Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 Exécuté par bougredane (administrateur) sur PCW81 (20-03-2017 13:55:48) Exécuté depuis D:\Téléchargements Profils chargés: bougredane (Profils disponibles: bougredane & JujuVava) Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2777392 2015-12-08] (NVIDIA Corporation) HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-02-22] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-03] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [17000 2016-06-03] (Avira Operations GmbH & Co. KG) HKLM-x32\...\RunOnce: [{0b46d918-af4f-4612-8076-5c0ae67cb2aa}] => C:\ProgramData\Package Cache\{0b46d918-af4f-4612-8076-5c0ae67cb2aa}\Avira.OE.Setup.Bundle.exe [978808 2017-03-20] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-774003580-2127106621-1425529808-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-12-19] (TomTom) HKU\S-1-5-21-774003580-2127106621-1425529808-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{440097CB-D1B6-45DC-8321-51F939059CDD}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=repair&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=repair&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=repair&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=repair&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q= HKU\S-1-5-21-774003580-2127106621-1425529808-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=repair&q= HKU\S-1-5-21-774003580-2127106621-1425529808-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=repair&q= HKU\S-1-5-21-774003580-2127106621-1425529808-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp HKU\S-1-5-21-774003580-2127106621-1425529808-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q= HKU\S-1-5-21-774003580-2127106621-1425529808-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-774003580-2127106621-1425529808-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FireFox: ======== FF ProfilePath: C:\Users\bougredane\AppData\Roaming\TomTom\HOME\Profiles\it247vaz.default [2015-04-10] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2015-04-10] [non signé] FF ProfilePath: C:\Users\bougredane\AppData\Roaming\Mozilla\Firefox\Profiles\vrf6wrtb.default-1425146840121 [2015-10-20] FF Extension: (ADB Helper) - C:\Users\bougredane\AppData\Roaming\Mozilla\Firefox\Profiles\vrf6wrtb.default-1425146840121\Extensions\adbhelper@mozilla.org [2015-10-06] [non signé] FF Extension: (Valence) - C:\Users\bougredane\AppData\Roaming\Mozilla\Firefox\Profiles\vrf6wrtb.default-1425146840121\Extensions\fxdevtools-adapters@mozilla.org [2015-10-06] FF Extension: (DebrideurStreaming) - C:\Users\bougredane\AppData\Roaming\Mozilla\Firefox\Profiles\vrf6wrtb.default-1425146840121\Extensions\jid1-6gzTcCreJnRqoIj7t8ltxj2HuKc@jetpack.xpi [2015-04-10] [non signé] FF Extension: (WOT) - C:\Users\bougredane\AppData\Roaming\Mozilla\Firefox\Profiles\vrf6wrtb.default-1425146840121\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-12] FF Extension: (Adblock Plus) - C:\Users\bougredane\AppData\Roaming\Mozilla\Firefox\Profiles\vrf6wrtb.default-1425146840121\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-06] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-774003580-2127106621-1425529808-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\bougredane\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS) Chrome: ======= CHR Profile: C:\Users\bougredane\AppData\Local\Google\Chrome\User Data\Default [2017-03-20] CHR Extension: (Adobe Acrobat) - C:\Users\bougredane\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-13] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bougredane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-13] CHR Extension: (Chrome Media Router) - C:\Users\bougredane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-13] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-03] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519144 2017-03-03] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349560 2017-03-09] (Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [310152 2017-02-10] (Avira Operations GmbH & Co. KG) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Fichier non signé] R2 Dedicarz Service; C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe [1970544 2014-09-15] () [Fichier non signé] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-12-08] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-12-08] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6299952 2015-12-08] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4804400 2015-12-08] (NVIDIA Corporation) S2 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [734488 2016-08-29] (Orange SA) R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [27272 2016-06-03] (Avira Operations GmbH & Co. KG) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [161824 2017-03-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [163976 2017-03-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG) R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] () S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-12-08] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) S3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2014-03-03] (Microsoft Corporation) S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2014-03-03] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-03-20 13:54 - 2017-03-20 13:55 - 00000000 ____D C:\FRST 2017-03-20 12:57 - 2017-03-20 12:57 - 00001161 _____ C:\Users\Public\Desktop\Avira Connect.lnk 2017-03-13 21:45 - 2017-03-13 21:45 - 00001868 _____ C:\Users\Public\Desktop\ZHPFix.lnk 2017-03-13 21:45 - 2017-03-13 21:45 - 00000000 ____D C:\Program Files (x86)\ZHPFix 2017-03-13 21:40 - 2017-03-13 21:42 - 00072138 _____ C:\Users\bougredane\Desktop\ZHPCleaner.txt 2017-03-13 21:29 - 2017-03-13 21:29 - 00000886 _____ C:\Users\bougredane\Desktop\ZHPCleaner.lnk 2017-03-13 21:23 - 2017-03-13 21:23 - 00262144 ____N C:\Windows\Minidump\031317-35078-01.dmp 2017-03-03 06:58 - 2016-12-22 23:42 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-03-03 06:58 - 2016-12-22 23:42 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-02-20 16:51 - 2017-02-20 16:51 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2017-02-20 16:51 - 2017-02-20 16:51 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2017-02-20 15:31 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-02-20 15:31 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-02-20 15:31 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-02-20 15:31 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-02-20 15:30 - 2016-11-19 22:24 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2017-02-20 15:30 - 2016-11-19 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-02-20 15:30 - 2016-11-19 18:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-02-20 15:30 - 2016-11-16 22:49 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2017-02-20 15:30 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-02-20 15:30 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-02-20 15:30 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-02-20 15:30 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-02-20 15:30 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-02-20 15:30 - 2016-11-12 19:23 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-02-20 15:30 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-02-20 15:30 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-02-20 15:30 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-02-20 15:30 - 2016-11-12 18:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-02-20 15:30 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-02-20 15:30 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-02-20 15:30 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-02-20 15:30 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-02-20 15:30 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-02-20 15:30 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-02-20 15:30 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-02-20 15:30 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-02-20 15:30 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-02-20 15:30 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-02-20 15:30 - 2016-11-05 21:46 - 00422744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2017-02-20 15:30 - 2016-11-05 19:35 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-02-20 15:30 - 2016-11-05 18:57 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2017-02-20 15:30 - 2016-11-05 18:11 - 03606528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2017-02-20 15:30 - 2016-11-05 16:56 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2017-02-20 15:30 - 2016-11-05 16:46 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2017-02-20 15:30 - 2016-10-28 03:56 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-02-20 15:30 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-02-20 15:30 - 2016-10-27 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2017-02-20 15:30 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-02-20 15:30 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-02-20 15:30 - 2016-10-27 18:47 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-02-20 15:30 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-02-20 15:30 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-02-20 15:30 - 2016-10-22 17:57 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2017-02-20 15:30 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-02-20 15:30 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-02-20 15:30 - 2016-10-22 17:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-02-20 15:30 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-02-20 15:30 - 2016-10-13 20:06 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2017-02-20 15:30 - 2016-10-13 20:06 - 01124376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2017-02-20 15:30 - 2016-10-12 22:11 - 00922968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys 2017-02-20 15:30 - 2016-10-11 21:21 - 00497448 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2017-02-20 15:30 - 2016-10-11 21:21 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2017-02-20 15:30 - 2016-10-11 19:34 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2017-02-20 15:30 - 2016-10-11 00:31 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2017-02-20 15:30 - 2016-10-10 22:17 - 00444248 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-02-20 15:30 - 2016-10-10 22:17 - 00333656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-02-20 15:30 - 2016-10-09 23:59 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2017-02-20 15:30 - 2016-10-08 23:53 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2017-02-20 15:30 - 2016-10-08 23:24 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2017-02-20 15:30 - 2016-10-08 23:21 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-02-20 15:30 - 2016-10-08 23:18 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2017-02-20 15:30 - 2016-10-08 23:07 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2017-02-20 15:30 - 2016-10-08 22:49 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2017-02-20 15:30 - 2016-10-08 22:31 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2017-02-20 15:30 - 2016-10-08 22:21 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2017-02-20 15:30 - 2016-10-08 22:10 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2017-02-20 15:30 - 2016-10-08 02:34 - 01660040 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2017-02-20 15:30 - 2016-10-08 02:34 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2017-02-20 15:30 - 2016-10-05 15:01 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2017-02-20 15:30 - 2016-10-05 15:00 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2017-02-20 15:30 - 2016-10-05 05:15 - 01969944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2017-02-20 15:30 - 2016-10-05 05:15 - 01613528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2017-02-20 15:30 - 2016-10-05 05:15 - 00324896 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2017-02-20 15:30 - 2016-10-01 01:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-02-20 15:30 - 2016-09-27 21:16 - 00445873 _____ C:\Windows\system32\ApnDatabase.xml 2017-02-20 15:30 - 2016-09-20 23:30 - 02462040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2017-02-20 15:30 - 2016-09-14 02:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-02-20 15:30 - 2016-09-14 02:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2017-02-20 15:30 - 2016-09-09 15:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2017-02-20 15:30 - 2016-09-08 15:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2017-02-20 15:30 - 2016-09-07 23:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-02-20 15:30 - 2016-09-07 22:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2017-02-20 15:30 - 2016-09-07 22:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-02-20 15:30 - 2016-09-07 22:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-02-20 15:30 - 2016-09-07 22:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2017-02-20 15:30 - 2016-09-03 17:12 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2017-02-20 15:30 - 2016-09-03 16:58 - 00397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2017-02-20 15:30 - 2016-09-01 15:33 - 00377856 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll 2017-02-20 15:30 - 2016-09-01 15:33 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll 2017-02-20 15:30 - 2016-09-01 15:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll 2017-02-20 15:30 - 2016-08-30 03:18 - 00871936 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll 2017-02-20 15:30 - 2016-08-30 03:03 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll 2017-02-20 15:30 - 2016-08-25 21:50 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2017-02-20 15:30 - 2016-08-25 20:40 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll 2017-02-20 15:30 - 2016-08-22 14:34 - 01628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2017-02-20 15:30 - 2016-08-12 22:47 - 15431168 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2017-02-20 15:30 - 2016-08-12 21:52 - 13317120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2017-02-20 15:30 - 2016-08-12 02:58 - 02315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2017-02-20 15:30 - 2016-08-12 02:58 - 01946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2017-02-20 15:30 - 2016-08-03 16:42 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2017-02-20 15:30 - 2016-08-03 16:36 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2017-02-20 15:30 - 2016-07-30 18:12 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2017-02-20 15:30 - 2016-07-30 17:36 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2017-02-20 15:29 - 2016-11-19 22:24 - 00152856 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-02-20 15:29 - 2016-11-19 20:29 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-02-20 15:29 - 2016-11-19 18:22 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-02-20 15:29 - 2016-11-12 22:06 - 00738104 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2017-02-20 15:29 - 2016-11-12 20:38 - 00613632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2017-02-20 15:29 - 2016-11-11 03:33 - 01541240 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2017-02-20 15:29 - 2016-11-09 18:25 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2017-02-20 15:29 - 2016-11-02 21:48 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2017-02-20 15:29 - 2016-11-02 21:48 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2017-02-20 15:29 - 2016-11-02 15:03 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2017-02-20 15:29 - 2016-11-02 15:00 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2017-02-20 15:29 - 2016-10-27 15:28 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-02-20 15:29 - 2016-10-12 22:49 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2017-02-20 15:29 - 2016-10-11 18:47 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2017-02-20 15:29 - 2016-10-11 17:55 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2017-02-20 15:29 - 2016-10-11 17:45 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll 2017-02-20 15:29 - 2016-10-10 19:18 - 00069976 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2017-02-20 15:29 - 2016-10-10 19:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cmimcext.sys 2017-02-20 15:29 - 2016-10-09 15:17 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll 2017-02-20 15:29 - 2016-10-09 15:08 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll 2017-02-20 15:29 - 2016-10-09 15:08 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll 2017-02-20 15:29 - 2016-10-05 15:00 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2017-02-20 15:29 - 2016-10-05 14:52 - 00513456 _____ C:\Windows\SysWOW64\locale.nls 2017-02-20 15:29 - 2016-10-05 14:52 - 00513456 _____ C:\Windows\system32\locale.nls 2017-02-20 15:29 - 2016-10-05 05:15 - 00245320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2017-02-20 15:29 - 2016-10-04 21:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2017-02-20 15:29 - 2016-10-04 21:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2017-02-20 15:29 - 2016-10-04 21:08 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2017-02-20 15:29 - 2016-10-04 21:08 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2017-02-20 15:29 - 2016-09-17 19:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll 2017-02-20 15:29 - 2016-09-17 18:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll 2017-02-20 15:29 - 2016-09-14 02:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-02-20 15:29 - 2016-09-14 02:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2017-02-20 15:29 - 2016-09-12 23:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll 2017-02-20 15:29 - 2016-09-12 22:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll 2017-02-20 15:29 - 2016-09-09 23:14 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2017-02-20 15:29 - 2016-09-09 15:15 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll 2017-02-20 15:29 - 2016-09-09 15:09 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll 2017-02-20 15:29 - 2016-09-09 15:03 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll 2017-02-20 15:29 - 2016-09-09 15:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll 2017-02-20 15:29 - 2016-09-08 21:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys 2017-02-20 15:29 - 2016-09-08 15:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2017-02-20 15:29 - 2016-09-03 19:20 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll 2017-02-20 15:29 - 2016-09-03 19:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll 2017-02-20 15:29 - 2016-09-03 18:21 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsidsc.dll 2017-02-20 15:29 - 2016-09-03 18:18 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll 2017-02-20 15:29 - 2016-09-03 17:05 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2017-02-20 15:29 - 2016-09-02 15:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll 2017-02-20 15:29 - 2016-09-02 15:05 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll 2017-02-20 15:29 - 2016-08-30 15:11 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll 2017-02-20 15:29 - 2016-08-30 03:45 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll 2017-02-20 15:29 - 2016-08-30 03:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll 2017-02-20 15:29 - 2016-08-13 01:05 - 09323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2017-02-20 15:29 - 2016-08-13 01:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys 2017-02-20 15:29 - 2016-08-13 01:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys 2017-02-20 15:29 - 2016-08-13 01:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys 2017-02-20 15:29 - 2016-08-12 23:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll 2017-02-20 15:29 - 2016-08-12 23:19 - 09323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2017-02-20 15:29 - 2016-08-12 22:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll 2017-02-20 15:29 - 2016-08-11 19:33 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys 2017-02-20 15:29 - 2016-08-11 19:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys 2017-02-20 15:29 - 2016-08-11 19:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys 2017-02-20 15:29 - 2016-08-11 18:17 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe 2017-02-20 15:29 - 2016-08-03 16:36 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll 2017-02-20 15:29 - 2016-08-03 16:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll 2017-02-20 15:29 - 2016-07-26 14:40 - 00162850 _____ C:\Windows\SysWOW64\C_932.NLS 2017-02-20 15:29 - 2016-07-26 14:40 - 00162850 _____ C:\Windows\system32\C_932.NLS 2017-02-20 15:29 - 2016-07-23 19:18 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2017-02-20 15:29 - 2016-07-23 19:12 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2017-02-20 15:29 - 2016-07-08 15:17 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll 2017-02-20 15:28 - 2017-02-20 15:28 - 00135554 _____ C:\Users\bougredane\Desktop\CHEQUE CULTURE 2017.pdf 2017-02-20 15:26 - 2016-08-27 20:44 - 22360288 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2017-02-20 15:26 - 2016-08-27 20:44 - 02755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2017-02-20 15:26 - 2016-08-27 20:44 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe 2017-02-20 15:26 - 2016-08-27 19:26 - 19789232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2017-02-20 15:26 - 2016-08-27 19:26 - 02411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2017-02-20 15:26 - 2016-08-27 19:26 - 00113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe 2017-02-20 15:26 - 2016-08-27 17:33 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2017-02-20 15:26 - 2016-08-27 17:11 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2017-02-20 15:26 - 2016-08-27 17:09 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2017-02-20 15:26 - 2016-08-27 16:55 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2017-02-20 14:38 - 2016-12-01 15:13 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll 2017-02-20 14:38 - 2016-12-01 15:13 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll 2017-02-20 14:38 - 2016-12-01 15:11 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll 2017-02-20 14:38 - 2016-12-01 15:11 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll 2017-02-20 14:38 - 2016-10-20 14:14 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2017-02-20 14:38 - 2016-10-20 14:10 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-03-20 13:48 - 2015-01-24 00:16 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-774003580-2127106621-1425529808-1001 2017-03-20 13:36 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-20 13:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2017-03-20 13:14 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2017-03-20 12:57 - 2016-06-10 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-03-20 12:55 - 2015-01-24 00:31 - 00000000 ____D C:\ProgramData\Package Cache 2017-03-20 12:44 - 2015-01-24 23:06 - 00000000 ___DO C:\Users\bougredane\SkyDrive 2017-03-20 12:41 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-13 22:06 - 2015-01-24 00:09 - 00000000 ____D C:\Users\bougredane 2017-03-13 21:45 - 2015-02-28 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2017-03-13 21:42 - 2015-02-28 19:11 - 00000000 ____D C:\Users\bougredane\AppData\Roaming\ZHP 2017-03-13 21:23 - 2015-02-22 14:09 - 00000000 ____D C:\Windows\Minidump 2017-03-13 10:33 - 2015-12-13 21:21 - 00000000 ____D C:\Users\bougredane\Desktop\congé parental 2017-03-13 08:51 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2017-03-07 07:03 - 2016-06-10 16:42 - 00001063 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk 2017-03-03 07:32 - 2016-10-13 16:40 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys 2017-03-03 07:32 - 2016-06-10 16:27 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2017-03-03 07:32 - 2016-06-10 16:27 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2017-03-03 07:32 - 2016-06-10 16:27 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2017-03-03 07:32 - 2016-06-10 16:27 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2017-03-03 06:54 - 2013-08-22 15:44 - 00512656 _____ C:\Windows\system32\FNTCACHE.DAT 2017-02-20 17:01 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI 2017-02-20 16:56 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2017-02-20 16:56 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe 2017-02-20 15:43 - 2015-08-10 21:27 - 00002220 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-20 15:43 - 2015-08-10 21:27 - 00002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-20 14:54 - 2015-01-24 12:30 - 00000000 ____D C:\Windows\system32\MRT 2017-02-20 14:45 - 2014-03-03 19:51 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======= 2016-12-31 22:53 - 2016-12-31 22:53 - 0000036 _____ () C:\Users\bougredane\AppData\Local\housecall.guid.cache Certains fichiers dans TEMP: ==================== 2015-01-24 00:37 - 2016-05-28 14:40 - 0000000 ____D () C:\Users\bougredane\AppData\Local\Temp\avgnt.exe 2016-12-14 16:50 - 2012-09-23 10:51 - 0145184 ____R (Microsoft Corporation) C:\Users\bougredane\AppData\Local\Temp\ose00000.exe 2016-03-30 17:17 - 2016-03-30 17:17 - 0000000 ____D () C:\Users\JujuVava\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-06-10 19:42 ==================== Fin de FRST.txt ============================