Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-11-2017 Exécuté par Utilisateur (administrateur) sur CAMILLE (29-11-2017 21:08:03) Exécuté depuis C:\Users\Utilisateur\Desktop Profils chargés: Utilisateur (Profils disponibles: Utilisateur) Platform: Windows 10 Home Version 1709 16299.64 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (simplitec GmbH) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\IntegratedOffice.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe () C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe ( ) C:\Windows\SysWOW64\lxebcoms.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google Inc.) C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe (ultracopier.first-world.info) C:\Program Files (x86)\Supercopier\supercopier.exe () C:\Users\Utilisateur\AppData\Roaming\cacaoweb\cacaoweb.exe (Microsoft Corporation) C:\Users\Utilisateur\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\OneDriveSetup.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe Impossible d'accéder au processus -> SystemSettings.exe (Microsoft Corporation) C:\Windows\System32\WerFault.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe Impossible d'accéder au processus -> SystemSettings.exe (Microsoft Corporation) C:\Windows\System32\WerFault.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-07] (ASUS) HKLM\...\Run: [lxebmon.exe] => C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe [772712 2013-01-23] () HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe [150264 2013-01-23] () HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA) HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-08-23] (Alcor Micro Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink) HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [317824 2016-01-18] () HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, Winlogon\Notify\igfxcui: C:\Windows\System32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-592991678-649594777-2015158078-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2646504 2012-05-14] (CyberLink Corp.) HKU\S-1-5-21-592991678-649594777-2015158078-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google) HKU\S-1-5-21-592991678-649594777-2015158078-1001\...\Run: [Google Update] => C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-12-11] (Google Inc.) HKU\S-1-5-21-592991678-649594777-2015158078-1001\...\Run: [Google+ Auto Backup] => C:\Users\Utilisateur\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.) HKU\S-1-5-21-592991678-649594777-2015158078-1001\...\Run: [97F1B3B3B040E98EEB61F701C6263F592325BE5B._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1323352 2017-10-26] (Google Inc.) HKU\S-1-5-21-592991678-649594777-2015158078-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [36776 2015-12-07] (Glarysoft Ltd) HKU\S-1-5-21-592991678-649594777-2015158078-1001\...\Run: [ultracopier] => C:\Program Files (x86)\Supercopier\supercopier.exe [178688 2014-02-19] (ultracopier.first-world.info) HKU\S-1-5-21-592991678-649594777-2015158078-1001\...\Run: [cacaoweb] => C:\Users\Utilisateur\AppData\Roaming\cacaoweb\cacaoweb.exe [568624 2017-10-30] () HKU\S-1-5-21-592991678-649594777-2015158078-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 IFEO\jumpflip: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe BootExecute: autocheck autochk * GroupPolicy: Restriction - Chrome <==== ATTENTION GroupPolicyUsers\S-1-5-21-592991678-649594777-2015158078-1001\User: Restriction <==== ATTENTION CHR HKU\S-1-5-21-592991678-649594777-2015158078-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyEnable: [S-1-5-21-592991678-649594777-2015158078-1001] => Proxy est activé. Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [65536 2017-09-29] (Microsoft Corporation) Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [65536 2017-09-29] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5b4493da-26a5-418e-b847-4169ac475b37}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{60d706dc-4d94-4047-8136-d10df30592ff}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-1de94435 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1427192287&from=wpm03243&uid=ST1000LM024XHN-M101MBB_S2TTJ9CC816892&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1436948952&z=747cdc174e5cdf9ac69941cgcz9c2q4tfzdbet4w8c&from=wpm07153&uid=ST1000LM024XHN-M101MBB_S2TTJ9CC816892 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1427192287&from=wpm03243&uid=ST1000LM024XHN-M101MBB_S2TTJ9CC816892&q={searchTerms} HKU\S-1-5-21-592991678-649594777-2015158078-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1421250106&from=brd&uid=ST1000LM024XHN-M101MBB_S2TTJ9CC816892&q={searchTerms} HKU\S-1-5-21-592991678-649594777-2015158078-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-1de94435 HKU\S-1-5-21-592991678-649594777-2015158078-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1436948952&z=747cdc174e5cdf9ac69941cgcz9c2q4tfzdbet4w8c&from=wpm07153&uid=ST1000LM024XHN-M101MBB_S2TTJ9CC816892 HKU\S-1-5-21-592991678-649594777-2015158078-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421250106&from=brd&uid=ST1000LM024XHN-M101MBB_S2TTJ9CC816892&q={searchTerms} URLSearchHook: HKU\S-1-5-21-592991678-649594777-2015158078-1001 - (Pas de nom) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - Pas de fichier SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dnldastr_16_28¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyE0F0CtCyBtC0FtC0D0FtN0D0Tzu0StCyCyDtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtBzytC0B0Dzz0AtGyCyEyBzytGtByEtAtDtGtCyEtBtBtGtA0BtBtAtDtDyEyDyByD0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtB0C0CtC0CtCzztG0EzzyCtCtGyEyB0AtDtGzy0A0D0BtGyB0ByEtAzy0EyCzy0B0DtB0B2QtN0A0LzuyE%26cr%3D846739759%26a%3Dwncy_dnldastr_16_28%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_51¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyE0F0CtCyBtC0FtC0D0FtN0D0Tzu0StCyEyEyDtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCzyzztAtAzy0ByDtGtA0C0BtAtGtA0FtD0EtGyCtC0BtDtGyDtAzyzztAzzyDyEzzyD0F0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtB0C0CtC0CtCzztG0EzzyCtCtGyEyB0AtDtGzy0A0D0BtGyB0ByEtAzy0EyCzy0B0DtB0B2QtN0A0LzuyE%26cr%3D112989226%26a%3Dwncy_fs_15_51%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_tele_14_27_ch&cd=2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyE0F0CtCyBtC0FtC0D0FtN0D0Tzu0SzytCyEtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0FyD0AzyyBzzyCtG0E0EtA0CtGyB0FzyzytGzytDzzyCtGyEyC0B0E0C0C0EyE0AyDtD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyEtC0EyC0DtCyCtGyE0BtC0FtGtDyEtAyCtG0AyCyB0EtGtB0B0FtDtAtCyByE0DtC0BtC2Q&cr=2062112765&ir= SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_23_ch&cd=2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyE0F0CtCyBtC0FtC0D0FtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0B0BtCyEtAzytCtG0CtA0CtBtGyE0ByD0EtGtA0FtA0CtGtD0DtB0D0A0C0Fzz0FyD0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyEtC0EyC0DtCyCtGyE0BtC0FtGtDyEtAyCtG0AyCyB0EtGtB0B0FtDtAtCyByE0DtC0BtC2Q&cr=2070998442&ir= SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dnldastr_16_28¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyE0F0CtCyBtC0FtC0D0FtN0D0Tzu0StCyCyDtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtBzytC0B0Dzz0AtGyCyEyBzytGtByEtAtDtGtCyEtBtBtGtA0BtBtAtDtDyEyDyByD0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtB0C0CtC0CtCzztG0EzzyCtCtGyEyB0AtDtGzy0A0D0BtGyB0ByEtAzy0EyCzy0B0DtB0B2QtN0A0LzuyE%26cr%3D846739759%26a%3Dwncy_dnldastr_16_28%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=107&systemid=473&v=n11465-252&apn_uid=6244636783344093&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=199&itype=a&ver=12791&tm=369&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dnldastr_16_28¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyE0F0CtCyBtC0FtC0D0FtN0D0Tzu0StCyCyDtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtBzytC0B0Dzz0AtGyCyEyBzytGtByEtAtDtGtCyEtBtBtGtA0BtBtAtDtDyEyDyByD0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtB0C0CtC0CtCzztG0EzzyCtCtGyEyB0AtDtGzy0A0D0BtGyB0ByEtAzy0EyCzy0B0DtB0B2QtN0A0LzuyE%26cr%3D846739759%26a%3Dwncy_dnldastr_16_28%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dnldastr_16_28¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyE0F0CtCyBtC0FtC0D0FtN0D0Tzu0StCyCyDtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtBzytC0B0Dzz0AtGyCyEyBzytGtByEtAtDtGtCyEtBtBtGtA0BtBtAtDtDyEyDyByD0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtB0C0CtC0CtCzztG0EzzyCtCtGyEyB0AtDtGzy0A0D0BtGyB0ByEtAzy0EyCzy0B0DtB0B2QtN0A0LzuyE%26cr%3D846739759%26a%3Dwncy_dnldastr_16_28%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=199&itype=a&ver=12791&tm=369&src=ds&p={searchTerms} SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dnldastr_16_28¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyE0F0CtCyBtC0FtC0D0FtN0D0Tzu0StCyCyDtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtBzytC0B0Dzz0AtGyCyEyBzytGtByEtAtDtGtCyEtBtBtGtA0BtBtAtDtDyEyDyByD0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtB0C0CtC0CtCzztG0EzzyCtCtGyEyB0AtDtGzy0A0D0BtGyB0ByEtAzy0EyCzy0B0DtB0B2QtN0A0LzuyE%26cr%3D846739759%26a%3Dwncy_dnldastr_16_28%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP6CF7F9D9-A87D-4509-B637-EAC05FD5FF1C&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dnldastr_16_28¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyE0F0CtCyBtC0FtC0D0FtN0D0Tzu0StCyCyDtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyBtBzytC0B0Dzz0AtGyCyEyBzytGtByEtAtDtGtCyEtBtBtGtA0BtBtAtDtDyEyDyByD0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtB0C0CtC0CtCzztG0EzzyCtCtGyEyB0AtDtGzy0A0D0BtGyB0ByEtAzy0EyCzy0B0DtB0B2QtN0A0LzuyE%26cr%3D846739759%26a%3Dwncy_dnldastr_16_28%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_51¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyE0F0CtCyBtC0FtC0D0FtN0D0Tzu0StCyEyEyDtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCzyzztAtAzy0ByDtGtA0C0BtAtGtA0FtD0EtGyCtC0BtDtGyDtAzyzztAzzyDyEzzyD0F0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtB0C0CtC0CtCzztG0EzzyCtCtGyEyB0AtDtGzy0A0D0BtGyB0ByEtAzy0EyCzy0B0DtB0B2QtN0A0LzuyE%26cr%3D112989226%26a%3Dwncy_fs_15_51%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592991678-649594777-2015158078-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-19] (Microsoft Corporation) BHO: Pas de nom -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Pas de fichier BHO-x32: Pas de nom -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> Pas de fichier BHO-x32: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> Pas de fichier BHO-x32: Pas de nom -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> Pas de fichier Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-19] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-19] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Pas de fichier] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-21] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-08] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-592991678-649594777-2015158078-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Utilisateur\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-12-11] (Google Inc.) FF Plugin HKU\S-1-5-21-592991678-649594777-2015158078-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Utilisateur\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-12-11] (Google Inc.) FF Plugin HKU\S-1-5-21-592991678-649594777-2015158078-1001: SkypePlugin -> C:\Users\Utilisateur\AppData\Local\SkypePlugin\7.13.0.71\npGatewayNpapi.dll [2016-01-15] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-592991678-649594777-2015158078-1001: SkypePlugin64 -> C:\Users\Utilisateur\AppData\Local\SkypePlugin\7.13.0.71\npGatewayNpapi-x64.dll [2016-01-15] (Skype Technologies S.A.) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.com/webhp?source=search_app&gws_rd=ssl","hxxp://www.google.com/webhp?source=search_app","hxxps://www.youtube.com/","hxxps://translate.google.fr/?hl=fr&tab=wT" CHR NewTab: Default -> Active:"chrome-extension://ejocekekgcaldnmjngfdbmbeebcekelc/newtab.html" CHR DefaultSearchKeyword: Default -> googl CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default [2017-11-29] CHR Extension: (Slides) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29] CHR Extension: (Docs) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29] CHR Extension: (Google Drive) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-29] CHR Extension: (Appel Skype) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-10-29] CHR Extension: (YouTube) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-29] CHR Extension: (GeoGebra Classique) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2017-10-29] CHR Extension: (Adblock Plus) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-29] CHR Extension: (DOC, DOCX, PPT File Viewer) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cilnmioihljjnnncgnpcfnfjoefcldhm [2017-10-29] CHR Extension: (Ma messagerie - Skyrock.com) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhefkooncfbgidpkfaccodfljdjaclg [2017-10-29] CHR Extension: (Gmail hors connexion) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2017-10-29] CHR Extension: (SPOTS - A better way to start) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejocekekgcaldnmjngfdbmbeebcekelc [2017-10-29] CHR Extension: (Sheets) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29] CHR Extension: (Word Online) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2017-10-29] CHR Extension: (Google Docs hors connexion) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-30] CHR Extension: (AdBlock) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-29] CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-11-21] CHR Extension: (AudioSauna) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2017-10-29] CHR Extension: (Flat - Éditeur de partitions de musique) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgfkpiieempkmppimblkblmlcmbdkbcg [2017-10-29] CHR Extension: (Google Hangouts) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-11-02] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-29] CHR Extension: (Smshare ★ SMS and Social Media Share [App]) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\oanolbdopcajacagbgfplmaodgebcaen [2017-10-29] CHR Extension: (Outlook.com) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2017-10-29] CHR Extension: (Gmail) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-29] CHR Extension: (Chrome Media Router) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-21] CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ejocekekgcaldnmjngfdbmbeebcekelc] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-592991678-649594777-2015158078-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Utilisateur\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-11-15] CHR HKU\S-1-5-21-592991678-649594777-2015158078-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-592991678-649594777-2015158078-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-592991678-649594777-2015158078-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ejocekekgcaldnmjngfdbmbeebcekelc] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-592991678-649594777-2015158078-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-592991678-649594777-2015158078-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-592991678-649594777-2015158078-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ejocekekgcaldnmjngfdbmbeebcekelc] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063656 2017-11-02] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S2 lxebCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe [45736 2010-04-14] (Lexmark International, Inc.) R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [33240 2015-12-09] (VIA Technologies, Inc.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] () S3 cdrombus; C:\WINDOWS\System32\Drivers\cdrombus.sys [25088 2012-08-22] (Windows (R) Codename Longhorn DDK provider) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-09-05] (Glarysoft Ltd) S1 HssDRV6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [44744 2013-12-17] (AnchorFree Inc.) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) R1 MpKslea79aba2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{78D503A2-58CE-47E0-9B94-E44426EF6400}\MpKslea79aba2.sys [58120 2017-11-29] (Microsoft Corporation) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [242688 2013-01-16] (QUALCOMM Incorporated) R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-11-29 21:06 - 2017-11-29 21:11 - 000035118 _____ C:\Users\Utilisateur\Desktop\FRST.txt 2017-11-29 21:05 - 2017-11-29 21:06 - 000000000 ____D C:\FRST 2017-11-29 21:04 - 2017-11-29 21:05 - 002391552 _____ (Farbar) C:\Users\Utilisateur\Desktop\FRST64.exe 2017-11-29 20:09 - 2017-11-29 20:09 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2017-11-29 20:08 - 2017-11-29 20:08 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\DBG 2017-11-29 20:07 - 2017-11-29 20:07 - 000000000 ___HD C:\Users\Utilisateur\MicrosoftEdgeBackups 2017-11-29 20:03 - 2017-11-29 20:08 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\ConnectedDevicesPlatform 2017-11-29 20:03 - 2017-11-29 20:03 - 000003208 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-592991678-649594777-2015158078-1001 2017-11-29 20:03 - 2017-11-29 20:03 - 000000650 __RSH C:\Users\Utilisateur\ntuser.pol 2017-11-29 20:03 - 2017-11-29 20:03 - 000000020 ___SH C:\Users\Utilisateur\ntuser.ini 2017-11-29 19:57 - 2017-11-29 19:59 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2017-11-29 19:57 - 2017-11-29 19:59 - 000007623 _____ C:\WINDOWS\diagerr.xml 2017-11-29 19:55 - 2017-11-29 20:37 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6E5DD467-1073-41AE-9A1F-D5BEA2CDA7F9} 2017-11-29 19:55 - 2017-11-29 19:56 - 000004014 _____ C:\WINDOWS\System32\Tasks\WCQS 2017-11-29 19:55 - 2017-11-29 19:56 - 000003932 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-11-29 19:55 - 2017-11-29 19:56 - 000003742 _____ C:\WINDOWS\System32\Tasks\Bing Search Engine fosic 2017-11-29 19:55 - 2017-11-29 19:56 - 000003726 _____ C:\WINDOWS\System32\Tasks\Yahoo! Powered fosic 2017-11-29 19:55 - 2017-11-29 19:56 - 000003514 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-11-29 19:55 - 2017-11-29 19:56 - 000003450 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-11-29 19:55 - 2017-11-29 19:56 - 000003358 _____ C:\WINDOWS\System32\Tasks\LaunchSignup 2017-11-29 19:55 - 2017-11-29 19:56 - 000002936 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-592991678-649594777-2015158078-1001 2017-11-29 19:55 - 2017-11-29 19:56 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-592991678-649594777-2015158078-1001 2017-11-29 19:55 - 2017-11-29 19:56 - 000002580 _____ C:\WINDOWS\System32\Tasks\{D2FD42F3-F112-4324-A79A-8A3DA2DD2B76} 2017-11-29 19:55 - 2017-11-29 19:56 - 000002568 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP1 2017-11-29 19:55 - 2017-11-29 19:56 - 000002566 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP3 2017-11-29 19:55 - 2017-11-29 19:56 - 000002566 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP2 2017-11-29 19:55 - 2017-11-29 19:56 - 000002564 _____ C:\WINDOWS\System32\Tasks\{603960BB-D267-4CDE-8A3B-55B4ECF026CA} 2017-11-29 19:55 - 2017-11-29 19:56 - 000002550 _____ C:\WINDOWS\System32\Tasks\Power Suite 2017-11-29 19:55 - 2017-11-29 19:56 - 000002462 _____ C:\WINDOWS\System32\Tasks\JetCleanLoginCheckUpdate 2017-11-29 19:55 - 2017-11-29 19:56 - 000002444 _____ C:\WINDOWS\System32\Tasks\{FF88400B-D568-4F53-913C-7F370676719C} 2017-11-29 19:55 - 2017-11-29 19:56 - 000002380 _____ C:\WINDOWS\System32\Tasks\{9807D000-16DD-4E6B-AC98-FE0E8001EC31} 2017-11-29 19:55 - 2017-11-29 19:56 - 000002336 _____ C:\WINDOWS\System32\Tasks\{371B572E-AF2D-4F4D-9FDE-E72125D7F73A} 2017-11-29 19:55 - 2017-11-29 19:56 - 000002310 _____ C:\WINDOWS\System32\Tasks\{73D12DE9-8DC7-40E4-9B45-7A3705646AC7} 2017-11-29 19:55 - 2017-11-29 19:56 - 000002308 _____ C:\WINDOWS\System32\Tasks\{16C3F4B9-EAA5-4E3A-A6DE-10E782642D37} 2017-11-29 19:55 - 2017-11-29 19:56 - 000002288 _____ C:\WINDOWS\System32\Tasks\{AB860DE5-AB9B-45CF-B5D8-3D4AE16BD45F} 2017-11-29 19:55 - 2017-11-29 19:56 - 000002222 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC 2017-11-29 19:55 - 2017-11-29 19:55 - 000004364 _____ C:\WINDOWS\System32\Tasks\PJNIELN 2017-11-29 19:55 - 2017-11-29 19:55 - 000004018 _____ C:\WINDOWS\System32\Tasks\LIFROE 2017-11-29 19:55 - 2017-11-29 19:55 - 000004012 _____ C:\WINDOWS\System32\Tasks\DTT 2017-11-29 19:55 - 2017-11-29 19:55 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-11-29 19:55 - 2017-11-29 19:55 - 000003290 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-11-29 19:55 - 2017-11-29 19:55 - 000002514 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5 2017-11-29 19:55 - 2017-11-29 19:55 - 000002472 _____ C:\WINDOWS\System32\Tasks\Power Suite (Tray) 2017-11-29 19:55 - 2017-11-29 19:55 - 000002440 _____ C:\WINDOWS\System32\Tasks\avast! Windows 10 Start Menu helper 2017-11-29 19:55 - 2017-11-29 19:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-11-29 19:55 - 2017-11-29 19:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD 2017-11-29 19:55 - 2017-11-29 19:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software 2017-11-29 19:13 - 2017-11-29 19:13 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-11-29 19:08 - 2017-11-29 19:08 - 000000000 ____D C:\ProgramData\USOShared 2017-11-29 19:05 - 2017-11-29 20:07 - 000000000 ____D C:\Users\Utilisateur 2017-11-29 19:05 - 2017-11-29 19:05 - 000000000 _SHDL C:\Users\Utilisateur\Voisinage réseau 2017-11-29 19:05 - 2017-11-29 19:05 - 000000000 _SHDL C:\Users\Utilisateur\Voisinage d'impression 2017-11-29 19:05 - 2017-11-29 19:05 - 000000000 _SHDL C:\Users\Utilisateur\Modèles 2017-11-29 19:05 - 2017-11-29 19:05 - 000000000 _SHDL C:\Users\Utilisateur\Mes documents 2017-11-29 19:05 - 2017-11-29 19:05 - 000000000 _SHDL C:\Users\Utilisateur\Menu Démarrer 2017-11-29 19:05 - 2017-11-29 19:05 - 000000000 _SHDL C:\Users\Utilisateur\Documents\Mes vidéos 2017-11-29 19:05 - 2017-11-29 19:05 - 000000000 _SHDL C:\Users\Utilisateur\Documents\Mes images 2017-11-29 19:05 - 2017-11-29 19:05 - 000000000 _SHDL C:\Users\Utilisateur\Documents\Ma musique 2017-11-29 19:05 - 2017-11-29 19:05 - 000000000 _SHDL C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2017-11-29 19:05 - 2017-11-29 19:05 - 000000000 _SHDL C:\Users\Utilisateur\AppData\Local\Historique 2017-11-29 19:01 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-11-29 18:57 - 2017-11-29 20:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-11-29 18:57 - 2017-11-29 19:32 - 000771752 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-11-29 18:52 - 2017-11-29 20:02 - 000000000 ____D C:\Windows.old 2017-11-29 18:44 - 2017-11-29 18:52 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2017-11-29 18:44 - 2017-11-29 18:44 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2017-11-29 18:41 - 2017-11-29 18:41 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2017-11-29 18:39 - 2017-11-29 18:39 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2017-11-29 18:39 - 2017-11-29 18:39 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe 2017-11-29 18:39 - 2017-11-29 18:39 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-11-29 18:39 - 2017-11-29 18:39 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2017-11-29 18:39 - 2017-11-29 18:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-11-29 18:34 - 2017-11-29 18:34 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2017-11-29 18:34 - 2017-11-29 18:34 - 000000000 ____D C:\Program Files\Reference Assemblies 2017-11-29 18:34 - 2017-11-29 18:34 - 000000000 ____D C:\Program Files\MSBuild 2017-11-29 18:34 - 2017-11-29 18:34 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-11-29 18:34 - 2017-11-29 18:34 - 000000000 ____D C:\Program Files (x86)\MSBuild 2017-11-29 18:33 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2017-11-29 18:33 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2017-11-29 18:33 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2017-11-29 18:33 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2017-11-29 18:33 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2017-11-29 18:33 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2017-11-28 16:30 - 2017-11-29 20:02 - 000000000 ___DC C:\WINDOWS\Panther 2017-11-19 21:36 - 2017-11-19 21:36 - 000000000 ____D C:\WINDOWS\UpdateAssistant 2017-10-30 18:14 - 2017-11-29 20:54 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\cacaoweb ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-11-29 21:11 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps 2017-11-29 20:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2017-11-29 20:49 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-11-29 20:42 - 2017-01-14 00:24 - 000000000 ____D C:\Users\Utilisateur\Desktop\Lycée 2017-11-29 20:41 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF 2017-11-29 20:35 - 2017-01-01 19:35 - 000000000 ____D C:\ProgramData\{219FE4FC-ABDD-6E3A-2D1B-F078B7597BB6} 2017-11-29 20:31 - 2016-07-11 10:31 - 000000000 ____D C:\ProgramData\{C6370354-4C75-8992-CAB3-17D050F19C1E} 2017-11-29 20:28 - 2012-10-26 08:11 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Packages 2017-11-29 20:19 - 2015-09-05 12:27 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5 2017-11-29 20:13 - 2015-01-14 15:12 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Skype 2017-11-29 20:11 - 2014-11-15 18:01 - 000000000 ___RD C:\Users\Utilisateur\Google Drive 2017-11-29 20:09 - 2012-10-26 08:15 - 000000376 _____ C:\Users\Utilisateur\AppData\Roaming\sp_data.sys 2017-11-29 20:05 - 2015-07-29 22:17 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\TileDataLayer 2017-11-29 20:03 - 2017-09-29 22:02 - 000000000 ____D C:\Windows10Upgrade 2017-11-29 20:03 - 2016-08-25 10:33 - 000002362 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-11-29 20:03 - 2016-02-13 14:18 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-11-29 20:03 - 2015-09-16 19:34 - 000000000 ___RD C:\Users\Utilisateur\3D Objects 2017-11-29 20:02 - 2017-09-29 22:03 - 000000000 ___HD C:\$GetCurrent 2017-11-29 20:00 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2017-11-29 20:00 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt 2017-11-29 19:59 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2017-11-29 19:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration 2017-11-29 19:56 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicyUsers 2017-11-29 19:55 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries 2017-11-29 19:55 - 2014-10-21 10:37 - 000023208 _____ C:\WINDOWS\system32\emptyregdb.dat 2017-11-29 19:39 - 2017-09-30 15:40 - 000830904 _____ C:\WINDOWS\system32\perfh00C.dat 2017-11-29 19:39 - 2017-09-30 15:40 - 000157282 _____ C:\WINDOWS\system32\perfc00C.dat 2017-11-29 19:39 - 2015-07-29 21:11 - 001862094 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-11-29 19:36 - 2017-10-29 13:55 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-11-29 19:36 - 2017-10-29 13:55 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-11-29 19:30 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-11-29 19:30 - 2017-05-01 20:18 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome 2017-11-29 19:30 - 2016-02-27 11:13 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supercopier 2017-11-29 19:30 - 2016-02-26 18:26 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SuperCopier2 2017-11-29 19:30 - 2016-02-08 14:52 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2017-11-29 19:30 - 2015-12-16 16:05 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory 2017-11-29 19:30 - 2015-09-14 20:34 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 2017-11-29 19:30 - 2015-07-30 17:14 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pvm 2017-11-29 19:30 - 2014-12-11 18:50 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2017-11-29 19:30 - 2014-04-27 21:13 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2017-11-29 19:10 - 2016-08-24 13:51 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2017-11-29 19:08 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate 2017-11-29 19:05 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2017-11-29 19:02 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\PrintDialog 2017-11-29 19:02 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-11-29 18:59 - 2016-04-21 03:27 - 000000000 ____D C:\ProgramData\SetupTPDriver 2017-11-29 18:56 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2017-11-29 18:52 - 2017-09-30 15:40 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2017-11-29 18:52 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Resources 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\IME 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-11-29 18:52 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-11-29 18:52 - 2017-09-19 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor 12 2017-11-29 18:52 - 2017-08-22 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D 2017-11-29 18:52 - 2017-07-07 18:33 - 000000000 ____D C:\Program Files\UNP 2017-11-29 18:52 - 2017-06-14 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64 bits) 2017-11-29 18:52 - 2017-03-13 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-11-29 18:52 - 2017-01-16 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016 2017-11-29 18:52 - 2016-11-23 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam 2017-11-29 18:52 - 2016-11-13 22:20 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2017-11-29 18:52 - 2016-11-05 13:37 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2017-11-29 18:52 - 2016-11-05 13:37 - 000000000 ____D C:\WINDOWS\fr 2017-11-29 18:52 - 2016-08-26 22:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.2 2017-11-29 18:52 - 2016-08-22 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2017-11-29 18:52 - 2016-07-27 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LMMS 1.1.3 2017-11-29 18:52 - 2016-04-21 03:28 - 000000000 ____D C:\WINDOWS\system32\SRSLabs 2017-11-29 18:52 - 2016-04-21 03:28 - 000000000 ____D C:\Program Files (x86)\ASUS 2017-11-29 18:52 - 2016-04-15 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Instagiffer 2017-11-29 18:52 - 2016-02-08 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2017-11-29 18:52 - 2015-12-27 14:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VTech Software Installer 2017-11-29 18:52 - 2015-10-30 08:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2017-11-29 18:52 - 2015-08-22 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2017-11-29 18:52 - 2014-12-11 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2017-11-29 18:52 - 2014-11-15 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2017-11-29 18:52 - 2014-09-24 19:10 - 000000000 ____D C:\Program Files\Embedded Lockdown Manager 2017-11-29 18:52 - 2014-09-04 19:20 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2017-11-29 18:52 - 2014-01-19 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 2017-11-29 18:52 - 2014-01-19 17:52 - 000000000 ____D C:\Program Files\Lexmark Pro200-S500 Series 2017-11-29 18:52 - 2014-01-15 13:32 - 000000000 ____D C:\WINDOWS\system32\log 2017-11-29 18:52 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2017-11-29 18:52 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2017-11-29 18:52 - 2012-09-29 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e 2017-11-29 18:52 - 2012-07-26 09:12 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\IME 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE 2017-11-29 18:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB 2017-11-29 18:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2017-11-29 18:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat 2017-11-29 18:44 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\system 2017-11-29 18:44 - 2017-07-26 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeGamePick 2017-11-29 18:44 - 2017-03-19 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec 2017-11-29 18:44 - 2016-11-13 22:20 - 000000000 ____D C:\WINDOWS\system32\BestPractices 2017-11-29 18:44 - 2016-07-28 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro 2017-11-29 18:44 - 2016-07-11 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft 2017-11-29 18:44 - 2016-04-21 03:28 - 000000000 ____D C:\Program Files\VIA 2017-11-29 18:44 - 2016-01-31 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VTech 2017-11-29 18:44 - 2015-10-29 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2017-11-29 18:44 - 2015-07-30 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Little Piano 2017-11-29 18:44 - 2014-01-13 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite 2017-11-29 18:44 - 2012-08-17 01:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\zu-ZA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\yo-NG 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\xh-ZA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\wo-SN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ur-PK 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ug-CN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\tt-RU 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\tn-ZA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\tk-TM 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ti-ET 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\te-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ta-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\sw-KE 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\sq-AL 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\si-LK 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\rw-RW 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\quz-PE 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\prs-AF 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\pa-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\or-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\nso-ZA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\nn-NO 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ne-NP 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\mt-MT 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\mr-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\mn-MN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ml-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\mk-MK 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\mi-NZ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\lo-LA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\lb-LU 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ky-KG 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\kok-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\kn-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\km-KH 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\kk-KZ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ka-GE 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\is-IS 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ig-NG 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\id-ID 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\hy-AM 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\gu-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\gd-GB 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ga-IE 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\fil-PH 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\fa-IR 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\cy-GB 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\bn-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\bn-BD 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\be-BY 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\as-IN 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\am-ET 2017-11-29 18:40 - 2017-09-30 15:41 - 000000000 ____D C:\WINDOWS\system32\af-ZA 2017-11-29 18:40 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-11-29 18:40 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12 2017-11-29 18:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput 2017-11-29 18:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2017-11-29 18:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-11-29 18:40 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-11-29 18:40 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism 2017-11-29 18:15 - 2017-03-19 23:07 - 000000442 _____ C:\WINDOWS\Tasks\Power Suite (Tray).job 2017-11-29 17:53 - 2014-11-20 20:14 - 000001374 _____ C:\WINDOWS\Tasks\WCQS.job 2017-11-29 17:35 - 2017-01-01 19:35 - 000001014 _____ C:\WINDOWS\Tasks\Bing Search Engine fosic.job 2017-11-29 15:19 - 2014-11-20 20:15 - 000001372 _____ C:\WINDOWS\Tasks\DTT.job 2017-11-28 20:34 - 2014-11-20 20:34 - 000001724 _____ C:\WINDOWS\Tasks\PJNIELN.job 2017-11-28 20:34 - 2014-11-20 20:34 - 000001378 _____ C:\WINDOWS\Tasks\LIFROE.job 2017-11-28 16:30 - 2017-10-04 13:18 - 000000036 _____ C:\WINDOWS\progress.ini 2017-11-28 10:01 - 2017-09-29 22:02 - 000000809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à jour de Windows 10.lnk 2017-11-27 21:49 - 2015-10-29 15:16 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Audacity 2017-11-27 21:49 - 2015-05-20 13:13 - 000000000 ____D C:\Users\Utilisateur\.hydrogen 2017-11-21 21:02 - 2012-08-17 01:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2017-11-20 21:32 - 2014-02-10 08:03 - 000545440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-11-19 23:16 - 2014-01-14 17:39 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-11-19 23:07 - 2017-10-11 13:21 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2017-11-19 23:07 - 2014-01-14 17:39 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-11-19 21:35 - 2017-07-23 21:50 - 000000000 ____D C:\Program Files\rempl 2017-11-19 21:31 - 2017-04-15 21:28 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-11-19 20:16 - 2014-06-05 19:04 - 000000000 ____D C:\ProgramData\Skype 2017-11-04 16:59 - 2014-03-18 20:11 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\ElevatedDiagnostics 2017-11-01 12:47 - 2015-07-29 22:27 - 000002466 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-11-01 12:47 - 2014-10-21 10:58 - 000000000 __RDO C:\Users\Utilisateur\OneDrive 2017-10-31 17:57 - 2016-06-23 12:25 - 000000000 ____D C:\Users\Utilisateur\lmms 2017-10-30 22:21 - 2016-06-23 12:25 - 000001253 _____ C:\Users\Utilisateur\.lmmsrc.xml 2017-10-30 18:14 - 2015-03-27 18:58 - 000000000 ___RD C:\Users\Utilisateur\Downloads\Téléchargements ==================== Fichiers à la racine de certains dossiers ======= 2015-09-16 12:55 - 2002-11-29 20:36 - 000264704 _____ (Particulier) C:\Program Files\desinstall.exe 2015-09-16 12:55 - 2015-09-16 12:56 - 000001424 _____ () C:\Program Files\limites.rtf 2015-09-16 12:55 - 1998-06-17 08:22 - 000087040 _____ () C:\Program Files\LPng.dll 2015-09-16 12:56 - 2015-09-16 12:56 - 000000071 _____ () C:\Program Files\messages_FRA.log 2015-09-16 12:56 - 2015-09-16 12:56 - 000000000 _____ () C:\Program Files\messages_FRA.prop 2015-09-16 12:55 - 2003-02-22 08:32 - 001643008 _____ (Pierre MOATI) C:\Program Files\notepad.exe 2015-09-16 12:55 - 2002-02-24 00:50 - 000087040 _____ (TOOLHOUSE WESTWARE®) C:\Program Files\RTFapi.dll 2015-09-16 12:55 - 2015-09-16 12:56 - 000011635 _____ () C:\Program Files\tips.ini 2015-09-16 12:55 - 2003-08-27 16:43 - 000074752 _____ () C:\Program Files\unrar.dll 2014-10-05 13:14 - 2014-10-05 13:14 - 000000288 _____ () C:\Users\Utilisateur\AppData\Roaming\.backup.dm 2014-11-21 22:29 - 2014-11-21 22:31 - 000001251 _____ () C:\Users\Utilisateur\AppData\Roaming\Bubble Dock.boostrap.log 2014-01-15 13:10 - 2014-11-21 22:31 - 000045380 _____ () C:\Users\Utilisateur\AppData\Roaming\Bubble Dock.installation.log 2014-03-24 20:38 - 2014-03-24 20:38 - 000000121 _____ () C:\Users\Utilisateur\AppData\Roaming\D2Info0 2014-03-24 20:38 - 2014-03-24 20:45 - 000000008 _____ () C:\Users\Utilisateur\AppData\Roaming\DofusAppId0_1 2014-09-01 09:18 - 2014-09-01 09:18 - 000002086 _____ () C:\Users\Utilisateur\AppData\Roaming\DTT 2017-05-16 21:27 - 2017-05-16 21:27 - 000015963 _____ () C:\Users\Utilisateur\AppData\Roaming\Ketucahenudo 2014-09-01 09:18 - 2014-09-01 09:18 - 000002086 _____ () C:\Users\Utilisateur\AppData\Roaming\LIFROE 2016-02-08 14:31 - 2016-02-08 20:57 - 000002563 _____ () C:\Users\Utilisateur\AppData\Roaming\midisheetmusic.config.ini 2014-05-28 17:41 - 2014-05-28 17:41 - 000130238 _____ () C:\Users\Utilisateur\AppData\Roaming\MixPad.dmp 2014-01-15 14:05 - 2014-01-15 14:05 - 000000021 _____ () C:\Users\Utilisateur\AppData\Roaming\my_intel.sys 2014-09-01 09:18 - 2016-08-21 13:04 - 000000365 _____ () C:\Users\Utilisateur\AppData\Roaming\PJNIELN 2012-10-26 08:15 - 2017-11-29 20:09 - 000000376 _____ () C:\Users\Utilisateur\AppData\Roaming\sp_data.sys 2016-06-13 13:08 - 2016-11-24 23:43 - 000171054 _____ () C:\Users\Utilisateur\AppData\Roaming\VideoPad.dmp 2014-01-15 13:48 - 2017-09-25 19:24 - 000000457 _____ () C:\Users\Utilisateur\AppData\Roaming\WB.CFG 2014-09-01 09:18 - 2016-08-21 13:05 - 000000365 _____ () C:\Users\Utilisateur\AppData\Roaming\WCQS 2014-11-21 22:29 - 2014-11-21 22:29 - 000000097 _____ () C:\Users\Utilisateur\AppData\Roaming\WindApp.boostrap.log 2014-11-21 22:31 - 2014-11-21 22:31 - 000000374 _____ () C:\Users\Utilisateur\AppData\Roaming\WindApp.installation.log 2014-06-06 22:21 - 2014-06-17 17:37 - 001134592 _____ () C:\Users\Utilisateur\AppData\Local\ChromeHitoryDB 2014-03-26 20:52 - 2017-03-19 21:34 - 000007680 _____ () C:\Users\Utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-21 18:45 - 2014-09-21 18:45 - 000000017 _____ () C:\Users\Utilisateur\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-11-29 18:57 ==================== Fin de FRST.txt ============================