Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
Exécuté par Guillaume (administrateur) sur PC-GUILLAUME (28-10-2017 21:57:06)
Exécuté depuis C:\Users\Guillaume\Desktop
Profils chargés: Guillaume (Profils disponibles: Guillaume)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(f.lux Software LLC) C:\Users\Guillaume\AppData\Local\FluxSoftware\Flux\flux.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [382072 2017-01-24] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-16] (AVAST Software)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-02-03] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2017-06-16] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-21-3063774557-1226788140-542953294-1002\...\Run: [f.lux] => C:\Users\Guillaume\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-3063774557-1226788140-542953294-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-3063774557-1226788140-542953294-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170360 2017-06-09] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [170360 2017-06-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2017-06-09] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2017-05-21]
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B296FA38-F52E-4862-A7CC-1BB1867763A1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F84C684A-58F6-40FC-92C3-C0C4C7600350}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/3
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3
HKU\S-1-5-21-3063774557-1226788140-542953294-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/3
HKU\S-1-5-21-3063774557-1226788140-542953294-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3
SearchScopes: HKLM -> {2D000E25-2A9B-4960-B080-EEE2F70FEDDD} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {2D000E25-2A9B-4960-B080-EEE2F70FEDDD} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3063774557-1226788140-542953294-1002 -> {2D000E25-2A9B-4960-B080-EEE2F70FEDDD} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3063774557-1226788140-542953294-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-10-16] (AVAST Software)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-10-27] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-10-20] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-16] (AVAST Software)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-10-27] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-3063774557-1226788140-542953294-1002 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-10-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Guillaume\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-05-18] (Cisco WebEx LLC)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://news.google.fr/nwshp?hl=fr&tab=wn"
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default [2017-10-28]
CHR Extension: (Slides) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Logitech Unifying for Chrome) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\agpmgihmmmfkbhckmciedmhincdggomo [2017-05-16]
CHR Extension: (BetterTTV) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-08-06]
CHR Extension: (Docs) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-16]
CHR Extension: (YouTube) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-16]
CHR Extension: (Adblock Plus) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]
CHR Extension: (Sheets) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-16]
CHR Extension: (Avast Online Security) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-10]
CHR Extension: (Easy Timer) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljlcojjbmffoecdmhomhgfjhkllhknp [2017-10-28]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-07-15]
CHR Extension: (Pursued) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\mglmffkipgdhdkolbbkofkfhappinpin [2017-05-16]
CHR Extension: (Vérificateur de messages Google) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-05-16]
CHR Extension: (Curling) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp [2017-05-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Click&Clean App) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2017-10-18]
CHR Extension: (Gmail) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-16]
CHR Extension: (Chrome Media Router) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-16] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-16] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923880 2017-10-23] (Microsoft Corporation)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Development Company, L.P.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18488 2016-02-03] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [344184 2017-01-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-09] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Fichier non signé]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-11] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-05-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-05-20] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-16] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-16] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-16] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-16] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-16] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-25] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-16] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-16] (AVAST Software)
R0 AswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-16] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1029872 2017-10-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-16] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-16] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-16] (AVAST Software)
S3 iscFlash; c:\SWSetup\SP79456\iscflashx64.sys [66760 2014-10-23] (Insyde Software)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-08-18] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-03] (NVIDIA Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [429272 2017-06-16] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6393856 2016-12-29] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2017-06-16] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-05-20] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-05-20] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-05-20] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-28 21:57 - 2017-10-28 21:57 - 000022918 _____ C:\Users\Guillaume\Desktop\FRST.txt
2017-10-28 21:57 - 2017-10-28 21:57 - 000000000 ____D C:\FRST
2017-10-28 21:56 - 2017-10-28 21:56 - 002403328 _____ (Farbar) C:\Users\Guillaume\Desktop\FRST64.exe
2017-10-28 21:44 - 2017-10-28 21:45 - 008250832 _____ (Malwarebytes) C:\Users\Guillaume\Downloads\adwcleaner_7.0.3.1.exe
2017-10-28 17:09 - 2017-10-28 19:13 - 000000000 ____D C:\Users\Guillaume\Documents\Endless Space 2
2017-10-28 16:20 - 2017-10-28 16:20 - 000000000 ____D C:\Users\Public\Documents\Steam
2017-10-28 15:39 - 2017-10-28 21:49 - 000000374 _____ C:\WINDOWS\Tasks\HPCeeScheduleForGuillaume.job
2017-10-28 15:39 - 2017-10-28 15:39 - 000003196 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForGuillaume
2017-10-28 15:35 - 2017-10-28 15:35 - 000000000 _____ C:\autoexec.bat
2017-10-28 15:31 - 2017-10-28 15:31 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-10-28 15:30 - 2017-10-28 15:31 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\Guillaume\Downloads\SpyHunter-Installer.exe
2017-10-28 15:05 - 2017-10-28 15:05 - 000134784 _____ C:\Users\Guillaume\Documents\Motivations Guillaume THEBAULT - ONERA.pdf
2017-10-28 14:48 - 2017-10-28 14:48 - 000000000 ____D C:\Users\Guillaume\Downloads\Endless.Space.2.Update.v1.0.1-CODEX
2017-10-28 14:21 - 2017-10-28 14:47 - 137224367 _____ C:\Users\Guillaume\Downloads\Endless.Space.2.Update.v1.0.1-CODEX.rar
2017-10-28 14:19 - 2017-10-28 14:19 - 000000290 __RSH C:\ProgramData\ntuser.pol
2017-10-28 14:18 - 2017-10-28 14:18 - 000722683 _____ ( ) C:\Users\Guillaume\Downloads\Endless.Space.2.Steamworks.Fix.Generic.rar.exe
2017-10-28 14:09 - 2017-10-28 14:09 - 000000000 ____D C:\Users\Guillaume\AppData\LocalLow\Amplitude studios
2017-10-28 13:58 - 2017-10-28 13:58 - 000134690 _____ C:\Users\Guillaume\Downloads\student enrolment certificate.pdf
2017-10-28 13:03 - 2017-10-28 13:03 - 000280489 _____ C:\Users\Guillaume\Documents\Student_internship_application_form_August_2017.pdf
2017-10-28 13:00 - 2017-10-28 13:00 - 000133323 _____ C:\Users\Guillaume\Documents\Cover letter ESOC Guillaume THEBAULT.pdf
2017-10-28 12:59 - 2017-10-28 12:58 - 000304156 _____ C:\Users\Guillaume\Documents\Resume Guillaume THEBAULT.pdf
2017-10-28 12:58 - 2017-10-28 12:58 - 000304156 _____ C:\Users\Guillaume\Downloads\Resume Guillaume THEBAULT (2).pdf
2017-10-27 15:27 - 2017-10-19 02:30 - 000000000 ____D C:\Users\Guillaume\Downloads\[Zone-Telechargement.zone] Orelsan-2017-La-fete-est-finie
2017-10-27 12:53 - 2017-10-27 13:09 - 120730478 _____ C:\Users\Guillaume\Downloads\OLfef-DEMS.rar
2017-10-27 12:53 - 2017-10-27 13:05 - 123600852 _____ C:\Users\Guillaume\Downloads\[Zone-Telechargement.zone] Orelsan-2017-La-fete-est-finie.rar
2017-10-25 19:12 - 2017-10-25 20:05 - 726678976 _____ C:\Users\Guillaume\Downloads\Le.Manoir.2017.FRENCH.HDRip.XviD-CR4ZYTiME.Zone-Telechargement.Ws.avi
2017-10-25 19:11 - 2017-10-25 19:51 - 870830545 _____ C:\Users\Guillaume\Downloads\War.For.The.Planet.Of.The.Apes.2017.VOSTFR.BRRip.x264.ACOOL.Zone-Telechargement.Ws.mkv
2017-10-25 19:10 - 2017-10-25 20:09 - 720831757 _____ C:\Users\Guillaume\Downloads\Despicable.Me.3.2017.FANSUB.VOSTFR.BRRip.x264.ACOOL.Zone-Telechargement.Ws.mkv
2017-10-24 22:25 - 2016-10-03 17:56 - 736142940 _____ C:\Users\Guillaume\Downloads\Babysitting.2^^^`{`@#2015.FRENCH.BDRip.XviD-Zone-telechargement.ws.avi
2017-10-24 21:33 - 2017-10-24 22:22 - 721703239 _____ C:\Users\Guillaume\Downloads\Babysitting.2^^^`{`@_2015.FRENCH.BDRip.XviD-www.zone-telechargement.ws.rar
2017-10-23 19:45 - 2017-10-23 19:45 - 000000000 ____D C:\Users\Guillaume\AppData\Local\HearthstoneDeckTracker
2017-10-23 19:41 - 2017-10-23 19:44 - 024662816 _____ (HearthSim) C:\Users\Guillaume\Downloads\HDT-Installer (1).exe
2017-10-23 19:38 - 2017-10-23 19:38 - 000000098 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-10-23 19:38 - 2017-10-23 19:38 - 000000000 ____D C:\Users\Guillaume\AppData\Local\HearthstoneTracker
2017-10-23 19:37 - 2017-10-23 19:37 - 000001101 _____ C:\Users\Guillaume\Desktop\HearthstoneTracker.lnk
2017-10-23 19:37 - 2017-10-23 19:37 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker
2017-10-23 19:37 - 2017-10-23 19:37 - 000000000 ____D C:\Program Files (x86)\HearthstoneTracker
2017-10-23 19:31 - 2017-10-23 19:37 - 010382707 _____ (HearthstoneTracker.com) C:\Users\Guillaume\Downloads\HearthstoneTracker-Setup.exe
2017-10-22 21:57 - 2017-10-22 21:57 - 001546409 _____ ( ) C:\Users\Guillaume\Downloads\Regarder Marseille OM - Paris PSG en streaming_3133187191.exe
2017-10-20 12:21 - 2017-10-20 12:21 - 003341296 _____ (Blizzard Entertainment) C:\Users\Guillaume\Downloads\Hearthstone-Setup (1).exe
2017-10-17 23:12 - 2017-10-17 23:12 - 003429681 _____ C:\Users\Guillaume\Downloads\Cours_Combustion_5A_2016-2017 (1).pdf
2017-10-16 20:02 - 2017-10-16 20:02 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-10-16 13:32 - 2017-10-16 21:15 - 000010613 _____ C:\Users\Guillaume\Documents\mpg.xlsx
2017-10-15 21:22 - 2017-10-15 21:23 - 000012800 ___SH C:\Users\Guillaume\Documents\Thumbs.db
2017-10-15 21:12 - 2017-10-15 21:21 - 007981818 _____ C:\Users\Guillaume\Documents\pecha.pptx
2017-10-10 20:25 - 2017-10-10 20:25 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-10 20:20 - 2017-09-14 21:30 - 007439704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-10 20:20 - 2017-09-14 21:30 - 001737600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-10-10 20:20 - 2017-09-14 21:29 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-10-10 20:20 - 2017-09-14 03:18 - 001384216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-10 20:20 - 2017-09-14 03:14 - 001124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-10 20:20 - 2017-09-13 15:32 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-10 20:20 - 2017-09-13 15:31 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-10 20:20 - 2017-09-13 15:27 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2017-10-10 20:20 - 2017-09-09 20:53 - 022361864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-10 20:20 - 2017-09-09 19:55 - 019790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-10 20:20 - 2017-09-09 19:38 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-10 20:20 - 2017-09-09 18:10 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-10 20:20 - 2017-09-09 17:49 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-10 20:20 - 2017-09-09 17:47 - 014466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-10 20:20 - 2017-09-09 17:21 - 012879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-10 20:20 - 2017-09-09 15:13 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-10 20:20 - 2017-09-09 15:13 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-10 20:20 - 2017-09-09 15:13 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-10 20:20 - 2017-09-09 05:50 - 002013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-10 20:20 - 2017-09-09 05:50 - 001364552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-10-10 20:20 - 2017-09-08 20:21 - 004168192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-10-10 20:20 - 2017-09-08 20:15 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-10 20:20 - 2017-09-08 19:39 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-10 20:20 - 2017-09-08 18:57 - 001084928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-10-10 20:20 - 2017-09-07 23:33 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-10 20:20 - 2017-09-07 23:33 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-10 20:20 - 2017-09-07 23:32 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-10 20:20 - 2017-09-07 23:32 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-10-10 20:20 - 2017-09-07 23:17 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-10-10 20:20 - 2017-09-07 23:17 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-10-10 20:20 - 2017-09-07 23:15 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-10-10 20:20 - 2017-09-07 23:08 - 025729536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-10 20:20 - 2017-09-07 23:00 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-10 20:20 - 2017-09-07 22:40 - 005982208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-10 20:20 - 2017-09-07 22:32 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-10-10 20:20 - 2017-09-07 22:31 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-10-10 20:20 - 2017-09-07 22:29 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-10-10 20:20 - 2017-09-07 22:21 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-10-10 20:20 - 2017-09-07 22:13 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-10-10 20:20 - 2017-09-07 22:11 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-10-10 20:20 - 2017-09-07 22:10 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-10-10 20:20 - 2017-09-07 22:10 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-10-10 20:20 - 2017-09-07 22:08 - 002134528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-10-10 20:20 - 2017-09-07 22:08 - 000656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-10 20:20 - 2017-09-07 21:54 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-10-10 20:20 - 2017-09-07 21:44 - 015262720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-10 20:20 - 2017-09-07 21:40 - 003240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-10 20:20 - 2017-09-07 21:27 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-10 20:20 - 2017-09-07 21:17 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-10-10 20:20 - 2017-09-07 21:10 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-10-10 20:20 - 2017-09-07 21:09 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-10-10 20:20 - 2017-09-07 21:04 - 020267008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-10 20:20 - 2017-09-07 21:03 - 002292736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-10-10 20:20 - 2017-09-07 20:58 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-10 20:20 - 2017-09-07 20:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-10-10 20:20 - 2017-09-07 20:38 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-10-10 20:20 - 2017-09-07 20:37 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-10-10 20:20 - 2017-09-07 20:33 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-10-10 20:20 - 2017-09-07 20:29 - 004547072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-10 20:20 - 2017-09-07 20:29 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-10-10 20:20 - 2017-09-07 20:27 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-10-10 20:20 - 2017-09-07 20:26 - 000694784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-10-10 20:20 - 2017-09-07 20:25 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-10-10 20:20 - 2017-09-07 20:24 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-10 20:20 - 2017-09-07 20:17 - 013677568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-10 20:20 - 2017-09-07 20:01 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-10 20:20 - 2017-09-07 19:57 - 001316864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-10 20:20 - 2017-09-07 19:57 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-10-10 20:20 - 2017-08-13 21:48 - 000202592 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-10 20:20 - 2017-08-13 19:52 - 000174944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-10 20:20 - 2017-08-13 19:10 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-10 20:20 - 2017-08-13 18:33 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-10 20:20 - 2017-08-11 04:54 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-10-10 20:20 - 2017-08-11 04:22 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-10-10 20:20 - 2017-08-11 04:20 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-10 20:20 - 2017-08-11 04:16 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-10-10 20:20 - 2017-08-11 03:57 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-10-10 20:20 - 2017-08-06 23:50 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2017-10-10 20:20 - 2017-08-06 23:20 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-10-10 20:20 - 2017-08-06 23:13 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-10-10 20:20 - 2017-08-06 09:08 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-10-10 20:20 - 2017-08-02 04:19 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-10-10 20:20 - 2017-08-01 10:25 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-10-08 15:23 - 2017-10-08 16:24 - 1046843224 _____ C:\Users\Guillaume\Downloads\Sword.Art.Online.Ordinal.Scale.2017.FANSUB.VOSTFR.720p.x264.ACOOL.Zone-Telechargement.Ws.mkv
2017-10-08 15:21 - 2017-10-08 16:36 - 1466050560 _____ C:\Users\Guillaume\Downloads\Baby.Driver.2017.VOSTFR.BRRip.XviD.AC3.ACOOL.Zone-Telechargement.Ws.avi
2017-10-08 15:20 - 2017-10-08 16:36 - 1466767360 _____ C:\Users\Guillaume\Downloads\Science.Fiction.Volume.One.The.Osiris.Child.2016.VOSTFR.BRRip.XviD.AC3.ACOOL.Zone-Telechargement.Ws.avi
2017-10-07 13:22 - 2017-10-07 13:22 - 000133810 _____ C:\Users\Guillaume\Downloads\Cover letter Guillaume THEBAULT.pdf
2017-10-07 13:21 - 2017-10-07 13:21 - 000308595 _____ C:\Users\Guillaume\Downloads\Student_internship_application_Guillaume_THEBAULT (1).pdf
2017-10-07 13:21 - 2017-10-07 13:21 - 000304156 _____ C:\Users\Guillaume\Downloads\CV Guillaume THEBAULT.pdf
2017-10-07 13:21 - 2017-10-07 13:21 - 000086162 _____ C:\Users\Guillaume\Downloads\Internship subject 2018.pdf
2017-10-07 13:21 - 2017-10-07 13:21 - 000005519 _____ C:\Users\Guillaume\Downloads\Student Certificate Enrolment.pdf
2017-10-07 13:15 - 2017-10-07 13:15 - 000086162 _____ C:\Users\Guillaume\Documents\Internship subject 2018.pdf
2017-10-07 13:13 - 2017-10-07 13:12 - 000005519 _____ C:\Users\Guillaume\Documents\Student Certificate Enrolment.pdf
2017-10-07 13:12 - 2017-10-07 13:12 - 000005519 _____ C:\Users\Guillaume\Downloads\Certificate of enrollement.pdf
2017-10-07 13:00 - 2017-10-07 13:00 - 000001757 _____ C:\Users\Guillaume\Downloads\Détails des Notes THEBAULT_GUILLAUME (3).pdf
2017-10-07 12:53 - 2017-10-07 12:53 - 000133810 _____ C:\Users\Guillaume\Documents\Cover letter Guillaume THEBAULT.pdf
2017-10-07 12:17 - 2017-10-07 12:17 - 000304156 _____ C:\Users\Guillaume\Downloads\Resume Guillaume THEBAULT (1).pdf
2017-10-07 12:08 - 2017-10-07 12:53 - 000308595 _____ C:\Users\Guillaume\Documents\Student_internship_application_Guillaume_THEBAULT.pdf
2017-10-07 12:03 - 2017-10-07 12:03 - 000308607 _____ C:\Users\Guillaume\Downloads\Student_internship_application_Guillaume_THEBAULT.pdf
2017-10-06 22:32 - 2017-10-06 22:32 - 000001766 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-10-06 22:32 - 2017-10-06 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-10-06 22:32 - 2017-10-06 22:32 - 000000000 ____D C:\Program Files\iPod
2017-10-06 22:31 - 2017-10-06 22:32 - 000000000 ____D C:\Program Files\iTunes
2017-10-06 22:29 - 2017-10-06 22:29 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-10-06 22:29 - 2017-10-06 22:29 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-10-06 22:17 - 2017-10-06 22:17 - 000000000 ____D C:\Users\Guillaume\Downloads\The Game of Thrones Symphony 2017
2017-10-06 22:08 - 2017-10-06 22:14 - 169510288 _____ C:\Users\Guillaume\Downloads\The Game of Thrones Symphony 2017.rar
2017-10-06 22:00 - 2017-10-06 22:00 - 000000000 ____D C:\Users\Guillaume\Downloads\HuGo-Tsr-2017-Tant-Quon-Est-La
2017-10-06 22:00 - 2017-10-06 22:00 - 000000000 ____D C:\Users\Guillaume\Downloads\Bigflo et Oli - La vraie vie 2017
2017-10-06 21:49 - 2017-10-06 21:53 - 063153220 _____ C:\Users\Guillaume\Downloads\HuGo-Tsr-2017-Tant-Quon-Est-La.rar
2017-10-06 21:48 - 2017-10-06 21:57 - 191580347 _____ C:\Users\Guillaume\Downloads\Bigflo et Oli - La vraie vie 2017.rar
2017-10-06 21:29 - 2017-10-06 22:18 - 1490506039 _____ C:\Users\Guillaume\Downloads\What.Happened.to.Monday.2017.VOSTFR.WEBRip.x264.AC3.ACOOL.Zone-Telechargement.Ws.mkv
2017-10-05 09:17 - 2017-10-05 09:19 - 118822535 _____ C:\Users\Guillaume\Downloads\047075012XSpacecraft (1).pdf
2017-10-03 22:15 - 2017-10-03 22:16 - 003429681 _____ C:\Users\Guillaume\Downloads\Cours_Combustion_5A_2016-2017.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-28 21:54 - 2017-05-19 23:45 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-28 21:50 - 2017-05-20 10:50 - 000000000 __SHD C:\Users\Guillaume\IntelGraphicsProfiles
2017-10-28 21:49 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-28 21:47 - 2017-09-01 11:05 - 000000000 ____D C:\AdwCleaner
2017-10-28 21:47 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2017-10-28 17:04 - 2017-05-16 00:12 - 000003968 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F1264CE7-1802-47AF-A001-F31F02B99416}
2017-10-28 15:45 - 2017-06-02 19:44 - 000000000 ____D C:\Program Files (x86)\Endless Space 2
2017-10-28 15:35 - 2017-05-19 23:59 - 000000000 ____D C:\Users\Guillaume
2017-10-28 15:22 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2017-10-28 15:19 - 2017-09-19 18:18 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-28 15:14 - 2017-09-09 00:30 - 000000000 ____D C:\Users\Guillaume\Documents\MAGIX_MusicEditor
2017-10-28 15:07 - 2017-09-23 18:44 - 000255154 _____ C:\Users\Guillaume\Documents\CV Guillaume THEBAULT.pdf
2017-10-28 15:07 - 2017-09-21 12:09 - 000714964 _____ C:\Users\Guillaume\Documents\CV Guillaume THEBAULT (1).pptx
2017-10-28 14:49 - 2017-05-16 00:10 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Packages
2017-10-28 14:19 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-10-28 14:19 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-10-27 20:50 - 2017-07-04 19:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-27 15:52 - 2017-06-14 21:58 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\vlc
2017-10-27 15:32 - 2014-11-21 00:46 - 002031240 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-27 15:32 - 2014-11-21 00:03 - 000888156 _____ C:\WINDOWS\system32\perfh00C.dat
2017-10-27 15:32 - 2014-11-21 00:03 - 000192784 _____ C:\WINDOWS\system32\perfc00C.dat
2017-10-27 11:45 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-26 20:03 - 2017-05-19 18:45 - 001029872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-10-24 14:56 - 2017-05-16 00:19 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3063774557-1226788140-542953294-1002
2017-10-23 22:52 - 2017-05-24 18:13 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Battle.net
2017-10-23 19:45 - 2017-05-25 10:22 - 000002572 _____ C:\Users\Guillaume\Desktop\Hearthstone Deck Tracker.lnk
2017-10-23 19:45 - 2017-05-25 09:47 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2017-10-23 19:45 - 2017-05-25 09:46 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\HearthstoneDeckTracker
2017-10-23 19:45 - 2017-05-25 09:46 - 000000000 ____D C:\Users\Guillaume\AppData\Local\SquirrelTemp
2017-10-23 19:29 - 2017-05-24 18:12 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2017-10-23 14:09 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-20 13:32 - 2017-05-24 18:22 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-10-18 19:13 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-16 20:03 - 2017-05-19 18:45 - 000003914 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-10-16 20:02 - 2017-05-19 18:45 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-10-16 20:02 - 2017-05-19 18:38 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-16 20:01 - 2017-05-19 18:45 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-10-16 20:01 - 2017-05-19 18:45 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-10-16 20:01 - 2017-05-19 18:45 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-10-16 20:01 - 2017-05-19 18:45 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-10-14 03:42 - 2017-05-21 21:21 - 000002161 _____ C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2017-10-13 00:25 - 2017-05-20 16:18 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 00:25 - 2017-05-20 16:18 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-12 17:34 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2017-10-11 13:15 - 2017-09-23 18:38 - 000133807 _____ C:\Users\Guillaume\Documents\Motivations Guillaume THEBAULT.pdf
2017-10-11 11:18 - 2013-08-22 16:44 - 000645992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-10 23:04 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2017-10-10 20:28 - 2017-05-16 22:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-10 20:25 - 2017-05-16 22:10 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-06 22:29 - 2017-05-21 13:39 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-10-06 22:01 - 2017-05-21 13:41 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Apple Computer
==================== Fichiers à la racine de certains dossiers =======
2017-10-23 19:38 - 2017-10-23 19:38 - 000000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Certains fichiers dans TEMP:
====================
2017-06-16 17:16 - 2013-06-04 10:30 - 000050432 ____R () C:\Users\Guillaume\AppData\Local\Temp\Extract.exe
2015-08-08 02:15 - 2015-08-08 02:15 - 015431568 _____ (Hewlett-Packard ) C:\Users\Guillaume\AppData\Local\Temp\SP63973.exe
2015-08-07 19:57 - 2015-08-07 19:57 - 154950360 _____ (Hewlett-Packard ) C:\Users\Guillaume\AppData\Local\Temp\SP63975.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-10-21 12:59
==================== Fin de FRST.txt ============================
Exécuté par Guillaume (administrateur) sur PC-GUILLAUME (28-10-2017 21:57:06)
Exécuté depuis C:\Users\Guillaume\Desktop
Profils chargés: Guillaume (Profils disponibles: Guillaume)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(f.lux Software LLC) C:\Users\Guillaume\AppData\Local\FluxSoftware\Flux\flux.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [382072 2017-01-24] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-16] (AVAST Software)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-02-03] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2017-06-16] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-21-3063774557-1226788140-542953294-1002\...\Run: [f.lux] => C:\Users\Guillaume\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-3063774557-1226788140-542953294-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-3063774557-1226788140-542953294-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170360 2017-06-09] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [170360 2017-06-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2017-06-09] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2017-05-21]
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B296FA38-F52E-4862-A7CC-1BB1867763A1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F84C684A-58F6-40FC-92C3-C0C4C7600350}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/3
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3
HKU\S-1-5-21-3063774557-1226788140-542953294-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/3
HKU\S-1-5-21-3063774557-1226788140-542953294-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3
SearchScopes: HKLM -> {2D000E25-2A9B-4960-B080-EEE2F70FEDDD} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {2D000E25-2A9B-4960-B080-EEE2F70FEDDD} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3063774557-1226788140-542953294-1002 -> {2D000E25-2A9B-4960-B080-EEE2F70FEDDD} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3063774557-1226788140-542953294-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-10-16] (AVAST Software)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-10-27] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-10-20] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-16] (AVAST Software)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-10-27] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-3063774557-1226788140-542953294-1002 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-27] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-10-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Guillaume\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-05-18] (Cisco WebEx LLC)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://news.google.fr/nwshp?hl=fr&tab=wn"
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default [2017-10-28]
CHR Extension: (Slides) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Logitech Unifying for Chrome) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\agpmgihmmmfkbhckmciedmhincdggomo [2017-05-16]
CHR Extension: (BetterTTV) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-08-06]
CHR Extension: (Docs) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-16]
CHR Extension: (YouTube) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-16]
CHR Extension: (Adblock Plus) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]
CHR Extension: (Sheets) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-16]
CHR Extension: (Avast Online Security) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-10]
CHR Extension: (Easy Timer) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljlcojjbmffoecdmhomhgfjhkllhknp [2017-10-28]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-07-15]
CHR Extension: (Pursued) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\mglmffkipgdhdkolbbkofkfhappinpin [2017-05-16]
CHR Extension: (Vérificateur de messages Google) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-05-16]
CHR Extension: (Curling) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp [2017-05-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Click&Clean App) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2017-10-18]
CHR Extension: (Gmail) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-16]
CHR Extension: (Chrome Media Router) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-16] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-16] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923880 2017-10-23] (Microsoft Corporation)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Development Company, L.P.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18488 2016-02-03] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [344184 2017-01-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-09] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Fichier non signé]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-11] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-05-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-05-20] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-16] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-16] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-16] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-16] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-16] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-25] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-16] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-16] (AVAST Software)
R0 AswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-16] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1029872 2017-10-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-16] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-16] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-16] (AVAST Software)
S3 iscFlash; c:\SWSetup\SP79456\iscflashx64.sys [66760 2014-10-23] (Insyde Software)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-08-18] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-03] (NVIDIA Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [429272 2017-06-16] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6393856 2016-12-29] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2017-06-16] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-05-20] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-05-20] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-05-20] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-28 21:57 - 2017-10-28 21:57 - 000022918 _____ C:\Users\Guillaume\Desktop\FRST.txt
2017-10-28 21:57 - 2017-10-28 21:57 - 000000000 ____D C:\FRST
2017-10-28 21:56 - 2017-10-28 21:56 - 002403328 _____ (Farbar) C:\Users\Guillaume\Desktop\FRST64.exe
2017-10-28 21:44 - 2017-10-28 21:45 - 008250832 _____ (Malwarebytes) C:\Users\Guillaume\Downloads\adwcleaner_7.0.3.1.exe
2017-10-28 17:09 - 2017-10-28 19:13 - 000000000 ____D C:\Users\Guillaume\Documents\Endless Space 2
2017-10-28 16:20 - 2017-10-28 16:20 - 000000000 ____D C:\Users\Public\Documents\Steam
2017-10-28 15:39 - 2017-10-28 21:49 - 000000374 _____ C:\WINDOWS\Tasks\HPCeeScheduleForGuillaume.job
2017-10-28 15:39 - 2017-10-28 15:39 - 000003196 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForGuillaume
2017-10-28 15:35 - 2017-10-28 15:35 - 000000000 _____ C:\autoexec.bat
2017-10-28 15:31 - 2017-10-28 15:31 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-10-28 15:30 - 2017-10-28 15:31 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\Guillaume\Downloads\SpyHunter-Installer.exe
2017-10-28 15:05 - 2017-10-28 15:05 - 000134784 _____ C:\Users\Guillaume\Documents\Motivations Guillaume THEBAULT - ONERA.pdf
2017-10-28 14:48 - 2017-10-28 14:48 - 000000000 ____D C:\Users\Guillaume\Downloads\Endless.Space.2.Update.v1.0.1-CODEX
2017-10-28 14:21 - 2017-10-28 14:47 - 137224367 _____ C:\Users\Guillaume\Downloads\Endless.Space.2.Update.v1.0.1-CODEX.rar
2017-10-28 14:19 - 2017-10-28 14:19 - 000000290 __RSH C:\ProgramData\ntuser.pol
2017-10-28 14:18 - 2017-10-28 14:18 - 000722683 _____ ( ) C:\Users\Guillaume\Downloads\Endless.Space.2.Steamworks.Fix.Generic.rar.exe
2017-10-28 14:09 - 2017-10-28 14:09 - 000000000 ____D C:\Users\Guillaume\AppData\LocalLow\Amplitude studios
2017-10-28 13:58 - 2017-10-28 13:58 - 000134690 _____ C:\Users\Guillaume\Downloads\student enrolment certificate.pdf
2017-10-28 13:03 - 2017-10-28 13:03 - 000280489 _____ C:\Users\Guillaume\Documents\Student_internship_application_form_August_2017.pdf
2017-10-28 13:00 - 2017-10-28 13:00 - 000133323 _____ C:\Users\Guillaume\Documents\Cover letter ESOC Guillaume THEBAULT.pdf
2017-10-28 12:59 - 2017-10-28 12:58 - 000304156 _____ C:\Users\Guillaume\Documents\Resume Guillaume THEBAULT.pdf
2017-10-28 12:58 - 2017-10-28 12:58 - 000304156 _____ C:\Users\Guillaume\Downloads\Resume Guillaume THEBAULT (2).pdf
2017-10-27 15:27 - 2017-10-19 02:30 - 000000000 ____D C:\Users\Guillaume\Downloads\[Zone-Telechargement.zone] Orelsan-2017-La-fete-est-finie
2017-10-27 12:53 - 2017-10-27 13:09 - 120730478 _____ C:\Users\Guillaume\Downloads\OLfef-DEMS.rar
2017-10-27 12:53 - 2017-10-27 13:05 - 123600852 _____ C:\Users\Guillaume\Downloads\[Zone-Telechargement.zone] Orelsan-2017-La-fete-est-finie.rar
2017-10-25 19:12 - 2017-10-25 20:05 - 726678976 _____ C:\Users\Guillaume\Downloads\Le.Manoir.2017.FRENCH.HDRip.XviD-CR4ZYTiME.Zone-Telechargement.Ws.avi
2017-10-25 19:11 - 2017-10-25 19:51 - 870830545 _____ C:\Users\Guillaume\Downloads\War.For.The.Planet.Of.The.Apes.2017.VOSTFR.BRRip.x264.ACOOL.Zone-Telechargement.Ws.mkv
2017-10-25 19:10 - 2017-10-25 20:09 - 720831757 _____ C:\Users\Guillaume\Downloads\Despicable.Me.3.2017.FANSUB.VOSTFR.BRRip.x264.ACOOL.Zone-Telechargement.Ws.mkv
2017-10-24 22:25 - 2016-10-03 17:56 - 736142940 _____ C:\Users\Guillaume\Downloads\Babysitting.2^^^`{`@#2015.FRENCH.BDRip.XviD-Zone-telechargement.ws.avi
2017-10-24 21:33 - 2017-10-24 22:22 - 721703239 _____ C:\Users\Guillaume\Downloads\Babysitting.2^^^`{`@_2015.FRENCH.BDRip.XviD-www.zone-telechargement.ws.rar
2017-10-23 19:45 - 2017-10-23 19:45 - 000000000 ____D C:\Users\Guillaume\AppData\Local\HearthstoneDeckTracker
2017-10-23 19:41 - 2017-10-23 19:44 - 024662816 _____ (HearthSim) C:\Users\Guillaume\Downloads\HDT-Installer (1).exe
2017-10-23 19:38 - 2017-10-23 19:38 - 000000098 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-10-23 19:38 - 2017-10-23 19:38 - 000000000 ____D C:\Users\Guillaume\AppData\Local\HearthstoneTracker
2017-10-23 19:37 - 2017-10-23 19:37 - 000001101 _____ C:\Users\Guillaume\Desktop\HearthstoneTracker.lnk
2017-10-23 19:37 - 2017-10-23 19:37 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker
2017-10-23 19:37 - 2017-10-23 19:37 - 000000000 ____D C:\Program Files (x86)\HearthstoneTracker
2017-10-23 19:31 - 2017-10-23 19:37 - 010382707 _____ (HearthstoneTracker.com) C:\Users\Guillaume\Downloads\HearthstoneTracker-Setup.exe
2017-10-22 21:57 - 2017-10-22 21:57 - 001546409 _____ ( ) C:\Users\Guillaume\Downloads\Regarder Marseille OM - Paris PSG en streaming_3133187191.exe
2017-10-20 12:21 - 2017-10-20 12:21 - 003341296 _____ (Blizzard Entertainment) C:\Users\Guillaume\Downloads\Hearthstone-Setup (1).exe
2017-10-17 23:12 - 2017-10-17 23:12 - 003429681 _____ C:\Users\Guillaume\Downloads\Cours_Combustion_5A_2016-2017 (1).pdf
2017-10-16 20:02 - 2017-10-16 20:02 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-10-16 13:32 - 2017-10-16 21:15 - 000010613 _____ C:\Users\Guillaume\Documents\mpg.xlsx
2017-10-15 21:22 - 2017-10-15 21:23 - 000012800 ___SH C:\Users\Guillaume\Documents\Thumbs.db
2017-10-15 21:12 - 2017-10-15 21:21 - 007981818 _____ C:\Users\Guillaume\Documents\pecha.pptx
2017-10-10 20:25 - 2017-10-10 20:25 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-10 20:20 - 2017-09-14 21:30 - 007439704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-10 20:20 - 2017-09-14 21:30 - 001737600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-10-10 20:20 - 2017-09-14 21:29 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-10-10 20:20 - 2017-09-14 03:18 - 001384216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-10 20:20 - 2017-09-14 03:14 - 001124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-10 20:20 - 2017-09-13 15:32 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-10 20:20 - 2017-09-13 15:31 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-10 20:20 - 2017-09-13 15:27 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2017-10-10 20:20 - 2017-09-09 20:53 - 022361864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-10 20:20 - 2017-09-09 19:55 - 019790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-10 20:20 - 2017-09-09 19:38 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-10 20:20 - 2017-09-09 18:10 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-10 20:20 - 2017-09-09 17:49 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-10 20:20 - 2017-09-09 17:47 - 014466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-10 20:20 - 2017-09-09 17:21 - 012879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-10 20:20 - 2017-09-09 15:13 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-10 20:20 - 2017-09-09 15:13 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-10 20:20 - 2017-09-09 15:13 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-10 20:20 - 2017-09-09 05:50 - 002013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-10 20:20 - 2017-09-09 05:50 - 001364552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-10-10 20:20 - 2017-09-08 20:21 - 004168192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-10-10 20:20 - 2017-09-08 20:15 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-10 20:20 - 2017-09-08 19:39 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-10 20:20 - 2017-09-08 18:57 - 001084928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-10-10 20:20 - 2017-09-07 23:33 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-10 20:20 - 2017-09-07 23:33 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-10 20:20 - 2017-09-07 23:32 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-10 20:20 - 2017-09-07 23:32 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-10-10 20:20 - 2017-09-07 23:17 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-10-10 20:20 - 2017-09-07 23:17 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-10-10 20:20 - 2017-09-07 23:15 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-10-10 20:20 - 2017-09-07 23:08 - 025729536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-10 20:20 - 2017-09-07 23:00 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-10 20:20 - 2017-09-07 22:40 - 005982208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-10 20:20 - 2017-09-07 22:32 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-10-10 20:20 - 2017-09-07 22:31 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-10-10 20:20 - 2017-09-07 22:29 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-10-10 20:20 - 2017-09-07 22:21 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-10-10 20:20 - 2017-09-07 22:13 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-10-10 20:20 - 2017-09-07 22:11 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-10-10 20:20 - 2017-09-07 22:10 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-10-10 20:20 - 2017-09-07 22:10 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-10-10 20:20 - 2017-09-07 22:08 - 002134528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-10-10 20:20 - 2017-09-07 22:08 - 000656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-10 20:20 - 2017-09-07 21:54 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-10-10 20:20 - 2017-09-07 21:44 - 015262720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-10 20:20 - 2017-09-07 21:40 - 003240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-10 20:20 - 2017-09-07 21:27 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-10 20:20 - 2017-09-07 21:17 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-10-10 20:20 - 2017-09-07 21:10 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-10-10 20:20 - 2017-09-07 21:09 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-10-10 20:20 - 2017-09-07 21:04 - 020267008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-10 20:20 - 2017-09-07 21:03 - 002292736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-10-10 20:20 - 2017-09-07 20:58 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-10 20:20 - 2017-09-07 20:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-10-10 20:20 - 2017-09-07 20:38 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-10-10 20:20 - 2017-09-07 20:37 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-10-10 20:20 - 2017-09-07 20:33 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-10-10 20:20 - 2017-09-07 20:29 - 004547072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-10 20:20 - 2017-09-07 20:29 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-10-10 20:20 - 2017-09-07 20:27 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-10-10 20:20 - 2017-09-07 20:26 - 000694784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-10-10 20:20 - 2017-09-07 20:25 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-10-10 20:20 - 2017-09-07 20:24 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-10 20:20 - 2017-09-07 20:17 - 013677568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-10 20:20 - 2017-09-07 20:01 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-10 20:20 - 2017-09-07 19:57 - 001316864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-10 20:20 - 2017-09-07 19:57 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-10-10 20:20 - 2017-08-13 21:48 - 000202592 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-10 20:20 - 2017-08-13 19:52 - 000174944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-10 20:20 - 2017-08-13 19:10 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-10 20:20 - 2017-08-13 18:33 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-10 20:20 - 2017-08-11 04:54 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-10-10 20:20 - 2017-08-11 04:22 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-10-10 20:20 - 2017-08-11 04:20 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-10 20:20 - 2017-08-11 04:16 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-10-10 20:20 - 2017-08-11 03:57 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-10-10 20:20 - 2017-08-06 23:50 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2017-10-10 20:20 - 2017-08-06 23:20 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-10-10 20:20 - 2017-08-06 23:13 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-10-10 20:20 - 2017-08-06 09:08 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-10-10 20:20 - 2017-08-02 04:19 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-10-10 20:20 - 2017-08-01 10:25 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-10-08 15:23 - 2017-10-08 16:24 - 1046843224 _____ C:\Users\Guillaume\Downloads\Sword.Art.Online.Ordinal.Scale.2017.FANSUB.VOSTFR.720p.x264.ACOOL.Zone-Telechargement.Ws.mkv
2017-10-08 15:21 - 2017-10-08 16:36 - 1466050560 _____ C:\Users\Guillaume\Downloads\Baby.Driver.2017.VOSTFR.BRRip.XviD.AC3.ACOOL.Zone-Telechargement.Ws.avi
2017-10-08 15:20 - 2017-10-08 16:36 - 1466767360 _____ C:\Users\Guillaume\Downloads\Science.Fiction.Volume.One.The.Osiris.Child.2016.VOSTFR.BRRip.XviD.AC3.ACOOL.Zone-Telechargement.Ws.avi
2017-10-07 13:22 - 2017-10-07 13:22 - 000133810 _____ C:\Users\Guillaume\Downloads\Cover letter Guillaume THEBAULT.pdf
2017-10-07 13:21 - 2017-10-07 13:21 - 000308595 _____ C:\Users\Guillaume\Downloads\Student_internship_application_Guillaume_THEBAULT (1).pdf
2017-10-07 13:21 - 2017-10-07 13:21 - 000304156 _____ C:\Users\Guillaume\Downloads\CV Guillaume THEBAULT.pdf
2017-10-07 13:21 - 2017-10-07 13:21 - 000086162 _____ C:\Users\Guillaume\Downloads\Internship subject 2018.pdf
2017-10-07 13:21 - 2017-10-07 13:21 - 000005519 _____ C:\Users\Guillaume\Downloads\Student Certificate Enrolment.pdf
2017-10-07 13:15 - 2017-10-07 13:15 - 000086162 _____ C:\Users\Guillaume\Documents\Internship subject 2018.pdf
2017-10-07 13:13 - 2017-10-07 13:12 - 000005519 _____ C:\Users\Guillaume\Documents\Student Certificate Enrolment.pdf
2017-10-07 13:12 - 2017-10-07 13:12 - 000005519 _____ C:\Users\Guillaume\Downloads\Certificate of enrollement.pdf
2017-10-07 13:00 - 2017-10-07 13:00 - 000001757 _____ C:\Users\Guillaume\Downloads\Détails des Notes THEBAULT_GUILLAUME (3).pdf
2017-10-07 12:53 - 2017-10-07 12:53 - 000133810 _____ C:\Users\Guillaume\Documents\Cover letter Guillaume THEBAULT.pdf
2017-10-07 12:17 - 2017-10-07 12:17 - 000304156 _____ C:\Users\Guillaume\Downloads\Resume Guillaume THEBAULT (1).pdf
2017-10-07 12:08 - 2017-10-07 12:53 - 000308595 _____ C:\Users\Guillaume\Documents\Student_internship_application_Guillaume_THEBAULT.pdf
2017-10-07 12:03 - 2017-10-07 12:03 - 000308607 _____ C:\Users\Guillaume\Downloads\Student_internship_application_Guillaume_THEBAULT.pdf
2017-10-06 22:32 - 2017-10-06 22:32 - 000001766 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-10-06 22:32 - 2017-10-06 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-10-06 22:32 - 2017-10-06 22:32 - 000000000 ____D C:\Program Files\iPod
2017-10-06 22:31 - 2017-10-06 22:32 - 000000000 ____D C:\Program Files\iTunes
2017-10-06 22:29 - 2017-10-06 22:29 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-10-06 22:29 - 2017-10-06 22:29 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-10-06 22:17 - 2017-10-06 22:17 - 000000000 ____D C:\Users\Guillaume\Downloads\The Game of Thrones Symphony 2017
2017-10-06 22:08 - 2017-10-06 22:14 - 169510288 _____ C:\Users\Guillaume\Downloads\The Game of Thrones Symphony 2017.rar
2017-10-06 22:00 - 2017-10-06 22:00 - 000000000 ____D C:\Users\Guillaume\Downloads\HuGo-Tsr-2017-Tant-Quon-Est-La
2017-10-06 22:00 - 2017-10-06 22:00 - 000000000 ____D C:\Users\Guillaume\Downloads\Bigflo et Oli - La vraie vie 2017
2017-10-06 21:49 - 2017-10-06 21:53 - 063153220 _____ C:\Users\Guillaume\Downloads\HuGo-Tsr-2017-Tant-Quon-Est-La.rar
2017-10-06 21:48 - 2017-10-06 21:57 - 191580347 _____ C:\Users\Guillaume\Downloads\Bigflo et Oli - La vraie vie 2017.rar
2017-10-06 21:29 - 2017-10-06 22:18 - 1490506039 _____ C:\Users\Guillaume\Downloads\What.Happened.to.Monday.2017.VOSTFR.WEBRip.x264.AC3.ACOOL.Zone-Telechargement.Ws.mkv
2017-10-05 09:17 - 2017-10-05 09:19 - 118822535 _____ C:\Users\Guillaume\Downloads\047075012XSpacecraft (1).pdf
2017-10-03 22:15 - 2017-10-03 22:16 - 003429681 _____ C:\Users\Guillaume\Downloads\Cours_Combustion_5A_2016-2017.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-28 21:54 - 2017-05-19 23:45 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-28 21:50 - 2017-05-20 10:50 - 000000000 __SHD C:\Users\Guillaume\IntelGraphicsProfiles
2017-10-28 21:49 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-28 21:47 - 2017-09-01 11:05 - 000000000 ____D C:\AdwCleaner
2017-10-28 21:47 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2017-10-28 17:04 - 2017-05-16 00:12 - 000003968 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F1264CE7-1802-47AF-A001-F31F02B99416}
2017-10-28 15:45 - 2017-06-02 19:44 - 000000000 ____D C:\Program Files (x86)\Endless Space 2
2017-10-28 15:35 - 2017-05-19 23:59 - 000000000 ____D C:\Users\Guillaume
2017-10-28 15:22 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2017-10-28 15:19 - 2017-09-19 18:18 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-28 15:14 - 2017-09-09 00:30 - 000000000 ____D C:\Users\Guillaume\Documents\MAGIX_MusicEditor
2017-10-28 15:07 - 2017-09-23 18:44 - 000255154 _____ C:\Users\Guillaume\Documents\CV Guillaume THEBAULT.pdf
2017-10-28 15:07 - 2017-09-21 12:09 - 000714964 _____ C:\Users\Guillaume\Documents\CV Guillaume THEBAULT (1).pptx
2017-10-28 14:49 - 2017-05-16 00:10 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Packages
2017-10-28 14:19 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-10-28 14:19 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-10-27 20:50 - 2017-07-04 19:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-27 15:52 - 2017-06-14 21:58 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\vlc
2017-10-27 15:32 - 2014-11-21 00:46 - 002031240 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-27 15:32 - 2014-11-21 00:03 - 000888156 _____ C:\WINDOWS\system32\perfh00C.dat
2017-10-27 15:32 - 2014-11-21 00:03 - 000192784 _____ C:\WINDOWS\system32\perfc00C.dat
2017-10-27 11:45 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-26 20:03 - 2017-05-19 18:45 - 001029872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-10-24 14:56 - 2017-05-16 00:19 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3063774557-1226788140-542953294-1002
2017-10-23 22:52 - 2017-05-24 18:13 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Battle.net
2017-10-23 19:45 - 2017-05-25 10:22 - 000002572 _____ C:\Users\Guillaume\Desktop\Hearthstone Deck Tracker.lnk
2017-10-23 19:45 - 2017-05-25 09:47 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2017-10-23 19:45 - 2017-05-25 09:46 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\HearthstoneDeckTracker
2017-10-23 19:45 - 2017-05-25 09:46 - 000000000 ____D C:\Users\Guillaume\AppData\Local\SquirrelTemp
2017-10-23 19:29 - 2017-05-24 18:12 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2017-10-23 14:09 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-20 13:32 - 2017-05-24 18:22 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-10-18 19:13 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-16 20:03 - 2017-05-19 18:45 - 000003914 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-10-16 20:02 - 2017-05-19 18:45 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-10-16 20:02 - 2017-05-19 18:45 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-10-16 20:02 - 2017-05-19 18:38 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-16 20:01 - 2017-05-19 18:45 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-10-16 20:01 - 2017-05-19 18:45 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-10-16 20:01 - 2017-05-19 18:45 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-10-16 20:01 - 2017-05-19 18:45 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-10-14 03:42 - 2017-05-21 21:21 - 000002161 _____ C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2017-10-13 00:25 - 2017-05-20 16:18 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 00:25 - 2017-05-20 16:18 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-12 17:34 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2017-10-11 13:15 - 2017-09-23 18:38 - 000133807 _____ C:\Users\Guillaume\Documents\Motivations Guillaume THEBAULT.pdf
2017-10-11 11:18 - 2013-08-22 16:44 - 000645992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-10 23:04 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2017-10-10 20:28 - 2017-05-16 22:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-10 20:25 - 2017-05-16 22:10 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-06 22:29 - 2017-05-21 13:39 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-10-06 22:01 - 2017-05-21 13:41 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Apple Computer
==================== Fichiers à la racine de certains dossiers =======
2017-10-23 19:38 - 2017-10-23 19:38 - 000000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Certains fichiers dans TEMP:
====================
2017-06-16 17:16 - 2013-06-04 10:30 - 000050432 ____R () C:\Users\Guillaume\AppData\Local\Temp\Extract.exe
2015-08-08 02:15 - 2015-08-08 02:15 - 015431568 _____ (Hewlett-Packard ) C:\Users\Guillaume\AppData\Local\Temp\SP63973.exe
2015-08-07 19:57 - 2015-08-07 19:57 - 154950360 _____ (Hewlett-Packard ) C:\Users\Guillaume\AppData\Local\Temp\SP63975.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-10-21 12:59
==================== Fin de FRST.txt ============================