Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 07-05-2017 Exécuté par sallab (administrateur) sur DESKTOP-SFJREFL (07-05-2017 17:29:21) Exécuté depuis C:\Users\sallab\Downloads Profils chargés: sallab (Profils disponibles: sallab) Platform: Windows 10 Home Version 1703 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe (Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (pdfforge GmbH) C:\Program Files\PDF Architect 5\ws.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe (pdfforge GmbH) C:\Program Files\PDF Architect 5\architect.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\ASUSWSLoader.exe [63968 2016-10-19] (ASUS Cloud Corporation) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2017-02-17] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKU\S-1-5-21-1684120116-1028836215-45182466-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide de SolidWorks 2014.lnk [2016-02-27] ShortcutTarget: Lancement rapide de SolidWorks 2014.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Téléchargement en arrière-plan de SolidWorks.lnk [2016-02-27] ShortcutTarget: Téléchargement en arrière-plan de SolidWorks.lnk -> C:\Program Files (x86)\Common Files\Gestionnaire d'installation SolidWorks\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.) Startup: C:\Users\sallab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Officejet 2620 series.lnk [2017-04-06] ShortcutTarget: Alertes de surveillance de l'encre - HP Officejet 2620 series.lnk -> C:\Program Files\HP\HP Officejet 2620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\sallab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-04-12] ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited) GroupPolicy: Restriction <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{169f64f9-2fcf-44d2-bd98-3fe9e62ebb6f}: [DhcpNameServer] 172.17.72.9 172.24.8.90 172.24.8.92 172.24.8.94 10.117.76.114 Tcpip\..\Interfaces\{675471d4-8cad-404e-bdce-5a1bbc518817}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{7c3b6eb3-394f-47e6-9d01-4ed09fd3fd4c}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-1684120116-1028836215-45182466-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE SearchScopes: HKU\S-1-5-21-1684120116-1028836215-45182466-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-04-25] (Microsoft Corporation) BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10] (pdfforge GmbH) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-29] (Microsoft Corporation) Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-02-10] (pdfforge GmbH) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-04-25] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-04-25] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.) FF Plugin-x32: PDF Architect 5 -> C:\Program Files (x86)\PDF Architect 5\np-previewer.dll [2017-02-10] (pdfforge GmbH) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.fr/ CHR StartupUrls: Default -> "hxxp://www.palikan.com/?f=7&a=bfp_coinisre_16_03&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDyE0B0EzytByE0D0B0BtDtN0D0Tzu0StCyEzztDtN1L2XzutAtFtCyBtFyEtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCzy0FyEzztAyBtCtGyDyEtByCtGyEyEtC0CtGtAzy0ByCtG0CyD0D0AyCtCyC0AzzyByEyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyDtD0B0ByCtCtBtGzyzy0D0FtGyEyBzy0DtG0AtBtCzytG0CtDyB0Dzz0D0Fzy0AyE0B0A2QtN0A0LzuyE&cr=1314054553&ir=","hxxp://fr.4yendex.com/?utm_source=sdks&utm_medium=fr01&utm_campaign=1809b83562c0938da240a0e320a9efce" CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms} CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms} CHR Profile: C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default [2017-05-07] CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-03-08] CHR Extension: (Wechat) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckhliaadcjmdjbhdlkpjkffidcifglba [2016-07-26] CHR Extension: (Telegram) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhhggbfdinjmjhajaheehoeibfljjno [2016-07-26] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Whatsapp ChromePlus) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbbajajamemnddiihogihhbmknlpjidn [2016-10-12] CHR Extension: (Chrome Media Router) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-25] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.) R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Windows (R) Win 7 DDK provider) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-04-21] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-14] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-14] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.) R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-04] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation) R3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2706824 2017-02-10] (pdfforge GmbH) S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1048976 2017-02-10] (pdfforge GmbH) R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [856976 2017-02-10] (pdfforge GmbH) R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-28] (© pdfforge GmbH.) R2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [235656 2014-01-11] (Mentor Graphics Corporation) [Fichier non signé] R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [Fichier non signé] S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-02-27] (SolidWorks) [Fichier non signé] R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [Fichier non signé] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (The OpenVPN Project) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation) R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-08-04] (Intel Corporation) R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [41976 2015-08-04] (Intel Corporation) R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-08-04] (Intel Corporation) R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek ) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Realsil Semiconductor Corporation) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-05-07 17:29 - 2017-05-07 17:31 - 00023823 _____ C:\Users\sallab\Downloads\FRST.txt 2017-05-07 17:28 - 2017-05-07 17:29 - 00000000 ____D C:\FRST 2017-05-07 17:27 - 2017-05-07 17:27 - 02429440 _____ (Farbar) C:\Users\sallab\Downloads\FRST64.exe 2017-05-06 17:38 - 2017-05-06 17:38 - 00003478 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart 2017-05-06 17:38 - 2017-05-06 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2017-05-06 17:38 - 2010-12-06 04:16 - 00090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll 2017-05-06 17:32 - 2017-05-06 17:32 - 00000000 ____D C:\WINDOWS\Panther 2017-05-06 17:19 - 2017-05-06 17:19 - 00000000 ____D C:\Users\sallab\AppData\Roaming\WildTangent 2017-05-06 17:11 - 2017-05-06 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-05-05 20:51 - 2017-05-05 20:51 - 42681033 _____ C:\Users\sallab\Downloads\WhatsApp Audio 2017-05-03 at 12.13.50.mpeg 2017-05-05 20:43 - 2017-05-05 20:43 - 00544760 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-05-02 at 18.34.29.ogg 2017-05-05 20:43 - 2017-05-05 20:43 - 00458099 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-05-02 at 18.20.56.ogg 2017-05-05 20:43 - 2017-05-05 20:43 - 00359982 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-05-02 at 18.30.29.ogg 2017-05-05 20:43 - 2017-05-05 20:43 - 00319501 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-05-02 at 18.36.43.ogg 2017-05-05 20:43 - 2017-05-05 20:43 - 00244438 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-05-02 at 18.22.33.ogg 2017-05-05 20:17 - 2017-05-06 17:05 - 00000000 ____D C:\Users\sallab\Desktop\BOA 2017-05-05 19:40 - 2017-05-05 19:42 - 00000000 ____D C:\Users\sallab\Desktop\rissala 2017-05-05 19:23 - 2017-05-05 19:23 - 01795877 _____ C:\Users\sallab\Downloads\WhatsApp Audio 2017-05-01 at 21.45.14.ogg 2017-05-05 19:23 - 2017-05-05 19:23 - 01445111 _____ C:\Users\sallab\Downloads\WhatsApp Audio 2017-05-01 at 21.45.17.ogg 2017-05-05 19:23 - 2017-05-05 19:23 - 00824217 _____ C:\Users\sallab\Downloads\WhatsApp Audio 2017-05-01 at 21.45.19.ogg 2017-05-05 19:08 - 2017-05-05 19:08 - 00097907 _____ C:\Users\sallab\Downloads\HBA64B252F.pdf 2017-05-03 20:28 - 2017-05-03 20:28 - 00000000 ____D C:\Users\sallab\Desktop\art & com 2017-05-03 20:25 - 2017-05-03 20:25 - 00285238 _____ C:\Users\sallab\Downloads\Programme CAODAO.pdf 2017-05-03 20:25 - 2017-05-03 20:25 - 00219478 _____ C:\Users\sallab\Downloads\Devis M. SALL.pdf 2017-05-03 20:25 - 2017-05-03 20:25 - 00088894 _____ C:\Users\sallab\Downloads\CGV Art et communication.pdf 2017-05-03 20:21 - 2017-05-03 20:21 - 00307594 _____ C:\Users\sallab\Downloads\RE_%3a_RE%3a_Devis_de_formation (1).zip 2017-05-03 19:38 - 2017-05-03 19:38 - 00406551 _____ C:\Users\sallab\Downloads\salla.pdf 2017-05-02 20:37 - 2017-05-02 20:37 - 02344810 _____ C:\Users\sallab\Downloads\support_matinale_panel_2017_normandie.pdf 2017-05-01 17:30 - 2017-05-01 17:30 - 00048548 _____ C:\Users\sallab\Downloads\20170317_F1106.pdf 2017-05-01 17:30 - 2017-05-01 17:30 - 00048548 _____ C:\Users\sallab\Downloads\20170317_F1106 (1).pdf 2017-05-01 16:49 - 2017-05-01 16:49 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-04-30 22:51 - 2017-05-01 12:07 - 00004050 _____ C:\Users\sallab\Desktop\Argent zakat et loyer1.ods 2017-04-30 11:38 - 2017-05-07 17:23 - 00000000 ____D C:\Users\sallab\Desktop\cv ingénieur 2017-04-29 19:20 - 2017-04-29 19:20 - 00280663 _____ C:\Users\sallab\Downloads\PLAQUETTE PDF POUR WEB.pdf 2017-04-29 16:53 - 2017-04-29 16:53 - 00466612 _____ C:\Users\sallab\Downloads\النظم المنساب في آداب الوتساب.pdf 2017-04-29 16:51 - 2017-05-07 14:00 - 00000000 ____D C:\Users\sallab\Desktop\CV technicien 2017-04-29 11:59 - 2017-04-29 11:59 - 00156579 _____ C:\Users\sallab\Desktop\Planning professionnel quotidien.xltx 2017-04-29 11:37 - 2017-04-29 11:37 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2017-04-26 16:54 - 2017-04-26 16:54 - 05885932 _____ C:\Users\sallab\Downloads\a decouper.mpeg 2017-04-26 07:36 - 2017-04-26 07:36 - 00307594 _____ C:\Users\sallab\Downloads\RE_%3a_RE%3a_Devis_de_formation.zip 2017-04-25 21:49 - 2017-04-25 21:49 - 00600864 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-24 at 15.38.50.ogg 2017-04-25 21:49 - 2017-04-25 21:49 - 00506088 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-24 at 14.52.56.ogg 2017-04-25 21:49 - 2017-04-25 21:49 - 00487464 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-24 at 15.32.02.ogg 2017-04-25 21:49 - 2017-04-25 21:49 - 00477143 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-24 at 15.48.21.ogg 2017-04-25 21:49 - 2017-04-25 21:49 - 00458274 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-24 at 14.44.12.ogg 2017-04-25 21:49 - 2017-04-25 21:49 - 00448233 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-24 at 14.48.24.ogg 2017-04-25 21:49 - 2017-04-25 21:49 - 00445336 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-24 at 15.52.38.ogg 2017-04-25 21:49 - 2017-04-25 21:49 - 00440718 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-24 at 14.30.37.ogg 2017-04-25 21:49 - 2017-04-25 21:49 - 00321522 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-24 at 14.46.03.ogg 2017-04-25 21:49 - 2017-04-25 21:49 - 00303100 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-24 at 13.53.38.ogg 2017-04-25 21:48 - 2017-04-25 21:49 - 00301422 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-24 at 13.51.28.ogg 2017-04-25 21:48 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys 2017-04-25 21:48 - 2017-04-19 08:13 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2017-04-25 21:48 - 2017-04-19 08:07 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-04-25 21:48 - 2017-04-19 08:02 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-04-25 21:48 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-04-25 21:48 - 2017-04-19 07:58 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-04-25 21:48 - 2017-04-19 07:58 - 06761048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-04-25 21:48 - 2017-04-19 07:44 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-04-25 21:48 - 2017-04-19 07:41 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-04-25 21:48 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2017-04-25 21:48 - 2017-04-19 07:36 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-04-25 21:48 - 2017-04-19 07:35 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2017-04-25 21:48 - 2017-04-19 07:34 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-04-25 21:48 - 2017-04-19 07:34 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-04-25 21:48 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2017-04-25 21:48 - 2017-04-19 07:32 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2017-04-25 21:48 - 2017-04-19 07:32 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-04-25 21:48 - 2017-04-19 07:30 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-04-25 21:48 - 2017-04-19 07:30 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-04-25 21:48 - 2017-04-19 07:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-04-25 21:48 - 2017-04-19 07:29 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-04-25 21:48 - 2017-04-19 07:29 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-04-25 21:48 - 2017-04-19 07:28 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-04-25 21:48 - 2017-04-19 07:28 - 01627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-04-25 21:48 - 2017-04-19 07:24 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-04-25 21:48 - 2017-04-14 01:43 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-04-25 21:48 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll 2017-04-25 21:48 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2017-04-25 21:48 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll 2017-04-25 21:48 - 2017-04-14 01:35 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-04-25 21:48 - 2017-04-14 01:33 - 01074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-04-25 21:48 - 2017-04-14 01:32 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-04-25 21:48 - 2017-04-14 01:21 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-04-25 21:48 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe 2017-04-25 21:48 - 2017-04-14 01:18 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-04-25 21:48 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2017-04-25 21:48 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-04-25 21:48 - 2017-04-14 01:13 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-04-25 21:48 - 2017-04-14 01:13 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-04-25 21:48 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll 2017-04-25 21:48 - 2017-04-14 01:11 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-04-25 21:48 - 2017-04-14 01:09 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-04-25 21:48 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-04-25 21:48 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-04-25 21:48 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2017-04-25 21:47 - 2017-04-19 09:14 - 08321440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-04-25 21:47 - 2017-04-19 09:07 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-04-25 21:47 - 2017-04-19 09:06 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-04-25 21:47 - 2017-04-19 09:06 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-04-25 21:47 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-04-25 21:47 - 2017-04-19 09:04 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2017-04-25 21:47 - 2017-04-19 09:03 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-04-25 21:47 - 2017-04-19 09:02 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-04-25 21:47 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2017-04-25 21:47 - 2017-04-19 08:59 - 00387416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-04-25 21:47 - 2017-04-19 08:34 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-04-25 21:47 - 2017-04-19 08:22 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-04-25 21:47 - 2017-04-19 08:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-04-25 21:47 - 2017-04-19 08:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-04-25 21:47 - 2017-04-19 08:17 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-04-25 21:47 - 2017-04-19 08:16 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2017-04-25 21:47 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2017-04-25 21:47 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2017-04-25 21:47 - 2017-04-19 08:14 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-04-25 21:47 - 2017-04-19 08:14 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll 2017-04-25 21:47 - 2017-04-19 08:14 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-04-25 21:47 - 2017-04-19 08:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2017-04-25 21:47 - 2017-04-19 08:13 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-04-25 21:47 - 2017-04-19 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-04-25 21:47 - 2017-04-19 08:12 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-04-25 21:47 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2017-04-25 21:47 - 2017-04-19 08:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-04-25 21:47 - 2017-04-19 08:11 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-04-25 21:47 - 2017-04-19 08:11 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-04-25 21:47 - 2017-04-19 08:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-04-25 21:47 - 2017-04-19 08:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-04-25 21:47 - 2017-04-19 08:10 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-04-25 21:47 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-04-25 21:47 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll 2017-04-25 21:47 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2017-04-25 21:47 - 2017-04-19 08:09 - 08246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-04-25 21:47 - 2017-04-19 08:08 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-04-25 21:47 - 2017-04-19 08:08 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-04-25 21:47 - 2017-04-19 08:07 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-04-25 21:47 - 2017-04-19 08:07 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-04-25 21:47 - 2017-04-19 08:07 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-04-25 21:47 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-04-25 21:47 - 2017-04-19 08:06 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-04-25 21:47 - 2017-04-19 08:05 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-04-25 21:47 - 2017-04-19 08:05 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-04-25 21:47 - 2017-04-19 08:04 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-04-25 21:47 - 2017-04-19 08:04 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-04-25 21:47 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll 2017-04-25 21:47 - 2017-04-19 07:59 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-04-25 21:47 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-04-25 21:47 - 2017-04-19 07:41 - 20506112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-04-25 21:47 - 2017-04-19 07:37 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-04-25 21:47 - 2017-04-19 07:37 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2017-04-25 21:47 - 2017-04-19 07:36 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-04-25 21:47 - 2017-04-19 07:34 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-04-25 21:47 - 2017-04-19 07:33 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-04-25 21:47 - 2017-04-19 07:33 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-04-25 21:47 - 2017-04-19 07:30 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-04-25 21:47 - 2017-04-14 02:39 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-04-25 21:47 - 2017-04-14 02:37 - 00206232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-04-25 21:47 - 2017-04-14 02:35 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-04-25 21:47 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2017-04-25 21:47 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll 2017-04-25 21:47 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-04-25 21:47 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2017-04-25 21:47 - 2017-04-14 02:32 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-04-25 21:47 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2017-04-25 21:47 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2017-04-25 21:47 - 2017-04-14 01:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-04-25 21:47 - 2017-04-14 01:39 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-04-25 21:47 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe 2017-04-25 21:47 - 2017-04-14 01:39 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-04-25 21:47 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2017-04-25 21:47 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2017-04-25 21:47 - 2017-04-14 01:38 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll 2017-04-25 21:47 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2017-04-25 21:47 - 2017-04-14 01:38 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-04-25 21:47 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2017-04-25 21:47 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll 2017-04-25 21:47 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2017-04-25 21:47 - 2017-04-14 01:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-04-25 21:47 - 2017-04-14 01:37 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-04-25 21:47 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-04-25 21:47 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-04-25 21:47 - 2017-04-14 01:36 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-04-25 21:47 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2017-04-25 21:47 - 2017-04-14 01:35 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2017-04-25 21:47 - 2017-04-14 01:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-04-25 21:47 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-04-25 21:47 - 2017-04-14 01:34 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-04-25 21:47 - 2017-04-14 01:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2017-04-25 21:47 - 2017-04-14 01:33 - 01885696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-04-25 21:47 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-04-25 21:47 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2017-04-25 21:47 - 2017-04-14 01:32 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-04-25 21:47 - 2017-04-14 01:31 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-04-25 21:47 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll 2017-04-25 21:47 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2017-04-25 21:47 - 2017-04-14 01:30 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-04-25 21:47 - 2017-04-14 01:29 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-04-25 21:47 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-04-25 21:47 - 2017-04-14 01:29 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-04-25 21:47 - 2017-04-14 01:29 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-04-25 21:47 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-04-25 21:47 - 2017-04-14 01:28 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-04-25 21:47 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-04-25 21:47 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2017-04-25 21:47 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2017-04-25 21:47 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2017-04-25 21:47 - 2017-04-14 01:15 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-04-25 21:47 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-04-25 21:47 - 2017-04-14 01:12 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-04-25 21:47 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-04-25 21:43 - 2017-04-25 21:43 - 00028896 _____ C:\Users\sallab\Downloads\2017042417094817094832022_PJ.html 2017-04-24 22:37 - 2017-04-24 22:37 - 00656098 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-20 at 11.50.50.ogg 2017-04-24 22:37 - 2017-04-24 22:37 - 00438619 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-20 at 11.47.56.ogg 2017-04-24 22:37 - 2017-04-24 22:37 - 00148915 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-20 at 11.53.31.ogg 2017-04-24 22:36 - 2017-04-24 22:36 - 00755014 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-20 at 11.37.46.ogg 2017-04-24 22:36 - 2017-04-24 22:36 - 00589308 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-20 at 11.06.01.ogg 2017-04-24 22:36 - 2017-04-24 22:36 - 00526569 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-20 at 11.22.50.ogg 2017-04-24 22:36 - 2017-04-24 22:36 - 00466652 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-20 at 11.11.18.ogg 2017-04-24 22:36 - 2017-04-24 22:36 - 00459577 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-20 at 11.21.20.ogg 2017-04-24 22:36 - 2017-04-24 22:36 - 00444138 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-20 at 11.26.01.ogg 2017-04-24 22:36 - 2017-04-24 22:36 - 00405777 _____ C:\Users\sallab\Downloads\WhatsApp Ptt 2017-04-20 at 11.28.56.ogg 2017-04-23 17:12 - 2017-04-23 17:12 - 00071939 _____ C:\Users\sallab\Desktop\Lettre de motivation spontanée.pdf 2017-04-22 22:47 - 2017-04-22 22:50 - 00028160 _____ C:\Users\sallab\Desktop\zaakat janvier 2017.xls 2017-04-22 15:32 - 2017-04-22 15:32 - 00000000 ____D C:\Users\sallab\AppData\Roaming\Google 2017-04-22 15:13 - 2017-04-22 15:14 - 09390672 _____ (Piriform Ltd) C:\Users\sallab\Downloads\ccsetup529.exe 2017-04-22 12:50 - 2017-04-22 12:50 - 00056090 _____ C:\Users\sallab\Desktop\Lettre de motivation genie climatique.pdf 2017-04-20 17:27 - 2017-05-07 16:33 - 00000000 ____D C:\Users\sallab\Desktop\Lettre de motivation 2017-04-19 19:57 - 2017-04-19 19:57 - 00142037 _____ C:\Users\sallab\Downloads\WhatsApp Image 2017-04-19 at 15.47.35.jpeg 2017-04-19 19:57 - 2017-04-19 19:57 - 00138509 _____ C:\Users\sallab\Downloads\WhatsApp Image 2017-04-19 at 15.47.39.jpeg 2017-04-19 19:57 - 2017-04-19 19:57 - 00118770 _____ C:\Users\sallab\Downloads\WhatsApp Image 2017-04-19 at 15.47.42.jpeg 2017-04-19 19:39 - 2017-04-19 19:39 - 00283222 _____ C:\Users\sallab\Downloads\Les mérites de certaines sourates et versets.pdf 2017-04-18 12:17 - 2017-04-18 12:17 - 00005085 _____ C:\Users\sallab\Downloads\Webinaire CYPETHERM Improvements - Audit et analyse des mesures d'amélioration énergétique de vos bâtiments..ics 2017-04-17 16:53 - 2017-04-17 16:53 - 00000000 ____D C:\Users\sallab\AppData\Roaming\PDF Producer 2017-04-17 13:27 - 2017-04-17 13:27 - 00050777 _____ C:\Users\sallab\Downloads\CV-Abdoulaye-SALLprofesseur (1).pdf 2017-04-16 19:13 - 2017-04-16 19:13 - 00081094 _____ C:\Users\sallab\Downloads\1db103d4cd14d8dd1e03b8c484903296.pdf 2017-04-16 15:48 - 2017-04-16 15:48 - 00155657 _____ C:\Users\sallab\Downloads\Bouyguestelecom_Facture_20170416.pdf 2017-04-13 20:01 - 2017-04-13 20:01 - 00000000 ____D C:\Users\sallab\AppData\Roaming\Trimble Connect for SketchUp 2017-04-13 19:53 - 2017-04-13 19:53 - 00002237 _____ C:\Users\Public\Desktop\Style Builder 2017.lnk 2017-04-13 19:53 - 2017-04-13 19:53 - 00002151 _____ C:\Users\Public\Desktop\LayOut 2017.lnk 2017-04-13 19:53 - 2017-04-13 19:53 - 00002062 _____ C:\Users\Public\Desktop\SketchUp 2017.lnk 2017-04-13 19:53 - 2017-04-13 19:53 - 00000000 ____D C:\Users\sallab\AppData\Roaming\SketchUp 2017-04-13 19:53 - 2017-04-13 19:53 - 00000000 ____D C:\ProgramData\Reprise 2017-04-13 19:52 - 2017-04-13 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017 2017-04-13 19:51 - 2017-04-13 19:51 - 00000000 ____D C:\ProgramData\SketchUp 2017-04-13 19:51 - 2017-04-13 19:51 - 00000000 ____D C:\Program Files\SketchUp 2017-04-13 19:50 - 2017-04-13 19:50 - 00000000 ____D C:\ProgramData\Package Cache 2017-04-13 19:41 - 2017-04-13 19:46 - 159451112 _____ (Trimble, Inc.) C:\Users\sallab\Downloads\SketchUpMake-fr-x64.exe 2017-04-13 18:18 - 2017-04-17 16:13 - 00000000 ____D C:\Users\sallab\Desktop\offre d'emploi 2017-04-13 14:30 - 2017-04-13 14:30 - 00000000 ____D C:\Users\sallab\AppData\Local\TempOfficeC2RF5D0F6D2-25C5-487C-99C2-6D59009237F9 2017-04-13 09:39 - 2017-04-13 09:39 - 00627440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll 2017-04-13 09:39 - 2017-04-13 09:39 - 00264448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll 2017-04-13 09:39 - 2017-04-13 09:39 - 00242968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll 2017-04-13 09:37 - 2017-04-13 09:37 - 00438000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll 2017-04-13 09:37 - 2017-04-13 09:37 - 00391424 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll 2017-04-13 09:37 - 2017-04-13 09:37 - 00332560 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll 2017-04-13 09:37 - 2017-04-13 09:37 - 00087280 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll 2017-04-13 09:37 - 2017-04-13 09:37 - 00083696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll 2017-04-12 21:28 - 2017-05-06 17:44 - 00000000 ___RD C:\Users\sallab\Documents\MEGA 2017-04-12 21:03 - 2017-04-12 21:03 - 00000801 _____ C:\Users\Public\Desktop\MEGAsync.lnk 2017-04-12 21:03 - 2017-04-12 21:03 - 00000000 ____D C:\Users\sallab\AppData\Local\Mega Limited 2017-04-12 21:03 - 2017-04-12 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync 2017-04-12 21:03 - 2017-04-12 21:03 - 00000000 ____D C:\ProgramData\MEGAsync 2017-04-12 20:53 - 2017-04-12 20:53 - 13286592 _____ (MEGA Limited) C:\Users\sallab\Downloads\MEGAsyncSetup.exe 2017-04-12 20:12 - 2017-04-12 20:13 - 1556269028 _____ C:\Users\sallab\Downloads\repack_PF4_NOWIPE.zip 2017-04-12 16:23 - 2017-04-01 03:05 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-04-12 16:23 - 2017-04-01 03:05 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-04-12 16:23 - 2017-04-01 03:04 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-04-12 16:23 - 2017-04-01 03:04 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-04-12 16:23 - 2017-04-01 03:04 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-04-12 16:23 - 2017-04-01 02:57 - 01411640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-04-12 16:23 - 2017-04-01 02:57 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-04-12 16:23 - 2017-04-01 02:57 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-04-12 16:23 - 2017-04-01 02:52 - 02444184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-04-12 16:23 - 2017-04-01 02:52 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-04-12 16:23 - 2017-04-01 02:51 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-04-12 16:23 - 2017-04-01 02:47 - 01323880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-04-12 16:23 - 2017-04-01 02:29 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-04-12 16:23 - 2017-04-01 02:28 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-04-12 16:23 - 2017-04-01 02:25 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-04-12 16:23 - 2017-04-01 02:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-04-12 16:23 - 2017-04-01 02:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-04-12 16:23 - 2017-04-01 02:05 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-04-12 16:23 - 2017-04-01 02:04 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-04-12 16:23 - 2017-04-01 02:04 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-04-12 16:23 - 2017-04-01 02:03 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-04-12 16:23 - 2017-04-01 02:02 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll 2017-04-12 16:23 - 2017-04-01 02:01 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-04-12 16:23 - 2017-04-01 01:58 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-04-12 16:23 - 2017-04-01 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-04-12 16:23 - 2017-04-01 01:56 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-04-12 16:23 - 2017-04-01 01:55 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-04-12 16:23 - 2017-04-01 01:55 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll 2017-04-12 16:23 - 2017-04-01 01:52 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll 2017-04-12 16:23 - 2017-04-01 01:52 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2017-04-12 16:23 - 2017-04-01 01:50 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-04-12 16:23 - 2017-04-01 01:50 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-04-12 16:23 - 2017-04-01 01:45 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll 2017-04-12 16:23 - 2017-04-01 01:44 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2017-04-12 16:23 - 2017-03-31 23:00 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-04-12 16:23 - 2017-03-25 10:28 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-04-12 16:23 - 2017-03-25 09:58 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-04-10 15:41 - 2017-05-06 17:18 - 00000000 ____D C:\Users\sallab\AppData\Local\Kingsoft 2017-04-10 15:41 - 2017-05-06 17:18 - 00000000 ____D C:\ProgramData\Kingsoft 2017-04-10 15:34 - 2017-05-06 17:18 - 00000000 ____D C:\Users\sallab\AppData\Roaming\Kingsoft 2017-04-10 15:07 - 2017-04-10 15:07 - 00000000 ____D C:\Users\sallab\Documents\PDF Architect 2017-04-10 11:09 - 2017-04-10 11:12 - 00000000 ____D C:\Users\sallab\AppData\Roaming\PDF Architect 5 2017-04-10 11:09 - 2017-04-10 11:09 - 00000843 _____ C:\Users\Public\Desktop\PDF Architect 5.lnk 2017-04-10 11:09 - 2017-04-10 11:09 - 00000000 ____D C:\Users\sallab\AppData\Local\PDFCreator 2017-04-10 11:09 - 2017-04-10 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 5 2017-04-10 11:08 - 2017-04-10 11:09 - 00000000 ____D C:\Program Files\PDF Architect 5 2017-04-10 11:08 - 2017-04-10 11:09 - 00000000 ____D C:\Program Files (x86)\PDF Architect 5 2017-04-10 11:07 - 2017-04-10 11:12 - 00000000 ____D C:\ProgramData\PDF Architect 5 2017-04-10 11:06 - 2017-04-10 11:06 - 00000879 _____ C:\Users\Public\Desktop\PDFCreator.lnk 2017-04-10 11:06 - 2017-04-10 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2017-04-10 11:04 - 2017-04-10 11:05 - 29000704 _____ (pdfforge GmbH ) C:\Users\sallab\Downloads\PDFCreator-2_5_1-Setup.exe 2017-04-10 11:01 - 2017-04-10 11:01 - 00060764 _____ C:\Users\sallab\Downloads\AC1_01_103913708_600003186159.pdf 2017-04-08 12:53 - 2017-04-08 12:53 - 00000000 ____D C:\Users\sallab\AppData\Roaming\DigitalVolcano 2017-04-08 12:52 - 2017-04-08 12:52 - 00001197 _____ C:\Users\Public\Desktop\Duplicate Cleaner Free.lnk 2017-04-08 12:52 - 2017-04-08 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free 2017-04-08 12:52 - 2017-04-08 12:52 - 00000000 ____D C:\Program Files (x86)\Duplicate Cleaner 2017-04-08 12:51 - 2017-04-08 12:51 - 05429944 _____ (DigitalVolcano Software Ltd) C:\Users\sallab\Downloads\duplicate-cleaner_3-2-7_fr_75486.exe 2017-04-08 12:08 - 2017-04-08 12:08 - 13047272 _____ (ASUS Cloud Corporation) C:\Users\sallab\Downloads\WebStorageSyncAgent2.2.12.577.exe 2017-04-07 20:59 - 2017-04-07 20:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-1684120116-1028836215-45182466-1001 ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-05-07 16:27 - 2017-01-23 13:33 - 00000000 ____D C:\Users\sallab\Desktop\cv & lm 2017-05-07 14:33 - 2016-07-26 10:48 - 00000165 _____ C:\Users\sallab\AppData\Roaming\sp_data.sys 2017-05-07 14:33 - 2016-02-24 17:46 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2017-05-07 14:32 - 2017-04-06 22:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-05-07 14:32 - 2016-01-07 22:16 - 00000000 __SHD C:\Users\sallab\IntelGraphicsProfiles 2017-05-07 14:02 - 2017-04-06 21:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-05-07 12:46 - 2017-04-06 22:25 - 00004176 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A6AB8C6C-D91E-4D48-B7F6-EDA2CEFA6278} 2017-05-07 12:46 - 2017-04-06 22:25 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2017-05-07 12:46 - 2017-04-06 22:25 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2017-05-07 12:46 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-05-06 17:43 - 2017-03-16 18:13 - 00000000 ____D C:\Users\sallab\Desktop\photo whatsapp 2017-05-06 17:43 - 2016-01-07 22:16 - 00000000 ____D C:\Users\sallab\AppData\Roaming\WebStorage 2017-05-06 17:41 - 2016-01-14 20:07 - 00000000 ___RD C:\Users\sallab\Dropbox 2017-05-06 17:38 - 2017-01-20 10:53 - 00000000 ____D C:\Program Files\KMSpico 2017-05-06 17:31 - 2017-04-06 22:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-05-06 17:31 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI 2017-05-06 17:30 - 2016-01-07 22:16 - 00000000 ____D C:\Users\sallab\AppData\Local\Packages 2017-05-06 17:26 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF 2017-05-06 17:24 - 2015-09-23 18:19 - 00000000 ____D C:\Program Files\CyberLink 2017-05-06 17:24 - 2015-09-23 18:18 - 00000000 ____D C:\ProgramData\CyberLink 2017-05-06 17:24 - 2015-09-23 17:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-05-06 17:19 - 2015-08-18 07:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2017-05-06 17:19 - 2015-08-18 07:28 - 00000000 ____D C:\ProgramData\WildTangent 2017-05-06 17:12 - 2015-08-18 07:29 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-05-06 17:06 - 2016-01-14 20:03 - 00000000 ____D C:\Users\sallab\AppData\Local\Dropbox 2017-05-06 16:39 - 2016-05-18 20:29 - 00000000 ____D C:\Users\sallab\AppData\Roaming\vlc 2017-05-06 16:34 - 2017-03-26 19:24 - 00000000 ____D C:\Users\sallab\Desktop\whatsapp image wbb 2017-05-06 16:32 - 2017-03-07 20:58 - 00000000 ____D C:\Users\sallab\Desktop\video whatsapp 2017-05-05 18:48 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps 2017-05-03 18:14 - 2016-07-30 05:43 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-03 18:14 - 2016-07-30 05:43 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-04-30 22:42 - 2017-04-06 22:25 - 00003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-30 22:42 - 2017-04-06 22:25 - 00003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-29 11:37 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-04-29 11:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-04-29 11:36 - 2016-03-01 16:51 - 00000000 ____D C:\Program Files\Microsoft Office 2017-04-26 22:38 - 2016-07-23 15:23 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-04-26 19:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache 2017-04-26 18:15 - 2017-04-06 22:56 - 00000000 ____D C:\Windows.old 2017-04-25 22:38 - 2016-02-29 12:49 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2017-04-25 22:07 - 2015-09-23 17:16 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-04-25 22:06 - 2017-04-06 21:59 - 00421640 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-04-25 22:02 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-04-25 22:02 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-04-25 22:02 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-04-25 22:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2017-04-25 22:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-04-25 22:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-04-25 22:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-04-25 22:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning 2017-04-25 22:02 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-04-25 22:02 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-04-25 22:02 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism 2017-04-25 21:51 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-04-23 22:48 - 2017-04-06 22:25 - 00002160 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-04-22 15:14 - 2016-08-23 20:37 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-04-18 19:18 - 2017-04-06 22:22 - 02107866 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-04-18 19:18 - 2017-03-20 07:10 - 00960384 _____ C:\WINDOWS\system32\perfh00C.dat 2017-04-18 19:18 - 2017-03-20 07:10 - 00194414 _____ C:\WINDOWS\system32\perfc00C.dat 2017-04-17 11:16 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-04-15 12:33 - 2017-03-20 07:11 - 00000000 ____D C:\WINDOWS\OCR 2017-04-13 14:34 - 2017-04-06 22:04 - 00000000 ____D C:\Users\sallab 2017-04-12 17:24 - 2016-06-28 19:15 - 00000000 ____D C:\Users\sallab\AppData\Roaming\HpUpdate 2017-04-12 16:27 - 2016-01-14 19:52 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-04-12 16:24 - 2016-01-14 19:52 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-04-11 15:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat 2017-04-11 12:26 - 2016-02-29 12:52 - 00000000 ____D C:\Program Files\PDFCreator 2017-04-10 14:52 - 2016-02-29 12:52 - 00000000 ____D C:\ProgramData\PDF Architect 4 2017-04-10 14:48 - 2016-02-29 13:02 - 00000000 ____D C:\ProgramData\pdfforge 2017-04-08 12:09 - 2016-01-14 19:24 - 00000000 __SHD C:\aws 2017-04-08 12:08 - 2016-01-14 19:16 - 00001361 _____ C:\Users\Public\Desktop\WebStorage.lnk 2017-04-08 12:08 - 2016-01-14 19:14 - 00000000 ____D C:\Users\sallab\AppData\Roaming\awsRun 2017-04-08 11:53 - 2016-08-03 19:26 - 00000000 ____D C:\Users\sallab\AppData\Local\ConnectedDevicesPlatform 2017-04-08 10:58 - 2016-08-03 20:37 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-04-07 21:04 - 2016-06-14 01:27 - 00000290 __RSH C:\ProgramData\ntuser.pol ==================== Fichiers à la racine de certains dossiers ======= 2016-07-26 10:48 - 2017-05-07 14:33 - 0000165 _____ () C:\Users\sallab\AppData\Roaming\sp_data.sys 2017-04-06 22:02 - 2017-04-06 22:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Certains fichiers dans TEMP: ==================== 2017-05-05 19:24 - 2017-05-05 19:28 - 48320824 _____ (Free Time Co., Ltd) C:\Users\sallab\AppData\Local\Temp\FFSetupLatest.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-04-30 13:13 ==================== Fin de FRST.txt ============================