22 21:30 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default User\AppData\Local
2016-12-22 19:42 - 2016-10-09 11:52 - 00003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-22 19:42 - 2016-10-09 11:52 - 00003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-22 19:17 - 2015-08-24 08:49 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Diagnostics
2016-12-22 06:55 - 2016-10-09 11:11 - 00000000 ___SD C:\Users\Gaëla\AppData\Roaming\Microsoft
2016-12-22 06:41 - 2016-10-09 11:11 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Microsoft
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\migration
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\fr-FR
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migration
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Drivers\UMDF
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Media Player
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Mail
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Media Player
2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Mail
2016-12-21 20:22 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-21 20:22 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SystemResources
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sru
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\fr-FR
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\CodeIntegrity
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-21 20:21 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-21 20:21 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-21 20:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
2016-12-21 20:00 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-21 19:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2016-12-15 06:37 - 2016-10-09 11:10 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{77d05f1f-4ba5-11e6-80c5-0026b956d466}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 06:37 - 2016-10-09 11:10 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{77d05f1f-4ba5-11e6-80c5-0026b956d466}.TM.blf
==================== Fichiers à la racine de certains dossiers =======
2015-05-03 11:13 - 2015-05-03 11:13 - 0000036 _____ () C:\Users\Gaëla\AppData\Local\housecall.guid.cache
2016-12-22 06:49 - 2016-12-22 06:49 - 0000017 _____ () C:\Users\Gaëla\AppData\Local\resmon.resmoncfg
2016-10-09 11:06 - 2016-10-09 11:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-01-14 18:44
==================== Fin de FRST.txt ============================