Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01 Exécuté par bloup (administrateur) sur PM (11-07-2016 16:36:45) Exécuté depuis C:\Users\bloup\Downloads Profils chargés: bloup (Profils disponibles: bloup) Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe (Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe (Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\Win64ShellLink.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM-x32\...\Run: [MalTray] => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe [818640 2016-05-16] (Glarysoft Ltd) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-3969209626-152959329-2116453770-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-05-30] (Glarysoft Ltd) HKU\S-1-5-21-3969209626-152959329-2116453770-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-3969209626-152959329-2116453770-1001\...\Policies\Explorer: [] HKU\S-1-5-21-3969209626-152959329-2116453770-1001\...\MountPoints2: {3cfc589a-f06e-11e5-825d-de64a854b046} - "F:\setup.exe" AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [387536 2013-08-10] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [326224 2013-08-10] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk [2016-07-04] ShortcutTarget: rvlkl.lnk -> C:\ProgramData\rvlkl\rvlkl.exe (Logixoft) BootExecute: autocheck autochk * ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{2AB07BA9-7B91-43FD-8ADB-616EB03BAED2}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit) FireFox: ======== FF ProfilePath: C:\Users\bloup\AppData\Roaming\Mozilla\Firefox\Profiles\88h18mfm.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-25] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-25] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-29] (Google Inc.) FF Plugin HKU\S-1-5-21-3969209626-152959329-2116453770-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\bloup\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-19] (Unity Technologies ApS) FF user.js: detected! => C:\Users\bloup\AppData\Roaming\Mozilla\Firefox\Profiles\88h18mfm.default\user.js [2016-04-08] FF Extension: Adblock Plus - C:\Users\bloup\AppData\Roaming\Mozilla\Firefox\Profiles\88h18mfm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29] Chrome: ======= CHR Profile: C:\Users\bloup\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\bloup\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-29] CHR Extension: (Google Docs) - C:\Users\bloup\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-30] CHR Extension: (Google Drive) - C:\Users\bloup\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-29] CHR Extension: (YouTube) - C:\Users\bloup\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-29] CHR Extension: (Google Sheets) - C:\Users\bloup\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-29] CHR Extension: (Google Docs hors connexion) - C:\Users\bloup\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-30] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bloup\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03] CHR Extension: (Gmail) - C:\Users\bloup\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-29] ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.) S3 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit) S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd) S2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [125440 2016-03-17] (Dassault Systèmes) [Fichier non signé] S3 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319888 2014-12-31] (Intel Corporation) S3 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-08-25] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-08-25] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4297216 2016-04-17] (Qualcomm Atheros Communications, Inc.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-03-12] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-03-12] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [23368 2013-08-07] (ELAN Microelectronic Corp.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-03-12] (REALiX(tm)) S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185600 2016-03-16] (Intel Corporation) S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-03-16] (Synaptics Incorporated) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [36712 2016-03-16] (Toshiba Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-08-25] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-08-25] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-08-25] (Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-07-11 16:36 - 2016-07-11 16:37 - 00009863 _____ C:\Users\bloup\Downloads\FRST.txt 2016-07-11 16:36 - 2016-07-11 16:36 - 00000000 ____D C:\FRST 2016-07-11 16:35 - 2016-07-11 16:36 - 02390528 _____ (Farbar) C:\Users\bloup\Downloads\FRST64.exe 2016-07-11 16:33 - 2016-07-11 16:34 - 01741312 _____ (Farbar) C:\Users\bloup\Downloads\FRST.exe 2016-07-10 14:44 - 2016-07-10 14:44 - 00001249 _____ C:\Users\Public\Desktop\Malware Hunter.lnk 2016-07-10 14:43 - 2016-07-10 14:44 - 00001261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malware Hunter.lnk 2016-07-10 14:43 - 2016-07-10 14:43 - 00002980 _____ C:\WINDOWS\System32\Tasks\GMHSkipUAC 2016-07-10 14:43 - 2016-07-10 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft 2016-07-10 14:43 - 2016-07-10 14:43 - 00000000 ____D C:\Program Files (x86)\Glarysoft 2016-07-10 00:05 - 2016-07-10 00:05 - 00000000 ____D C:\Users\bloup\AppData\Local\CDWLauncher 2016-07-09 23:43 - 2016-07-09 23:43 - 00000017 _____ C:\Users\bloup\Desktop\Nouveau document texte.txt 2016-07-09 14:04 - 2016-07-09 14:04 - 00000000 ____D C:\Users\bloup\Documents\NBGI 2016-07-09 00:11 - 2016-07-09 00:11 - 00000000 ____D C:\Users\bloup\Downloads\The.Witcher.3.Wild.Hunt.v1.22.incl.18DLC.FRENCH-Mephisto 2016-07-07 17:23 - 2016-07-07 17:23 - 00024939 _____ C:\Users\bloup\Desktop\comp.gpx 2016-07-07 17:04 - 2016-07-07 17:04 - 00000000 ____D C:\Users\bloup\Downloads\Dessin technique - Lecture de plan 2016-07-07 11:47 - 2016-07-07 11:47 - 00023064 _____ C:\Users\bloup\Desktop\sup am.gpx 2016-07-05 15:13 - 2016-07-05 15:36 - 86223264 _____ (Trimble Solutions Corporation) C:\Users\bloup\Downloads\Tekla_BIMsight_1.9.7_x64.exe 2016-07-05 15:11 - 2016-07-05 15:12 - 00524996 _____ C:\Users\bloup\Downloads\15 18 - CBI ORLY 16-04-15.tbp 2016-07-05 15:11 - 2016-07-05 15:12 - 00070808 _____ C:\Users\bloup\Downloads\TR__PLAN_CHARPENTE_COUVERTURE_BARDAGE_.zip 2016-07-05 15:08 - 2016-07-05 15:08 - 00025624 _____ C:\Users\bloup\Desktop\booty swing.gpx 2016-07-05 13:00 - 2016-07-05 13:00 - 00022546 _____ C:\Users\bloup\Desktop\sup.gpx 2016-07-04 20:47 - 2016-07-04 20:50 - 00000000 ____D C:\ProgramData\rvlkl 2016-07-04 20:47 - 2016-07-04 20:47 - 01411136 _____ (Logixoft) C:\Users\bloup\Downloads\revealer-keylogger-free-edition_2-09_fr_183740.exe 2016-07-04 19:43 - 2016-07-10 14:48 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-07-04 19:39 - 2016-07-04 19:40 - 00532911 _____ (jenny@vnz.com) C:\Users\bloup\Downloads\Active Malware Lifetime.exe 2016-07-04 19:33 - 2016-07-04 19:33 - 00001141 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-07-04 19:33 - 2016-07-04 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-07-04 19:32 - 2016-07-04 19:32 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-07-04 19:32 - 2016-07-04 19:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-07-04 19:32 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-07-04 19:32 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-07-04 19:32 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-07-02 18:40 - 2016-07-10 14:48 - 00000000 ____D C:\Users\bloup\Downloads\Glarysoft.Malware.Hunter.PRO.v1.10.0.21.Multilanguage-LAXiTY 2016-07-02 18:37 - 2016-07-04 19:14 - 00000000 ____D C:\Users\bloup\Downloads\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final 2016-07-02 10:43 - 2016-07-02 16:50 - 00000000 ____D C:\Users\bloup\Desktop\253190 2016-07-02 10:21 - 2016-07-02 10:21 - 00125109 _____ C:\Users\bloup\Desktop\Slash - Shadow Life (Pro).gpx 2016-07-01 20:06 - 2016-07-02 08:59 - 00000000 ____D C:\WINDOWS\Minidump 2016-07-01 11:32 - 2016-07-01 11:32 - 00072034 _____ C:\Users\bloup\Downloads\RELEVES_M. HUGO FERRON_20160115.pdf 2016-07-01 11:32 - 2016-07-01 11:32 - 00066072 _____ C:\Users\bloup\Downloads\RELEVES_M. HUGO FERRON_20160216.pdf 2016-07-01 07:52 - 2016-07-01 07:59 - 00000000 ____D C:\Program Files\Kingdom Wars 2 Battles 2016-06-30 22:10 - 2016-06-30 22:10 - 00001389 _____ C:\Users\bloup\Desktop\Steam.lnk 2016-06-30 21:28 - 2016-06-30 21:28 - 00018591 _____ C:\Users\bloup\Desktop\back to black piano.gpx 2016-06-30 12:12 - 2016-07-02 17:17 - 00000000 ____D C:\Users\bloup\Downloads\Plague Inc Evolved-PLAZA 2016-06-29 16:22 - 2016-06-29 16:22 - 00016022 _____ C:\Users\bloup\Desktop\blues.gpx 2016-06-29 16:21 - 2016-06-29 14:15 - 11814039 ____N C:\Users\bloup\Downloads\C1 Rev H - C2 Rev F - Servon - Couverture & Détails.dwg 2016-06-29 16:21 - 2016-06-29 14:15 - 02727866 ____N C:\Users\bloup\Downloads\B1 - Servon - Bardage & Détails - Rev C.dwg 2016-06-29 16:21 - 2016-06-29 14:15 - 00745088 ____N C:\Users\bloup\Downloads\C3 - Servon - Couverture Parking & Détails - Rev C.dwg 2016-06-29 16:15 - 2016-06-29 16:20 - 12227102 _____ C:\Users\bloup\Downloads\TR__2161_SERVON_-_Plans_suite_réunion_21_06_2012.zip 2016-06-28 20:28 - 2016-06-28 20:28 - 00000000 ____D C:\Users\bloup\AppData\LocalLow\SKS 2016-06-28 19:30 - 2016-07-10 17:47 - 00000000 ____D C:\Program Files (x86)\Steam 2016-06-28 14:45 - 2016-06-28 14:45 - 00028241 _____ C:\Users\bloup\Desktop\[Free-scores.com]_ruzek-michal-bachelor-blues-11493.pdf 2016-06-28 14:31 - 2016-06-28 14:31 - 00118874 _____ C:\Users\bloup\Desktop\piano.rns 2016-06-28 14:29 - 2016-06-28 14:29 - 00001569 _____ C:\Users\bloup\Desktop\Reason.lnk 2016-06-28 13:50 - 2016-06-28 13:50 - 00406528 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\ReWire.dll 2016-06-28 13:50 - 2016-06-28 13:50 - 00338432 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\REX Shared Library.dll 2016-06-28 13:39 - 2016-06-28 13:51 - 00000000 ____D C:\Users\bloup\AppData\Roaming\Propellerhead Software 2016-06-28 13:39 - 2016-06-28 13:50 - 00000000 ____D C:\ProgramData\Propellerhead Software 2016-06-27 23:00 - 2016-06-27 23:00 - 00000000 ____D C:\Users\bloup\Documents\Autodesk Application Manager 2016-06-27 22:53 - 2016-06-27 22:53 - 00002034 _____ C:\Users\Public\Desktop\A360 Desktop.lnk 2016-06-27 22:52 - 2016-06-27 22:52 - 00002121 _____ C:\Users\Public\Desktop\Autodesk ReCap 2016.lnk 2016-06-27 22:52 - 2016-06-27 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap 2016 2016-06-27 22:52 - 2016-06-27 22:52 - 00000000 ____D C:\ProgramData\FARO 2016-06-27 22:50 - 2016-06-27 22:53 - 00000000 ____D C:\Program Files (x86)\Autodesk 2016-06-27 22:49 - 2016-06-27 22:49 - 00002133 _____ C:\Users\Public\Desktop\AutoCAD 2016 - Français (French).lnk 2016-06-27 22:49 - 2016-06-27 22:49 - 00000000 ____D C:\Users\Public\Documents\Autodesk 2016-06-27 22:48 - 2016-06-27 22:48 - 00000000 ____D C:\Users\bloup\Documents\Inventor Server SDK ACAD 2016 2016-06-27 22:44 - 2016-06-27 22:44 - 00000133 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2016-06-27 22:34 - 2016-06-27 22:53 - 00000000 ____D C:\Program Files\Autodesk 2016-06-27 21:21 - 2016-06-27 21:21 - 00000000 ____D C:\Users\bloup\Documents\My Drawings 2016-06-27 21:21 - 2016-06-27 21:21 - 00000000 ____D C:\Users\bloup\AppData\Local\Dassault Systemes 2016-06-27 21:21 - 2016-06-27 21:21 - 00000000 ____D C:\Users\bloup\AppData\Local\CrashRpt 2016-06-27 21:20 - 2016-06-27 21:20 - 00002845 _____ C:\Users\Public\Desktop\DraftSight 2016 x64.lnk 2016-06-27 21:20 - 2016-06-27 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dassault Systèmes 2016-06-27 21:20 - 2016-06-27 21:20 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared 2016-06-27 21:19 - 2016-06-27 21:21 - 00000000 ____D C:\Users\bloup\AppData\Roaming\DraftSight 2016-06-27 21:19 - 2016-06-27 21:19 - 00000000 ____D C:\ProgramData\Dassault Systemes 2016-06-27 21:19 - 2016-06-27 21:19 - 00000000 ____D C:\Program Files\Dassault Systemes 2016-06-27 01:01 - 2016-07-07 02:39 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-06-27 00:12 - 2016-06-27 01:33 - 192563560 _____ (Microsoft Corporation) C:\Users\bloup\Downloads\DraftSight64.exe 2016-06-26 14:43 - 2016-06-26 14:43 - 00000000 ____D C:\Users\bloup\Desktop\slash 2016-06-25 19:18 - 2016-06-25 19:18 - 00089938 _____ C:\Users\bloup\Desktop\beethoven-ludwig-van-fur-elise-4100.pdf 2016-06-25 10:55 - 2016-06-25 10:56 - 00000000 ____D C:\Users\bloup\AppData\Local\Adobe 2016-06-24 16:04 - 2016-06-24 16:05 - 00000000 ____D C:\Autodesk 2016-06-24 16:04 - 2016-06-24 16:04 - 00067593 _____ C:\Users\bloup\Downloads\Servon - Détail Bardage Cintré KIOSQUE.dwg 2016-06-21 09:20 - 2016-07-03 20:27 - 00000000 ____D C:\Users\bloup\AppData\Local\kt 2016-06-21 09:18 - 2016-06-21 09:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdom Wars 2 Battles 2016-06-21 09:12 - 2016-07-02 13:12 - 00000000 ____D C:\Program Files (x86)\Kingdom Wars 2 Battles 2016-06-19 09:33 - 2016-07-05 19:51 - 00000000 ____D C:\Users\bloup\Desktop\jeux 2016-06-19 09:32 - 2016-06-19 09:43 - 00000000 ____D C:\Users\bloup\Desktop\tab 19062016 2016-06-18 16:19 - 2016-07-09 09:46 - 00000000 ____D C:\Users\bloup\Downloads\Adam Rafferty - Stevie Wonder Vol1 2016-06-18 16:18 - 2016-06-18 16:23 - 00000000 ____D C:\Users\bloup\Downloads\Kingdom.Wars.2.Undead.Rising-CODEX 2016-06-18 01:13 - 2016-06-14 19:13 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-06-18 01:13 - 2016-06-14 19:13 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-17 21:58 - 2016-06-17 21:59 - 00000034 _____ C:\WINDOWS\AvastEmUpdate.ini 2016-06-17 21:46 - 2016-06-17 21:47 - 00000000 ____D C:\Users\bloup\Downloads\Adam Rafferty - Stevie Wonder Vol2 2016-06-17 10:24 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-06-17 10:24 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-06-17 10:24 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-06-17 10:24 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-06-17 10:24 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-06-17 10:24 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-06-17 10:24 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2016-06-17 10:24 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-06-17 10:24 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-06-17 10:24 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-06-17 10:24 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-06-17 10:24 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-06-17 10:24 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-06-17 10:24 - 2016-05-20 23:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-06-17 10:24 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-06-17 10:24 - 2016-05-20 23:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-06-17 10:24 - 2016-05-20 23:19 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-06-17 10:24 - 2016-05-20 23:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-06-17 10:24 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-06-17 10:24 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-06-17 10:24 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-06-17 10:24 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-06-17 10:24 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-06-17 10:24 - 2016-05-20 23:09 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-06-17 10:24 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-06-17 10:24 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-06-17 10:24 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-06-17 10:24 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-06-17 10:24 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-06-17 10:24 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-06-17 10:24 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-06-17 10:24 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-06-17 10:24 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-06-17 10:12 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2016-06-17 10:12 - 2016-06-03 15:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-06-17 10:12 - 2016-06-02 19:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-06-17 10:12 - 2016-05-29 17:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-06-17 10:12 - 2016-05-29 17:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-06-17 10:12 - 2016-05-29 17:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-06-17 10:12 - 2016-05-29 17:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-06-17 10:12 - 2016-05-29 17:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll 2016-06-17 10:12 - 2016-05-29 17:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-06-17 10:02 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2016-06-17 10:02 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2016-06-17 09:55 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-06-17 09:55 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-06-17 09:49 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2016-06-17 09:49 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll 2016-06-17 09:49 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll 2016-06-17 09:49 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll 2016-06-17 09:49 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2016-06-17 09:49 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL 2016-06-17 09:49 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll 2016-06-17 09:49 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-06-17 09:48 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2016-06-17 09:48 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-06-17 09:45 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-06-17 09:45 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-06-17 09:36 - 2016-05-14 01:09 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-06-17 09:36 - 2016-05-09 23:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2016-06-17 09:36 - 2016-05-09 22:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2016-06-17 09:36 - 2016-05-09 22:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-06-17 09:36 - 2016-05-09 22:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-06-17 09:35 - 2016-05-16 23:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-06-17 09:35 - 2016-05-16 23:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-06-17 09:35 - 2016-05-16 23:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-06-17 09:35 - 2016-05-16 23:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-06-17 09:35 - 2016-05-14 01:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-06-17 09:35 - 2016-05-14 01:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2016-06-17 09:35 - 2016-05-14 01:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2016-06-17 09:35 - 2016-05-14 00:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-06-17 09:35 - 2016-05-13 23:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-06-17 09:34 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-06-17 09:34 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-06-17 09:34 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-06-17 09:34 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-06-17 09:31 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2016-06-17 09:31 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2016-06-17 09:31 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2016-06-17 09:31 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll 2016-06-17 09:31 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-06-17 09:31 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll 2016-06-17 09:31 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-06-13 18:23 - 2016-06-19 09:34 - 00000000 ____D C:\Users\bloup\Downloads\Masters of the Telecaster with Arlen Roth 2016-06-13 16:48 - 2016-06-21 04:14 - 00000000 ____D C:\Users\bloup\Downloads\Game.of.Thrones.EXTRAS.Saison.4 2016-06-13 15:47 - 2016-06-13 16:11 - 00000000 ____D C:\FFOutput 2016-06-13 15:47 - 2016-06-13 15:47 - 00000000 ____D C:\Users\bloup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory 2016-06-13 15:47 - 2016-06-13 15:47 - 00000000 ____D C:\Program Files (x86)\FormatFactory 2016-06-13 14:34 - 2016-06-13 15:09 - 45376272 _____ (Free Time Co., Ltd) C:\Users\bloup\Downloads\FFSetup3.9.0.1.exe 2016-06-13 12:59 - 2016-06-25 11:01 - 00000000 ____D C:\Users\bloup\Downloads\Nina Simone - Les 50 plus belles chansons (2015)-MP3 2016-06-13 12:56 - 2016-06-20 04:22 - 00000000 ____D C:\Users\bloup\Downloads\Caravan Palace - Panic (2012) 2016-06-06 13:51 - 2016-06-06 13:51 - 00000000 ____D C:\ProgramData\Guitar Pro 6 2016-06-06 00:46 - 2016-06-06 00:46 - 00000000 ____D C:\Users\bloup\AppData\Local\Macromedia 2016-06-03 23:17 - 2016-06-03 23:17 - 00003734 _____ C:\WINDOWS\System32\Tasks\GlaryOneClickOptimizer 5 2016-06-03 23:17 - 2016-06-03 23:17 - 00003296 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5 2016-06-03 20:26 - 2016-06-03 21:12 - 124391752 _____ C:\Users\bloup\Downloads\Atlas de la France toxique 2016 (pdf).pdf 2016-06-03 18:07 - 2016-06-03 23:07 - 00002962 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC 2016-06-03 18:07 - 2016-06-03 18:07 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys 2016-06-03 18:07 - 2016-06-03 18:07 - 00001125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2016-06-03 18:07 - 2016-06-03 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2016-06-03 17:28 - 2016-06-08 21:21 - 00000284 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_bloup.job 2016-06-03 17:28 - 2016-06-03 23:08 - 00002386 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_bloup 2016-06-03 17:05 - 2016-06-03 17:15 - 00000000 ____D C:\Users\bloup\Downloads\Glary.Utilities.PRO.v5.52.0.73+V Portable.Multilang.Incl-Keygen--- 2016-06-03 13:11 - 2016-07-02 16:54 - 00000000 ____D C:\Users\bloup\Downloads\AutoCad 2016 Fr 64 bits_delta 2016-06-03 12:11 - 2016-06-25 10:57 - 00000000 ____D C:\Users\bloup\Downloads\Learning Autodesk AutoCAD 2016 2016-06-02 15:28 - 2016-06-02 15:28 - 00734712 _____ C:\Users\bloup\Downloads\freecorder6-setup-6.0.exe 2016-06-02 10:29 - 2016-06-03 21:18 - 520415561 _____ C:\Users\bloup\Downloads\first contact.mp4 2016-06-01 23:39 - 2016-06-02 04:42 - 875145681 _____ C:\Users\bloup\Downloads\Organisez-vous - Community organizing - Le pouvoir du collectif.mp4 2016-06-01 23:32 - 2016-07-10 14:43 - 00000000 ____D C:\ProgramData\GlarySoft 2016-06-01 21:42 - 2016-06-02 02:12 - 860085619 _____ C:\Users\bloup\Downloads\Bac ou crève - Génération quoi - Infrarouge - .mp4 2016-06-01 10:37 - 2016-06-01 10:47 - 00000000 ____D C:\Users\bloup\Downloads\[1001 albums n°990] - Amy Winehouse - Back To Black (Deluxe Edition)[2006][320kbps] 2016-06-01 10:30 - 2016-06-01 13:27 - 00000000 ____D C:\Users\bloup\Downloads\Amy_Winehouse-Lioness_Hidden_Treasures-2011-pLAN9 2016-06-01 10:27 - 2016-06-19 09:32 - 00000000 ____D C:\Users\bloup\Desktop\compil voiture 2016-06-01 00:14 - 2016-06-01 05:18 - 1223523990 _____ C:\Users\bloup\Downloads\de_la_drogue_dans_nos_assiettes.mkv 2016-05-31 13:27 - 2016-05-31 13:27 - 00000000 ____D C:\Users\bloup\Downloads\Le monde selon Monsanto - Arte [DVDRip - FR - XviD] 2016-05-30 22:25 - 2016-05-31 01:17 - 579602183 _____ C:\Users\bloup\Downloads\Hold up sur la banane.mp4 2016-05-30 10:23 - 2016-05-30 10:24 - 00000000 ____D C:\Users\bloup\Downloads\Game.of.Thrones.S06E06.VOSTFR.HDTV.x264-Visual 2016-05-29 21:33 - 2016-05-29 22:01 - 00000000 ____D C:\Users\bloup\Downloads\Encore.Heureux.2015.FRENCH.WEBRip.x264-SVR 2016-05-29 07:48 - 2016-05-29 22:08 - 333002179 _____ C:\Users\bloup\Downloads\Person.of.Interest.S05E08.VOSTFR.HDTV.x264-ARK01.mp4 2016-05-28 18:15 - 2016-05-28 22:27 - 00000000 ____D C:\Users\bloup\Downloads\Vol.au.dessus.d.un.nid.de.coucou.1975-[M.Forman]-x264-vostfr-J.Nicholson_pik 2016-05-28 10:56 - 2016-05-28 13:45 - 152524035 _____ C:\Users\bloup\Downloads\acoustic guitare. tablatures &partitions PDF+play back MP3 .by odul.rar 2016-05-28 10:55 - 2016-05-30 04:35 - 00000000 ____D C:\Users\bloup\Downloads\Patrick Rondat - Virtuosité et vélocité à la guitare 2016-05-28 10:55 - 2016-05-30 01:29 - 112789560 _____ C:\Users\bloup\Downloads\noir desir.tablatures&partitions PDF+play back MP3-par odul.rar 2016-05-28 10:10 - 2006-06-28 01:42 - 00006583 _____ C:\Users\bloup\Downloads\Montand, Yves - Les Feuilles Mortes.gp4 2016-05-28 10:09 - 2016-05-28 10:09 - 00001957 _____ C:\Users\bloup\Downloads\Montand, Yves - Les Feuilles Mortes.zip 2016-05-27 15:24 - 2016-05-27 15:27 - 06042904 _____ (AVAST Software) C:\Users\bloup\Downloads\avastclear.exe 2016-05-25 23:34 - 2016-05-26 01:12 - 37438600 _____ C:\Users\bloup\Downloads\La logique en images - EDP Sciences.pdf 2016-05-25 22:41 - 2016-05-29 03:35 - 849510544 _____ C:\Users\bloup\Downloads\Afrique, les arbres de la vie - L'hippopotame et l'arbre à saucisses.mp4 2016-05-25 09:59 - 2016-05-25 14:34 - 317692891 _____ C:\Users\bloup\Downloads\Person.of.Interest.S05E06.VOSTFR.HDTV.x264-ARK01.mp4 2016-05-22 10:54 - 2016-05-23 23:47 - 00000000 ____D C:\Users\bloup\Downloads\Hero Corp_Saison 2 2016-05-22 10:28 - 2016-06-03 09:17 - 00000000 __SHD C:\Users\bloup\IntelGraphicsProfiles 2016-05-18 13:48 - 2016-05-20 01:14 - 00000000 ____D C:\Users\bloup\Downloads\Hero corp 2016-05-17 18:00 - 2016-05-17 22:13 - 734074880 _____ C:\Users\bloup\Downloads\Comment réussir quand on est con et pleurnichard.avi 2016-05-17 13:00 - 2016-05-17 13:32 - 00000000 ____D C:\Users\bloup\Downloads\Person.of.Interest.S05E04.FASTSUB.VOSTFR.HDTV.x264-Visual 2016-05-15 19:51 - 2016-05-17 16:37 - 00000000 ____D C:\Users\bloup\Downloads\Hero Corp saison 3 Fr 2016-05-15 18:24 - 2016-05-15 19:05 - 132983808 _____ C:\Users\bloup\Downloads\hero corp -la voie de klaus 05.mp4 2016-05-15 13:29 - 2016-05-15 23:55 - 360787915 _____ C:\Users\bloup\Downloads\ARTE.Reportage.Jordanie.le.rire.de.Daech.Centrafrique.une.radio.au.coeur.du.chaos.Arte.TvRip.Avc.AAC.mp4 2016-05-15 11:03 - 2016-05-15 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Monde diplomatique 2016-05-14 15:15 - 2016-05-14 22:32 - 00000000 ____D C:\Users\bloup\Downloads\Gaz de schiste, les lobbies contre-attaquent PDTV Mkv x264 aac Re.se12 2016-05-14 14:36 - 2016-05-14 21:47 - 546430576 _____ C:\Users\bloup\Downloads\The.Trust.2016.FRENCH.BDRip.x264.AAC-SharerHD.mp4 2016-05-13 19:34 - 2016-05-13 22:20 - 607001722 _____ C:\Users\bloup\Downloads\Schneider vs Bax - Alex van Warmerdam 2015 - VOSTFR DVDRip.x264.Toutatix.mkv 2016-05-11 19:23 - 2016-05-15 08:00 - 00000000 ____D C:\Users\bloup\Downloads\Le Monde Diplomatique Archives 1954-2012-ISO(Pc,MAC,LINUX)Repost 2016-05-11 11:01 - 2016-05-11 11:01 - 00000000 ____D C:\Users\bloup\AppData\Roaming\diplo 2016-05-11 11:01 - 2016-05-11 11:01 - 00000000 ____D C:\Users\bloup\AppData\Local\diplo 2016-05-11 10:51 - 2016-05-11 10:56 - 00000000 ____D C:\Users\bloup\Downloads\Comment.C.Est.Loin.2015.FRENCH.DVDRip.x264-UTT 2016-05-10 23:27 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-05-10 23:27 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-05-10 23:27 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-05-10 23:11 - 2016-04-11 08:21 - 00074584 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys 2016-05-10 23:11 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-05-03 21:39 - 2016-05-03 21:40 - 00000000 ____D C:\Users\bloup\Downloads\Dark.Souls.III.Update.v1.04-CODEX 2016-05-03 13:15 - 2016-05-03 16:34 - 00000000 ____D C:\Users\bloup\Downloads\Slash - World On Fire (2014) [FLAC] 2016-05-03 12:58 - 2016-05-03 16:59 - 00000000 ____D C:\Users\bloup\Downloads\[FLAC] Santana Ultimate 2016-05-03 12:09 - 2016-05-03 12:13 - 00000000 ____D C:\Users\bloup\Downloads\VA - Linval Presents Space Invaders (2016) 2016-04-29 18:57 - 2016-04-29 22:37 - 727359588 _____ C:\Users\bloup\Downloads\Le.Grand.Partage.2015.FRENCH.WEBRip.XVID-EVE.avi 2016-04-29 18:56 - 2016-05-01 21:22 - 00000000 ____D C:\Users\bloup\Downloads\Cerveau sexe et quelques préjugés 2016-04-27 22:44 - 2016-04-27 22:45 - 00000000 ____D C:\Users\bloup\Downloads\La.Vie.Tres.Privee.De.Monsieur.Sim.2015.FRENCH.WEBRip.XviD-ViVi 2016-04-26 23:39 - 2016-04-29 00:04 - 1662421691 _____ C:\Users\bloup\Downloads\Joe Satriani - Front And Center 2014.720p HDTV.mkv 2016-04-26 23:39 - 2016-04-26 23:39 - 00000000 ____D C:\Users\bloup\Downloads\Le Monde Diplomatique Archives 1954-2012-ISO(Pc,MAC,LINUX) 2016-04-24 19:13 - 2016-04-25 03:39 - 00000000 ____D C:\Users\bloup\Downloads\Dark.Souls.III.Update.v1.03.1-CODEX 2016-04-24 10:09 - 2016-06-03 18:07 - 00000000 ____D C:\Users\bloup\AppData\Roaming\GlarySoft 2016-04-24 10:09 - 2016-06-03 01:26 - 00000000 ____D C:\Users\bloup\AppData\Roaming\DiskDefrag 2016-04-24 09:47 - 2016-04-24 10:11 - 00002864 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (bloup) 2016-04-24 01:10 - 2016-04-24 10:07 - 00000000 ____D C:\Users\bloup\Downloads\Glary.Utilities.PRO.v5.49.0.69+V Portable.Multilang.Incl-Keygen--- 2016-04-23 18:42 - 2016-04-23 18:42 - 00000000 ____D C:\Users\bloup\Downloads\Dark Souls 3 2016-04-23 17:32 - 2016-04-23 19:53 - 350287174 _____ C:\Users\bloup\Downloads\Comment je suis devenue invisible (Fr.2015)_Fr4.2016-03-28_clo2.mp4 2016-04-23 17:13 - 2016-06-19 09:40 - 00000000 ____D C:\Users\bloup\AppData\Roaming\SmartSteamEmu 2016-04-21 23:49 - 2016-04-21 23:49 - 02466136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-04-21 23:49 - 2016-04-21 23:49 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2016-04-21 23:49 - 2016-04-21 23:49 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2016-04-21 08:56 - 2016-04-21 09:03 - 00000000 ____D C:\Users\bloup\Downloads\Overture v3.0.1-FRUITED 2016-04-20 19:38 - 2016-04-20 21:13 - 00000000 ____D C:\Users\bloup\Downloads\Better.Call.Saul.S02E10.FiNAL.VOSTFR.HDTV.x264-Visual 2016-04-20 19:38 - 2016-04-20 19:51 - 32832428 _____ C:\Users\bloup\Downloads\Science & Vie N°1184 - Mai 2016.pdf 2016-04-20 19:22 - 2016-04-20 22:48 - 00000000 ____D C:\Users\bloup\Downloads\The very best of hard rock ballads 2016-04-17 14:39 - 2016-04-17 14:39 - 04297216 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athwbx.sys 2016-04-17 14:37 - 2016-04-24 10:11 - 00003232 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler 2016-04-16 23:59 - 2016-04-17 00:06 - 1575793667 _____ C:\Users\bloup\Downloads\ARTE Documentaire Broken Land TVripHD.mp4 2016-04-15 21:41 - 2016-04-15 21:41 - 00000000 ____D C:\Users\bloup\AppData\Roaming\The Creative Assembly 2016-04-15 19:11 - 2016-04-15 19:28 - 00000000 ____D C:\Users\bloup\Downloads\Les.nouveaux.chiens.de.garde 2016-04-14 23:02 - 2016-04-14 23:02 - 00000000 ____D C:\Users\bloup\Downloads\Mais.qui.a.re-tue.Pamela.Rose.2012.FRENCH.BDRip.XviD-AYMO 2016-04-13 10:21 - 2016-04-13 10:24 - 00000000 ____D C:\Users\bloup\AppData\Roaming\DarkSoulsIII 2016-04-13 10:21 - 2016-04-13 10:21 - 00000000 ____D C:\Users\bloup\AppData\Roaming\Steam 2016-04-13 08:58 - 2016-05-03 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Souls III 2016-04-12 22:47 - 2016-06-03 23:10 - 00000000 ____D C:\Users\bloup\Documents\maya 2016-04-12 22:47 - 2016-04-12 22:47 - 00000000 ____D C:\ProgramData\FLEXnet 2016-04-12 22:39 - 2016-06-29 16:22 - 00000000 ____D C:\Users\bloup\AppData\Local\Autodesk 2016-04-12 22:35 - 2016-06-27 23:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2016-04-12 22:22 - 2016-06-27 23:00 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared 2016-04-12 22:16 - 2016-06-29 16:29 - 00000000 ____D C:\Users\bloup\AppData\Roaming\Autodesk 2016-04-12 22:16 - 2016-06-29 16:29 - 00000000 ____D C:\ProgramData\Autodesk 2016-04-12 00:55 - 2016-04-12 20:19 - 00000000 ____D C:\Users\bloup\Downloads\Dark Souls III-CODEX ==================== Trois mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-07-11 13:26 - 2016-03-22 03:03 - 00000000 ____D C:\Users\bloup\AppData\Roaming\vlc 2016-07-10 18:22 - 2016-03-12 14:39 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3969209626-152959329-2116453770-1001 2016-07-10 15:03 - 2013-12-27 20:21 - 00000000 ____D C:\Intel 2016-07-10 13:12 - 2016-06-03 18:07 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5 2016-07-10 13:11 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-07-10 00:04 - 2016-03-15 23:41 - 00000000 ____D C:\Users\bloup\Documents\My Games 2016-07-09 15:17 - 2014-11-21 00:46 - 01932084 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-07-09 15:17 - 2014-11-21 00:03 - 00852096 _____ C:\WINDOWS\system32\perfh00C.dat 2016-07-09 15:17 - 2014-11-21 00:03 - 00176758 _____ C:\WINDOWS\system32\perfc00C.dat 2016-07-09 15:17 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-07-09 10:48 - 2016-03-12 14:58 - 00000000 ____D C:\Users\bloup\AppData\Roaming\qBittorrent 2016-07-08 22:24 - 2016-03-13 15:06 - 00000000 ____D C:\Users\bloup\Desktop\sauvegarde 2016-07-07 18:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-07-01 20:51 - 2013-08-22 16:44 - 00415264 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-06-27 22:47 - 2013-08-22 17:36 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2016-06-27 03:47 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2016-06-21 09:11 - 2016-03-22 23:48 - 00000000 ____D C:\Users\bloup\AppData\Roaming\DAEMON Tools Lite 2016-06-18 01:12 - 2016-06-10 09:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-06-18 01:12 - 2016-03-16 18:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-06-18 01:12 - 2016-03-12 23:20 - 00000000 ____D C:\Program Files\AVAST Software 2016-06-18 01:08 - 2015-08-25 01:28 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-06-18 01:08 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-06-17 12:21 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-06-17 12:16 - 2016-03-14 00:43 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-06-17 12:12 - 2016-03-14 00:43 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======= 2016-06-27 22:44 - 2016-06-27 22:44 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {4d22a2ab-6f22-11e3-8252-806e6f6e6963} {4d22a2ac-6f22-11e3-8252-806e6f6e6963} {4d22a2ad-6f22-11e3-8252-806e6f6e6963} timeout 2 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} integrityservices Enable default {current} resumeobject {920f6688-e672-11e5-b919-8c3e027df32f} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {4d22a2ab-6f22-11e3-8252-806e6f6e6963} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {4d22a2ac-6f22-11e3-8252-806e6f6e6963} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {4d22a2ad-6f22-11e3-8252-806e6f6e6963} description EFI Network Application logicielle (101fffff) -------------------------------- identificateur {97ec0e48-cf40-11e3-825c-806e6f6e6963} path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 8.1 locale fr-FR inherit {bootloadersettings} recoverysequence {920f668a-e672-11e5-b919-8c3e027df32f} integrityservices Enable recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {920f6688-e672-11e5-b919-8c3e027df32f} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {920f668a-e672-11e5-b919-8c3e027df32f} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{920f668b-e672-11e5-b919-8c3e027df32f} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{920f668b-e672-11e5-b919-8c3e027df32f} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {97fe461d-6f22-11e3-8252-c45444056810} device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{97fe461e-6f22-11e3-8252-c45444056810} path \windows\system32\winload.efi description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{97fe461e-6f22-11e3-8252-c45444056810} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {920f6685-e672-11e5-b919-8c3e027df32f} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {97fe461d-6f22-11e3-8252-c45444056810} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {920f6688-e672-11e5-b919-8c3e027df32f} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {920f668a-e672-11e5-b919-8c3e027df32f} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {920f6687-e672-11e5-b919-8c3e027df32f} description Windows Setup ramdisksdidevice partition=C: ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {920f668b-e672-11e5-b919-8c3e027df32f} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {97fe461e-6f22-11e3-8252-c45444056810} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume1 ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2016-07-11 03:05 ==================== Fin de FRST.txt ============================