Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017 Exécuté par Système sur MININT-36HUF3U (15-05-2017 17:09:58) Exécuté depuis e:\ Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France) Internet Explorer Version 11 Mode d'amorçage: Recovery Par défaut: ControlSet001 [b]ATTENTION!:=====> Si le système est amorçable, FRST doit être exécuté en mode normal ou sans échec afin de créer un journal complet.[/b] Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2016-05-07] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2198872 2014-03-28] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [518496 2015-06-24] (Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231776 2015-06-24] (Citrix Systems, Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare) HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2724896 2016-06-24] (Sony Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) Startup: C:\Users\PC-DE-STEFAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\confi.exe [2012-01-24] () ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated) S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-13] (Broadcom Corporation.) S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.) S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.) S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\57.0.2987.37\remoting_host.exe [72024 2017-02-07] (Google Inc.) S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation) S2 debugregsvc; C:\Windows\System32\debugregsvc.dll [29184 2016-07-15] (Microsoft Corporation) S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [104448 2017-03-28] (Microsoft Corporation) S3 GSService; C:\WINDOWS\SysWOW64\GSService.exe [444640 2014-07-28] () S2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation) S2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) S3 LxssManager; C:\Windows\system32\lxss\LxssManager.dll [327168 2017-01-14] (Microsoft Corporation) S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2017-02-06] (NVIDIA Corporation) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-03-28] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20539168 2014-03-28] (NVIDIA Corporation) S2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH) S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH) S2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH) S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506912 2016-06-24] (Sony Corporation) S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2016-05-07] (Realtek Semiconductor) S3 SshBroker; C:\Windows\System32\SshBroker.dll [360960 2016-12-21] (Microsoft Corporation) S3 SshProxy; C:\Windows\System32\SshProxy.dll [275456 2016-12-21] (Microsoft Corporation) S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated) S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH) S3 wampapache64; c:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe [29696 2016-07-01] (Apache Software Foundation) S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe [39885824 2016-07-12] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation) S4 WebManagement; C:\Windows\system32\WebManagement.exe [1000448 2016-09-07] (Microsoft Corporation) S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation) S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) S2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2205568 2016-12-22] (Sony) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-13] (Broadcom Corporation.) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11774720 2016-04-19] (Broadcom Corp) S3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11774720 2016-04-19] (Broadcom Corp) S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems) S1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink) S3 DrmRAudio; C:\Windows\system32\drivers\DrmRAudio.sys [36064 2014-07-28] (Windows (R) Win 7 DDK provider) S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2016-03-14] (Sony Mobile Communications) S3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] () S3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] () S3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] () S0 lxss; C:\Windows\System32\drivers\lxss.sys [15712 2017-01-14] (Microsoft Corporation) S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S2 npf; C:\Windows\System32\drivers\npf.sys [35344 2010-07-16] (CACE Technologies, Inc.) S3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_7c553af4468727c1\nvlddmkm.sys [14311352 2017-02-10] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-28] (NVIDIA Corporation) S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2016-05-07] (Realtek ) S3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [71264 2016-09-02] (Synaptics Incorporated) S1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation) S5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2015-07-09] (Oracle Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.) S3 WsAudioDevice_383; C:\Windows\system32\drivers\VirtualAudio.sys [31080 2015-02-02] (Wondershare) S3 WsAudio_Device; C:\Windows\system32\drivers\VirtualAudio.sys [31080 2015-02-02] (Wondershare) S3 WsAudio_Device(1); C:\Windows\system32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare) S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) S3 catchme; \??\C:\Users\PC-DE-~1\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation) NETSVC: LxssManager -> C:\Windows\system32\lxss\LxssManager.dll (Microsoft Corporation) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-05-14 22:57 - 2017-05-14 22:57 - 00191124 _____ C:\Users\PC-DE-STEFAN\Desktop\ZHPDiag.txt 2017-05-14 22:42 - 2017-05-14 22:42 - 00003085 _____ C:\Users\PC-DE-STEFAN\Desktop\ZHPFixReport.txt 2017-05-13 19:25 - 2017-05-13 19:25 - 00000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2017-05-13 19:25 - 2017-05-13 19:25 - 00000000 ____D C:\Program Files\RogueKiller 2017-05-13 15:31 - 2017-05-13 15:32 - 00000000 ____D C:\Users\PC-DE-STEFAN\Desktop\Analyse 2017-05-11 18:53 - 2017-05-11 18:53 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Local\ESET 2017-05-08 18:40 - 2017-05-08 18:40 - 00000000 ____D C:\Program Files (x86)\ESET 2017-05-08 13:47 - 2017-05-12 19:19 - 00000000 ____D C:\FRST 2017-05-08 13:44 - 2017-05-15 15:58 - 00000180 _____ C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-05-07 22:03 - 2017-05-07 22:04 - 00000000 ____D C:\Program Files (x86)\ZHPFix 2017-05-07 00:48 - 2017-05-07 00:48 - 00000000 ____D C:\Users\Papa - Maman\AppData\Roaming\PC Suite 2017-05-06 15:46 - 2017-05-13 19:25 - 00028272 _____ C:\Windows\System32\Drivers\TrueSight.sys 2017-05-06 15:46 - 2017-05-07 00:12 - 00000000 ____D C:\ProgramData\RogueKiller 2017-05-06 15:06 - 2017-05-14 22:50 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Roaming\ZHP 2017-05-06 15:06 - 2017-05-06 15:08 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Local\ZHP 2017-05-06 13:12 - 2017-05-12 17:21 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Roaming\Adobe 2017-05-06 10:07 - 2017-05-15 16:03 - 00004184 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E0922CBA-97DA-46DE-85CE-FEBCEB169DAD} 2017-05-02 19:26 - 2017-05-02 19:28 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2017-05-02 19:11 - 2017-05-02 19:53 - 00000000 ____D C:\ProgramData\Adobe 2017-05-02 19:10 - 2017-05-02 19:10 - 00000218 _____ C:\Users\PC-DE-STEFAN\AppData\Local\recently-used.xbel 2017-05-01 09:15 - 2017-05-01 09:15 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Roaming\Google 2017-04-30 12:51 - 2017-05-14 22:41 - 00000000 ____D C:\Program Files\3D UltraBite Project 2017-04-21 17:31 - 2017-04-21 17:43 - 00000000 ____D C:\Users\PC-DE-STEFAN\Desktop\Baptème 2017-04-20 10:05 - 2017-04-21 11:43 - 00000000 ____D C:\Users\PC-DE-STEFAN\Desktop\Modèle de CV 2017-04-16 16:48 - 2017-04-16 16:48 - 00000000 ____D C:\Users\PC-DE-STEFAN\Documents\Nokia Suite 2017-04-16 16:48 - 2017-04-16 16:48 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Roaming\Nokia 2017-04-16 16:45 - 2017-04-17 02:24 - 00000000 ____D C:\ProgramData\PC Suite 2017-04-16 16:45 - 2017-04-16 16:48 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Roaming\PC Suite 2017-04-16 16:45 - 2017-04-16 16:47 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Local\Nokia 2017-04-16 16:44 - 2017-04-16 16:44 - 00000000 ____D C:\ProgramData\Nokia 2017-04-16 16:43 - 2017-04-16 16:43 - 00000000 ____D C:\Program Files\DIFX 2017-04-16 16:43 - 2017-04-16 16:43 - 00000000 ____D C:\Program Files (x86)\PC Connectivity Solution 2017-04-16 16:43 - 2012-10-17 13:53 - 00026112 _____ (Nokia) C:\Windows\System32\Drivers\pccsmcfdx64.sys 2017-04-16 16:42 - 2017-04-16 16:44 - 00000000 ____D C:\Program Files (x86)\Nokia 2017-04-16 16:42 - 2017-04-16 16:42 - 00000000 ____D C:\ProgramData\NokiaInstallerCache ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-05-15 16:06 - 2016-08-30 17:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-15 16:06 - 2016-07-16 07:04 - 01572864 _____ C:\Windows\System32\config\BBI 2017-05-15 16:03 - 2015-06-14 20:13 - 00000000 ___RD C:\Users\PC-DE-STEFAN\Google Drive 2017-05-15 15:58 - 2015-05-29 10:21 - 00000000 __SHD C:\Users\PC-DE-STEFAN\IntelGraphicsProfiles 2017-05-15 05:43 - 2016-08-30 17:14 - 00000000 ____D C:\Windows\System32\SleepStudy 2017-05-14 23:02 - 2016-03-15 09:33 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-05-14 23:01 - 2016-08-30 17:19 - 00000000 ____D C:\ProgramData\NVIDIA 2017-05-14 22:27 - 2016-12-01 15:32 - 00000000 ____D C:\Program Files (x86)\m4ng_v5 2017-05-13 15:54 - 2015-05-30 16:33 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Roaming\vlc 2017-05-13 15:36 - 2015-05-29 15:58 - 00000000 ___RD C:\Users\PC-DE-STEFAN\Documents\Divers 2017-05-13 15:35 - 2016-12-01 13:17 - 00000000 ____D C:\Users\PC-DE-STEFAN\Documents\ConvertXtoDVD 2017-05-12 17:21 - 2015-06-03 08:16 - 00000000 ____D C:\ProgramData\Oracle 2017-05-12 17:20 - 2017-04-11 13:11 - 00000000 ____D C:\Program Files (x86)\Java 2017-05-12 17:20 - 2015-06-03 08:15 - 00000000 ____D C:\Program Files\Java 2017-05-12 17:14 - 2017-04-11 13:11 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2017-05-09 20:24 - 2016-08-30 17:22 - 02897820 _____ C:\Windows\System32\PerfStringBackup.INI 2017-05-09 20:24 - 2016-07-16 23:40 - 01250378 _____ C:\Windows\System32\perfh00C.dat 2017-05-09 20:24 - 2016-07-16 23:40 - 00306682 _____ C:\Windows\System32\perfc00C.dat 2017-05-07 12:17 - 2016-08-30 17:23 - 00000000 ____D C:\users\Papa - Maman 2017-05-07 00:50 - 2015-07-08 17:11 - 00000000 ____D C:\Users\Papa - Maman\AppData\Local\Adobe 2017-05-07 00:49 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness 2017-05-07 00:49 - 2015-05-29 13:16 - 00000000 ____D C:\Users\Papa - Maman\AppData\Local\Packages 2017-05-07 00:49 - 2015-05-29 09:07 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-05-07 00:48 - 2015-05-29 13:16 - 00000000 __SHD C:\Users\Papa - Maman\IntelGraphicsProfiles 2017-05-07 00:44 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\System32\NDF 2017-05-07 00:31 - 2016-08-30 17:23 - 00000000 ____D C:\users\PC-DE-STEFAN 2017-05-06 17:25 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\System32\GroupPolicy 2017-05-06 15:32 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF 2017-05-06 14:54 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\ModemLogs 2017-05-06 11:31 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\registration 2017-05-06 10:13 - 2016-08-30 17:14 - 00355784 _____ C:\Windows\System32\FNTCACHE.DAT 2017-05-04 22:04 - 2016-11-24 15:56 - 00000000 ___RD C:\Users\PC-DE-STEFAN\Creative Cloud Files 2017-05-03 23:26 - 2016-05-03 20:09 - 00000000 ___HD C:\_acestream_cache_ 2017-05-03 17:59 - 2016-11-24 15:56 - 00000000 ____D C:\ProgramData\boost_interprocess 2017-05-03 17:58 - 2015-05-29 16:59 - 00000000 ____D C:\Program Files (x86)\Adobe 2017-05-01 14:05 - 2017-02-17 19:39 - 00000000 ____D C:\Users\PC-DE-STEFAN\Desktop\Mooc - Du manager agile au leader designer 2017-05-01 09:37 - 2015-05-29 10:21 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Local\Packages 2017-04-29 09:06 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-04-29 09:02 - 2016-02-21 12:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-04-29 08:57 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-04-29 08:40 - 2017-01-09 08:45 - 00000000 ____D C:\Users\PC-DE-STEFAN\Documents\Youcam 2017-04-24 19:53 - 2015-05-29 16:49 - 00000000 ____D C:\Users\PC-DE-STEFAN\Documents\Téléphones 2017-04-23 19:54 - 2016-04-12 19:41 - 00000000 ____D C:\Program Files (x86)\SopCast 2017-04-23 12:13 - 2017-01-14 12:08 - 00000000 __SHD C:\Users\PC-DE-STEFAN\AppData\Local\lxss 2017-04-22 10:04 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\System32\appraiser 2017-04-22 10:04 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp 2017-04-21 17:33 - 2015-06-12 20:30 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Local\CrashDumps 2017-04-21 15:18 - 2015-05-29 14:33 - 00000000 ____D C:\Users\PC-DE-STEFAN\Documents\Fichiers Outlook 2017-04-21 15:07 - 2015-09-01 18:55 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Local\Spotify 2017-04-21 14:43 - 2015-09-01 18:55 - 00000000 ____D C:\Users\PC-DE-STEFAN\AppData\Roaming\Spotify 2017-04-16 16:53 - 2015-12-05 10:27 - 00000000 ___RD C:\Users\PC-DE-STEFAN\OneDrive Certains fichiers dans TEMP: ==================== 2017-05-14 23:04 - 2017-05-14 23:04 - 0001536 _____ () C:\Users\PC-DE-STEFAN\AppData\Local\Temp\NOSEventMessages.dll ==================== Known DLLs (Avec liste blanche) ========================= ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\System32\winlogon.exe [2017-01-12 20:02] - [2016-12-14 05:24] - 0673792 _____ (Microsoft Corporation) 917F081E2AB667C44F7D96DE1D16DFAE C:\Windows\System32\wininit.exe [2016-07-16 12:42] - [2016-07-16 12:42] - 0304240 _____ (Microsoft Corporation) 99A19C9A74E2F9820E501DCE77F84F70 C:\Windows\explorer.exe [2017-03-15 19:01] - [2017-03-04 08:03] - 4674360 _____ (Microsoft Corporation) F2D58A2E27C2CD486F8F0A123A3F34C3 C:\Windows\SysWOW64\explorer.exe [2017-03-15 19:12] - [2017-03-04 07:46] - 4312248 _____ (Microsoft Corporation) 805E293E2A440F7464B10D58988818F2 C:\Windows\System32\svchost.exe [2016-07-16 12:42] - [2016-07-16 12:42] - 0044496 _____ (Microsoft Corporation) 36F670D89040709013F6A460176767EC C:\Windows\SysWOW64\svchost.exe [2016-07-16 12:42] - [2016-07-16 12:42] - 0038792 _____ (Microsoft Corporation) 1F8434DD4907C832E6E90D6298EAB85B C:\Windows\System32\services.exe [2016-12-11 00:29] - [2016-11-11 10:51] - 0454592 _____ (Microsoft Corporation) 3C69CC28665854F1AAB4B4005005FA31 C:\Windows\System32\User32.dll [2016-12-13 21:07] - [2016-12-09 11:10] - 1461200 _____ (Microsoft Corporation) C46EA86BF0E7C96235E9064CBAD6ED26 C:\Windows\SysWOW64\User32.dll [2016-12-13 21:07] - [2016-12-09 10:52] - 1435896 _____ (Microsoft Corporation) 4BEC594A3D4AEAFAC400D88F7E328C7B C:\Windows\System32\userinit.exe [2016-07-16 12:42] - [2016-07-16 12:42] - 0033280 _____ (Microsoft Corporation) C1B1FFC800BE2F31EB2CF8CB40629C69 C:\Windows\SysWOW64\userinit.exe [2016-07-16 12:42] - [2016-07-16 12:42] - 0027648 _____ (Microsoft Corporation) FA900E6CCCF0A429D5B720C6F0E2274B C:\Windows\System32\rpcss.dll [2016-07-16 12:42] - [2016-07-16 12:42] - 0888320 _____ (Microsoft Corporation) 7BD259FC59CF9C2AE1B979564B374CC6 C:\Windows\System32\dnsapi.dll [2017-03-15 19:01] - [2017-03-04 08:24] - 0646688 _____ (Microsoft Corporation) 2813C62F5BE7FAF0A1C5CC37E5C2F25D C:\Windows\SysWOW64\dnsapi.dll [2017-03-15 19:11] - [2017-03-04 08:09] - 0497416 _____ (Microsoft Corporation) AA86DC342B4ED1C1F839C3BC8AEA64B1 C:\Windows\System32\Drivers\volsnap.sys [2016-07-16 12:42] - [2016-07-16 12:42] - 0391520 _____ (Microsoft Corporation) BF2546583BB75F01DDA60A7921DFB230 ==================== Association (Avec liste blanche) ============= ==================== Points de restauration ========================= Date du point de restauration: 2017-04-29 10:09 Date du point de restauration: 2017-05-06 10:30 Date du point de restauration: 2017-05-14 22:29 Date du point de restauration: 2017-05-14 22:29 ==================== Infos Mémoire =========================== Pourcentage de mémoire utilisée: 18% Mémoire physique - RAM - totale: 6074.15 MB Mémoire physique - RAM - disponible: 4941.75 MB Mémoire virtuelle totale: 6074.15 MB Mémoire virtuelle disponible: 4990.72 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:909.78 GB) (Free:298.78 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:19.9 GB) (Free:1.95 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive e: () (Removable) (Total:28.95 GB) (Free:28.95 GB) FAT32 Drive g: () (Fixed) (Total:0.82 GB) (Free:0.31 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: D74BBA35) Partition: GPT. ======================================================== Disk: 1 (Size: 29 GB) (Disk ID: 0C5AC196) Partition 1: (Active) - (Size=29 GB) - (Type=0C) LastRegBack: 2017-04-24 18:09 ==================== Fin de FRST.txt ============================