Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2017 Exécuté par jean- (administrateur) sur DESKTOP-37KC94K (01-08-2017 14:57:09) Exécuté depuis C:\Users\jean-\Desktop Profils chargés: jean- (Profils disponibles: jean- & MSSQL$ADK) Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Opera) Mode d'amorçage: Safe Mode (with Networking) Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe () C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\HelpPane.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe (Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera_crashreporter.exe (Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe (Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe (Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe (Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe (Opera Software) C:\Users\jean-\AppData\Local\Programs\Opera\46.0.2597.26374\opera.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareDesktop.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe (ESET spol. s r.o.) C:\Users\jean-\Downloads\esetonlinescanner_enu.exe (Auslogics) C:\Users\jean-\Downloads\ausdiskdefragportable.exe (Auslogics) C:\Users\jean-\AppData\Local\Temp\RarSFX3\DiskDefrag\DiskDefrag.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [9571552 2016-07-18] () HKLM\...\Run: [] => [X] HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2015-12-14] (Realtek Semiconductor) HKLM\...\Run: [Zoolz Tray] => C:\Program Files\Genie9\Zoolz2\Zoolz.exe [2003088 2017-03-22] (Genie9) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun]  HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Run: [COS] => C:\Program Files\COMODO\cCloud\cCloud.exe [7195824 2014-09-03] (COMODO Security Solutions) HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Run: [USB Safely Remove] => C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [6528096 2017-06-03] (Crystal Rich Ltd) HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3921184 2017-04-10] (IObit) HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 AppInit_DLLs: C:\PROGRA~2\KeyCryptSDK\KeyCrypt64(2).dll => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll [94568 2017-01-19] (Zemana Ltd.) AppInit_DLLs-x32: C:\PROGRA~2\KeyCryptSDK\KeyCrypt32(2).dll => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll [85864 2017-01-19] (Zemana Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2017-07-29] ShortcutTarget: RocketDock.lnk -> C:\skinpack\RocketDock\RocketDock.exe () BootExecute: autocheck autochk /p \??\C:autocheck autochk /p \??\N:autocheck autochk /p \??\H:autocheck autochk * GroupPolicy: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{a778058e-ddb3-4e56-a8fe-5582c6425c94}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/ BHO: Pas de nom -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\skinpack\OldNewExplorer64.dll [2016-07-25] (www.startisback.com) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2016-09-02] (Adobe Systems Incorporated) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) BHO-x32: Pas de nom -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\skinpack\OldNewExplorer32.dll [2016-07-25] (www.startisback.com) BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRIEPlugin.dll [2012-09-28] (Wondershare Software Co., Ltd.) BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2016-09-02] (Microsoft Corporation) BHO-x32: iSkysoft iMedia Converter Deluxe 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-08-18] (Wondershare) BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2016-09-02] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2016-09-02] (Microsoft Corporation) Handler: WSISVCUchrome - Pas de valeur CLSID FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-08-29] [non signé] FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi FF Extension: (iSkysoft iMedia Converter Deluxe) - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi [2016-09-07] FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRFirefoxExt FF Extension: (Wondershare Video Converter Ultimate) - C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRFirefoxExt [2017-07-29] [non signé] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2016-09-02] (Microsoft Corporation) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [cfmjkokphadmhbenfjjecfbhbbonbjcb] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRChromePlugin.crx [2017-07-29] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2017-03-21] (IObit) S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Fichier non signé] S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corp.) S2 COSService.exe; C:\Program Files\COMODO\COMMON\COSService.exe [3550400 2014-10-07] (COMODO Security Solutions) S3 Diskeeper; C:\Program Files\Condusiv Technologies\Diskeeper\DKService.exe [2695920 2015-03-05] (Condusiv Technologies) S3 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [39616 2016-06-03] (CHENGDU YIWO Tech Development Co., Ltd) S3 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [Fichier non signé] S3 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [7184608 2017-05-19] () R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [732056 2016-07-18] () R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) S2 MSSQL$ADK; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe [163008 2016-09-24] (Microsoft Corporation) S3 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [287088 2016-04-01] (Nero AG) S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-05-20] (CyberLink) S3 rscp; C:\Program Files (x86)\Reason\Security\Protection\rscp\bin\rscp_svc.exe [303896 2017-07-28] () S3 rsEngineSvc; C:\Program Files (x86)\Reason\Security\rsEngineSvc.exe [82680 2016-09-02] (Reason Software Company Inc.) S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-12-14] (Realtek Semiconductor) S4 SQLAgent$ADK; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\SQLAGENT.EXE [448704 2016-09-24] (Microsoft Corporation) S3 SyncBackTouch; C:\Program Files (x86)\2BrightSparks\SyncBackTouch\SyncBackTouchSvc.exe [4715576 2016-09-30] (2BrightSparks Pte. Ltd.) S2 SynchronizationService.exe; C:\Program Files\COMODO\COMMON\SynchronizationService.exe [2575552 2014-10-07] (COMODO Security Solutions) S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH) S2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-01-31] (Code Sector) S3 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1731168 2017-06-03] (Crystal Rich Ltd) S3 wdcservice; C:\Program Files (x86)\Wise\Wise Driver Care\wdcservice.exe [367272 2017-07-19] (WiseCleaner.com) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.224\WsAppService.exe [473824 2017-04-20] (Wondershare) S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare) S3 ZAMSvc; C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [15546512 2017-06-19] (Copyright 2017.) S3 Zoolz 2 Service; C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [475280 2017-03-22] (Genie9) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 amwrtdrv; C:\WINDOWS\System32\amwrtdrv.sys [18392 2016-07-28] () S3 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1600512 2016-01-05] (BitDefender) R3 avchv; C:\WINDOWS\system32\DRIVERS\avchv.sys [282000 2016-01-05] (BitDefender) S3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [775424 2016-01-05] (BitDefender) R1 BdfNdisf; C:\WINDOWS\system32\DRIVERS\bdfndisf6.sys [107496 2016-02-16] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.1.0\Drivers\bdfwfpf.sys [115800 2016-02-16] (BitDefender LLC) R0 bdisk; C:\WINDOWS\System32\DRIVERS\bdisk.sys [85488 2014-10-07] (COMODO Security Solutions Inc.) R0 CBUFS; C:\WINDOWS\System32\DRIVERS\CBUFS.sys [230712 2014-10-07] (COMODO Security Solutions Inc.) R0 cbvd; C:\WINDOWS\System32\DRIVERS\cbvd.sys [677744 2014-10-07] (COMODO Security Solutions Inc.) S3 CisUtMonitor; C:\WINDOWS\System32\DRIVERS\CisUtMonitor.sys [54192 2017-01-13] (CrystalIdea Software) S3 clvad; C:\WINDOWS\system32\drivers\clvad.sys [40384 2016-05-27] (CyberLink) R3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [103176 2014-11-05] (CyberLink) S3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [49944 2016-06-02] (CyberLink Corporation) S3 clwvdVM; C:\WINDOWS\system32\DRIVERS\clwvdVM.sys [55240 2016-05-27] (CyberLink Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R0 DKDFM; C:\WINDOWS\System32\drivers\DKDFM.sys [41744 2013-05-06] (Condusiv Technologies) S3 DKRtWrt; C:\WINDOWS\system32\drivers\DKRtWrt.sys [53520 2014-10-24] (Condusiv Technologies) R0 DKTLFSMF; C:\WINDOWS\System32\drivers\DKTLFSMF.sys [119536 2014-04-14] (Condusiv Technologies) R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2016-08-28] (Disc Soft Ltd) S1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation) R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] () S1 GUSBootStartup; C:\WINDOWS\System32\drivers\GUSBootStartup.sys [20160 2016-09-03] (Glarysoft Ltd) S3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [161592 2016-04-28] (BitDefender LLC) S1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit MBR Guard\drivers\win10_amd64\IMFMBRProtect.sys [38904 2017-06-29] (IObit.com) R3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [161408 2017-03-22] (Zemana Ltd.) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-01] (Malwarebytes) S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [47104 2016-05-20] () S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R0 Reparse; C:\WINDOWS\System32\DRIVERS\CBReparse.sys [674160 2014-10-07] (COMODO Security Solutions Inc.) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-07-29] () S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [485512 2016-04-28] (BitDefender S.R.L.) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () R3 vdbus; C:\WINDOWS\System32\drivers\vdbus.sys [826040 2014-10-07] (COMODO Security Solutions Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 WIMMount; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [42688 2016-07-16] (Microsoft Corporation) S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221376 2016-07-16] (Microsoft Corporation) S1 xlkfs; C:\WINDOWS\System32\DRIVERS\xlkfs.sys [44272 2016-05-26] (XOSLAB.COM) S1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-09-07] (Zemana Ltd.) S1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-09-07] (Zemana Ltd.) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-01 14:57 - 2017-08-01 14:58 - 000017493 _____ C:\Users\jean-\Desktop\FRST.txt 2017-08-01 14:57 - 2017-08-01 14:57 - 000000000 ____D C:\FRST 2017-08-01 14:56 - 2017-08-01 14:56 - 002381312 _____ (Farbar) C:\Users\jean-\Desktop\FRST64.exe 2017-08-01 08:01 - 2017-08-01 08:02 - 005352424 _____ (Auslogics) C:\Users\jean-\Downloads\ausdiskdefragportable.exe 2017-08-01 03:32 - 2017-08-01 03:32 - 000012864 ____N C:\bootsqm.dat 2017-07-31 18:34 - 2017-07-31 18:36 - 064025992 _____ (Malwarebytes ) C:\Users\jean-\Downloads\mb3-setup-35891.35891-3.1.2.1733-1.0.139-1.0.2060 (1).exe 2017-07-31 14:11 - 2017-07-31 14:12 - 000000000 ____D C:\Program Files\UNP 2017-07-31 14:11 - 2017-07-31 14:11 - 000000000 ____D C:\WINDOWS\system32\UNP 2017-07-31 14:02 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2017-07-31 14:02 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2017-07-31 14:01 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll 2017-07-31 14:01 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll 2017-07-31 14:01 - 2017-04-11 20:27 - 000993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2017-07-31 14:01 - 2017-04-11 20:27 - 000690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll 2017-07-31 14:01 - 2017-03-15 20:15 - 000987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2017-07-31 14:01 - 2017-03-15 20:15 - 000485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll 2017-07-31 10:36 - 2017-07-31 10:37 - 000414524 _____ C:\WINDOWS\Minidump\073117-33250-01.dmp 2017-07-31 10:35 - 2017-07-31 10:35 - 692127616 _____ C:\WINDOWS\MEMORY.DMP 2017-07-31 10:20 - 2017-07-31 10:31 - 000000000 ____D C:\Program Files\rempl 2017-07-31 10:18 - 2017-06-03 12:50 - 000192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-07-31 10:18 - 2017-06-03 12:14 - 001564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-07-31 10:18 - 2017-06-03 12:14 - 001214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-07-31 10:18 - 2017-06-03 12:14 - 000629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-07-31 10:18 - 2017-06-03 12:14 - 000544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-07-31 10:18 - 2017-06-03 12:14 - 000335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-07-31 10:18 - 2017-06-03 12:14 - 000334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-07-31 10:18 - 2017-06-03 12:14 - 000233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-07-31 10:18 - 2017-06-03 12:14 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-07-31 10:18 - 2017-06-03 12:14 - 000096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-07-31 10:18 - 2017-06-03 12:14 - 000034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-07-31 08:36 - 2017-07-31 08:36 - 000000000 ____D C:\ProgramData\Auslogics 2017-07-31 08:30 - 2017-07-31 08:30 - 000000000 ____D C:\Users\jean-\AppData\Local\ESET 2017-07-31 08:29 - 2017-07-31 08:30 - 006754944 _____ (ESET spol. s r.o.) C:\Users\jean-\Downloads\esetonlinescanner_enu.exe 2017-07-31 08:16 - 2017-07-31 08:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCUninstaller 2017-07-31 08:16 - 2017-07-31 08:16 - 000000000 ____D C:\Program Files\BCUninstaller 2017-07-31 08:15 - 2017-07-31 08:15 - 002683160 _____ (Marcin Szeniak ) C:\Users\jean-\Downloads\BCUninstaller_3.12_setup.exe 2017-07-31 07:48 - 2016-12-21 06:44 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-07-31 07:47 - 2016-12-21 09:08 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-07-30 16:40 - 2017-07-30 16:40 - 002800512 _____ C:\Users\jean-\ZHPDiag3.exe 2017-07-30 13:24 - 2017-08-01 04:02 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-07-30 13:24 - 2017-07-30 13:24 - 000188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-07-30 13:24 - 2017-07-30 13:24 - 000044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-07-30 13:23 - 2017-08-01 03:46 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-07-30 13:23 - 2017-07-31 18:36 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-07-30 13:23 - 2017-07-31 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-07-30 13:23 - 2017-07-30 13:23 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-07-30 13:23 - 2017-07-30 13:23 - 000000000 ____D C:\Program Files\Malwarebytes 2017-07-30 13:22 - 2017-07-30 13:23 - 064025992 _____ (Malwarebytes ) C:\Users\jean-\Downloads\mb3-setup-35891.35891-3.1.2.1733-1.0.139-1.0.2060.exe 2017-07-30 12:19 - 2017-07-30 12:19 - 001721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll 2017-07-30 12:19 - 2017-07-30 12:19 - 001002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll 2017-07-30 12:14 - 2017-07-30 12:14 - 000000000 ____D C:\Users\jean-\Documents\CyberLink 2017-07-30 11:07 - 2017-08-01 03:48 - 000045291 _____ C:\WINDOWS\ZAM.krnl.trace 2017-07-30 11:07 - 2017-08-01 03:48 - 000010690 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2017-07-30 10:40 - 2017-07-30 10:40 - 000001473 _____ C:\Users\jean-\Desktop\UsbFix.lnk 2017-07-30 10:40 - 2017-07-30 10:40 - 000000000 ____D C:\Users\jean-\Desktop\Quarantine 2017-07-30 10:40 - 2017-07-30 10:40 - 000000000 ____D C:\Users\jean-\Desktop\Log 2017-07-30 10:23 - 2017-07-30 10:23 - 000000000 ____D C:\Users\jean-\AppData\LocalLow\ADSRemoval 2017-07-30 09:52 - 2017-07-30 09:52 - 000002908 _____ C:\WINDOWS\System32\Tasks\ASC10_SkipUac_jean- 2017-07-30 09:45 - 2017-07-30 09:45 - 000000000 ___HD C:\OneDriveTemp 2017-07-30 09:12 - 2017-07-30 09:12 - 000000000 ____D C:\ProgramData\ProductData 2017-07-30 09:11 - 2017-07-30 09:40 - 000002250 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk 2017-07-30 09:11 - 2017-07-30 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2017-07-30 09:09 - 2017-07-30 09:09 - 001605936 _____ (IObit) C:\Users\jean-\Downloads\ascscan10_01netfr.exe 2017-07-30 09:07 - 2017-07-30 09:07 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2017-07-29 21:42 - 2017-07-29 21:44 - 000006028 _____ C:\Users\jean-\Desktop\ZHPCleaner.txt 2017-07-29 21:24 - 2017-07-29 21:24 - 002839936 _____ C:\Users\jean-\Downloads\ZHPCleaner.exe 2017-07-29 21:24 - 2017-07-29 21:24 - 000000877 _____ C:\Users\jean-\Desktop\ZHPCleaner.lnk 2017-07-29 20:24 - 2017-07-29 20:25 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Geek Uninstaller 2017-07-29 20:24 - 2017-07-29 20:24 - 003000643 _____ C:\Users\jean-\Downloads\geek.zip 2017-07-29 20:23 - 2017-07-29 20:23 - 003952496 _____ (CrystalIdea Software ) C:\Users\jean-\Downloads\uninstalltool_setup.exe 2017-07-29 20:23 - 2017-07-29 20:23 - 000000942 _____ C:\Users\jean-\Desktop\Uninstall Tool.lnk 2017-07-29 20:23 - 2017-07-29 20:23 - 000000252 _____ C:\WINDOWS\Tasks\RunUninstallTool_SkipUac.job 2017-07-29 20:23 - 2017-07-29 20:23 - 000000000 ____D C:\Users\jean-\AppData\Roaming\CrystalIdea Software 2017-07-29 20:23 - 2017-07-29 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool 2017-07-29 20:23 - 2017-07-29 20:23 - 000000000 ____D C:\Program Files\Uninstall Tool 2017-07-29 20:23 - 2017-01-13 12:54 - 000054192 _____ (CrystalIdea Software) C:\WINDOWS\system32\Drivers\CisUtMonitor.sys 2017-07-29 18:59 - 2017-07-30 20:07 - 000172522 _____ C:\Users\jean-\Desktop\ZHPDiag.txt 2017-07-29 18:51 - 2017-07-30 16:42 - 000000000 ____D C:\Users\jean-\AppData\Roaming\ZHP 2017-07-29 18:51 - 2017-07-30 16:42 - 000000000 ____D C:\Users\jean-\AppData\Local\ZHP 2017-07-29 18:51 - 2017-07-30 16:40 - 000000726 _____ C:\Users\jean-\Desktop\ZHPDiag.lnk 2017-07-29 18:51 - 2017-07-29 18:51 - 002798464 _____ C:\Users\jean-\Desktop\ZHPDiag3.exe 2017-07-29 17:19 - 2017-07-29 17:19 - 000000000 ____D C:\Users\jean-\AppData\Roaming\MultiCommander 2017-07-29 17:17 - 2017-07-29 17:20 - 000000000 ____D C:\mydrivers 2017-07-29 16:50 - 2017-07-29 16:50 - 000000000 ____D C:\ProgramData\Kingsoft 2017-07-29 16:49 - 2017-07-29 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Driver Care 2017-07-29 16:42 - 2017-07-29 16:49 - 007510176 _____ (WiseCleaner.com ) C:\Users\jean-\Downloads\WiseDriverCareSetup.exe 2017-07-29 16:17 - 2017-07-29 16:17 - 000000224 _____ C:\WINDOWS\Tasks\ACD.exe_20170729_161719_0698.job 2017-07-29 16:07 - 2017-07-29 16:07 - 000002067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink ActionDirector 2 (64-bit).lnk 2017-07-29 16:03 - 2017-07-29 16:07 - 000000000 ____D C:\Program Files\CyberLink 2017-07-29 15:46 - 2017-07-29 15:46 - 000000000 ____D C:\ProgramData\install_backup 2017-07-29 15:35 - 2017-07-29 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Duplicate Photos Remover 2017-07-29 15:35 - 2017-07-29 15:35 - 000000000 ____D C:\Program Files\Remo Duplicate Photos Remover 1.0 2017-07-29 15:34 - 2017-07-29 15:45 - 556887696 _____ C:\Users\jean-\Downloads\ActionDirector_1216_GM2_Trial_Trial_ACD161103-02.exe 2017-07-29 15:03 - 2017-07-29 15:03 - 000000000 ____D C:\ProgramData\2BrightSparks 2017-07-29 13:31 - 2017-07-29 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2017-07-29 13:30 - 2017-07-29 21:07 - 000000000 ____D C:\ProgramData\WinZip 2017-07-29 13:29 - 2017-07-29 13:29 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk 2017-07-29 13:29 - 2017-07-29 13:29 - 000001232 _____ C:\Users\Public\Desktop\Booking.lnk 2017-07-29 13:28 - 2017-07-29 13:29 - 000000000 ____D C:\Program Files (x86)\Booking 2017-07-29 13:24 - 2017-07-29 13:24 - 006178186 _____ (Media Play Air ) C:\Users\jean-\Downloads\JavaPlugin.exe 2017-07-29 13:19 - 2017-07-29 13:19 - 001548583 _____ ( ) C:\Users\jean-\Downloads\JavaPlugin_0562582603.exe 2017-07-29 13:17 - 2017-07-29 13:17 - 000000000 ___HD C:\Users\jean-\AppData\Roaming\Obsidium 2017-07-29 13:17 - 2017-07-29 13:17 - 000000000 ___HD C:\Users\jean-\.obs32 2017-07-29 13:13 - 2017-07-29 13:13 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2017-07-29 13:11 - 2017-07-29 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkinPack 2017-07-29 13:08 - 2017-07-29 14:54 - 000000000 ____D C:\Program Files (x86)\YP6XHVzWgC 2017-07-29 13:06 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\a3bf6b7a34b746398d95f6d9d8c7bb49 2017-07-29 13:06 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\456151808c11472195a5ec81eae4d2e9 2017-07-29 12:59 - 2017-07-29 21:23 - 000000835 _____ C:\Users\jean-\Desktop\JRT.txt 2017-07-29 12:45 - 2017-07-30 09:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 - Codec Pack 2017-07-29 12:44 - 2017-07-29 12:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Codecs 2017-07-29 12:44 - 2017-07-29 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack 2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\trolCommander 2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iGetting Audio 2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks 2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Program Files (x86)\trolCommander 2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Program Files (x86)\iGetting Audio 2017-07-29 12:43 - 2017-07-29 12:43 - 000000000 ____D C:\Program Files (x86)\2BrightSparks 2017-07-29 12:42 - 2017-07-29 12:43 - 000000000 ____D C:\Users\jean-\Documents\Speed Install 2017-07-29 12:42 - 2017-07-29 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speed Install 2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair ZIP 2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Word 2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Registry 2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover FREE Edition 2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo File Eraser 2.0 2017-07-29 12:41 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files (x86)\Remo File Eraser 2.0 2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair RAR 2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair PowerPoint 2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair MOV 2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files\Remo Repair Registry 2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files\Remo Recover FREE Edition 2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files (x86)\Remo Repair ZIP 2.0 2017-07-29 12:40 - 2017-07-29 12:41 - 000000000 ____D C:\Program Files (x86)\Remo Repair Word 2.0 2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Users\Public\Documents\EFL 2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover for Android 2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Outlook Backup & Migrate 2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Drive Wipe 2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files\Remo Repair MOV 2.0 2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files\Remo Recover for Android 2.0 2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Repair RAR 2.0 2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Repair PowerPoint 2.0 2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Outlook Backup & Migrate 2017-07-29 12:40 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files (x86)\Remo Drive Wipe 2017-07-29 12:39 - 2017-07-29 15:35 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Remo 2017-07-29 12:39 - 2017-07-29 12:40 - 000000000 ____D C:\Program Files\Easy File Locker 2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\muCommander 2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy File Locker 2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Unreal Commander 2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Drive Defrag 2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiCommander 2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Program Files\MultiCommander (x64) 2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Program Files (x86)\Remo Drive Defrag 2017-07-29 12:39 - 2017-07-29 12:39 - 000000000 ____D C:\Program Files (x86)\muCommander 2017-07-29 12:39 - 2009-02-12 15:11 - 000026024 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys 2017-07-29 12:30 - 2017-07-29 12:31 - 000000000 ____D C:\ProgramData\regid.2003-04.com.caphyon 2017-07-29 12:30 - 2017-07-29 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 13.8.1 2017-07-29 12:30 - 2017-07-29 12:30 - 000000000 ____D C:\Program Files (x86)\MSBuild 2017-07-29 12:30 - 2017-07-29 12:30 - 000000000 ____D C:\Program Files (x86)\Caphyon 2017-07-29 12:29 - 2017-07-29 12:29 - 000000000 ____D C:\ProgramData\Caphyon 2017-07-29 12:27 - 2017-07-29 21:07 - 000000000 ____D C:\AdwCleaner 2017-07-29 12:05 - 2017-07-29 12:05 - 001847296 _____ C:\Users\jean-\AppData\Local\po.db 2017-07-29 12:05 - 2017-07-29 12:05 - 000140800 _____ C:\Users\jean-\AppData\Local\installer.dat 2017-07-29 12:05 - 2017-07-29 12:05 - 000001516 _____ C:\WINDOWS\Tasks\PowerMaster.job 2017-07-29 12:04 - 2017-07-29 12:04 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Opera Software 2017-07-29 12:04 - 2017-07-29 12:04 - 000000000 ____D C:\Users\jean-\AppData\Local\Opera Software 2017-07-29 12:03 - 2017-07-29 14:54 - 000000000 ____D C:\Users\jean-\AppData\Local\e66923851c834945ab5bdb4feca9ec87 2017-07-29 12:03 - 2017-07-29 14:54 - 000000000 ____D C:\Program Files (x86)\tefpOLC7oN 2017-07-29 12:03 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\d6fd9e2d07604c7aa289e71501fd36fa 2017-07-29 12:03 - 2017-07-29 14:53 - 000000000 ____D C:\Users\jean-\AppData\Roaming\a551db79fa4f40878e49536c9f415fad 2017-07-29 12:02 - 2017-07-29 12:02 - 000001350 _____ C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2017-07-29 12:02 - 2017-07-29 12:02 - 000000000 ____D C:\Program Files\AVAST Software 2017-07-29 12:01 - 2017-07-29 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IconPack 2017-07-29 12:01 - 2017-07-29 12:01 - 000000000 ____D C:\ProgramData\AVAST Software 2017-07-29 12:00 - 2017-07-31 08:14 - 000000000 ____D C:\IconPack 2017-07-29 12:00 - 2017-07-29 13:07 - 000000000 ___HD C:\W7P_Backups 2017-07-29 12:00 - 2017-07-29 12:00 - 001167128 _____ (CyberLink) C:\Users\jean-\Downloads\cyberlink-power2go_Essential-11.0.exe 2017-07-29 11:59 - 2017-07-29 13:11 - 000000000 ____D C:\skinpack 2017-07-29 11:59 - 2017-07-29 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clear ThemePack 2017-07-29 11:59 - 2017-07-29 11:59 - 000000000 ____D C:\Clear ThemePack 2017-07-29 11:57 - 2017-07-29 11:57 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Viv 2017-07-29 11:57 - 2017-07-29 11:57 - 000000000 ____D C:\Users\jean-\AppData\Roaming\PhrozenWinja 2017-07-29 11:57 - 2017-07-29 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winja 2017-07-29 11:56 - 2017-07-29 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VivPDF Editor 2017-07-29 11:56 - 2017-07-29 11:56 - 000000000 ____D C:\Program Files (x86)\VivPDF Editor 2017-07-29 11:50 - 2017-07-29 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LopeSoft 2017-07-29 11:50 - 2017-07-29 11:50 - 000000000 ____D C:\ProgramData\LopeSoft 2017-07-29 11:50 - 2017-07-29 11:50 - 000000000 ____D C:\Program Files\LopeSoft 2017-07-29 11:43 - 2017-07-29 11:44 - 001790024 _____ (Malwarebytes) C:\Users\jean-\Desktop\JRT.exe 2017-07-29 11:43 - 2017-07-29 11:43 - 008162248 _____ (Malwarebytes) C:\Users\jean-\Desktop\adwcleaner_7.0.0.0.exe 2017-07-29 11:23 - 2017-08-01 13:31 - 000000000 ___RD C:\Users\jean-\Desktop\cadeaux jes-jes m-moulu st-j conr (jessica 2x de brugnon u h) 17_9_2016, 17_3_2017 & 17_9_2017 & lfsu100%sf 2017-07-29 11:08 - 2017-07-29 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morae 2017-07-29 11:08 - 2017-07-29 11:08 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Xilisoft 2017-07-29 11:06 - 2017-07-29 11:08 - 000000000 ____D C:\Program Files (x86)\TechSmith 2017-07-29 11:06 - 2017-07-29 11:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2017-07-29 11:05 - 2017-07-29 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker 2017-07-29 11:04 - 2017-07-29 11:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft 2017-07-29 11:04 - 2017-07-29 11:04 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PerigeeCopy 2017-07-29 11:04 - 2017-07-29 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniCopier 2017-07-29 11:04 - 2017-07-29 11:04 - 000000000 ____D C:\Program Files\PerigeeCopy 2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\Users\jean-\AppData\Local\Copy Handler 2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast File Copy by Daanav.com 2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\Program Files (x86)\MiniCopier 2017-07-29 11:03 - 2017-07-29 11:03 - 000000000 ____D C:\Program Files (x86)\Fast File Copy by Daanav.com 2017-07-29 11:02 - 2017-07-29 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copy Handler 2017-07-29 11:02 - 2017-07-29 11:02 - 000000000 ____D C:\Program Files\Copy Handler 2017-07-29 11:01 - 2017-07-29 11:07 - 000000000 ____D C:\ProgramData\Xilisoft 2017-07-29 11:01 - 2017-07-29 11:07 - 000000000 ____D C:\Program Files (x86)\Xilisoft 2017-07-29 11:01 - 2017-07-29 11:01 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Genie9 2017-07-29 11:00 - 2017-07-29 11:00 - 000000000 ___RD C:\Users\jean-\Desktop\Non-Zoolz Zone 2017-07-29 11:00 - 2017-07-29 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoolz 2017-07-29 11:00 - 2017-07-29 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org 2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Screen Recorder 2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free-video-splitter 2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files\Genie9 2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files (x86)\Xiph.Org 2017-07-29 10:59 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files (x86)\free-video-splitter 2017-07-29 10:58 - 2017-07-29 10:59 - 000000000 ____D C:\Program Files (x86)\Icecream Screen Recorder 2017-07-29 10:57 - 2017-07-29 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GiliSoft 2017-07-29 10:57 - 2017-07-29 10:57 - 000000000 ____D C:\Program Files (x86)\GiliSoft 2017-07-29 10:56 - 2017-07-29 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync 2017-07-29 10:55 - 2017-07-29 10:56 - 000000000 ____D C:\ProgramData\GoodSync 2017-07-29 10:54 - 2017-07-29 10:54 - 000000000 ____D C:\Program Files\Siber Systems 2017-07-29 10:51 - 2017-07-29 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo Data Recovery 2017-07-29 10:51 - 2017-07-29 10:51 - 000000000 ____D C:\Program Files\Hasleo 2017-07-29 10:50 - 2017-07-29 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roadkil.Net 2017-07-29 10:50 - 2017-07-29 11:05 - 000000000 ____D C:\Program Files (x86)\Roadkil.Net 2017-07-29 10:49 - 2017-07-29 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software 2017-07-29 10:49 - 2017-07-29 10:49 - 000001727 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TeraCopy.lnk 2017-07-29 10:49 - 2017-07-29 10:49 - 000000000 ____D C:\Users\jean-\AppData\Local\Xenocode 2017-07-29 10:49 - 2017-07-29 10:49 - 000000000 ____D C:\Program Files (x86)\Runtime Software 2017-07-29 10:45 - 2017-07-29 12:02 - 000000000 ____D C:\Program Files\Bandizip 2017-07-29 10:45 - 2017-07-29 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip 2017-07-29 10:44 - 2017-07-29 10:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folderico 2017-07-29 10:44 - 2017-07-29 10:44 - 000000000 ____D C:\ProgramData\Folderico 2017-07-29 10:44 - 2017-07-29 10:44 - 000000000 ____D C:\Program Files (x86)\Folderico 2017-07-29 10:43 - 2017-07-29 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcend 2017-07-29 10:43 - 2017-07-29 10:43 - 000000000 ____D C:\Program Files (x86)\Transcend 2017-07-29 10:43 - 2013-05-23 09:52 - 000386560 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartSecure2.dll 2017-07-29 10:43 - 2013-05-23 09:52 - 000234496 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartCertificate.dll 2017-07-29 10:43 - 2013-05-06 13:17 - 000425472 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartSock.dll 2017-07-29 10:43 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\WINDOWS\SysWOW64\fmcodec.DLL 2017-07-29 10:39 - 2015-02-27 10:35 - 000000232 _____ C:\WINDOWS\SysWOW64\dllhost.exe.config 2017-07-29 10:36 - 2012-09-21 10:25 - 000727952 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll 2017-07-29 10:36 - 2012-09-21 10:25 - 000159120 _____ () C:\WINDOWS\SysWOW64\WSCM32.dll 2017-07-29 10:34 - 2017-07-29 10:34 - 000000000 ____D C:\ProgramData\ProductFeatures 2017-07-29 10:33 - 2017-07-29 10:33 - 000000000 ____D C:\Users\jean-\.swt 2017-07-29 10:32 - 2017-08-01 04:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2017-07-29 10:20 - 2017-07-29 10:33 - 000000000 ____D C:\Users\jean-\AppData\Local\Degoo 2017-07-29 10:19 - 2017-07-29 10:19 - 000000000 ____D C:\Users\jean-\Documents\Wondershare MediaServer 2017-07-29 10:19 - 2017-07-29 10:19 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Free 2017-07-29 10:17 - 2017-07-29 10:21 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Degoo 2017-07-29 10:08 - 2017-07-29 10:08 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Pro 2017-07-29 10:05 - 2017-07-29 10:33 - 000000000 ____D C:\Users\jean-\AppData\Roaming\iSkysoft 2017-07-29 09:25 - 2017-07-29 10:55 - 000000000 ____D C:\Users\jean-\AppData\Roaming\GoodSync 2017-07-29 09:20 - 2017-07-29 10:13 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Wondershare 2017-07-29 09:19 - 2017-07-30 09:56 - 000000000 ____D C:\Users\jean-\.android 2017-07-29 08:53 - 2017-07-29 10:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit MBR Guard 2017-07-29 08:53 - 2017-07-29 08:53 - 000000000 _____ C:\WINDOWS\1 2017-07-29 08:42 - 2017-07-31 08:07 - 000000000 ____D C:\Users\jean-\AppData\Roaming\USBSafelyRemove 2017-07-29 08:31 - 2017-07-29 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher 2017-07-29 08:31 - 2017-07-29 08:31 - 000000000 ____D C:\Program Files (x86)\DsNET Corp 2017-07-29 08:30 - 2017-07-29 08:30 - 000000000 ____D C:\Users\jean-\AppData\Roaming\ProtectStar 2017-07-29 08:30 - 2017-07-29 08:30 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProtectStar 2017-07-29 08:30 - 2017-07-29 08:30 - 000000000 ____D C:\Program Files (x86)\ProtectStar 2017-07-29 08:29 - 2017-07-29 08:29 - 000000000 ____D C:\zemana_logs 2017-07-29 08:28 - 2017-07-29 08:29 - 000000000 ____D C:\Program Files\Zemana Control Center 2017-07-29 08:27 - 2017-07-29 08:28 - 000000000 ____D C:\Program Files\Rebit 5 2017-07-29 08:20 - 2017-07-29 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB 2017-07-29 08:20 - 2017-07-29 08:20 - 000000000 ____D C:\Program Files (x86)\ISO to USB 2017-07-29 08:18 - 2017-07-29 08:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silent Install Builder 5 2017-07-29 08:18 - 2017-07-29 08:19 - 000000000 ____D C:\Program Files (x86)\Silent Install Builder 5 2017-07-29 08:14 - 2017-07-29 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu X 2017-07-29 08:13 - 2017-07-29 08:40 - 000000000 ____D C:\Users\jean-\AppData\Roaming\StartMenuX 2017-07-29 08:13 - 2017-07-29 08:14 - 000000000 ____D C:\Program Files\Start Menu X 2017-07-29 08:13 - 2017-07-29 08:13 - 000000000 ____D C:\ProgramData\StartMenuX 2017-07-29 08:12 - 2017-07-29 08:12 - 000000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A} 2017-07-29 08:11 - 2017-07-30 09:12 - 000000000 ____D C:\Users\jean-\AppData\LocalLow\IObit 2017-07-29 08:09 - 2017-07-29 08:09 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled 2017-07-29 08:07 - 2017-07-29 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Degoo 2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\ProgramData\MindGems 2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiteManager Pro - Viewer 2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size 2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\Program Files\FolderSize 2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\Program Files (x86)\LiteManager Pro - Viewer 2017-07-29 08:06 - 2017-07-29 08:06 - 000000000 ____D C:\Program Files (x86)\Folder Size 2017-07-29 08:05 - 2017-07-31 16:22 - 000000000 ____D C:\Program Files (x86)\LiteManager Pro - Server 2017-07-29 08:05 - 2017-07-29 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiteManager Pro - Server 2017-07-29 08:05 - 2017-07-29 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kotobee Publisher 2017-07-29 08:04 - 2017-07-29 08:05 - 000000000 ____D C:\Program Files (x86)\Kotobee Publisher 2017-07-29 08:03 - 2017-07-29 08:03 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\USB Safely Remove 2017-07-29 08:03 - 2017-07-29 08:03 - 000000000 ____D C:\ProgramData\USBSRService 2017-07-29 08:03 - 2017-07-29 08:03 - 000000000 ____D C:\Program Files (x86)\USB Safely Remove 2017-07-29 06:28 - 2017-07-29 06:28 - 000003656 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2017-07-29 06:24 - 2017-07-29 06:28 - 000000000 ____D C:\Users\jean-\AppData\Roaming\UsbFix 2017-07-29 06:24 - 2017-07-29 06:24 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Modules 2017-07-29 06:19 - 2017-07-29 06:19 - 000002409 _____ C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-07-29 06:14 - 2017-07-29 06:14 - 000000000 ____D C:\ProgramData\Avanquest 2017-07-29 06:14 - 2017-07-29 06:14 - 000000000 ____D C:\Program Files (x86)\Avanquest update 2017-07-29 06:11 - 2017-07-29 06:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger 2017-07-29 06:11 - 2017-07-29 06:11 - 000000000 ____D C:\ProgramData\BVRP Software 2017-07-29 06:11 - 2017-03-22 12:44 - 000161408 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\KeyCrypt64.sys 2017-07-28 15:01 - 2017-07-28 15:01 - 000528896 _____ C:\WINDOWS\c69fd46f34b502ccef5b6a80d3c08909.exe 2017-07-28 15:01 - 2017-07-28 15:01 - 000051618 _____ C:\WINDOWS\uninstaller.dat ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-01 14:49 - 2016-08-31 15:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-08-01 08:15 - 2016-09-09 16:27 - 000000000 ____D C:\Users\jean-\Desktop\cadeaux muscade moulue jessica jessica franprix temptations, franprix & syrtos (16 octobre) 2017-08-01 08:15 - 2016-09-06 20:58 - 000000000 ____D C:\Users\jean-\AppData\Roaming\TeraCopy 2017-08-01 04:06 - 2016-08-28 12:36 - 002592972 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-08-01 04:06 - 2016-07-17 00:40 - 001081020 _____ C:\WINDOWS\system32\perfh00C.dat 2017-08-01 04:06 - 2016-07-17 00:40 - 000261644 _____ C:\WINDOWS\system32\perfc00C.dat 2017-08-01 03:48 - 2016-08-31 16:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-07-31 14:47 - 2016-08-31 16:04 - 000000000 ____D C:\Users\jean- 2017-07-31 14:46 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-07-31 14:41 - 2016-07-16 08:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2017-07-31 14:40 - 2016-09-03 08:59 - 000000000 ____D C:\Program Files\Microsoft Silverlight 2017-07-31 14:40 - 2016-09-02 16:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-07-31 14:12 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF 2017-07-31 14:12 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-07-31 14:11 - 2016-08-31 13:06 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-07-31 14:00 - 2016-09-02 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-07-31 13:54 - 2016-09-07 01:54 - 002529856 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2017-07-31 13:49 - 2016-09-07 01:56 - 000000000 ____D C:\Users\MSSQL$ADK 2017-07-31 13:48 - 2016-09-07 01:46 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2017-07-31 13:48 - 2016-09-07 01:39 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2017-07-31 10:36 - 2016-09-08 14:35 - 000000000 ____D C:\WINDOWS\Minidump 2017-07-31 10:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-07-31 08:29 - 2016-09-07 12:53 - 000000000 ___RD C:\Users\jean-\Desktop\LFS Ultra Suite v5.6, lfsu100%sfpzs++sfce, part 6 & sfcec-barrow 2 à 4-widen apps, & tools for manage youcam 8 & photodirector 9 2017-07-31 08:14 - 2016-07-16 08:04 - 000000000 ____D C:\Program Files\PowerMaster 2017-07-31 08:07 - 2016-08-28 12:50 - 000000000 ___RD C:\Users\jean-\OneDrive 2017-07-30 12:14 - 2016-09-06 23:43 - 000000000 ____D C:\Users\jean-\AppData\Roaming\CyberLink 2017-07-30 12:14 - 2016-09-06 23:42 - 000000000 ____D C:\Users\jean-\AppData\Local\CyberLink 2017-07-30 10:40 - 2016-08-28 16:25 - 000000000 ____D C:\Users\jean-\Downloads\UsbFix 2017-07-30 10:07 - 2016-09-06 16:18 - 000004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3EF053DA-9088-495B-9E19-1A7664ABB844} 2017-07-30 09:39 - 2016-09-09 07:08 - 000000000 ____D C:\Users\jean-\Desktop\others applications 2017-07-30 09:39 - 2016-08-28 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro 2017-07-30 09:39 - 2016-08-28 16:54 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KillCopy 2017-07-30 09:39 - 2016-08-28 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebit 5 2017-07-30 09:38 - 2016-08-31 16:56 - 000000000 ___DC C:\WINDOWS\Panther 2017-07-30 09:11 - 2016-09-07 13:09 - 000000000 ____D C:\ProgramData\IObit 2017-07-30 09:09 - 2016-09-08 08:25 - 000000000 ____D C:\Users\jean-\AppData\Roaming\IObit 2017-07-30 06:39 - 2016-09-03 09:08 - 000000000 ____D C:\Users\jean-\AppData\Local\CrashDumps 2017-07-29 16:49 - 2016-09-07 13:20 - 000000000 ____D C:\Program Files (x86)\Wise 2017-07-29 16:17 - 2016-09-06 23:12 - 000000000 ____D C:\ProgramData\SUPPORTDIR 2017-07-29 16:07 - 2016-09-06 23:32 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information 2017-07-29 16:07 - 2016-08-29 06:52 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-07-29 16:03 - 2016-08-31 16:00 - 000000000 ____D C:\ProgramData\Package Cache 2017-07-29 15:46 - 2016-09-06 23:12 - 000000000 ____D C:\ProgramData\install_clap 2017-07-29 15:02 - 2016-08-31 15:57 - 000220152 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-07-29 13:11 - 2016-09-07 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2017-07-29 13:11 - 2016-09-07 20:38 - 000000000 ____D C:\Program Files\RogueKiller 2017-07-29 13:09 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Cursors 2017-07-29 13:07 - 2016-07-16 13:43 - 046823424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imageres.dll 2017-07-29 13:07 - 2016-07-16 13:43 - 001752576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagesp1.dll 2017-07-29 13:07 - 2016-07-16 13:42 - 046823424 _____ (Microsoft Corporation) C:\WINDOWS\system32\imageres.dll 2017-07-29 13:07 - 2016-07-16 13:42 - 001752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagesp1.dll 2017-07-29 13:07 - 2016-07-16 13:42 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2017-07-29 13:07 - 2016-07-16 13:42 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll 2017-07-29 13:06 - 2016-07-16 13:47 - 000000000 __SHD C:\Program Files\Windows Sidebar 2017-07-29 12:58 - 2016-09-07 20:38 - 000000000 ____D C:\ProgramData\RogueKiller 2017-07-29 11:17 - 2016-09-06 20:50 - 000000000 ____D C:\Program Files\TeraCopy 2017-07-29 11:05 - 2016-09-07 13:09 - 000000000 ____D C:\Program Files (x86)\IObit 2017-07-29 10:40 - 2016-08-28 14:33 - 000000000 ____D C:\Users\Public\Documents\Wondershare 2017-07-29 10:38 - 2016-08-28 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2017-07-29 10:36 - 2016-08-28 19:46 - 000000000 ____D C:\Program Files (x86)\Wondershare 2017-07-29 10:34 - 2016-09-07 13:26 - 000000000 ____D C:\Users\jean-\AppData\Local\iSkysoft 2017-07-29 10:34 - 2016-09-07 13:24 - 000000000 ____D C:\ProgramData\iSkysoft iMedia Converter Deluxe 2017-07-29 10:21 - 2016-09-07 13:22 - 000000000 ____D C:\Users\Public\Documents\iSkysoft 2017-07-29 10:18 - 2016-08-28 19:43 - 000000000 ____D C:\ProgramData\Wondershare 2017-07-29 10:09 - 2016-09-07 13:24 - 000000000 ____D C:\ProgramData\iSkysoft 2017-07-29 10:05 - 2016-09-07 13:24 - 000000000 ____D C:\Program Files (x86)\iSkysoft 2017-07-29 08:58 - 2016-09-07 14:41 - 000000000 ____D C:\Program Files (x86)\Zemana AntiLogger 2017-07-29 08:58 - 2016-09-07 14:41 - 000000000 ____D C:\Program Files (x86)\KeyCryptSDK 2017-07-29 08:41 - 2016-09-04 15:23 - 000000000 ____D C:\Users\jean-\AppData\Roaming\eufsc 2017-07-29 08:25 - 2016-09-03 15:37 - 000003554 _____ C:\WINDOWS\System32\Tasks\SoftwareUpdate Pro 2017-07-29 08:17 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps 2017-07-29 07:52 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2017-07-29 07:52 - 2015-10-30 09:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-07-29 06:04 - 2016-09-07 13:37 - 000000000 ____D C:\Program Files\Common Files\logishrd 2017-07-28 22:11 - 2016-08-28 17:04 - 000565416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-07-28 21:51 - 2016-09-06 16:06 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software ==================== Fichiers à la racine de certains dossiers ======= 2017-07-29 12:05 - 2017-07-29 12:05 - 000140800 _____ () C:\Users\jean-\AppData\Local\installer.dat 2017-07-29 12:05 - 2017-07-29 12:05 - 001847296 _____ () C:\Users\jean-\AppData\Local\po.db Fichiers à déplacer ou supprimer: ==================== C:\Users\jean-\ZHPDiag3.exe Certains fichiers dans TEMP: ==================== 2017-07-29 20:24 - 2017-07-29 20:24 - 004043712 _____ (Geek Unіnstaller) C:\Users\jean-\AppData\Local\Temp\geek64.exe 2017-07-29 10:56 - 2017-07-29 10:56 - 004895891 _____ () C:\Users\jean-\AppData\Local\Temp\Redist642008.exe 2017-07-29 10:58 - 2017-07-29 10:58 - 004149146 _____ () C:\Users\jean-\AppData\Local\Temp\Redist862008.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-07-28 22:26 ==================== Fin de FRST.txt ============================