Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2017 01 Exécuté par Christian (administrateur) sur BOULANGER10 (28-01-2017 10:16:35) Exécuté depuis C:\Users\Christian\Documents\1DONNÉES\LOGICIELS\3 UTILITAIRES\Farbar Recovery Scan Tool Download Profils chargés: Christian (Profils disponibles: Christian) Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Opera) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Ulrich Krebs) C:\Program Files (x86)\Kalender\Kalender.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (SFX TEAM) C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16122.10271.0_x64__8wekyb3d8bbwe\Music.UI.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser_crashreporter.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe () C:\Program Files\AVAST Software\Avast\AvastNM.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser.exe (The OpenVPN Project) C:\Program Files\AVAST Software\Avast\OpenVPN\openvpn.exe (The OpenVPN Project) C:\Program Files\AVAST Software\Avast\OpenVPN\openvpn.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor) HKLM-x32\...\Run: [ACPW05FR] => C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe [822384 2011-11-17] (ACD Systems) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-05] (AVAST Software) HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKU\S-1-5-21-882138500-2661160341-1300980738-1002\...\Run: [Kalender] => C:\Program Files (x86)\Kalender\Kalender.exe [991232 2015-11-01] (Ulrich Krebs) HKU\S-1-5-21-882138500-2661160341-1300980738-1002\...\Run: [Ub4TrayApp] => C:\Program Files (x86)\Astase\UltraBackup\4.0\bin\ubtray.exe [1392128 2007-02-18] (Astase) HKU\S-1-5-21-882138500-2661160341-1300980738-1002\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPME.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-882138500-2661160341-1300980738-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPME.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-882138500-2661160341-1300980738-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd) HKU\S-1-5-21-882138500-2661160341-1300980738-1002\...\RunOnce: [Uninstall C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" HKU\S-1-5-21-882138500-2661160341-1300980738-1002\...\Policies\Explorer: [NoInternetOpenWith] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-05] (AVAST Software) Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk [2016-12-02] ShortcutTarget: Super Finder XT.lnk -> C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (FSL) BootExecute: autocheck autochk /r \??\G:autocheck autochk * ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\..\Interfaces\{3d02e009-96d7-4a2f-b325-61f04197363e}: [NameServer] 77.234.40.79 Tcpip\..\Interfaces\{73462336-6d11-4871-af21-37017e634cbf}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-882138500-2661160341-1300980738-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-882138500-2661160341-1300980738-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE FireFox: ======== FF DefaultProfile: n3n5d44a.default FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\n3n5d44a.default [2017-01-27] FF NewTab: Mozilla\Firefox\Profiles\n3n5d44a.default -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\n3n5d44a.default -> Yahoo! (Avast) FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\n3n5d44a.default -> Yahoo! (Avast) FF SelectedSearchEngine: Mozilla\Firefox\Profiles\n3n5d44a.default -> Yahoo! (Avast) FF Homepage: Mozilla\Firefox\Profiles\n3n5d44a.default -> hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl FF Extension: (Avast Passwords) - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\n3n5d44a.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2016-12-14] FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\n3n5d44a.default\searchplugins\yahoo-avast.xml [2016-11-30] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-25] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-25] FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-01-18] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default [2017-01-26] CHR Extension: (Google Slides) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-30] CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-30] CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-30] CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-30] CHR Extension: (Recherche Google) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-11-30] CHR Extension: (Avast Passwords) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2016-12-09] CHR Extension: (Avast SafePrice) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-12-06] CHR Extension: (Google Sheets) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-30] CHR Extension: (Google Docs hors connexion) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-30] CHR Extension: (Avast Online Security) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-24] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-30] CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-30] CHR Extension: (Chrome Media Router) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-24] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-05] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-12-05] (AVAST Software) S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [595560 2015-10-06] (Intel Corporation) R2 Dedicarz Service; C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe [1970544 2014-09-15] () [Fichier non signé] R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353896 2015-10-06] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation) S2 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [734488 2016-08-29] (Orange SA) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 asstahci64; C:\WINDOWS\System32\drivers\asstahci64.sys [89448 2015-10-02] (Asmedia Technology) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-12-05] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-12-05] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-12-05] (AVAST Software) R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [453192 2016-12-05] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-12-05] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-05] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-12-05] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-12-05] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-12-05] (AVAST Software) R3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2016-12-05] (The OpenVPN Project) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-05] (AVAST Software) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek ) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation) S4 InCDFs; system32\drivers\InCDFs.sys [X] S1 InCDPass; system32\drivers\InCDPass.sys [X] S1 InCDRm; system32\drivers\InCDRm.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-01-28 10:15 - 2017-01-28 10:16 - 00000000 ____D C:\FRST 2017-01-27 16:09 - 2017-01-27 16:09 - 00001700 _____ C:\Users\Christian\Desktop\Sprint.exe - Raccourci.lnk 2017-01-27 15:55 - 2017-01-27 15:55 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2017-01-27 15:55 - 2017-01-27 15:55 - 00000000 ____D C:\Program Files\Common Files\AV 2017-01-26 11:13 - 2017-01-26 11:13 - 00002310 _____ C:\Users\Christian\Desktop\PhotoFiltre.exe - Raccourci.lnk 2017-01-26 11:11 - 2017-01-26 11:11 - 00001723 _____ C:\Users\Christian\Desktop\PhotoZoom Pro.lnk 2017-01-26 11:09 - 2017-01-26 11:09 - 00001976 _____ C:\Users\Christian\Desktop\GSpot.exe - Raccourci.lnk 2017-01-26 11:03 - 2017-01-26 11:03 - 00000580 _____ C:\Users\Christian\Documents\cc_20170126_110343.reg 2017-01-26 09:02 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-26 09:02 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-01-25 10:14 - 2016-12-05 12:55 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-01-24 18:26 - 2017-01-24 18:26 - 00000460 _____ C:\Users\Christian\Documents\cc_20170124_182606.reg 2017-01-23 17:26 - 2017-01-23 17:26 - 00001202 _____ C:\Users\Christian\Documents\cc_20170123_172652.reg 2017-01-23 16:53 - 2017-01-23 16:53 - 00000000 ____D C:\1DONNÉES 2017-01-22 18:24 - 2017-01-23 10:04 - 00000000 ____D C:\Users\Christian\Desktop\PHOTOS 2017-01-21 11:13 - 2017-01-21 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2017-01-21 11:13 - 2017-01-21 11:13 - 00000000 ____D C:\ProgramData\Auslogics 2017-01-21 11:13 - 2017-01-21 11:13 - 00000000 ____D C:\Program Files (x86)\Auslogics 2017-01-20 12:11 - 2017-01-20 12:11 - 00038346 _____ C:\Users\Christian\Documents\cc_20170120_121117.reg 2017-01-20 11:34 - 2017-01-20 11:34 - 00000000 ___HD C:\$SysReset 2017-01-18 16:45 - 2017-01-27 09:33 - 00000967 _____ C:\Users\Christian\Desktop\1DONNÉES.lnk 2017-01-18 16:45 - 2017-01-18 16:45 - 00001214 _____ C:\Users\Christian\Desktop\1 DOCUMENTS PERSOS.lnk 2017-01-18 16:45 - 2017-01-18 16:45 - 00001089 _____ C:\Users\Christian\Desktop\VIDEO.lnk 2017-01-18 16:04 - 2017-01-18 16:11 - 00000000 ____D C:\Users\Christian\Documents\1DONNÉES 2017-01-16 17:12 - 2017-01-16 17:13 - 00000000 ____D C:\Program Files (x86)\CyberLink 2017-01-16 12:18 - 2017-01-16 12:18 - 00001767 _____ C:\Users\Christian\Desktop\Dido & Aeneas - Raccourci.lnk 2017-01-15 09:07 - 2017-01-15 09:07 - 00000814 _____ C:\Users\Christian\Desktop\Documents.lnk 2017-01-15 09:03 - 2011-07-13 13:59 - 00072240 _____ (Nero AG) C:\WINDOWS\system32\Drivers\NBVol.sys 2017-01-15 09:03 - 2011-07-13 13:59 - 00015920 _____ (Nero AG) C:\WINDOWS\system32\Drivers\NBVolUp.sys 2017-01-15 09:01 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2017-01-15 09:01 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll 2017-01-15 09:01 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll 2017-01-15 09:01 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll 2017-01-15 09:01 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll 2017-01-15 09:01 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll 2017-01-15 09:01 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll 2017-01-15 09:00 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2017-01-15 09:00 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll 2017-01-15 09:00 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll 2017-01-15 09:00 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll 2017-01-14 16:04 - 2017-01-14 16:07 - 00000000 ____D C:\Users\Christian\Documents\2VIDÉOS AetG AVI 2017-01-13 16:01 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-01-13 16:01 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-01-13 16:01 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2017-01-13 16:01 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-01-13 16:01 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2017-01-13 16:01 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-01-13 16:01 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2017-01-13 16:01 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-01-13 16:01 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-01-13 16:01 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-01-13 16:01 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2017-01-13 16:01 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-01-13 16:01 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-01-13 16:01 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2017-01-13 16:01 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-01-13 16:01 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-01-13 16:01 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-01-13 16:01 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-01-13 16:01 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-01-13 16:01 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-01-13 16:01 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-01-13 16:01 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-01-13 16:01 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-01-13 16:01 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-01-13 16:01 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2017-01-13 16:01 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-01-13 16:01 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-01-13 16:01 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-01-13 16:01 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2017-01-13 16:01 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-01-13 16:01 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-01-13 16:01 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-01-13 16:00 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2017-01-13 16:00 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-01-13 16:00 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-01-13 16:00 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-01-13 16:00 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-01-13 16:00 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-01-13 16:00 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-01-13 16:00 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-01-13 16:00 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-01-13 16:00 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2017-01-13 16:00 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-01-13 16:00 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-01-13 16:00 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-01-13 16:00 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2017-01-13 16:00 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-01-13 16:00 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-01-13 16:00 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-01-13 16:00 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2017-01-13 16:00 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2017-01-13 16:00 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2017-01-13 16:00 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-01-13 16:00 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-01-13 16:00 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-13 16:00 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-01-13 16:00 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll 2017-01-13 16:00 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2017-01-13 16:00 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-01-13 16:00 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-01-13 15:56 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-01-13 15:55 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2017-01-13 15:55 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-01-13 15:55 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-01-13 15:55 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-01-13 15:55 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2017-01-13 15:55 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-01-13 15:55 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-01-13 15:55 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-01-13 15:55 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-01-13 15:55 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-01-13 15:55 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-01-13 15:55 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-01-13 15:55 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-01-13 15:55 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2017-01-13 15:55 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2017-01-13 15:55 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2017-01-13 15:55 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2017-01-13 15:55 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-01-13 15:55 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2017-01-13 15:55 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-01-13 15:55 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-01-13 15:55 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-01-13 15:55 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-01-13 15:55 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-01-13 15:55 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-01-13 15:55 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-01-13 15:55 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-01-13 15:55 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-01-13 15:55 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-01-13 15:55 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-01-13 15:55 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-01-13 15:55 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-01-13 15:55 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2017-01-13 15:55 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-01-13 15:55 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-01-13 15:55 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-01-13 15:55 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2017-01-13 15:55 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-01-13 15:55 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-01-13 15:55 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-01-13 15:55 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-01-13 15:55 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-01-13 15:55 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-01-13 15:55 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-01-13 15:55 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-01-13 15:55 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-01-13 15:55 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-01-13 15:55 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2017-01-13 15:55 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-01-13 15:55 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-01-13 15:55 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-01-13 15:55 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-01-13 15:55 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-01-13 15:55 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-01-13 15:55 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-01-13 15:55 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2017-01-13 15:55 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-01-13 15:55 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-01-13 15:55 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-01-13 15:55 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-01-13 15:55 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-01-13 15:55 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-01-13 15:55 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-01-13 15:55 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-01-13 15:55 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-01-13 15:55 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2017-01-13 15:55 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-01-13 15:55 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-01-13 15:55 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-01-13 15:55 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-01-13 15:55 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-01-13 15:55 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-01-13 15:55 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-01-13 15:54 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2017-01-13 15:54 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-01-13 15:54 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-01-13 15:54 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2017-01-13 15:54 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-01-13 15:54 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll 2017-01-13 15:54 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2017-01-13 15:54 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-01-13 15:54 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-01-13 15:54 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-01-13 15:54 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-01-13 15:54 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-01-13 15:54 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-01-13 15:54 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2017-01-13 15:54 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-01-13 15:54 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2017-01-13 15:54 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2017-01-13 15:54 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2017-01-13 15:54 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-01-13 15:54 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-13 15:54 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-01-13 15:54 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2017-01-13 15:54 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll 2017-01-13 15:54 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-01-13 15:54 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-01-13 15:54 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2017-01-13 15:54 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2017-01-13 15:54 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-01-13 15:54 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-01-13 15:54 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-01-13 15:54 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-01-13 15:54 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-01-13 15:29 - 2017-01-13 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Drive Data Recovery 2017-01-13 15:29 - 2017-01-13 15:29 - 00000000 ____D C:\Program Files (x86)\MunSoft 2017-01-12 12:02 - 2017-01-12 12:02 - 03988944 _____ C:\Users\Christian\Desktop\adwcleaner_6.042.exe 2016-12-31 11:15 - 2016-12-31 11:17 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{465ae2d3-cf41-11e6-aa90-f44d304967ef}.TMContainer00000000000000000002.regtrans-ms 2016-12-31 11:15 - 2016-12-31 11:17 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{465ae2d3-cf41-11e6-aa90-f44d304967ef}.TMContainer00000000000000000001.regtrans-ms 2016-12-31 11:15 - 2016-12-31 11:17 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{465ae2d3-cf41-11e6-aa90-f44d304967ef}.TM.blf 2016-12-31 11:13 - 2016-12-31 11:21 - 00524288 ___SH C:\Users\Christian\NTUSER.DAT{465ae2cf-cf41-11e6-aa90-f44d304967ef}.TMContainer00000000000000000002.regtrans-ms 2016-12-31 11:13 - 2016-12-31 11:21 - 00524288 ___SH C:\Users\Christian\NTUSER.DAT{465ae2cf-cf41-11e6-aa90-f44d304967ef}.TMContainer00000000000000000001.regtrans-ms 2016-12-31 11:13 - 2016-12-31 11:21 - 00065536 ___SH C:\Users\Christian\NTUSER.DAT{465ae2cf-cf41-11e6-aa90-f44d304967ef}.TM.blf 2016-12-31 11:11 - 2017-01-21 11:13 - 00001246 _____ C:\Users\Christian\Desktop\Auslogics DiskDefrag.lnk 2016-12-29 10:46 - 2016-12-29 10:46 - 00000017 _____ C:\Users\Christian\Desktop\O.txt 2016-12-29 10:42 - 2016-12-29 10:42 - 00000010 _____ C:\Users\Christian\Desktop\AVAST.txt ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-01-28 10:05 - 2016-12-03 18:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-01-28 09:50 - 2016-12-06 15:57 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-28 09:30 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-01-28 09:28 - 2016-07-16 23:40 - 01949758 _____ C:\WINDOWS\system32\perfh00C.dat 2017-01-28 09:28 - 2016-07-16 23:40 - 00513044 _____ C:\WINDOWS\system32\perfc00C.dat 2017-01-28 09:28 - 2016-06-15 13:42 - 04172806 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-01-28 09:24 - 2016-12-03 18:04 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-01-28 09:24 - 2016-11-28 12:29 - 00000000 __SHD C:\Users\Christian\IntelGraphicsProfiles 2017-01-28 09:23 - 2016-12-03 18:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-27 17:32 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-01-27 16:00 - 2016-12-09 17:37 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Media Player Classic 2017-01-27 11:38 - 2016-11-30 16:04 - 00000000 ____D C:\Users\Christian\AppData\LocalLow\Mozilla 2017-01-27 09:45 - 2016-12-03 18:18 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-27 09:45 - 2016-12-02 18:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-27 09:43 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-01-26 10:21 - 2016-12-09 15:19 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-25 10:23 - 2016-12-05 12:58 - 00004038 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1480939093 2017-01-25 10:23 - 2016-12-05 12:58 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-01-25 10:15 - 2016-12-05 12:58 - 00001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk 2017-01-25 10:15 - 2016-12-05 12:58 - 00001971 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk 2017-01-25 10:15 - 2016-12-03 18:18 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2017-01-25 09:40 - 2016-12-03 18:07 - 00000000 ____D C:\Users\Christian 2017-01-24 18:24 - 2016-12-02 16:04 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Audacity 2017-01-23 17:27 - 2016-12-08 09:45 - 00002084 _____ C:\WINDOWS\System32\Tasks\maLivebox 2017-01-23 12:22 - 2016-12-06 15:59 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-23 11:12 - 2016-12-12 09:33 - 00001184 _____ C:\Users\Christian\Desktop\MUSIQUE À GRAVER - Raccourci.lnk 2017-01-23 09:10 - 2016-12-28 15:56 - 00001945 _____ C:\Users\Christian\Desktop\VirtualDub 1.6.exe - Raccourci.lnk 2017-01-22 19:25 - 2016-11-30 14:48 - 00001619 _____ C:\Users\Christian\Desktop\mplayerc.lnk 2017-01-20 09:50 - 2016-12-01 16:08 - 00001812 _____ C:\Users\Christian\Desktop\CA.lnk 2017-01-19 12:20 - 2016-11-29 19:30 - 00001841 _____ C:\Users\Christian\Desktop\DivX.lnk 2017-01-19 10:48 - 2016-12-13 11:22 - 00001637 _____ C:\Users\Christian\Desktop\Hospitalisation de MICHÈLE - Raccourci.lnk 2017-01-19 10:37 - 2016-11-30 15:06 - 00002927 _____ C:\Users\Christian\Desktop\Conjugaison.lnk 2017-01-19 10:37 - 2016-11-30 15:06 - 00002875 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Conjugaison.lnk 2017-01-19 10:37 - 2016-11-30 15:06 - 00000000 ____D C:\Program Files (x86)\Conjugaison 2017-01-19 10:20 - 2016-12-01 16:08 - 00001738 _____ C:\Users\Christian\Desktop\SANTÉ.lnk 2017-01-19 10:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-01-17 11:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2017-01-16 17:13 - 2016-06-16 10:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-01-16 16:15 - 2016-11-30 15:08 - 00000000 ____D C:\AdwCleaner 2017-01-16 10:58 - 2016-11-29 18:26 - 00000000 ____D C:\Program Files (x86)\FairUse Wizard 2 2017-01-16 09:57 - 2016-11-29 18:20 - 00000082 _____ C:\Users\Christian\Desktop\DivX Titres.txt 2017-01-16 09:56 - 2016-12-08 21:00 - 00001100 _____ C:\Users\Christian\Desktop\FairUse Wizard 2.lnk 2017-01-16 09:32 - 2016-11-29 18:24 - 00000000 ____D C:\ProgramData\DVD Shrink 2017-01-15 09:03 - 2016-12-12 13:27 - 00000000 ____D C:\Program Files (x86)\Nero 2017-01-14 16:00 - 2016-04-27 07:39 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-14 15:56 - 2016-12-03 18:03 - 00385256 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-14 13:35 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-14 13:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-14 13:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-14 13:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-01-14 13:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-01-14 10:31 - 2016-11-30 16:34 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-14 10:30 - 2016-06-15 17:16 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-09 13:42 - 2016-12-04 19:30 - 00002162 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-01-07 11:08 - 2016-11-30 15:30 - 00000000 ____D C:\Users\Christian\AppData\Roaming\UK's Kalender 2017-01-07 10:52 - 2016-11-30 16:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2017-01-07 10:52 - 2016-11-30 16:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-01-02 11:43 - 2016-11-30 16:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Fichiers à la racine de certains dossiers ======= 2016-12-03 18:04 - 2016-12-03 18:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-12-02 10:45 - 2016-12-02 10:45 - 0000032 _____ () C:\ProgramData\Temp.log 2016-07-27 16:16 - 2016-07-27 16:16 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2016-07-27 16:14 - 2016-07-27 16:14 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2016-07-27 16:15 - 2016-07-27 16:15 - 0000100 _____ () C:\ProgramData\{6BADCD73-E925-46F7-A295-FF2448632728}.log 2016-07-27 16:16 - 2016-07-27 16:16 - 0000099 _____ () C:\ProgramData\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}.log 2016-07-27 16:15 - 2016-07-27 16:15 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log 2016-07-27 16:14 - 2016-07-27 16:14 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2016-07-27 16:14 - 2016-07-27 16:14 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log 2016-07-27 16:14 - 2016-07-27 16:14 - 0000099 _____ () C:\ProgramData\{F6C47233-40F6-4076-89A9-68B43C2AF5C5}.log ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-01-19 11:17 ==================== Fin de FRST.txt ============================