Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 Exécuté par TOF (administrateur) sur DESKTOP-GS5LBEP (04-04-2017 06:29:20) Exécuté depuis C:\Users\TOF\Desktop Profils chargés: TOF (Profils disponibles: jake2 & TOF) Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe (ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe () C:\Windows\System32\igfxTray.exe (ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.7870.2031\OfficeClickToRun.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-03-29] (AVAST Software) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] () HKLM-x32\...\Run: [AsInstCD] => C:\Preload64\Patch\AsInst.exe /inst ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-29] (AVAST Software) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) AutoConfigURL: [S-1-5-21-3737769620-1569259712-1830570360-1003] => hxxp://noblok.biz/wpad.dat?1c2a383efdf47fb5cb47af94438f039527436286 Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3ca13224-8425-45d9-8e58-e11c2f50206d}: [DhcpNameServer] 10.66.64.1 Tcpip\..\Interfaces\{4abb113d-8d56-40b4-9abc-4a0fea821ec6}: [DhcpNameServer] 10.66.64.1 Tcpip\..\Interfaces\{5c464ae5-617f-40eb-8537-30b467fa611a}: [DhcpNameServer] 192.168.1.1 ManualProxies: 0hxxp://noblok.biz/wpad.dat?1c2a383efdf47fb5cb47af94438f039527436286 Internet Explorer: ================== HKU\S-1-5-21-3737769620-1569259712-1830570360-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE HKU\S-1-5-21-3737769620-1569259712-1830570360-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE SearchScopes: HKU\S-1-5-21-3737769620-1569259712-1830570360-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3737769620-1569259712-1830570360-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-11] (Microsoft Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-11] (Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-29] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] () Chrome: ======= CHR HomePage: Default -> hxxps://www.google.fr/ CHR Profile: C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default [2017-04-04] CHR Extension: (Google Slides) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-29] CHR Extension: (Google Docs) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-29] CHR Extension: (Google Drive) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-29] CHR Extension: (YouTube) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-29] CHR Extension: (Tampermonkey) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-03-29] CHR Extension: (Google Sheets) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-29] CHR Extension: (Google Docs hors connexion) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-29] CHR Extension: (AdBlock) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-03] CHR Extension: (Avast Online Security) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-30] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-29] CHR Extension: (Gmail) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-29] CHR Extension: (Chrome Media Router) - C:\Users\TOF\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-29] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (Tampermonkey) - C:\Users\TOF\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2017-04-01] StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [Fichier non signé] R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-03-29] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-03-29] (AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2912496 2016-03-06] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-28] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-28] (Dropbox, Inc.) R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-07-13] (Intel Corporation) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent) R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [165616 2015-11-12] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [356336 2016-10-06] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation) R2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-12-02] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224 2015-12-02] (Intel® Corporation) S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe" [X] S4 McProxy; "C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AsusSGDrv; C:\Windows\system32\DRIVERS\AsusSGDrv.sys [142840 2016-03-04] (ASUS Corporation) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [307736 2017-03-29] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-29] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334088 2017-03-29] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-29] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-29] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [127112 2017-03-29] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-03-29] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-29] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1005048 2017-03-29] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [556784 2017-03-29] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [164064 2017-03-29] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-03-29] (AVAST Software) S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2015-10-30] (ASIX Electronics Corp.) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-07-13] (Intel Corporation) R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-07-13] (Intel Corporation) R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation) R3 iai2ce; C:\Windows\System32\drivers\iai2ce.sys [90112 2015-07-07] (Intel(R) Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [300304 2015-11-13] (Intel Corporation) R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [7394296 2016-10-06] (Intel Corporation) R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3515152 2015-12-25] (Intel Corporation) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [418784 2016-08-05] (Realsil Semiconductor Corporation) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U0 msahci; system32\drivers\msahci.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-04-04 06:29 - 2017-04-04 06:29 - 00020070 _____ C:\Users\TOF\Desktop\FRST.txt 2017-04-04 06:28 - 2017-04-04 06:29 - 00000000 ____D C:\FRST 2017-04-04 06:21 - 2017-04-04 06:28 - 02424832 _____ (Farbar) C:\Users\TOF\Desktop\FRST64.exe 2017-04-02 21:37 - 2017-04-02 21:37 - 00000000 ____D C:\Users\TOF\AppData\Local\ElevatedDiagnostics 2017-04-02 09:50 - 2017-04-02 09:50 - 00876544 _____ C:\Users\TOF\Downloads\Office_365_Serial_Key_plus_Product_Key_Free_Download.iso 2017-04-02 09:42 - 2017-04-02 09:42 - 00000000 ____D C:\Users\TOF\AppData\LocalLow\Evernote 2017-04-02 09:36 - 2017-04-02 09:36 - 00000622 _____ C:\Users\TOF\Downloads\KMSAutoLite.ini 2017-04-02 09:32 - 2017-04-02 09:32 - 06166016 _____ (Ratiborus, MSFree Inc.) C:\Users\TOF\Downloads\KMSAuto.exe 2017-04-02 09:12 - 2017-04-02 09:12 - 00000000 ____D C:\Users\TOF\AppData\Local\Microsoft Help 2017-04-02 09:08 - 2017-04-02 09:08 - 00000000 ____D C:\ProgramData\Microsoft Toolkit 2017-04-01 19:20 - 2017-04-01 19:20 - 00199328 _____ C:\Users\TOF\Downloads\kingsage_enhancement_sui (1).user.js 2017-04-01 19:10 - 2017-04-02 09:51 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2017-04-01 19:10 - 2017-04-02 09:51 - 00001362 _____ C:\Users\Public\Desktop\Opera.lnk 2017-04-01 19:10 - 2017-04-01 19:10 - 00003970 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1491066648 2017-04-01 19:10 - 2017-04-01 19:10 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Opera Software 2017-04-01 19:10 - 2017-04-01 19:10 - 00000000 ____D C:\Users\TOF\AppData\Local\Opera Software 2017-04-01 18:57 - 2017-04-01 19:11 - 00000000 ____D C:\Program Files\Opera 2017-04-01 18:57 - 2017-04-01 18:57 - 01186800 _____ (Opera Software) C:\Users\TOF\Downloads\OperaSetup.exe 2017-03-30 18:52 - 2017-03-30 19:04 - 00004822 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-03-30 18:52 - 2017-03-30 19:04 - 00004594 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-03-30 18:47 - 2017-03-30 19:04 - 00000000 ____D C:\Users\TOF\AppData\Local\Adobe 2017-03-29 21:42 - 2017-03-29 21:42 - 00000000 ____D C:\Windows\system32\SleepStudy 2017-03-29 19:26 - 2017-03-29 19:26 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Foxit Software 2017-03-29 17:52 - 2017-03-29 17:52 - 00000000 ____D C:\Users\TOF\AppData\Local\Crashpad 2017-03-29 17:04 - 2017-03-29 17:04 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-03-29 17:03 - 2017-03-29 17:03 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk 2017-03-29 17:03 - 2017-03-29 17:03 - 00001969 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk 2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software 2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Users\TOF\AppData\Roaming\AVAST Software 2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Users\TOF\AppData\Local\CEF 2017-03-29 17:03 - 2017-03-29 17:03 - 00000000 ____D C:\Program Files\Common Files\AV 2017-03-29 17:02 - 2017-03-29 18:00 - 00004268 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-03-29 17:02 - 2017-03-29 17:02 - 01005048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-03-29 17:02 - 2017-03-29 17:02 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-03-29 17:02 - 2017-03-29 17:02 - 00399944 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-03-29 17:02 - 2017-03-29 17:02 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-03-29 17:02 - 2017-03-29 17:02 - 00164064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-03-29 17:02 - 2017-03-29 17:02 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-03-29 17:02 - 2017-03-29 17:02 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-03-29 17:02 - 2017-03-29 17:02 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-03-29 17:02 - 2017-03-29 17:02 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-03-29 17:02 - 2017-03-29 17:01 - 00334088 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-03-29 17:02 - 2017-03-29 17:01 - 00307736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-03-29 17:02 - 2017-03-29 17:01 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-03-29 17:02 - 2017-03-29 17:01 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-03-29 16:51 - 2017-03-29 16:51 - 00000000 ___HD C:\OneDriveTemp 2017-03-29 16:41 - 2017-03-29 16:41 - 00000000 ____D C:\Users\jake2\AppData\Roaming\awsRun 2017-03-29 16:39 - 2017-03-29 16:39 - 00000000 ____D C:\Users\jake2\AppData\Roaming\Macromedia 2017-03-29 16:37 - 2017-03-29 16:37 - 00000000 ____D C:\Users\jake2\AppData\Local\MicrosoftEdge 2017-03-29 16:36 - 2017-03-29 17:03 - 00000000 ___RD C:\Users\jake2\OneDrive 2017-03-29 16:36 - 2017-03-29 16:36 - 00002384 _____ C:\Users\jake2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-03-29 16:35 - 2017-03-29 16:35 - 00000801 _____ C:\Users\jake2\Desktop\Assistant Mise à niveau de Windows 10.lnk 2017-03-29 16:35 - 2017-03-29 16:35 - 00000000 ____D C:\Users\jake2\AppData\Local\Comms 2017-03-29 16:35 - 2017-03-29 16:35 - 00000000 ____D C:\Users\jake2\AppData\Local\ActiveSync 2017-03-29 16:34 - 2017-03-29 16:34 - 00000000 ____D C:\Users\jake2\AppData\Local\VirtualStore 2017-03-29 16:34 - 2017-03-29 16:34 - 00000000 ____D C:\Users\jake2\AppData\Local\Publishers 2017-03-29 16:34 - 2017-03-29 16:34 - 00000000 ____D C:\Users\jake2\AppData\Local\Google 2017-03-29 16:33 - 2017-03-29 17:02 - 00000206 _____ C:\Users\jake2\AppData\Roaming\sp_data.sys 2017-03-29 16:33 - 2017-03-29 16:52 - 00000000 ____D C:\Users\jake2\AppData\Local\Packages 2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 __SHD C:\Users\jake2\IntelGraphicsProfiles 2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Roaming\WebStorage 2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Roaming\Intel 2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Roaming\Adobe 2017-03-29 16:33 - 2017-03-29 16:33 - 00000000 ____D C:\Users\jake2\AppData\Local\TileDataLayer 2017-03-29 16:18 - 2017-03-29 16:18 - 00003976 _____ C:\Windows\System32\Tasks\Update Checker 2017-03-29 16:08 - 2017-03-29 16:09 - 00199328 _____ C:\Users\TOF\Downloads\kingsage_enhancement_sui.user.js 2017-03-29 16:01 - 2017-03-29 16:01 - 00000000 ____D C:\Program Files\AVAST Software 2017-03-29 15:57 - 2017-03-29 21:28 - 00000000 ____D C:\ProgramData\AVAST Software 2017-03-29 15:51 - 2017-04-02 09:51 - 00002554 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-03-29 15:40 - 2017-03-29 15:40 - 00003586 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-03-29 15:40 - 2017-03-29 15:40 - 00003462 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-03-29 15:32 - 2017-03-29 15:57 - 06654960 _____ (AVAST Software) C:\Users\TOF\Downloads\avast_free_antivirus_setup_online.exe 2017-03-29 15:21 - 2017-03-29 15:21 - 00000000 ____D C:\Users\TOF\AppData\Local\NetworkTiles 2017-03-29 15:14 - 2017-03-29 15:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2017-03-29 14:50 - 2017-03-29 14:50 - 00000000 ___HD C:\$GetCurrent 2017-03-29 14:44 - 2017-04-04 06:10 - 00004174 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4A11163B-676F-44C8-9D00-F517B46C52DA} 2017-03-28 21:30 - 2017-03-28 21:30 - 00245640 _____ C:\Users\TOF\Downloads\Firefox Setup Stub 52.0.2.exe 2017-03-28 20:18 - 2017-03-28 20:18 - 00002365 _____ C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Leboncoin.lnk 2017-03-28 20:11 - 2017-03-28 20:11 - 00000000 ____D C:\Users\TOF\AppData\Local\Comms 2017-03-28 20:10 - 2017-03-29 19:09 - 00000000 ____D C:\Users\TOF\AppData\Local\Google 2017-03-28 20:10 - 2017-03-29 15:51 - 00000000 ____D C:\Program Files (x86)\Google 2017-03-28 20:10 - 2017-03-28 20:10 - 00003286 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-03-28 20:09 - 2017-03-28 20:09 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Skype 2017-03-28 20:09 - 2015-10-29 19:43 - 06238720 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000c.dll 2017-03-28 20:09 - 2015-10-29 19:41 - 06238720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons000c.dll 2017-03-28 20:09 - 2015-10-29 19:30 - 02354176 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000c.dll 2017-03-28 20:09 - 2015-10-29 19:27 - 02268672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData000c.dll 2017-03-28 20:07 - 2017-03-28 20:07 - 00000000 ____D C:\Users\TOF\AppData\Local\MicrosoftEdge 2017-03-28 19:59 - 2017-03-28 19:59 - 00001053 _____ C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk 2017-03-28 19:59 - 2017-03-28 19:59 - 00000000 ____D C:\Users\TOF\AppData\Roaming\awsRun 2017-03-28 19:55 - 2017-03-28 20:10 - 00002407 _____ C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-03-28 19:55 - 2017-03-28 20:10 - 00000000 ___RD C:\Users\TOF\OneDrive 2017-03-28 19:54 - 2017-03-29 16:35 - 00000813 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à niveau de Windows 10.lnk 2017-03-28 19:54 - 2017-03-29 16:35 - 00000000 ____D C:\Windows10Upgrade 2017-03-28 19:54 - 2017-03-28 19:54 - 00000801 _____ C:\Users\TOF\Desktop\Assistant Mise à niveau de Windows 10.lnk 2017-03-28 19:53 - 2017-03-28 19:53 - 00000000 ____D C:\Users\TOF\AppData\Local\ActiveSync 2017-03-28 19:52 - 2017-03-28 19:52 - 00002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB.lnk 2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Macromedia 2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Roaming\DropboxOEM 2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Local\Publishers 2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\Users\TOF\AppData\Local\DropboxOEM 2017-03-28 19:52 - 2017-03-28 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016 2017-03-28 19:51 - 2017-04-04 06:08 - 00000206 _____ C:\Users\TOF\AppData\Roaming\sp_data.sys 2017-03-28 19:51 - 2017-04-04 06:08 - 00000000 ____D C:\Users\TOF\AppData\Local\ASUS GIFTBOX 2017-03-28 19:51 - 2017-04-04 06:07 - 00000000 __SHD C:\Users\TOF\IntelGraphicsProfiles 2017-03-28 19:51 - 2017-03-28 21:11 - 00000000 ____D C:\Users\TOF\AppData\Local\Packages 2017-03-28 19:51 - 2017-03-28 19:55 - 00000000 ____D C:\Users\TOF 2017-03-28 19:51 - 2017-03-28 19:51 - 00000020 ___SH C:\Users\TOF\ntuser.ini 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Voisinage réseau 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Voisinage d'impression 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Modèles 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Mes documents 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Menu Démarrer 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Documents\Mes vidéos 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Documents\Mes images 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\Documents\Ma musique 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 _SHDL C:\Users\TOF\AppData\Local\Historique 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Roaming\WebStorage 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Intel 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Roaming\Adobe 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Local\VirtualStore 2017-03-28 19:51 - 2017-03-28 19:51 - 00000000 ____D C:\Users\TOF\AppData\Local\TileDataLayer 2017-03-28 19:47 - 2017-03-29 16:36 - 00000000 ____D C:\Users\jake2 2017-03-28 19:47 - 2017-03-28 19:47 - 00000020 ___SH C:\Users\jake2\ntuser.ini 2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Voisinage réseau 2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Voisinage d'impression 2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Modèles 2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Mes documents 2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Menu Démarrer 2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Documents\Mes vidéos 2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Documents\Mes images 2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\Documents\Ma musique 2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2017-03-28 19:47 - 2017-03-28 19:47 - 00000000 _SHDL C:\Users\jake2\AppData\Local\Historique 2017-03-28 19:39 - 2017-03-28 19:51 - 00000000 ____D C:\ProgramData\USBChargerPlus 2017-03-28 19:39 - 2017-03-28 19:39 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2017-03-28 19:38 - 2017-04-04 06:07 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-03-28 19:37 - 2017-03-28 19:37 - 00000000 ___SD C:\Windows\UpdateAssistantV2 2017-03-28 19:37 - 2016-12-20 11:09 - 00025952 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-04-04 06:28 - 2016-03-24 14:06 - 00000424 _____ C:\Windows\Tasks\WpsUpdateTask_Administrator.job 2017-04-04 06:07 - 2016-03-24 14:06 - 00001222 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2017-04-03 22:37 - 2016-03-24 14:06 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2017-04-03 21:32 - 2016-03-24 14:06 - 00000424 _____ C:\Windows\Tasks\WpsNotifyTask_Administrator.job 2017-04-03 14:55 - 2017-01-11 14:53 - 00003550 _____ C:\Windows\System32\Tasks\ASUS Live Update1 2017-04-03 14:55 - 2017-01-11 14:53 - 00003540 _____ C:\Windows\System32\Tasks\ASUS Live Update2 2017-04-02 21:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\NDF 2017-04-02 18:15 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF 2017-04-02 09:09 - 2016-03-24 21:21 - 00810080 _____ C:\Windows\system32\perfh013.dat 2017-04-02 09:09 - 2016-03-24 21:21 - 00159714 _____ C:\Windows\system32\perfc013.dat 2017-04-02 09:09 - 2016-03-24 21:14 - 00803362 _____ C:\Windows\system32\perfh010.dat 2017-04-02 09:09 - 2016-03-24 21:14 - 00151814 _____ C:\Windows\system32\perfc010.dat 2017-04-02 09:09 - 2016-03-24 21:07 - 00826936 _____ C:\Windows\system32\perfh00C.dat 2017-04-02 09:09 - 2016-03-24 21:07 - 00156184 _____ C:\Windows\system32\perfc00C.dat 2017-04-02 09:09 - 2016-03-24 21:00 - 00765958 _____ C:\Windows\system32\perfh007.dat 2017-04-02 09:09 - 2016-03-24 21:00 - 00155498 _____ C:\Windows\system32\perfc007.dat 2017-04-02 09:09 - 2016-03-24 13:50 - 04690294 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-02 09:07 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache 2017-04-02 09:06 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp 2017-04-02 09:04 - 2015-10-30 20:19 - 00000000 ____D C:\Program Files\Windows Journal 2017-04-02 09:04 - 2015-10-30 20:10 - 00000000 ____D C:\Windows\system32\Drivers\en-GB 2017-04-02 09:04 - 2015-10-30 20:10 - 00000000 ____D C:\Windows\en-GB 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\PurchaseDialog 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\MiracastView 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\DevicesFlow 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\en-GB 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\PolicyDefinitions 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\IME 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\Help 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\System 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-04-02 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-04-02 09:04 - 2015-10-30 08:28 - 00000000 ____D C:\Windows\servicing 2017-04-02 08:49 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-30 19:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\Macromed 2017-03-30 19:03 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-03-29 17:22 - 2016-03-24 13:44 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-29 17:22 - 2015-10-30 08:28 - 00524288 ___SH C:\Windows\system32\config\BBI 2017-03-29 16:57 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness 2017-03-29 16:34 - 2017-01-11 14:29 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-03-29 16:18 - 2016-03-24 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2017-03-29 16:18 - 2016-03-24 14:04 - 00000000 ____D C:\Program Files (x86)\ASUS 2017-03-29 15:57 - 2017-01-11 15:00 - 00000000 ____D C:\ProgramData\McAfee 2017-03-29 15:57 - 2017-01-11 15:00 - 00000000 ____D C:\Program Files\mcafee 2017-03-29 15:57 - 2017-01-11 15:00 - 00000000 ____D C:\Program Files\Common Files\McAfee 2017-03-29 15:55 - 2015-10-30 09:24 - 00000000 ___HD C:\Windows\ELAMBKUP 2017-03-29 15:55 - 2015-10-30 08:28 - 00032768 ___SH C:\Windows\system32\config\ELAM 2017-03-28 20:09 - 2015-10-30 20:11 - 00000000 ____D C:\Windows\OCR 2017-03-28 19:55 - 2017-01-11 15:09 - 00000000 ____D C:\Program Files\Microsoft Office 2017-03-28 19:52 - 2017-01-11 15:11 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2017-03-28 19:52 - 2017-01-11 15:11 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2017-03-28 19:52 - 2017-01-11 15:11 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2017-03-28 19:52 - 2017-01-11 15:11 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2017-03-28 19:52 - 2017-01-11 15:11 - 00002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2017-03-28 19:52 - 2017-01-11 15:11 - 00002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2017-03-28 19:52 - 2017-01-11 15:11 - 00002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2017-03-28 19:52 - 2016-03-24 14:06 - 00003186 _____ C:\Windows\System32\Tasks\DropboxOEM 2017-03-28 19:52 - 2016-03-24 14:06 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-03-28 19:52 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\PrintDialog 2017-03-28 19:48 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\WinBioDatabase 2017-03-28 19:42 - 2016-03-24 14:06 - 00004286 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA 2017-03-28 19:42 - 2016-03-24 14:06 - 00004054 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore 2017-03-28 19:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\oobe ==================== Fichiers à la racine de certains dossiers ======= 2017-03-28 19:51 - 2017-04-04 06:08 - 0000206 _____ () C:\Users\TOF\AppData\Roaming\sp_data.sys 2017-01-11 14:41 - 2017-01-11 14:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Certains fichiers dans TEMP: ==================== 2017-04-02 09:08 - 2017-04-02 09:08 - 1042784 _____ (Microsoft Corporation) C:\Users\TOF\AppData\Local\Temp\PidGenX.dll ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-03-24 13:40 ==================== Fin de FRST.txt ============================