Ckscanner CKScanner 2.5 - Additional Security Risks - These are not necessarily bad c:\esupport\edriver\software\audio\conexant\audio\8.66.30.51\3416\w8-64\d2keys.ini c:\program files\conexant\cnxt_audio_hda\d2keys.ini c:\program files (x86)\asus\atk package\atk hotkey\atkmsgctrl.exe c:\windows\cnxt\rollback\oem15.inf\folder0\d2keys.ini scanner sequence 3.CA.11.NWCPN0 ----- EOF ----- Winchk Rapport WinChk v2.0 - 29/01/2018 à 12:55 Mis à jour le 08/07/11 à 16h par Xplode Système d'exploitation : Windows 10 Home (64 bits) [version 10.0.16299.192] Nom d'utilisateur : mathi - DESKTOP-SDM0ICP (Administrateur) Exécuté depuis : C:\Users\mathi\Desktop\winchk_2.0.exe ¤¤¤¤¤ Recherche | KMS ¤¤¤¤¤ ... OK ! ¤¤¤¤¤ Recherche | Fichiers suspect ¤¤¤¤¤ ... OK ! ¤¤¤¤¤ Vérification | Fichiers système ¤¤¤¤¤ ... OK ! ¤¤¤¤¤ Vérification | Fichier Hosts ¤¤¤¤¤ ... OK ! ¤¤¤¤¤ Vérification | Windows Update ¤¤¤¤¤ ¤ Paramètres : ¤ Dernière mise à jour détectée le ¤ Dernière mise à jour téléchargée le ¤ Dernière mise à jour installée le ########## EOF - "C:\WinChk.txt" - [789 octets] ########## ZHPDIAG ~ ZHPDiag v2018.1.26.15 Par Nicolas Coolman (2018/01/26) ~ Démarré par mathi (Administrator) (2018/01/29 12:58:42) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Certificate ZHPDiag: Legal ~ Etat de la version: Version OK ~ Mode: Scanner ~ Rapport: C:\Users\mathi\Desktop\ZHPDiag.txt ~ Rapport: C:\Users\mathi\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ Démarrage du système: Normal (Normal boot) Windows 10 Home, 64-bit (Build 16299) =>.Microsoft Corporation ---\\ Navigateurs Internet (3) - 0s ~ MFIE: Mozilla Firefox 57.0.4 (x64 fr) ~ MSIE: Microsoft Edge v40 ~ MSIE: Internet Explorer v11.192.16299.0 ---\\ Informations sur les produits Windows (8) - 3s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK ~ Windows(R) Operating System, OEM_DM channel Windows ID Activation : OK ~ Windows Partial Key : DGPHD Windows License : OK ~ Windows Remaining Initializations Number : 1001 Windows Automatic Updates : OK ---\\ Logiciels de protection (2) - 3s Avast Antivirus Gratuit v17.9.2322 (Protection) Windows Defender (Activate) (Protection) ---\\ Surveillance de Logiciels (2) - 3s ~ Adobe Flash Player 28 NPAPI (Surveillance) ~ Adobe Acrobat Reader DC - Français (Surveillance) ---\\ Informations sur le système (6) - 0s ~ Operating System: Intel64 Family 6 Model 78 Stepping 3, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 4088.108 MB (16% free) : OK =>.RAM Value System Restore: Activé (Enable) System drive C: has 16 GB (13%) free of 121 GB : ATTENTION =>Warning Disk Space ---\\ Mode de connexion au système (3) - 0s ~ Computer Name: DESKTOP-SDM0ICP ~ User Name: mathi ~ Logged in as Administrator ---\\ Enumération des unités disques (1) - 0s ~ Drive C: has 16 GB free of 121 GB (System) ---\\ Etat du Centre de Sécurité Windows (7) - 0s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Recherche particulière de fichiers génériques (25) - 1s [MD5.92B369312AF5D0B83AEF82D5DE0428D2] - 01/01/2018 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [3904808] =>.Microsoft Windows® [MD5.731A783A36A8E69A6434D19D98B12A09] - 29/09/2017 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [71168] =>.Microsoft Corporation [MD5.BF3E1D9B2360C6BE4CC3094CD2DDC617] - 29/09/2017 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\WINDOWS\System32\Wininit.exe [359584] =>.Microsoft Windows Publisher® [MD5.CDBD10B47A1BEA8B6A009064E90FA298] - 01/01/2018 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\WINDOWS\System32\wininet.dll [3334144] =>.Microsoft Corporation [MD5.D0926E8FC082646487BD159538F4D9F5] - 01/01/2018 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [715776] =>.Microsoft Corporation [MD5.4D487E7D2B047FB929BE00117C09F9EC] - 29/09/2017 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\WINDOWS\System32\sppcomapi.dll [414720] =>.Microsoft Corporation [MD5.A94E2533A7604E4AA05DCCC675A9F396] - 23/10/2017 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\System32\dnsapi.dll [739696] =>.Microsoft Windows® [MD5.0A821BF024E347943D6F5C5180FAEA31] - 23/10/2017 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [597160] =>.Microsoft Windows® [MD5.3B34C7B9D7E22AEF58DF0CFC4C7CC82D] - 30/09/2017 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation [MD5.7AE4EBDC221235BF9E1008B515C0B8DB] - 01/01/2018 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [614296] =>.Microsoft Windows® [MD5.6191B9B2EE0E8CB957C683B9B341CC86] - 29/09/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28568] =>.Microsoft Windows® [MD5.9E82A95D77AC78C84BA75FF896B060BF] - 29/09/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation [MD5.6D83565C1652E80447EDEA6947FA89D7] - 29/09/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [159744] =>.Microsoft Corporation [MD5.9910E9CFF5ECDCB225F82E72CE9DE459] - 29/09/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [151040] =>.Microsoft Corporation [MD5.99A34FD1F6431A10D8C3BB50E170D0F2] - 29/09/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [86016] =>.Microsoft Corporation [MD5.56FF074E50F9042FD2856AB3418F4B18] - 29/09/2017 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [105984] =>.Microsoft Corporation [MD5.7BEC2AF23F586EFF0DB4DBF4331B0C70] - 29/09/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [214016] =>.Microsoft Corporation [MD5.34898F29BF0E9A84E183046318D17814] - 26/11/2017 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [495000] =>.Microsoft Windows® [MD5.7FC54F2AF5EC52C7AC05AD90FFC757E6] - 01/01/2018 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [316928] =>.Microsoft Corporation [MD5.E20EC8E25969ABD9F5FED6EDEA57EC0C] - 01/01/2018 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2395032] =>.Microsoft Windows® [MD5.2E07EC2C1622F5E7B535D62DCD61F3AB] - 29/09/2017 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [98816] =>.Microsoft Corporation [MD5.E0220BB6580D34001D4D1D133052DAA4] - 29/09/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [106496] =>.Microsoft Corporation [MD5.DF83769C92527DB50653F8FB57D001FF] - 30/09/2017 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [182784] =>.Microsoft Corporation [MD5.571D82ABAC428D902ACA0CF60373C039] - 29/09/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [121240] =>.Microsoft Windows® [MD5.5B27846CF4B1C21AFB3A35A8336BA02F] - 08/12/2017 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [401304] =>.Microsoft Windows® ---\\ Liste des services NT non Microsoft et non désactivés (22) - 2s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® O23 - Service: ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc. - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe =>.ASUSTeK Computer Inc.® O23 - Service: ASUS Flip Service (ASUS Flip Service) . (.ASUS - FlipService_GMR.) - C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe =>.ASUSTeK Computer Inc.® O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUSTek Computer Inc. - GFNEXSrv.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe =>.ASUSTeK Computer Inc.® O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - Avast Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.® O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® O23 - Service: Conexant Audio Message Service (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\Windows\system32\CxAudMsg64.exe =>.Conexant Systems Inc. O23 - Service: @oem42.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) - C:\Windows\SysWOW64\esif_uf.exe =>.Intel(R) Software® O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe =>.Intel Corporation-Wireless Connectivity Solutions® O23 - Service: FBAgent (FBAgent) . (...) - C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe =>.FarStone Technology® O23 - Service: @oem13.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) . (...) - C:\WINDOWS\System32\ibtsiva (.not file.) =>.Intel Corporation O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe =>.Intel(R) pGFX® O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) . (...) - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe =>.Intel Corporation O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe =>.Intel Corporation-Wireless Connectivity Solutions® O23 - Service: Conexant SmartAudio service (SAService) . (.Conexant Systems, Inc. - SmartAudio Service Application.) - C:\Windows\System32\SASrv.exe =>.Conexant Systems, Inc.® O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer® O23 - Service: DCNTranProc (Tran_Process_Proc) . (...) - C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe =>.Farstone Technology Inc® O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe =>.Intel Corporation-Wireless Connectivity Solutions® ---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (32) - 8s SR - Auto [27/09/2017] [ 83984] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Demand [17/01/2018] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [27/11/2017] [ 83768] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® SR - Auto [14/12/2015] [ 126616] ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe =>.ASUSTeK Computer Inc.® SR - Auto [18/11/2015] [ 14776] ASUS Flip Service (ASUS Flip Service) . (.ASUS.) - C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe =>.ASUSTeK Computer Inc.® SR - Demand [21/12/2017] [ 7538536] aswbIDSAgent (aswbIDSAgent) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe =>.AVAST Software s.r.o.® SR - Auto [01/04/2015] [ 107320] ATKGFNEX Service (ATKGFNEXSrv) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe =>.ASUSTeK Computer Inc.® SR - Auto [21/12/2017] [ 301168] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.® SR - Auto [12/08/2015] [ 462096] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® SS - Demand [30/11/2016] [ 301536] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe =>.Intel(R) pGFX® SS - Demand [30/11/2016] [ 480224] Intel(R) Content Protection HDCP Service (cplspcon) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe =>.Intel(R) pGFX® SR - Auto [20/10/2014] [ 207576] Conexant Audio Message Service (CxAudMsg) . (.Conexant Systems Inc..) - C:\Windows\system32\CxAudMsg64.exe =>.Conexant Systems, Inc.® SR - Auto [02/10/2015] [ 1392792] @oem42.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) . (.Intel Corporation.) - C:\Windows\SysWOW64\esif_uf.exe =>.Intel(R) Software® SR - Auto [02/12/2015] [ 640928] Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe =>.Intel Corporation-Wireless Connectivity Solutions® SR - Auto [13/08/2014] [ 73032] FBAgent (FBAgent) . (...) - C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe =>.FarStone Technology® SS - Demand [11/12/2017] [ 1658944] FoxitPhantomService (FoxitPhantomService) . (.Foxit Software Inc..) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe =>.Foxit Software Incorporated® SR - Auto [30/11/2016] [ 341984] Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe =>.Intel(R) pGFX® SS - Demand [22/05/2015] [ 881152] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service® SR - Demand [19/05/2015] [ 335872] Intel(R) Security Assist (Intel(R) Security Assist) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe =>.Intel Corporation SS - Demand [17/09/2015] [ 19088] Intel(R) WiDi Software Asset Manager (Intel(R) WiDi SAM) . (.Intel Corporation.) - C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe =>.Intel(R) Software Asset Manager® SS - Demand [11/12/2017] [ 672568] Service de l’iPod (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.® SS - Auto [19/05/2015] [ 7680] Intel(R) Security Assist Helper (isaHelperSvc) . (...) - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe =>.Intel Corporation SR - Auto [16/10/2015] [ 207648] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® SR - Auto [16/10/2015] [ 415520] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® SS - Demand [05/01/2018] [ 194000] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SS - Demand [02/12/2015] [ 268192] Wireless PAN DHCP Server (MyWiFiDHCPDNS) . (.Copyright (C) 2005-2010 by Achal Dhir.) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe =>.Intel Corporation-Wireless Connectivity Solutions® SR - Auto [02/12/2015] [ 157088] Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe =>.Intel Corporation-Wireless Connectivity Solutions® SR - Auto [17/04/2015] [ 427224] Conexant SmartAudio service (SAService) . (.Conexant Systems, Inc..) - C:\Windows\System32\SASrv.exe =>.Conexant Systems, Inc.® SS - Auto [18/07/2017] [ 317408] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® SR - Auto [17/06/2015] [ 5495056] TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer® SR - Auto [25/03/2014] [ 71024] DCNTranProc (Tran_Process_Proc) . (...) - C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe =>.Farstone Technology Inc® SR - Auto [02/12/2015] [ 3832224] Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe =>.Intel Corporation-Wireless Connectivity Solutions® ---\\ Tâches planifiées en automatique (Registre) (4) - 1s O38 - TASK: {7E5D34EC-F570-41EF-8323-4FD0C760390C} [64Bits][\ASUS Live Update1] - (.ASUSTeK - .) -- C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920] =>.ASUSTeK O38 - TASK: {8BAAC1B5-EE10-468F-966F-2741FA6189C8} [64Bits][\ASUS Live Update2] - (.ASUSTeK - .) -- C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920] =>.ASUSTeK O38 - TASK: {A0380F9C-1E39-4685-92AB-D7135ECF0363} [64Bits][\Adobe Flash Player Updater] - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 28.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384] =>.Adobe Systems Incorporated O38 - TASK: {C8F153AE-4AEE-4A29-83BD-FE65EDFF7C33} [64Bits][\Update Checker] - (.ASUSTeK - .) -- C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920] =>.ASUSTeK ---\\ Applications lancées au démarrage du système (14) - 1s O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) -- C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows® O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe =>.Conexant Systems, Inc.® O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe =>.Conexant Systems, Inc.® O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - AvLaunch component.) -- C:\Program Files\AVAST Software\Avast\AvLaunch.exe =>.AVAST Software s.r.o.® O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe =>.Apple Inc.® O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud Services.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe =>.Apple Inc.® O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKCU\..\Run: [hubiC] . (.OVH - hubiC.) -- C:\Program Files\OVH\hubiC\hubiC.exe =>.OVH O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe =>.Wondershare software CO., LIMITED® O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows® O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows® O4 - HKUS\S-1-5-21-811882470-90441414-600605057-1001\..\Run: [iCloudServices] . (.Apple Inc. - iCloud Services.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe =>.Apple Inc.® O4 - HKUS\S-1-5-21-811882470-90441414-600605057-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKUS\S-1-5-21-811882470-90441414-600605057-1001\..\Run: [hubiC] . (.OVH - hubiC.) -- C:\Program Files\OVH\hubiC\hubiC.exe =>.OVH ---\\ Processus lancés (49) - 4s [MD5.273C8426CB8FCAF9BDAD04F59B080490] - (...) -- C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032] [PID.1580] =>.FarStone Technology® [MD5.2972D9B9B157025F988203DF6545401A] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe [341984] [PID.1992] =>.Intel(R) pGFX® [MD5.8B3F83F94CB94138CBF0DCC00046453C] - (.ASUSTek Computer Inc. - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [126616] [PID.2468] =>.ASUSTeK Computer Inc.® [MD5.89810E9E27C8BB0AFB01814523A76347] - (.ASUSTek Computer Inc. - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [107320] [PID.2516] =>.ASUSTeK Computer Inc.® [MD5.E3220A1A319ACBA9471E32CE22DD47F5] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [298648] [PID.2344] =>.ASUSTeK Computer Inc.® [MD5.38622FFE9369D3EC01C0097235BD9279] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984] [PID.3588] =>.Adobe Systems, Incorporated® [MD5.B5C2F92EE1106DFE7BB1CCE4D35B6037] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462096] [PID.3596] =>.Apple Inc.® [MD5.E0CBB79ADB89A233928AF60FB2B729DE] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768] [PID.3604] =>.Apple Inc.® [MD5.E254E4A24DFEAD22985124A9753125D5] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [640928] [PID.3640] =>.Intel Corporation-Wireless Connectivity Solutions® [MD5.BB6815A7650EB9CA27D6AE53D636C028] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\Windows\SysWOW64\esif_uf.exe [1392792] [PID.3656] =>.Intel(R) Software® [MD5.00000000000000000000000000000000] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Serv.) -- C:\WINDOWS\system32\ibtsiva.exe [0] [PID.3672] =>.Intel Corporation [MD5.ED5F7369D60C8927FA24E0B3974424AE] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [157088] [PID.3836] =>.Intel Corporation-Wireless Connectivity Solutions® [MD5.BAFB9AE5C3161B8CAE8A61D21255DFDE] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\Windows\Temp\DPTF\esif_assist_64.exe [257152] [PID.4084] =>.Intel(R) Software® [MD5.CAC3B57EC42019632BE9B1BEB0A5740F] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe [523232] [PID.3796] =>.Intel(R) pGFX® [MD5.2608EEE8B37844A314103B40372186C3] - (.ASUSTek Computer Inc. - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [224920] [PID.4496] =>.ASUSTeK Computer Inc.® [MD5.CA348B924C8AD0E26090384968BF7F98] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [439096] [PID.5132] =>.ASUSTeK Computer Inc.® [MD5.6D7FF5B0C5A6A921C48FB85EE59DC222] - (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe [599896] [PID.8516] =>.Conexant Systems, Inc.® [MD5.35E41ACEBA961F38CD38662B16B86EC3] - (.Apple Inc. - iCloud Services.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384] [PID.8560] =>.Apple Inc.® [MD5.7891EA436E353768BAA279317A597CA1] - (.AVAST Software - Avast Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [11080896] [PID.8664] =>.AVAST Software s.r.o.® [MD5.A72E79B12016B789F796BA267CCA05A9] - (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896] [PID.8676] =>.Apple Inc.® [MD5.AEE26DB6866A810A21D7A021B0CCEC06] - (.Apple Inc. - iCloud Drive.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392] [PID.8752] =>.Apple Inc.® [MD5.D6BB1D6FB8489143EF8D3B944A78C8F9] - (.Apple Inc. - iCloud Photo Library.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664] [PID.8920] =>.Apple Inc.® [MD5.7933BF970EB25F8105F773A9C293D508] - (.OVH - hubiC.) -- C:\Program Files\OVH\hubiC\hubiC.exe [3527168] [PID.9048] =>.OVH [MD5.C931242F950BC007C1E3D6F44858B06E] - (.Conexant Systems, Inc - SmartAudio.) -- C:\Program Files\CONEXANT\SAII\SmartAudio.exe [1077080] [PID.9732] =>.Conexant Systems, Inc.® [MD5.132ED6ED7A2F2B74A2DDEF754A8EE098] - (.ASUS - FlipService_GMR.) -- C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [14776] [PID.7496] =>.ASUSTeK Computer Inc.® [MD5.10CF9527E2F01405C5896BEE40107FEF] - (.Copyright © 2015 - FlipControlPTP.) -- C:\Program Files\ASUS\ASUS FlipLock\FlipControlPTP.exe [16312] [PID.6064] =>.ASUSTeK Computer Inc.® [MD5.4EFD5B805AD913355B4AF36A13A56A91] - (.Copyright © 2014 - FlipController_GMR_2.) -- C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe [28088] [PID.6132] =>.ASUSTeK Computer Inc.® [MD5.00000000000000000000000000000000] - (.Conexant Systems Inc. - Conexant Audio Message Service.) -- C:\Windows\system32\CxAudMsg64.exe [0] [PID.9348] =>.Conexant Systems Inc. [MD5.C6E0E37B6AC972400F29A4A5251D4AAA] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648] [PID.4012] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® [MD5.5AD9D814037E4B3171947140AFA35B36] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [415520] [PID.10620] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® [MD5.C726A4820272D89E85D12FE3294561D7] - (.Conexant Systems, Inc. - SmartAudio Service Application.) -- C:\Windows\System32\SASrv.exe [427224] [PID.7904] =>.Conexant Systems, Inc.® [MD5.D013AC1FB414C99FEEFB4C2AC1B82DEF] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056] [PID.6456] =>.TeamViewer® [MD5.1F9EE31770782886A3A3CF7C174765AF] - (...) -- C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024] [PID.5448] =>.Farstone Technology Inc® [MD5.412C8F4230C6335EB0C4554C872D28AF] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224] [PID.10360] =>.Intel Corporation-Wireless Connectivity Solutions® [MD5.93B8B00D6EACA1ADAFAD371D4BD6FE61] - (.Copyright © 2014 - WifiPowerManager.) -- C:\Program Files\ASUS\ASUS FlipLock\WifiPowerManager.exe [18872] [PID.10640] =>.ASUSTeK Computer Inc.® [MD5.68CE99F223CE358DE69BFDC86299CE1F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [445904] [PID.11228] =>.Mozilla Corporation® [MD5.68CE99F223CE358DE69BFDC86299CE1F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [445904] [PID.4184] =>.Mozilla Corporation® [MD5.68CE99F223CE358DE69BFDC86299CE1F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [445904] [PID.11136] =>.Mozilla Corporation® [MD5.68CE99F223CE358DE69BFDC86299CE1F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [445904] [PID.11232] =>.Mozilla Corporation® [MD5.D3CEB171C15D107B0F0562D3D2DC1E88] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2779896] [PID.11568] =>.ASUSTeK Computer Inc.® [MD5.8213094EA736A9C575AB0E22AD09B0BA] - (.Intel Corporation - Intel(R) Security Assist.) -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872] [PID.10344] =>.Intel Corporation [MD5.4EFD5B805AD913355B4AF36A13A56A91] - (.Copyright © 2014 - FlipController_GMR_2.) -- C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe [28088] [PID.11168] =>.ASUSTeK Computer Inc.® [MD5.68CE99F223CE358DE69BFDC86299CE1F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [445904] [PID.12660] =>.Mozilla Corporation® [MD5.68CE99F223CE358DE69BFDC86299CE1F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [445904] [PID.12672] =>.Mozilla Corporation® [MD5.68CE99F223CE358DE69BFDC86299CE1F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [445904] [PID.11856] =>.Mozilla Corporation® [MD5.BBBA5D9DE5DBB3FEA9B2521CD9548FAD] - (.The Document Foundation - LibreOffice Writer.) -- C:\Program Files\LibreOffice 5\program\swriter.exe [69224] [PID.8144] {08B8D3C136349C70F4D85813400F1D6C} =>.The Document Foundation [MD5.543037AC552681C39F00442EF52927B3] - (.The Document Foundation - LibreOffice.) -- C:\Program Files\LibreOffice 5\program\soffice.exe [63080] [PID.13168] {08B8D3C136349C70F4D85813400F1D6C} =>.The Document Foundation [MD5.AF9339E75FA2DA84737BF013099A09D0] - (.The Document Foundation - LibreOffice.) -- C:\Program Files\LibreOffice 5\program\soffice.bin [687720] [PID.8308] {08B8D3C136349C70F4D85813400F1D6C} =>.The Document Foundation [MD5.B0691C2D76AC07AA2D4B2CD5F529A34B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\mathi\Desktop\ZHPDiag3.exe [2967936] [PID.1768] =>.Nicolas Coolman ---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (23) - 6s P2 - EXT FILE: (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll =>.Adobe Systems, Incorporated® P2 - EXT FILE: (.Adobe Inc. - Acrobate Reader.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.FRA =>.Adobe Inc. P2 - EXT FILE: (.Tracker Software Products (Canada) Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npPDFXCviewNPPlugin.dll =>.Tracker Software Products (Canada) Ltd® P2 - EXT FILE: (.Grammarly for Firefox - Enhance your written communication eve.) -- C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi =>.Grammarly for Firefox P2 - EXT FILE: (...) -- C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\extensions\adblockultimate@adblockultimate.net.xpi P2 - EXT FILE: (...) -- C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\extensions\firefoxdav@icloud.com.xpi P2 - EXT FILE: (. - __MSG_appDesc__.) -- C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi P2 - EXT FILE: (.Avast Passwords - .) -- C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi =>.Avast Passwords P2 - EXT FILE: (.Avast Software s.r.o - __MSG_avastAppDesc__.) -- C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\extensions\sp@avast.com.xpi =>.Avast Software s.r.o P2 - EXT FILE: (.Avast Online Security - Avast Browser Security and Web Reputat.) -- C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\extensions\wrc@avast.com.xpi =>.Avast Online Security P2 - EXT FILE: (.Video DownloadHelper - Download Videos from the Web.) -- C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi =>.Video DownloadHelper P2 - EXT FILE: (.EverNote Corporation - __MSG_ExtensionDescription__.) -- C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\shield-recipe-client@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.Mozilla Corporation P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll =>.Adobe Systems Incorporated ---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (16) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/ =>.Microsoft Corporation R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.16299.15 (WinBuild.160101.0800)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation ---\\ Internet Explorer,Proxy Management (8) - 0s R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8080;https=127.0.0.1:8080 R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [1http=127.0.0.1:8080;https=127.0.0.1:8080] ---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s F2 - REG:system.ini: UserInit= F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet= ---\\ Etude du fichier hosts (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Internet Explorer, Barre d'outil (1) - 0s O3 - Toolbar: 0x00 - [HKLM]{BFD9D8A8-57FF-488A-B919-065EC77CF82F} . (...) -- C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll =>.Foxit Software Incorporated® ---\\ Raccourcis Global Startup (96) - 9s O4 - GS\Desktop [Administrateur]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\Desktop [Administrateur]: Multi Virus Cleaner 2018.lnk . (.AxBx - Détecte et supprime les principaux virus, v.) C:\Program Files (x86)\AxBx\Multi Virus Cleaner 2018\MVC.exe {104A11F5C580B573AE9FC8DF4F80E92E} =>.AxBx O4 - GS\Desktop [Administrateur]: PhotoFiltre Studio X.lnk . (.PhotoFiltre - PhotoFiltre Studio X.) C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe =>.PhotoFiltre O4 - GS\Desktop [Administrateur]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\mathi\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mathi\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrateur]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\sendTo [Administrateur]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Administrateur]: Evernote.lnk . (.Evernote Corp., 305 Walnut Street, Redwood City, CA 9 - Evernote.) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe =>.EVERNOTE CORPORATION® O4 - GS\sendTo [Administrateur]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Administrateur]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl® O4 - GS\sendTo [Administrateur]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer® O4 - GS\sendTo [Administrateur]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Programs [Administrateur]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\Programs [Administrateur]: Desktop Toasts App.lnk . (...) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSWin8Toa.exe O4 - GS\Programs [Administrateur]: Eye Care Switcher.lnk . (...) C:\Program Files (x86)\ASUS\Splendid\Eye Care Switcher.exe =>.ASUSTeK O4 - GS\Programs [Administrateur]: Fonctionnalités optionnelles.lnk . (.Microsoft Corporation - Assistance des fonctionnalités à la demande.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation O4 - GS\Desktop [mathi]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\Desktop [mathi]: Multi Virus Cleaner 2018.lnk . (.AxBx - Détecte et supprime les principaux virus, v.) C:\Program Files (x86)\AxBx\Multi Virus Cleaner 2018\MVC.exe {104A11F5C580B573AE9FC8DF4F80E92E} =>.AxBx O4 - GS\Desktop [mathi]: PhotoFiltre Studio X.lnk . (.PhotoFiltre - PhotoFiltre Studio X.) C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe =>.PhotoFiltre O4 - GS\Desktop [mathi]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\mathi\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman O4 - GS\Desktop [mathi]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mathi\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [mathi]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\sendTo [mathi]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [mathi]: Evernote.lnk . (.Evernote Corp., 305 Walnut Street, Redwood City, CA 9 - Evernote.) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe =>.EVERNOTE CORPORATION® O4 - GS\sendTo [mathi]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [mathi]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl® O4 - GS\sendTo [mathi]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer® O4 - GS\sendTo [mathi]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [mathi]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Programs [mathi]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\Programs [mathi]: Desktop Toasts App.lnk . (...) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSWin8Toa.exe O4 - GS\Programs [mathi]: Eye Care Switcher.lnk . (...) C:\Program Files (x86)\ASUS\Splendid\Eye Care Switcher.exe =>.ASUSTeK O4 - GS\Programs [mathi]: Fonctionnalités optionnelles.lnk . (.Microsoft Corporation - Assistance des fonctionnalités à la demande.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation O4 - GS\Desktop [WDAGUtilityAccount]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\Desktop [WDAGUtilityAccount]: Multi Virus Cleaner 2018.lnk . (.AxBx - Détecte et supprime les principaux virus, v.) C:\Program Files (x86)\AxBx\Multi Virus Cleaner 2018\MVC.exe {104A11F5C580B573AE9FC8DF4F80E92E} =>.AxBx O4 - GS\Desktop [WDAGUtilityAccount]: PhotoFiltre Studio X.lnk . (.PhotoFiltre - PhotoFiltre Studio X.) C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe =>.PhotoFiltre O4 - GS\Desktop [WDAGUtilityAccount]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\mathi\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman O4 - GS\Desktop [WDAGUtilityAccount]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mathi\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [WDAGUtilityAccount]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\sendTo [WDAGUtilityAccount]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [WDAGUtilityAccount]: Evernote.lnk . (.Evernote Corp., 305 Walnut Street, Redwood City, CA 9 - Evernote.) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe =>.EVERNOTE CORPORATION® O4 - GS\sendTo [WDAGUtilityAccount]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [WDAGUtilityAccount]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl® O4 - GS\sendTo [WDAGUtilityAccount]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer® O4 - GS\sendTo [WDAGUtilityAccount]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [WDAGUtilityAccount]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Programs [WDAGUtilityAccount]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\Programs [WDAGUtilityAccount]: Desktop Toasts App.lnk . (...) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSWin8Toa.exe O4 - GS\Programs [WDAGUtilityAccount]: Eye Care Switcher.lnk . (...) C:\Program Files (x86)\ASUS\Splendid\Eye Care Switcher.exe =>.ASUSTeK O4 - GS\Programs [WDAGUtilityAccount]: Fonctionnalités optionnelles.lnk . (.Microsoft Corporation - Assistance des fonctionnalités à la demande.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation O4 - GS\CommonDesktop [Public]: Achat de consommables - HP DeskJet 3700 series.lnk . (.HP Inc. - .) C:\Program Files (x86)\HP\HP DeskJet 3700 series\Bin\hpqDTSS.exe =>.HP Inc. O4 - GS\CommonDesktop [Public]: Acrobat Reader DC.lnk . (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated® O4 - GS\CommonDesktop [Public]: ASUS HiPost.lnk . (.Copyright © 2015 - ASUS HiPost.) C:\Program Files (x86)\ASUS\ASUS HiPost\SmartClipboardASUS.exe O4 - GS\CommonDesktop [Public]: Avast Antivirus Gratuit.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\avastui.exe =>.AVAST Software s.r.o.® O4 - GS\CommonDesktop [Public]: Evernote.lnk . (...) C:\WINDOWS\Installer\{65B334F4-9E45-11E7-A6A5-005056951CAD}\Evernote.ico O4 - GS\CommonDesktop [Public]: Eye Care Switcher.Lnk . (...) C:\Program Files (x86)\ASUS\Splendid\Eye Care Switcher.exe =>.ASUSTeK O4 - GS\CommonDesktop [Public]: Foxit PhantomPDF.lnk . (.Foxit Software Inc. - Foxit PhantomPDF 9.0.) C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDF.exe =>.Foxit Software Incorporated® O4 - GS\CommonDesktop [Public]: HP Deskjet 2050 J510 series.lnk . (.Hewlett-Packard Co. - .) C:\Program Files (x86)\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe -Start UDCDevicePage =>.Hewlett-Packard Co. O4 - GS\CommonDesktop [Public]: HP DeskJet 3700 series.lnk . (.HP Inc. - .) C:\Program Files (x86)\HP\HP DeskJet 3700 series\Bin\HP DeskJet 3700 series.exe -Start UDCDevicePage =>.HP Inc. O4 - GS\CommonDesktop [Public]: HP Print and Scan Doctor.lnk . (...) C:\Program Files (x86)\HP\Diagnostics\PSDR\HPPSDr.exe {0375245BFA2FCF3DE7FEE078C9FF9890} O4 - GS\CommonDesktop [Public]: hubiC.lnk . (.OVH - .) C:\Program Files (x86)\OVH\hubiC\hubiC.exe run --showsync =>.OVH O4 - GS\CommonDesktop [Public]: iTunes.lnk . (.Apple Inc. - .) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc. O4 - GS\CommonDesktop [Public]: LibreOffice 5.4.lnk . (.The Document Foundation - .) C:\Program Files (x86)\LibreOffice 5\program\soffice.exe =>.The Document Foundation O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\CommonDesktop [Public]: PDF-Viewer.lnk . (.Tracker Software Products (Canada) Ltd. - PDF-XChange Viewer.) C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe =>.Tracker Software Products (Canada) Ltd® O4 - GS\CommonDesktop [Public]: RogueKiller.lnk . (.Adlice Software - Anti-malware remediation tool.) C:\Program Files\RogueKiller\RogueKiller64.exe =>.Adlice® O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\WINDOWS\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe =>.Skype Technologies O4 - GS\CommonDesktop [Public]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer® O4 - GS\Programs [Public]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\Programs [Public]: Desktop Toasts App.lnk . (...) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSWin8Toa.exe O4 - GS\Programs [Public]: Eye Care Switcher.lnk . (...) C:\Program Files (x86)\ASUS\Splendid\Eye Care Switcher.exe =>.ASUSTeK O4 - GS\Programs [Public]: Fonctionnalités optionnelles.lnk . (.Microsoft Corporation - Assistance des fonctionnalités à la demande.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\internet explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Acrobat Reader DC.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico =>.Flexera Software LLC O4 - GS\ProgramsCommon [Public]: Apple Software Update.lnk . (...) C:\WINDOWS\Installer\{19589375-5C58-4AFA-842F-8B34744CCEAD}\AppleSoftwareUpdateIco.exe =>.Apple Inc. O4 - GS\ProgramsCommon [Public]: ASUS GIFTBOX.lnk . (.ASUSTek Computer Inc - ASUS GIFTBOX.) C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe store:default =>.ASUSTek Computer Inc O4 - GS\ProgramsCommon [Public]: Avast Antivirus Gratuit.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\avastui.exe =>.AVAST Software s.r.o.® O4 - GS\ProgramsCommon [Public]: hubiC.lnk . (.OVH - .) C:\Program Files (x86)\OVH\hubiC\hubiC.exe =>.OVH O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Intel(R) HD Graphics Control Panel.lnk . (...) C:\Windows\system32\GfxUIEx.exe O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\ProgramsCommon [Public]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer® O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation ---\\ Modification Domaine/Adresses DNS (3) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1 =>.Private IP O17 - HKLM\System\CCS\Services\Tcpip\..\{b46187da-592a-4f1f-854a-1a65506a6c3e}: DhcpNameServer = 172.20.10.1 =>.Private IP O17 - HKLM\System\CCS\Services\Tcpip\..\{e0d35f1e-9ed2-44f3-add6-98445d6a1c51}: DhcpNameServer = 172.20.10.1 =>.Private IP ---\\ Protocole additionnel (22) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ---\\ Logiciels installés (72) - 9s O42 - Logiciel: 7-Zip 16.04 - (.Igor Pavlov.) [HKLM][64Bits] -- 7-Zip =>.Igor Pavlov O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Flash Player 28 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824245926} =>.Adobe Systems Incorporated O42 - Logiciel: Alcor Micro USB Card Reader Driver - (.Alcor Micro Corp..) [HKLM][64Bits] -- {5013D154-A876-4AE4-B4A6-43C3B39BF174} =>.Alcor Micro Corp. O42 - Logiciel: Alcor Micro USB Card Reader Driver - (.Alcor Micro Corp..) [HKLM][64Bits] -- InstallShield_{5013D154-A876-4AE4-B4A6-43C3B39BF174} =>.Alcor Micro Corp. O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] -- {BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA} =>.Apple Inc. O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] -- {F0C4B709-8BF4-4A72-B527-12E7BF5482F8} =>.Apple Inc. O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {BD6778C5-6FA5-492A-ADD6-E706339C2A7B} =>.Apple Inc. O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {19589375-5C58-4AFA-842F-8B34744CCEAD} =>.Apple Inc. O42 - Logiciel: ASUS FlipLock - (.ASUS.) [HKLM][64Bits] -- {7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD} =>.ASUS O42 - Logiciel: ASUS GIFTBOX - (.ASUS.) [HKLM][64Bits] -- ASUS GIFTBOX =>.ASUS O42 - Logiciel: ASUS HiPost - (.ASUS.) [HKLM][64Bits] -- {04768366-F421-4BA5-8423-B84F644B5249} =>.ASUS O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM][64Bits] -- {FA540E67-095C-4A1B-97BA-4D547DEC9AF4} =>.ASUS O42 - Logiciel: ASUS PTP Driver - (.ASUS.) [HKLM][64Bits] -- {7618E419-9124-4E6C-9AF4-487A6DDEC1C5} =>.ASUS O42 - Logiciel: ASUS Splendid Video Enhancement Technology - (.ASUS.) [HKLM][64Bits] -- {0969AF05-4FF6-4C00-9406-43599238DE0D} =>.ASUS O42 - Logiciel: ASUS USB Charger Plus - (.ASUS.) [HKLM][64Bits] -- {A859E3E5-C62F-4BFA-AF1D-2B95E03166AF} =>.ASUS O42 - Logiciel: ATK Package - (.ASUS.) [HKLM][64Bits] -- {AB5C933E-5C7D-4D30-B314-9C83A49B94BE} =>.ASUS O42 - Logiciel: AudioWizard - (.ICEpower a/s.) [HKLM][64Bits] -- {57E770A2-2BAF-4CAA-BAA3-BD896E2254D3} =>.ICEpower a/s O42 - Logiciel: Avast Antivirus Gratuit - (.AVAST Software.) [HKLM][64Bits] -- Avast Antivirus =>.AVAST Software s.r.o.® O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc. O42 - Logiciel: Chromium - (.Chromium.) [HKCU][64Bits] -- Chromium =>.Chromium O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA =>.Conexant Systems, Inc.® O42 - Logiciel: ConvertHelper 3.2 - (.DownloadHelper.) [HKLM][64Bits] -- {27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1 =>.DownloadHelper O42 - Logiciel: Device Setup - (.ASUSTek Computer Inc..) [HKLM][64Bits] -- {8D6B05E0-F457-408C-9D13-549334D8FAE1} =>.ASUSTek Computer Inc. O42 - Logiciel: Étude pour l'amélioration du produit HP DeskJet 3700 series - (.HP Inc..) [HKLM][64Bits] -- {BE9A9467-2978-49B4-BE1C-D9C766EF4C76} =>.HP Inc. O42 - Logiciel: Evernote v. 6.7.5 - (.Evernote Corp..) [HKLM][64Bits] -- {65B334F4-9E45-11E7-A6A5-005056951CAD} =>.Evernote Corp. O42 - Logiciel: Foxit PhantomPDF - (.Foxit Software Inc..) [HKLM][64Bits] -- {7BDAB862-E01F-11E7-986C-000C296BF29B} =>.Foxit Software Inc. O42 - Logiciel: HP DeskJet 3700 series Aide - (.HP.) [HKLM][64Bits] -- {CDCD1F51-D1D8-4B3B-B1EF-9E5C370D0C7B} =>.HP O42 - Logiciel: HP Dropbox Plugin - (.HP.) [HKLM][64Bits] -- {6401399A-F5DA-4C04-87AA-E8107DF00751} =>.HP O42 - Logiciel: HP Google Drive Plugin - (.HP.) [HKLM][64Bits] -- {63BCC696-0FB4-4E9C-8144-2DA4F248FC17} =>.HP O42 - Logiciel: HPDiagnosticCoreDll - (.Hewlett Packard.) [HKLM][64Bits] -- {9262B08F-E183-4FED-A2BD-23FF1A84EB79} =>.Hewlett Packard O42 - Logiciel: hubiC - (.OVH.) [HKLM][64Bits] -- {51fea8cc-5bb6-4312-86f5-1802a10e030d} =>.OVH SAS® O42 - Logiciel: hubiC - x64 - (.OVH.) [HKLM][64Bits] -- {CE2A3177-F286-4F6A-9694-DE8EED87D583} =>.OVH O42 - Logiciel: iCloud - (.Apple Inc..) [HKLM][64Bits] -- {99868C9C-C141-4DDE-A2C7-9DDF00F68F17} =>.Apple Inc. O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {0510CB0D-9F58-4F9A-A4AC-823CDE2F4849} =>.Intel Corporation O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel(R) Corporation.) [HKLM][64Bits] -- {d4874f67-8c81-475b-91e0-8de9b2892499} =>.Intel(R) Software and Firmware Products® O42 - Logiciel: Intel(R) Dynamic Platform and Thermal Framework - (.Intel Corporation.) [HKLM][64Bits] -- {654EE65D-FAA4-4EA6-8C07-DC94E6A304D4} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {62260D0F-633D-4B77-B394-BB57DF7223D9} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {EA30CEC3-9CC5-4C80-AE8E-209A6F894961} =>.Intel Corporation O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {3DF3AC42-174D-4915-9ED2-448AD4338B83} =>.Intel Corporation O42 - Logiciel: Intel(R) PRO/Wireless Driver - (.Intel Corporation.) [HKLM][64Bits] -- {2b192f1e-b8b6-4ea8-9eb0-31dae50e7dbd} =>.Intel Corporation O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel(R) pGFX® O42 - Logiciel: Intel(R) Serial IO - (.Intel Corporation.) [HKLM][64Bits] -- {30E935B2-0DAC-455E-AC76-3C8504DC3D18} =>.Intel Corporation O42 - Logiciel: Intel(R) Serial IO - (.Intel Corporation.) [HKLM][64Bits] -- {9FD91C5C-44AE-4D9D-85BE-AE52816B0294} =>.Intel Corporation O42 - Logiciel: Intel(R) WiDi - (.Intel Corporation.) [HKLM][64Bits] -- {6C02A234-7A14-4737-9D89-B0C47A64F94E} =>.Intel Corporation O42 - Logiciel: Intel(R) WiDi Software Asset Manager - (.Intel Corporation.) [HKLM][64Bits] -- {AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2} =>.Intel Corporation O42 - Logiciel: Intel(R) Wireless Bluetooth(R) - (.Intel Corporation.) [HKLM][64Bits] -- {4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265} =>.Intel Corporation O42 - Logiciel: Intel® Integrated Sensor Solution - (.Intel Corporation.) [HKLM][64Bits] -- {755abcd0-2942-482b-a27d-22921a5849f0} =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O42 - Logiciel: Intel® PROSet/Wireless Software - (.Intel Corporation.) [HKLM][64Bits] -- {03635e3e-3e57-4d80-9c7d-80c9f62bfc80} =>.Intel Corporation-Wireless Connectivity Solutions® O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {095DA4E9-7BDA-4A1E-B68E-326A9FBD43A9} =>.Intel Corporation O42 - Logiciel: Intel® Security Assist - (.Intel Corporation.) [HKLM][64Bits] -- {4B230374-6475-4A73-BA6E-41015E9C5013} =>.Intel Corporation O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {7D84E343-A23D-451C-B123-0195B2D903A6} =>.Intel Corporation O42 - Logiciel: ISS_Drivers_x64 - (.Intel Corporation.) [HKLM][64Bits] -- {7E28859E-AD3D-4FC2-8D70-E345F8C87722} =>.Intel Corporation O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {F3D76007-5A86-4D79-AFF5-103760F02B60} =>.Apple Inc. O42 - Logiciel: LibreOffice 5.4.3.2 - (.The Document Foundation.) [HKLM][64Bits] -- {5FFD3D4F-8AA0-4C6F-8B3C-AB0D8CD297C9} =>.The Document Foundation O42 - Logiciel: Logiciel de base du périphérique HP Deskjet 2050 J510 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {B7F83103-C83C-4081-B9B7-50FC6A6F929E} =>.Hewlett-Packard Co. O42 - Logiciel: Logiciel de base du périphérique HP DeskJet 3700 series - (.HP Inc..) [HKLM][64Bits] -- {753849E2-17C3-4092-A64C-FEB1F25A11BE} =>.HP Inc. O42 - Logiciel: Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtensio - (.Microsoft Corporation.) [HKLM][64Bits] -- {B0169E83-757B-EF66-E2F0-391944D785BC} =>.Microsoft Corporation O42 - Logiciel: Mozilla Firefox 57.0.4 (x64 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 57.0.4 (x64 fr) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: Multi Virus Cleaner 2018 - (.AxBx.) [HKLM][64Bits] -- Multi Virus Cleaner 2018_is1 {104A11F5C580B573AE9FC8DF4F80E92E} =>.AxBx O42 - Logiciel: PDF-Viewer - (.Tracker Software Products Ltd.) [HKLM][64Bits] -- {A278382D-4F1B-4D47-9885-8523F7261E8D}_is1 =>.Tracker Software Products (Canada) Ltd® O42 - Logiciel: PhotoFiltre Studio X - (.Antonio Da Cruz.) [HKCU][64Bits] -- PhotoFiltre Studio X =>.Antonio Da Cruz O42 - Logiciel: RogueKiller version 12.12.0.0 - (.Adlice Software.) [HKLM][64Bits] -- 8B3D7924-ED89-486B-8322-E8594065D5CB_is1 =>.Adlice® O42 - Logiciel: Skype™ 7.40 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {3B7E914A-93D5-4A29-92BB-AF8C3F66C431} =>.Skype Technologies S.A. O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer =>.TeamViewer® O42 - Logiciel: TotalRecovery Pro - (.FarStone Inc..) [HKLM][64Bits] -- TotalRecovery =>.FarStone Technology® O42 - Logiciel: Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (02/25/2016 11.0.0.8) - (.ASUS.) [HKLM][64Bits] -- C876BE7978CF162DC7BA3966A7B8C3A1A33FFB83 =>.ASUSTeK Computer Inc.® O42 - Logiciel: WinFlash - (.ASUS.) [HKLM][64Bits] -- {8F21291E-0444-4B1D-B9F9-4370A73E346D} =>.ASUS O42 - Logiciel: Wondershare Helper Compact 2.5.2 - (.Wondershare.) [HKLM][64Bits] -- {5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1 =>.Wondershare ---\\ HKCU & HKLM Software Keys (118) - 9s HKLM\SOFTWARE\7-Zip =>.Igor Pavlov HKLM\SOFTWARE\Adobe =>.Adobe HKLM\SOFTWARE\Apple Inc. =>.Apple Inc. HKLM\SOFTWARE\ASUS =>.ASUS HKLM\SOFTWARE\AVAST Software =>.AVAST Software HKLM\SOFTWARE\Conexant =>.Conexant HKLM\SOFTWARE\DownloadHelper =>.DownloadHelper HKLM\SOFTWARE\ECAREME =>.Ecareme HKLM\SOFTWARE\Evernote =>.Evernote HKLM\SOFTWARE\FarStone =>.FarStone HKLM\SOFTWARE\Foxit Software =>.Foxit Software HKLM\SOFTWARE\Google =>.Google HKLM\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard HKLM\SOFTWARE\HP =>.HP HKLM\SOFTWARE\Hummingbird HKLM\SOFTWARE\IM Providers =>.IM Providers HKLM\SOFTWARE\Intel =>.Intel HKLM\SOFTWARE\Khronos =>.Khronos HKLM\SOFTWARE\Kingsoft =>.Kingosoft Technology Ltd HKLM\SOFTWARE\Macromedia =>.Macromedia HKLM\SOFTWARE\McAfee =>.McAfee Inc. HKLM\SOFTWARE\Mozilla =>.Mozilla HKLM\SOFTWARE\mozilla.org =>.mozilla.org HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions HKLM\SOFTWARE\PEPrinter =>.Legitimate HKLM\SOFTWARE\Skype =>.Skype HKLM\SOFTWARE\TeamViewer =>.TeamViewer HKLM\SOFTWARE\Visan =>.Visan Software HKLM\SOFTWARE\WafCX =>.WafCX HKLM\SOFTWARE\WildTangent =>.WildTangent HKLM\SOFTWARE\Wondershare =>.Wondershare HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation HKLM\SOFTWARE\WOW6432Node\7-Zip =>.Igor Pavlov HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe HKLM\SOFTWARE\WOW6432Node\Apple Inc. =>.Apple Inc. HKLM\SOFTWARE\WOW6432Node\ASUS =>.ASUS HKLM\SOFTWARE\WOW6432Node\AVAST Software =>.AVAST Software HKLM\SOFTWARE\WOW6432Node\Conexant =>.Conexant HKLM\SOFTWARE\WOW6432Node\DownloadHelper =>.DownloadHelper HKLM\SOFTWARE\WOW6432Node\ECAREME =>.Ecareme HKLM\SOFTWARE\WOW6432Node\Evernote =>.Evernote HKLM\SOFTWARE\WOW6432Node\FarStone =>.FarStone HKLM\SOFTWARE\WOW6432Node\Foxit Software =>.Foxit Software HKLM\SOFTWARE\WOW6432Node\Google =>.Google HKLM\SOFTWARE\WOW6432Node\Hewlett-Packard =>.Hewlett-Packard HKLM\SOFTWARE\WOW6432Node\HP =>.HP HKLM\SOFTWARE\WOW6432Node\Hummingbird HKLM\SOFTWARE\WOW6432Node\IM Providers =>.IM Providers HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos HKLM\SOFTWARE\WOW6432Node\Kingsoft =>.Kingosoft Technology Ltd HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia HKLM\SOFTWARE\WOW6432Node\McAfee =>.McAfee Inc. HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla HKLM\SOFTWARE\WOW6432Node\mozilla.org =>.mozilla.org HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions HKLM\SOFTWARE\WOW6432Node\PEPrinter =>.Legitimate HKLM\SOFTWARE\WOW6432Node\Skype =>.Skype HKLM\SOFTWARE\WOW6432Node\TeamViewer =>.TeamViewer HKLM\SOFTWARE\WOW6432Node\Visan =>.Visan Software HKLM\SOFTWARE\WOW6432Node\WafCX =>.WafCX HKLM\SOFTWARE\WOW6432Node\WildTangent =>.WildTangent HKLM\SOFTWARE\WOW6432Node\Wondershare =>.Wondershare HKLM\SOFTWARE\WOW6432Node\WOW6432Node =>.Microsoft Corporation HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation HKCU\SOFTWARE\7-Zip =>.Igor Pavlov HKCU\SOFTWARE\Adobe =>.Adobe HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. =>.Apple Inc. HKCU\SOFTWARE\ASUS =>.ASUS HKCU\SOFTWARE\AVAST Software =>.AVAST Software HKCU\SOFTWARE\Avira =>.Avira HKCU\SOFTWARE\Browser Cleanup HKCU\SOFTWARE\Chromium =>.Chromium HKCU\SOFTWARE\cks =>.Legitimate HKCU\SOFTWARE\Conexant =>.Conexant HKCU\SOFTWARE\DropboxUpdate =>.Dropbox Inc. HKCU\SOFTWARE\Evernote =>.Evernote HKCU\SOFTWARE\Foxit Software =>.Foxit Software HKCU\SOFTWARE\Google =>.Google HKCU\SOFTWARE\HDID HKCU\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard HKCU\SOFTWARE\HP =>.HP HKCU\SOFTWARE\IM Providers =>.IM Providers HKCU\SOFTWARE\InstallShield =>.InstallShield HKCU\SOFTWARE\Intel =>.Intel HKCU\SOFTWARE\Kingsoft =>.Kingosoft Technology Ltd HKCU\SOFTWARE\KLive =>.Games Software HKCU\SOFTWARE\KsoLogViewer HKCU\SOFTWARE\Mozilla =>.Mozilla HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins HKCU\SOFTWARE\Netscape =>.Netscape HKCU\SOFTWARE\NetVoyage HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions HKCU\SOFTWARE\OVH =>.OVH HKCU\SOFTWARE\PCurVersion HKCU\SOFTWARE\PhotoFiltre Studio X =>.Antonio Da Cruz HKCU\SOFTWARE\ProtectedStorage =>.Microsoft Corporation HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation HKCU\SOFTWARE\roamingdevice =>.Unknown HKCU\SOFTWARE\Skype =>.Skype HKCU\SOFTWARE\skypeapp-c066fb0ac4e9 =>.Skype Technologies HKCU\SOFTWARE\SubSystems =>.Sub Systems Inc HKCU\SOFTWARE\SyncEngines =>.Microsoft Corporation HKCU\SOFTWARE\SysInternals =>.Sysinternals HKCU\SOFTWARE\The Document Foundation =>.The Document Foundation HKCU\SOFTWARE\Tracker Software =>.Tracker Software HKCU\SOFTWARE\Trolltech =>.Trolltech HKCU\SOFTWARE\Visan =>.Visan Software HKCU\SOFTWARE\Wintertree =>.Wintertree Software HKCU\SOFTWARE\Wondershare =>.Wondershare HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation HKCU\SOFTWARE\ZHP =>.Nicolas Coolman HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation ---\\ Contenu des dossiers Programmes (248) - 6s O43 - CFD: 07/07/2017 - [] D -- C:\Program Files\ASUS =>.ASUSTeK Computer Inc.® O43 - CFD: 09/11/2017 - [] D -- C:\Program Files\AVAST Software =>.AVAST Software s.r.o.® O43 - CFD: 26/07/2017 - [] AD -- C:\Program Files\Bonjour =>.Apple Inc. O43 - CFD: 29/01/2018 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\Program Files\CONEXANT =>.Conexant O43 - CFD: 07/11/2017 - [] D -- C:\Program Files\ConvertHelper3 =>.Downloadhelper.net O43 - CFD: 07/07/2017 - [] D -- C:\Program Files\DIFX =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [0] SHD -- C:\Program Files\Fichiers communs =>.Microsoft Corporation O43 - CFD: 13/09/2017 - [] D -- C:\Program Files\HP =>.Hewlett-Packard O43 - CFD: 23/10/2017 - [] D -- C:\Program Files\Intel =>.Intel Corporation O43 - CFD: 23/10/2017 - [] D -- C:\Program Files\Intel Corporation =>.Intel Corporation O43 - CFD: 14/01/2018 - [] D -- C:\Program Files\internet explorer =>.Microsoft Corporation O43 - CFD: 17/12/2017 - [] D -- C:\Program Files\iPod =>.Apple Inc.® O43 - CFD: 17/12/2017 - [] D -- C:\Program Files\iTunes =>.Apple Inc. O43 - CFD: 11/12/2017 - [] D -- C:\Program Files\LibreOffice 5 =>.LibreOffice O43 - CFD: 29/01/2018 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation O43 - CFD: 29/01/2018 - [] D -- C:\Program Files\Microsoft Office 15 =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\Program Files\OVH =>.OVH O43 - CFD: 23/10/2017 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation O43 - CFD: 21/01/2018 - [] D -- C:\Program Files\RogueKiller =>.Adlice Software O43 - CFD: 31/07/2017 - [] AD -- C:\Program Files\Tracker Software =>.Tracker Software O43 - CFD: 24/03/2016 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation O43 - CFD: 14/12/2017 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\Program Files\windows nt =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Security =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] SHD -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation O43 - CFD: 20/01/2018 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\WindowsPowerShell =>.Microsoft Corporation O43 - CFD: 20/09/2017 - [] AD -- C:\Program Files (x86)\7-Zip =>.Igor Pavlov O43 - CFD: 02/10/2017 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated® O43 - CFD: 07/07/2017 - [] AD -- C:\Program Files (x86)\AmUStor =>.Alocr Micro O43 - CFD: 17/12/2017 - [] D -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc. O43 - CFD: 07/07/2017 - [] D -- C:\Program Files (x86)\ASUS =>.ASUSTeK Computer Inc.® O43 - CFD: 03/09/2017 - [] D -- C:\Program Files (x86)\Avira =>.Avira Software O43 - CFD: 03/09/2017 - [] D -- C:\Program Files (x86)\AxBx =>.AxBx® O43 - CFD: 26/07/2017 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc. O43 - CFD: 07/07/2017 - [] AD -- C:\Program Files (x86)\Cisco =>.Cisco Systems, Inc. O43 - CFD: 04/01/2018 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\Program Files (x86)\Evernote =>.EverNote Corporation O43 - CFD: 07/07/2017 - [] D -- C:\Program Files (x86)\FarStone =>.FarStone O43 - CFD: 20/01/2018 - [] D -- C:\Program Files (x86)\Foxit Software =>.Foxit Software O43 - CFD: 19/12/2017 - [] AD -- C:\Program Files (x86)\HP =>.Hewlett-Packard O43 - CFD: 07/07/2017 - [] D -- C:\Program Files (x86)\ICEpower =>.ICEpower O43 - CFD: 07/07/2017 - [] D -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield O43 - CFD: 23/10/2017 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation O43 - CFD: 07/07/2017 - [] D -- C:\Program Files (x86)\Intel Corporation =>.Intel Corporation O43 - CFD: 14/01/2018 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\Program Files (x86)\Kingsoft =>.Kingosoft Technology Ltd O43 - CFD: 29/01/2018 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation O43 - CFD: 29/01/2018 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation O43 - CFD: 06/01/2018 - [] AD -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla O43 - CFD: 06/01/2018 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla O43 - CFD: 23/10/2017 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation O43 - CFD: 04/01/2018 - [] D -- C:\Program Files (x86)\MSECache =>.Microsoft Corporation O43 - CFD: 30/12/2017 - [] D -- C:\Program Files (x86)\PhotoFiltre Studio X =>.Antonio Da Cruz O43 - CFD: 23/10/2017 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation O43 - CFD: 23/09/2017 - [] RD -- C:\Program Files (x86)\Skype =>.Skype O43 - CFD: 21/01/2018 - [] AD -- C:\Program Files (x86)\TeamViewer =>.TeamViewer GmbH O43 - CFD: 07/07/2017 - [0] HD -- C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation O43 - CFD: 30/09/2017 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] D -- C:\Program Files (x86)\windows nt =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] SHD -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] D -- C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip =>.Igor Pavlov O43 - CFD: 29/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation O43 - CFD: 14/12/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools O43 - CFD: 23/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS =>.ASUS O43 - CFD: 23/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant =>.Conexant O43 - CFD: 17/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote =>.EverNote Corporation O43 - CFD: 23/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FarStone =>.FarStone O43 - CFD: 20/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF =>.Foxit Corporation O43 - CFD: 09/11/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation O43 - CFD: 19/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP =>.Hewlett-Packard O43 - CFD: 23/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower =>.ICEpower O43 - CFD: 17/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud =>.Apple Inc. O43 - CFD: 23/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation =>.Intel Corporation O43 - CFD: 17/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes =>.Apple Inc. O43 - CFD: 11/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4 =>.LibreOffice O43 - CFD: 29/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation O43 - CFD: 18/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi Virus Cleaner 2018 O43 - CFD: 23/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer =>.Tracker Software O43 - CFD: 21/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller =>.Adlice Software O43 - CFD: 23/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype O43 - CFD: 29/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology O43 - CFD: 22/01/2018 - [] D -- C:\ProgramData\Adobe =>.Adobe O43 - CFD: 07/07/2017 - [] D -- C:\ProgramData\AmUStor =>.Alocr Micro O43 - CFD: 26/07/2017 - [] D -- C:\ProgramData\Apple =>.Apple Inc. O43 - CFD: 26/07/2017 - [] D -- C:\ProgramData\Apple Computer =>.Apple Inc. O43 - CFD: 23/10/2017 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\ProgramData\AsTouchPanel =>.ASUSTeK O43 - CFD: 07/07/2017 - [] D -- C:\ProgramData\ASUS WebStorage =>.ASUSTeK O43 - CFD: 09/11/2017 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software O43 - CFD: 30/08/2017 - [] D -- C:\ProgramData\Avira =>.Avira Software O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\BlueStacks =>.BlueStack Systems, Inc. O43 - CFD: 07/07/2017 - [0] SHD -- C:\ProgramData\Bureau =>.Microsoft Corporation O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\ProgramData\Conexant =>.Conexant O43 - CFD: 23/10/2017 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\ProgramData\FarStone =>.FarStone O43 - CFD: 20/01/2018 - [] D -- C:\ProgramData\Foxit Software =>.Foxit Software O43 - CFD: 19/12/2017 - [] AD -- C:\ProgramData\HP =>.Hewlett-Packard O43 - CFD: 04/01/2018 - [] D -- C:\ProgramData\InstallShield =>.InstallShield O43 - CFD: 07/07/2017 - [] D -- C:\ProgramData\Intel =>.Intel Corporation O43 - CFD: 07/07/2017 - [] D -- C:\ProgramData\Intel Corporation =>.Intel Corporation O43 - CFD: 07/07/2017 - [] D -- C:\ProgramData\Intel.sav =>.Intel Corporation O43 - CFD: 07/12/2017 - [] D -- C:\ProgramData\Kingsoft =>.Kingosoft Technology Ltd O43 - CFD: 07/07/2017 - [0] SHD -- C:\ProgramData\Menu Démarrer =>.Microsoft Corporation O43 - CFD: 08/11/2017 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [0] SHD -- C:\ProgramData\Modèles =>.Microsoft Corporation O43 - CFD: 04/08/2017 - [0] D -- C:\ProgramData\office6 O43 - CFD: 20/01/2018 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation O43 - CFD: 22/01/2018 - [] D -- C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc. O43 - CFD: 29/01/2018 - [0] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\ProgramData\Roaming =>.Microsoft Corporation O43 - CFD: 21/01/2018 - [] D -- C:\ProgramData\RogueKiller =>.Adlice Software O43 - CFD: 14/11/2017 - [] D -- C:\ProgramData\Skype =>.Skype O43 - CFD: 29/09/2017 - [0] D -- C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation O43 - CFD: 20/01/2018 - [0] D -- C:\ProgramData\SolidDocuments =>.SolidDocuments O43 - CFD: 29/01/2018 - [0] D -- C:\ProgramData\SWCUTemp O43 - CFD: 07/07/2017 - [] D -- C:\ProgramData\USBChargerPlus =>.ASUSTeK O43 - CFD: 23/10/2017 - [] D -- C:\ProgramData\USOPrivate =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\ProgramData\USOShared =>.Microsoft Corporation O43 - CFD: 13/09/2017 - [] D -- C:\ProgramData\Visan =>.Visan Industries O43 - CFD: 07/07/2017 - [] D -- C:\ProgramData\WebStorage =>.ASUSTeK O43 - CFD: 09/11/2017 - [] D -- C:\ProgramData\WildTangent =>.WildTangent O43 - CFD: 30/09/2017 - [] D -- C:\ProgramData\WindowsHolographicDevices =>.Microsoft Corporation O43 - CFD: 12/10/2017 - [] D -- C:\ProgramData\Wondershare =>.Wondershare O43 - CFD: 27/01/2018 - [] AD -- C:\Program Files (x86)\Common Files\Adobe =>.Adobe O43 - CFD: 19/09/2017 - [] D -- C:\Program Files (x86)\Common Files\Apple =>.Apple Inc. O43 - CFD: 04/01/2018 - [] D -- C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield O43 - CFD: 23/10/2017 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation O43 - CFD: 29/01/2018 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\Program Files (x86)\Common Files\PostureAgent =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation O43 - CFD: 23/09/2017 - [] AD -- C:\Program Files (x86)\Common Files\Skype =>.Skype O43 - CFD: 23/10/2017 - [] D -- C:\Program Files (x86)\Common Files\system =>.Microsoft Corporation O43 - CFD: 12/10/2017 - [] D -- C:\Program Files (x86)\Common Files\Wondershare =>.Wondershare O43 - CFD: 27/01/2018 - [] D -- C:\Users\mathi\AppData\Roaming\Adobe =>.Adobe O43 - CFD: 19/09/2017 - [] D -- C:\Users\mathi\AppData\Roaming\Apple Computer =>.Apple Inc. O43 - CFD: 09/07/2017 - [0] D -- C:\Users\mathi\AppData\Roaming\ASUS Flip O43 - CFD: 09/11/2017 - [] D -- C:\Users\mathi\AppData\Roaming\AVAST Software =>.AVAST Software O43 - CFD: 07/07/2017 - [] D -- C:\Users\mathi\AppData\Roaming\DropboxOEM =>.Dropbox Inc. O43 - CFD: 20/01/2018 - [] D -- C:\Users\mathi\AppData\Roaming\Foxit Software =>.Foxit Software O43 - CFD: 13/09/2017 - [] D -- C:\Users\mathi\AppData\Roaming\HPPSDr O43 - CFD: 03/08/2017 - [] D -- C:\Users\mathi\AppData\Roaming\HpUpdate =>.Hewlett-Packard O43 - CFD: 08/11/2017 - [] D -- C:\Users\mathi\AppData\Roaming\HP_Easy_Start =>.Hewlett-Packard O43 - CFD: 29/01/2018 - [] D -- C:\Users\mathi\AppData\Roaming\hubiC =>.hubiC O43 - CFD: 07/07/2017 - [] D -- C:\Users\mathi\AppData\Roaming\Intel =>.Intel Corporation O43 - CFD: 18/09/2017 - [] D -- C:\Users\mathi\AppData\Roaming\Kingsoft =>.Kingosoft Technology Ltd O43 - CFD: 18/09/2017 - [] D -- C:\Users\mathi\AppData\Roaming\LibreOffice =>.LibreOffice O43 - CFD: 07/07/2017 - [] D -- C:\Users\mathi\AppData\Roaming\Macromedia =>.Macromedia O43 - CFD: 27/01/2018 - [] SD -- C:\Users\mathi\AppData\Roaming\Microsoft =>.Microsoft Corporation O43 - CFD: 17/11/2017 - [] D -- C:\Users\mathi\AppData\Roaming\Mozilla =>.Mozilla Corporation O43 - CFD: 07/12/2017 - [0] D -- C:\Users\mathi\AppData\Roaming\office6 O43 - CFD: 30/12/2017 - [] D -- C:\Users\mathi\AppData\Roaming\PhotoFiltre Studio X =>.Antonio Da Cruz O43 - CFD: 21/01/2018 - [] D -- C:\Users\mathi\AppData\Roaming\Skype =>.Skype O43 - CFD: 20/01/2018 - [] D -- C:\Users\mathi\AppData\Roaming\SolidDocuments =>.SolidDocuments O43 - CFD: 29/01/2018 - [0] D -- C:\Users\mathi\AppData\Roaming\TP =>.TP O43 - CFD: 09/11/2017 - [] D -- C:\Users\mathi\AppData\Roaming\WildTangent =>.WildTangent O43 - CFD: 20/01/2018 - [] D -- C:\Users\mathi\AppData\Roaming\Wondershare =>.Wondershare O43 - CFD: 04/08/2017 - [] D -- C:\Users\mathi\AppData\Roaming\wps O43 - CFD: 29/01/2018 - [] D -- C:\Users\mathi\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 27/01/2018 - [] D -- C:\Users\mathi\AppData\Local\Adobe =>.Adobe O43 - CFD: 19/09/2017 - [] D -- C:\Users\mathi\AppData\Local\Apple =>.Apple Inc. O43 - CFD: 07/10/2017 - [] D -- C:\Users\mathi\AppData\Local\Apple Computer =>.Apple Inc. O43 - CFD: 10/10/2017 - [] D -- C:\Users\mathi\AppData\Local\Apple Inc =>.Apple Inc. O43 - CFD: 23/10/2017 - [0] SHD -- C:\Users\mathi\AppData\Local\Application Data =>.Microsoft Corporation O43 - CFD: 18/01/2018 - [] D -- C:\Users\mathi\AppData\Local\AVAST Software =>.AVAST Software O43 - CFD: 13/07/2017 - [] D -- C:\Users\mathi\AppData\Local\Avira =>.Avira Software O43 - CFD: 13/07/2017 - [0] D -- C:\Users\mathi\AppData\Local\AviraSpeedup =>.Avira Software O43 - CFD: 30/08/2017 - [] D -- C:\Users\mathi\AppData\Local\Avira_Operations_GmbH_&_C =>.Avira Software O43 - CFD: 11/07/2017 - [] D -- C:\Users\mathi\AppData\Local\CEF =>.CEF O43 - CFD: 23/01/2018 - [] D -- C:\Users\mathi\AppData\Local\Chromium =>.Chromium O43 - CFD: 14/01/2018 - [] D -- C:\Users\mathi\AppData\Local\Comms =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\Users\mathi\AppData\Local\Conexant =>.Conexant O43 - CFD: 06/12/2017 - [] D -- C:\Users\mathi\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation O43 - CFD: 27/01/2018 - [] D -- C:\Users\mathi\AppData\Local\CrashDumps =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [0] D -- C:\Users\mathi\AppData\Local\DBG =>.DBG O43 - CFD: 12/12/2017 - [] D -- C:\Users\mathi\AppData\Local\Diagnostics =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\Users\mathi\AppData\Local\DropboxOEM =>.Dropbox Inc. O43 - CFD: 20/01/2018 - [] D -- C:\Users\mathi\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation O43 - CFD: 16/11/2017 - [] D -- C:\Users\mathi\AppData\Local\Evernote =>.EverNote Corporation O43 - CFD: 17/11/2017 - [] D -- C:\Users\mathi\AppData\Local\EvernoteNW O43 - CFD: 20/01/2018 - [] D -- C:\Users\mathi\AppData\Local\Foxit PhantomPDF =>.Foxit Corporation O43 - CFD: 21/01/2018 - [] D -- C:\Users\mathi\AppData\Local\Google =>.Google O43 - CFD: 23/10/2017 - [0] SHD -- C:\Users\mathi\AppData\Local\Historique =>.Microsoft Corporation O43 - CFD: 06/11/2017 - [] D -- C:\Users\mathi\AppData\Local\HP =>.Hewlett-Packard O43 - CFD: 07/12/2017 - [] D -- C:\Users\mathi\AppData\Local\kingsoft =>.Kingosoft Technology Ltd O43 - CFD: 15/07/2017 - [] D -- C:\Users\mathi\AppData\Local\Macromedia =>.Macromedia O43 - CFD: 27/01/2018 - [] D -- C:\Users\mathi\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\Users\mathi\AppData\Local\MicrosoftEdge =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\Users\mathi\AppData\Local\Mozilla =>.Mozilla Corporation O43 - CFD: 23/01/2018 - [] D -- C:\Users\mathi\AppData\Local\Packages =>.Microsoft Corporation O43 - CFD: 13/07/2017 - [0] D -- C:\Users\mathi\AppData\Local\PackageStaging =>.Apcera O43 - CFD: 22/12/2017 - [0] D -- C:\Users\mathi\AppData\Local\PlaceholderTileLogoFolder O43 - CFD: 31/07/2017 - [] D -- C:\Users\mathi\AppData\Local\Programs =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [] D -- C:\Users\mathi\AppData\Local\Publishers =>.Microsoft Corporation O43 - CFD: 29/01/2018 - [] D -- C:\Users\mathi\AppData\Local\Temp =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [0] SHD -- C:\Users\mathi\AppData\Local\Temporary Internet Files =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] D -- C:\Users\mathi\AppData\Local\TileDataLayer =>.Microsoft Corporation O43 - CFD: 21/09/2017 - [] D -- C:\Users\mathi\AppData\Local\VirtualStore =>.Microsoft Corporation O43 - CFD: 12/10/2017 - [] D -- C:\Users\mathi\AppData\Local\Wondershare =>.Wondershare O43 - CFD: 29/01/2018 - [] D -- C:\Users\mathi\AppData\Local\ZHP =>.Nicolas Coolman O43 - CFD: 31/07/2017 - [0] D -- C:\Users\mathi\AppData\Local\Programs\Common =>.Microsoft Corporation O43 - CFD: 02/10/2017 - [] D -- C:\Users\mathi\AppData\LocalLow\Adobe =>.Adobe O43 - CFD: 21/09/2017 - [] D -- C:\Users\mathi\AppData\LocalLow\Evernote =>.EverNote Corporation O43 - CFD: 19/12/2017 - [] SD -- C:\Users\mathi\AppData\LocalLow\Microsoft =>.Microsoft Corporation O43 - CFD: 29/01/2018 - [] D -- C:\Users\mathi\AppData\LocalLow\Mozilla =>.Mozilla Corporation O43 - CFD: 18/10/2017 - [] D -- C:\Users\mathi\AppData\LocalLow\Temp =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] RD -- C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] RD -- C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation O43 - CFD: 14/01/2018 - [] RD -- C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools O43 - CFD: 23/10/2017 - [] D -- C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud =>.Apple Inc. O43 - CFD: 29/09/2017 - [] D -- C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation O43 - CFD: 30/12/2017 - [] D -- C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X =>.Antonio Da Cruz O43 - CFD: 14/01/2018 - [] RD -- C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] RD -- C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [] RD -- C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Historique =>.Microsoft Corporation O43 - CFD: 30/09/2017 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation O43 - CFD: 07/07/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Historique =>.Microsoft Corporation O43 - CFD: 30/09/2017 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 29/09/2017 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation O43 - CFD: 09/11/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\AVAST Software =>.AVAST Software O43 - CFD: 23/10/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 26/10/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Macromedia =>.Macromedia O43 - CFD: 24/10/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation O43 - CFD: 23/10/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\WildTangent =>.WildTangent ---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 1s O106 - SIOI: avast [00asw] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.® O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation ---\\ Raccourcis de menus conceptuels (SCMH) (27) - 2s O108 - CMH1: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Orphan.) O108 - CMH1: avast [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.® O108 - CMH1: Foxit_ConvertToPDF [64Bits] - {C5269811-4A29-4818-A4BB-111F9FC63A5F} . (.Foxit Software Inc. - ConvertToPDFShellExtension.) -- C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll =>.Foxit Software Incorporated® O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH1: PhotoStreamsExt [64Bits] - {89D984B3-813B-406A-8298-118AFA3A22AE} . (.Apple Inc. - ShellStreams.) -- C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll =>.Apple Inc.® O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH3: 00asw [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.® O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH4: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Orphan.) O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation O108 - CMH5: igfxcui [64Bits] - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} . (.Orphan.) O108 - CMH5: igfxDTCM [64Bits] - {9B5F5829-A529-4B12-814A-E81BCB8D93FC} . (.Intel Corporation - igfxDTCM Module.) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll =>.Microsoft Windows Hardware Compatibility Publisher® O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation O108 - CMH6: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Orphan.) O108 - CMH6: avast [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.® O108 - CMH6: Foxit_ConvertToPDF [64Bits] - {C5269811-4A29-4818-A4BB-111F9FC63A5F} . (.Foxit Software Inc. - ConvertToPDFShellExtension.) -- C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll =>.Foxit Software Incorporated® O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - Programme de résolution d’applications.) -- C:\Windows\System32\appresolver.dll =>.Microsoft Windows® O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation ---\\ Image File Execution Options (18) - 0s O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3] =>.Microsoft Windows® O50 - IFEO:C:\WINDOWS\System32\drvinst.exe - (.Microsoft Corporation - Module d’installation de pilotes.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) [MitigationOptions\\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) [MitigationOptions\\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) [CFGOptions\\1] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) [MitigationOptions\\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Application sous-système spouleur.) [MitigationOptions\\2097152] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Processus hôte pour les services Windows.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher® O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Processus hôte pour les services Windows.) [MitigationAuditOptions\\17660905521152] =>.Microsoft Windows Publisher® O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation ---\\ Liste des pilotes du système (85) - 9s O58 - SDL:2017/09/29 14:41:02 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107416] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows® O58 - SDL:2015/05/25 13:20:18 A . (.ASUSTek Computer Inc. - ASUS Charger driver.) -- C:\WINDOWS\System32\drivers\AiCharger.sys [21816] =>.ASUSTeK Computer Inc.® O58 - SDL:2017/09/29 14:41:02 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [258592] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [27032] =>.Microsoft Windows® O58 - SDL:2015/09/15 08:51:26 A . (.Alcor Micro, Corp. - Alocr Micro USB Mass Storage Driver.) -- C:\WINDOWS\System32\drivers\AmUStor.sys [92312] =>.AlcorMicro, Corp.® O58 - SDL:2017/09/29 14:41:02 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131992] =>.Microsoft Windows® O58 - SDL:2015/08/19 11:53:54 A . (.ASUS - HID driver for ASUS Wireless Radio Control.) -- C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [27872] =>.ASUSTeK Computer Inc.® O58 - SDL:2016/03/03 14:44:50 A . (.ASUS Corporation - Asus TP Filter Driver (x64).) -- C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [88568] =>.ASUSTeK Computer Inc.® O58 - SDL:2017/12/21 17:16:03 A . (.AVAST Software - Avast anti rootkit.) -- C:\WINDOWS\System32\drivers\aswArPot.sys [185096] =>.AVAST Software s.r.o.® O58 - SDL:2017/12/21 17:15:51 A . (.AVAST Software - IDS Application Activity Monitor Driver..) -- C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512] =>.AVAST Software s.r.o.® O58 - SDL:2017/12/21 17:15:51 A . (.AVAST Software - Application Activity Monitor Helper Driver.) -- C:\WINDOWS\System32\drivers\aswbidsha.sys [199448] =>.AVAST Software s.r.o.® O58 - SDL:2017/12/21 17:15:51 A . (.AVAST Software - Logging Driver.) -- C:\WINDOWS\System32\drivers\aswbloga.sys [343768] =>.AVAST Software s.r.o.® O58 - SDL:2017/12/21 17:15:51 A . (.AVAST Software - Universal Driver.) -- C:\WINDOWS\System32\drivers\aswbuniva.sys [57696] =>.AVAST Software s.r.o.® O58 - SDL:2017/12/21 17:15:53 A . (.AVAST Software - Home Network Security.) -- C:\WINDOWS\System32\drivers\aswHdsKe.sys [149344] =>.AVAST Software s.r.o.® O58 - SDL:2017/12/21 17:16:03 A . (.AVAST Software - Avast HWID.) -- C:\WINDOWS\System32\drivers\aswHwid.sys [46976] =>.AVAST Software s.r.o.® (.AVAST Software) O58 - SDL:2017/12/21 17:16:03 A . (.AVAST Software - Avast File System Minifilter for Windows 20.) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [146664] =>.AVAST Software s.r.o.® O58 - SDL:2017/12/21 17:16:03 A . (.AVAST Software - Avast WFP Redirect Driver.) -- C:\WINDOWS\System32\drivers\aswRdr2.sys [110336] =>.AVAST Software s.r.o.® O58 - SDL:2017/12/21 17:16:03 A . (.AVAST Software - Avast Revert.) -- C:\WINDOWS\System32\drivers\aswRvrt.sys [84384] =>.AVAST Software s.r.o.® (.AVAST Software) O58 - SDL:2017/12/21 17:15:55 A . (.AVAST Software - Avast Virtualization Driver.) -- C:\WINDOWS\System32\drivers\aswSnx.sys [1025176] =>.AVAST Software s.r.o.® O58 - SDL:2017/12/21 17:16:03 A . (.AVAST Software - Avast self protection module.) -- C:\WINDOWS\System32\drivers\aswSP.sys [457400] =>.AVAST Software s.r.o.® O58 - SDL:2017/12/21 17:16:04 A . (.AVAST Software - Stream Filter.) -- C:\WINDOWS\System32\drivers\aswStm.sys [204456] =>.AVAST Software s.r.o.® O58 - SDL:2017/12/21 17:16:03 A . (.AVAST Software - Avast VM Monitor.) -- C:\WINDOWS\System32\drivers\aswVmm.sys [358672] =>.AVAST Software s.r.o.® (.AVAST Software) O58 - SDL:2017/09/29 14:41:02 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2017/09/29 14:41:01 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533912] =>.Microsoft Windows® O58 - SDL:2016/05/09 03:53:00 A . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Drive.) -- C:\WINDOWS\System32\drivers\CHDRT64.sys [1559688] =>.Conexant Systems, Inc.® O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [141208] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [357272] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [1723288] =>.Microsoft Windows® O58 - SDL:2015/10/02 04:26:18 A . (.Intel Corporation - DPTF ACPI Device (64-Bit).) -- C:\WINDOWS\System32\drivers\dptf_acpi.sys [57304] =>.Intel(R) Software® O58 - SDL:2015/10/02 04:26:18 A . (.Intel Corporation - DPTF CPU Device (64-Bit).) -- C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200] =>.Intel(R) Software® O58 - SDL:2015/10/02 04:26:18 A . (.Intel Corporation - DPTF Zone (64-Bit).) -- C:\WINDOWS\System32\drivers\esif_lf.sys [260072] =>.Intel(R) Software® O58 - SDL:2017/09/29 14:41:01 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3419032] =>.Microsoft Windows® O58 - SDL:2014/03/25 10:14:40 A . (...) -- C:\WINDOWS\System32\drivers\farmntio.sys [25144] =>.Microsoft Corporation O58 - SDL:2015/11/04 11:27:06 A . (.Intel - HID PCI Minidriver for ISS.) -- C:\WINDOWS\System32\drivers\HID_PCI.sys [47928] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O58 - SDL:2017/09/29 14:41:02 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [63520] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [36864] =>.Intel(R) Corporation O58 - SDL:2017/09/29 14:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [91648] =>.Intel(R) Corporation O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] =>.Intel Corporation O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576] =>.Intel Corporation O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] =>.Intel Corporation O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592] =>.Intel Corporation O58 - SDL:2015/06/16 12:56:40 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185128] =>.Intel Corporation - Client Components Group® O58 - SDL:2017/09/29 14:41:01 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group® O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation O58 - SDL:2015/10/02 07:49:14 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [1463808] =>.Intel(R) Rapid Storage Technology® O58 - SDL:2017/09/29 14:41:03 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [674200] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412056] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [526232] =>.Microsoft Windows® O58 - SDL:2016/10/15 00:29:38 A . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Filter Drive.) -- C:\WINDOWS\System32\drivers\ibtusb.sys [732416] =>.Intel Corporation-Wireless Connectivity Solutions® O58 - SDL:2016/10/07 08:25:26 N . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [822248] =>.Intel(R) OWR® O58 - SDL:2015/11/04 11:25:34 A . (.Intel - Intel(R) Integrated Sensor Solution.) -- C:\WINDOWS\System32\drivers\ISH.sys [135992] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O58 - SDL:2015/11/09 11:54:22 A . (.Intel - ISS Dynamic Bus Enumerator.) -- C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [71992] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O58 - SDL:2017/12/21 17:16:30 A . (...) -- C:\WINDOWS\System32\drivers\lpsport.sys [61304] =>.AVG Technologies CZ, s.r.o.® O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108064] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123800] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103320] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82840] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59800] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [63520] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575896] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [842648] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63896] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108952] =>.Microsoft Windows® O58 - SDL:2016/03/28 12:41:28 A . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\WINDOWS\System32\drivers\netaapl64.sys [23040] =>.Apple Inc. O58 - SDL:2015/12/25 01:38:58 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\System32\drivers\Netwtw02.sys [6722320] =>.Intel Corporation-Wireless Connectivity Solutions® O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728] =>.Intel Corporation O58 - SDL:2017/09/29 14:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150424] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166296] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58776] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:14 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) -- C:\WINDOWS\System32\drivers\rteth.sys [59904] =>.Realtek O58 - SDL:2017/09/29 14:41:02 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44952] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81816] =>.Microsoft Windows® O58 - SDL:2016/09/05 05:47:06 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [131712] =>.Samsung Electronics CO., LTD.® O58 - SDL:2016/09/05 05:47:14 A . (.QUALCOMM Incorporated - Filter Driver for the Qualcomm USB Driver S.) -- C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640] =>.Samsung Electronics CO., LTD.® O58 - SDL:2017/09/29 14:41:02 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31128] =>.Microsoft Windows® O58 - SDL:2015/10/08 21:16:00 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [185600] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O58 - SDL:2018/01/21 12:47:49 A . (...) -- C:\WINDOWS\System32\drivers\TrueSight.sys [28272] =>.Adlice® O58 - SDL:2016/12/21 12:20:26 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc. O58 - SDL:2017/09/29 14:41:02 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166808] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305560] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [32152] =>.Microsoft Windows® O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows® ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (4) - 10s O61 - LFC: 2018/01/23 20:33:50 A . (.Copyright (C) 2016 Google Inc..) -- C:\Users\mathi\AppData\Local\Chromium\Application\66.0.3330.0\swiftshader\libegl.dll [120832] O61 - LFC: 2018/01/23 20:33:50 A . (.Copyright (C) 2016 Google Inc..) -- C:\Users\mathi\AppData\Local\Chromium\Application\66.0.3330.0\swiftshader\libglesv2.dll [2676224] O61 - LFC: 2018/01/29 12:48:09 A . (..) -- C:\Users\mathi\Desktop\CKScanner.exe [468480] O61 - LFC: 2018/01/29 12:55:03 A . (..) -- C:\Users\mathi\Desktop\winchk_2.0.exe [315000] ---\\ Associations Shell Spawning (11) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (...) -- %1" %* O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® ---\\ Menu de démarrage Internet (8) - 0s O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation ---\\ Recherche d'infection sur les navigateurs (2) - 18s O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] [NTURL] - () - http://www.bing.com/ =>.Bing.com O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com ---\\ Enumère les services démarrés par Svchost (48) - 0s O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\WINDOWS\System32\certprop.dll [188928] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [188928] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [270848] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1275904] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [984064] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [820224] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [144896] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [150528] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [109056] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [880640] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [220160] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [407040] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [387584] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [108544] =>.Microsoft Corporation O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) -- C:\Windows\System32\PushToInstall.dll [254976] =>.Microsoft Corporation O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll [194560] =>.Microsoft Corporation O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [1272320] =>.Microsoft Corporation O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Service d’authentification naturelle.) -- C:\Windows\System32\NaturalAuth.dll [795136] =>.Microsoft Corporation O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Broker à jetons.) -- C:\Windows\System32\TokenBroker.dll [1231872] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service de géolocalisation.) -- C:\Windows\System32\lfsvc.dll [46080] =>.Microsoft Corporation O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [1107968] =>.Microsoft Corporation O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Moniteur infrarouge.) -- C:\Windows\System32\irmon.dll [24576] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [104960] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) -- C:\Windows\System32\rasmans.dll [930304] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [491520] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [73216] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [601088] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [307200] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [2783744] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [1345536] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [613376] =>.Microsoft Corporation O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL Windows Management Service.) -- C:\Windows\System32\Windows.Internal.Management.dll [702464] =>.Microsoft Corporation O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [57856] =>.Microsoft Corporation O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Paramètres de vol.) -- C:\Windows\System32\flightsettings.dll [779264] =>.Microsoft Corporation O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Service du système de notifications Push Wi.) -- C:\Windows\System32\WpnService.dll [284672] =>.Microsoft Corporation O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [1143808] =>.Microsoft Corporation O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Mettre à jour la session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [1289216] =>.Microsoft Corporation O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [951808] =>.Microsoft Corporation O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) -- C:\Windows\System32\InstallService.dll [1313792] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [69632] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [387072] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [238080] =>.Microsoft Corporation O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Configuration du réseau.) -- C:\Windows\System32\NetSetupSvc.dll [307712] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) -- C:\Windows\System32\NcaSvc.dll [170496] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [2223104] =>.Microsoft Corporation O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\Windows\System32\XboxGipSvc.dll [57856] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [132608] =>.Microsoft Corporation ---\\ Liste des exceptions du parefeu Windows (6) - 3s O87 - FAEL: "UDP Query User{1B6244A9-3906-4277-970D-39D5667031FE}C:\users\mathi\appdata\roaming\spotify\spotify.exe" [In-None-P17-TRUE] .(...) -- C:\users\mathi\appdata\roaming\spotify\spotify.exe (.not file.) O87 - FAEL: "TCP Query User{655C1541-C68F-4139-BDE3-552B82BF8F68}C:\users\mathi\appdata\roaming\spotify\spotify.exe" [In-None-P6-TRUE] .(...) -- C:\users\mathi\appdata\roaming\spotify\spotify.exe (.not file.) O87 - FAEL: "{A437604F-87A7-4647-AD60-9A8708BB8797}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (.not file.) O87 - FAEL: "{C4D507C3-311D-4111-B02B-2080B4DE4FE8}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe (.not file.) O87 - FAEL: "{8CA99761-63A5-4666-81C9-04CA604FBDD4}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe (.not file.) O87 - FAEL: "{2B8DB5AC-91F5-461F-A9A8-1E49067AC00A}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe (.not file.) ---\\ Recherche des packages WindowsInstaller (49) - 20s [MD5.86E2B390629665FBC20E06DFBF01A48F] [WIS][2017/05/08 15:11:06] (.Apple Inc. - [ProductName] Installer.) -- C:\WINDOWS\Installer\11e2aa70.msi [2732032] =>.Apple Inc. [MD5.244CE14865CE4E47B3F18A990C68096D] [WIS][2017/12/11 11:22:59] (.Apple Inc. - Apple Mobile Device Support Installer.) -- C:\WINDOWS\Installer\13199322.msi [14045184] =>.Apple Inc. [MD5.2E0591D0AE330CDA6CB3E683D8D0C5DA] [WIS][2016/01/19 06:54:47] (.ASUSTek Computer Inc. - Device Setup.) -- C:\WINDOWS\Installer\135944.msi [3082240] =>.ASUSTek Computer Inc. [MD5.759F007F0D8052AC06F6189CE11F9088] [WIS][2017/12/08 08:29:29] (.The Document Foundation - LibreOffice 5.4.) -- C:\WINDOWS\Installer\146fe828.msi [245379072] =>.The Document Foundation [MD5.A1C652885C0505A6B4F223C0CD40F40F] [WIS][2016/09/15 10:37:10] (.HP - HP DeskJet 3700 series Get product specific.) -- C:\WINDOWS\Installer\14bf9dfa.msi [163840] =>.HP [MD5.D3ABCE8C803F8684487E81235C1ABCC6] [WIS][2014/07/08 23:21:34] (.Hewlett Packard - HPDiagnosticCoreDll.) -- C:\WINDOWS\Installer\14daa445.msi [5210112] =>.Hewlett Packard [MD5.16F6D765A6FB792EF45C0319D14DAF10] [WIS][2017/11/14 12:27:44] (.Skype Technologies S.A. - Skype.) -- C:\WINDOWS\Installer\154115e7.msi [45527040] =>.Skype Technologies S.A. [MD5.A666B14C461CC7207C0C9B3D0D2D28F3] [WIS][2017/11/14 13:54:13] (.Adobe Systems Incorporated - Adobe ARM Installer.) -- C:\WINDOWS\Installer\15903ccf.msi [880128] =>.Adobe Systems Incorporated [MD5.FEA50D413B6B3D3CE21FEAD04CC4A765] [WIS][2012/10/03 00:19:43] (.Hewlett-Packard Co. - HP Deskjet 2050 J510 series Basic Device So.) -- C:\WINDOWS\Installer\173bedf0.msi [2633728] =>.Hewlett-Packard Co. [MD5.E2E89827A1BA958C7C93256773D00CEF] [WIS][2017/11/16 19:21:37] (.Evernote Corp. - Evernote v. 6.7.5.) -- C:\WINDOWS\Installer\2108d70c.msi [104140800] =>.Evernote Corp. [MD5.39EB764EBA430527EBFDB02F86D13C2B] [WIS][2015/03/03 17:25:48] (.OVH - hubiC - x64.) -- C:\WINDOWS\Installer\247c19.msi [466944] =>.OVH [MD5.8405F20F4561FC46D5C21474D6E1CEF9] [WIS][2016/03/03 07:45:10] (.ASUS.) -- C:\WINDOWS\Installer\3e62e.msi [333824] =>.ASUS [MD5.FE66FD620672714FA677F32A1A46DAF2] [WIS][2015/09/17 09:42:12] (.Alcor Micro Corp..) -- C:\WINDOWS\Installer\3e632.msi [1428992] =>.Alcor Micro Corp. [MD5.9E37F096699516F059696B2FA7CFE723] [WIS][2015/12/29 09:33:10] (.Intel Corporation - Intel® WiFi.) -- C:\WINDOWS\Installer\3e636.msi [21573632] =>.Intel Corporation [MD5.10E016BFFA651A00E3B7A72A9BA1FA65] [WIS][2015/12/29 09:33:10] (.Intel Corporation - Intel® WiFi.) -- C:\WINDOWS\Installer\3e63a.msi [49676288] =>.Intel Corporation [MD5.1504667BA3C10D841C0B76B6412FAFB5] [WIS][2015/03/17 09:41:29] (.Adobe Systems Incorporated.) -- C:\WINDOWS\Installer\426945e6.msi [2805760] =>.Adobe Systems Incorporated [MD5.973E4A5D041997593E13091A9610C940] [WIS][2015/07/20 05:49:26] (.Intel Corporation - Intel(R) Serial IO.) -- C:\WINDOWS\Installer\65b2.msi [2527232] =>.Intel Corporation [MD5.A6C1D48FB0ED01E3E1672AB4A89F411F] [WIS][2015/10/16 06:18:06] (.Intel Corporation - Intel(R) ME UninstallLegacy.) -- C:\WINDOWS\Installer\6871.msi [425984] =>.Intel Corporation [MD5.8D63E8CF4AE98B88FA5361841D1D9CA3] [WIS][2015/10/16 06:18:56] (.Intel Corporation - Intel(R) Management Engine Components.) -- C:\WINDOWS\Installer\6875.msi [9654272] =>.Intel Corporation [MD5.2F1E630CA77290E619421D6AD06B0594] [WIS][2015/10/16 06:19:12] (.Intel Corporation - Intel(R) Management Engine Components.) -- C:\WINDOWS\Installer\6879.msi [17117184] =>.Intel Corporation [MD5.0ED0C9589B99557E514AC19AF6C73A22] [WIS][2015/05/22 17:27:22] (.Intel Corporation - Intel(R) Trusted Connect Service Client.) -- C:\WINDOWS\Installer\687d.msi [11005952] =>.Intel Corporation [MD5.0D69490E64E1185C42AB13FE88AC6335] [WIS][2015/05/22 01:25:00] (.Intel Corporation - Intel® Security Assist.) -- C:\WINDOWS\Installer\6881.msi [1167360] =>.Intel Corporation [MD5.2E1E09BB79B4A579DC7C830ED0002962] [WIS][2015/11/10 15:25:06] (.Intel Corporation - ISS_Drivers_x64.) -- C:\WINDOWS\Installer\688b.msi [9191424] =>.Intel Corporation [MD5.435825AECD9F7FB2BF1AE6B693D06A89] [WIS][2015/11/13 11:53:18] (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Patch/Audio .) -- C:\WINDOWS\Installer\6e2d.msi [9764864] =>.Intel Corporation [MD5.B197D28D3498CFE73D50ECD53923FF17] [WIS][2015/10/29 01:59:43] (.Intel Corporation - Intel(R) WiDi.) -- C:\WINDOWS\Installer\6e50.msi [23951360] =>.Intel Corporation [MD5.8D14AC2A02B6D9F2A8C6F7531609DAA4] [WIS][2016/06/27 20:35:17] (.Intel Corporation - Intel(R) WiDi Software Asset Manager.) -- C:\WINDOWS\Installer\6e54.msi [6987776] =>.Intel Corporation [MD5.8BC87D4A96BD0E0C983DCEFEEF84EDEA] [WIS][2015/12/17 10:44:36] (.ASUS.) -- C:\WINDOWS\Installer\6e58.msi [544768] =>.ASUS [MD5.9F39DC9027B92456016455A32B68478D] [WIS][2015/09/22 16:16:32] (.Intel Corporation - Intel(R) Chipset Device Software.) -- C:\WINDOWS\Installer\7581.msi [774144] =>.Intel Corporation [MD5.A01C97EEFDCC16930CF79C09229B2F86] [WIS][2015/11/18 05:49:04] (.ASUS.) -- C:\WINDOWS\Installer\80eb.msi [8125952] =>.ASUS [MD5.8D4B2BABA7F30FA313C447D87B38ED3E] [WIS][2015/06/17 10:26:24] (.ASUS.) -- C:\WINDOWS\Installer\80ef.msi [6069760] =>.ASUS [MD5.ADF8DD9DCE005FC77B570D20440C0418] [WIS][2016/06/27 20:41:28] (.ICEpower a/s - AudioWizard.) -- C:\WINDOWS\Installer\8fa0.msi [6310400] =>.ICEpower a/s [MD5.7E7C5EFB12A20EDEF160A737DCF536C3] [WIS][2018/01/20 15:17:24] (.Foxit Software Inc. - Foxit PhantomPDF.) -- C:\WINDOWS\Installer\9891a6f.msi [468316160] =>.Foxit Software Inc. [MD5.271C140DAB40864C201AD4EEA7AC6850] [WIS][2015/12/02 11:08:52] (.ASUS.) -- C:\WINDOWS\Installer\a157.msi [11616256] =>.ASUS [MD5.3BA31C1CB4372CF068D8E18210DC8A7E] [WIS][2016/08/01 09:39:54] (.ASUS.) -- C:\WINDOWS\Installer\ae069.msi [4300800] =>.ASUS [MD5.7DBAC29601F8D9CCAA3A39317DD667FC] [WIS][2015/11/17 08:55:46] (.ASUS.) -- C:\WINDOWS\Installer\b7c9.msi [1220608] =>.ASUS [MD5.0128BBE153B9A5F28730DAB63376FCE0] [WIS][2015/05/25 06:20:24] (.ASUS.) -- C:\WINDOWS\Installer\c2a7.msi [9694720] =>.ASUS [MD5.4F63C6D0286375314A89A0486C52AE5E] [WIS][2016/09/15 10:37:08] (.HP - HP Scan Dropbox destination plugin.) -- C:\WINDOWS\Installer\eb84e1.msi [155648] =>.HP [MD5.7582BDA319E80EDD97147C66AD61F0E2] [WIS][2016/09/15 10:37:09] (.HP - HP Scan Google Drive destination plugin.) -- C:\WINDOWS\Installer\eb84e6.msi [155648] =>.HP [MD5.1D505F3C292A3506E39442148F670D98] [WIS][2016/09/15 10:37:06] (.HP Inc. - Product Improvement Study for HP DeskJet 37.) -- C:\WINDOWS\Installer\eb84f0.msi [290816] =>.HP Inc. [MD5.9ABFA81949AF571ABD8536CB3FD0B7FA] [WIS][2016/09/15 10:37:01] (.HP Inc. - HP DeskJet 3700 series Basic Device Softwar.) -- C:\WINDOWS\Installer\f15b33.msi [5279744] =>.HP Inc. [MD5.0C53AE07F64461486F492498139742E7] [WIS][2017/12/17 19:19:42] (.Apple Inc. - Apple Application Support Installer.) -- C:\WINDOWS\Installer\fbbe448.msi [51093504] =>.Apple Inc. [MD5.6FC9092DCAD7C94F844F37144FC02B00] [WIS][2017/12/17 19:19:57] (.Apple Inc. - Apple Application Support Installer.) -- C:\WINDOWS\Installer\fbbe458.msi [46120960] =>.Apple Inc. [MD5.BB15F11479AE037DBC25AACA6F7A33EC] [WIS][2017/12/17 19:22:50] (.Apple Inc. - iTunes Installer.) -- C:\WINDOWS\Installer\fbbfa9e.msi [161886208] =>.Apple Inc. [MD5.24E1B96B703E125A98774CCB8A1ED785] [WIS][2017/12/17 19:28:13] (.Apple Inc. - Apple Software Update Installer.) -- C:\WINDOWS\Installer\fbbfafb.msi [3608576] =>.Apple Inc. [MD5.F9A879993FF2B41EA511E236A4A85865] [WIS][2017/12/17 19:29:03] (.Apple Inc. - iCloud for Windows installer.) -- C:\WINDOWS\Installer\fbbfb45.msi [42299392] =>.Apple Inc. [MD5.82F476D2A7125BB7EBF5A2A657BAB293] [WIS][2017/11/13 05:26:16] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\15903d82.msp [23506944] =>.Adobe Systems, Incorporated [MD5.3617A09ABC822D955214EBE86A991CF3] [WIS][2017/11/29 11:42:28] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\299bad4.msp [1355776] =>.Adobe Systems, Incorporated [MD5.1804509512CA08400FBF29C502540400] [WIS][2017/08/01 01:15:32] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\426945e7.msp [100061184] =>.Adobe Systems, Incorporated [MD5.4B436CCB79A1D51BF61E44378C2F5DAB] [WIS][2017/08/28 17:41:00] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\428c825c.msp [100036608] =>.Adobe Systems, Incorporated ---\\ Scan Additionnel (5) - 5s HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip =>.SUP.Orphan HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} =>.SUP.Orphan HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip =>.SUP.Orphan HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui =>.SUP.Orphan HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\7-Zip =>.SUP.Orphan ---\\ Récapitulatif des éléments trouvés sur votre station (1) - 0s https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan ~ Unselected Options: ~ End of the scan, 27532 items in 02mn29s (1149)(0) FRST Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018 Exécuté par mathi (administrateur) sur DESKTOP-SDM0ICP (29-01-2018 13:08:29) Exécuté depuis C:\Users\mathi\Desktop Profils chargés: mathi (Profils disponibles: mathi) Platform: Windows 10 Home Version 1709 16299.192 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (OVH) C:\Program Files\OVH\hubiC\hubiC.exe (Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe (ASUS) C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe () C:\Program Files\ASUS\ASUS FlipLock\FlipControlPTP.exe () C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe () C:\Program Files\ASUS\ASUS FlipLock\WifiPowerManager.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Users\mathi\AppData\Local\Temp\7zO4A7E2A13\office-2016_16-0-7167-2060_fr_431791_64.exe (Microsoft Corporation) C:\Users\mathi\AppData\Local\Temp\7zO4A7E2A13\office-2016_16-0-7167-2060_fr_431791_64.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (The Document Foundation) C:\Program Files\LibreOffice 5\program\swriter.exe (The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.exe (The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.bin ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1831256 2016-01-08] (Conexant Systems, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2017-12-21] (AVAST Software) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare) HKU\S-1-5-21-811882470-90441414-600605057-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-12-08] (Apple Inc.) HKU\S-1-5-21-811882470-90441414-600605057-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-12-08] (Apple Inc.) HKU\S-1-5-21-811882470-90441414-600605057-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-12-08] (Apple Inc.) HKU\S-1-5-21-811882470-90441414-600605057-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.) HKU\S-1-5-21-811882470-90441414-600605057-1001\...\Run: [hubiC] => C:\Program Files\OVH\hubiC\hubiC.exe [3527168 2015-03-03] (OVH) HKU\S-1-5-21-811882470-90441414-600605057-1001\...\Policies\Explorer: [DisallowCpl] 1 ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings) ProxyEnable: [HKLM] => Proxy est activé. ProxyEnable: [HKLM-x32] => Proxy est activé. ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080 ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080 AutoConfigURL: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080 Tcpip\Parameters: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{b46187da-592a-4f1f-854a-1a65506a6c3e}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{e0d35f1e-9ed2-44f3-add6-98445d6a1c51}: [DhcpNameServer] 172.20.10.1 ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKU\S-1-5-21-811882470-90441414-600605057-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQNOT14/3 HKU\S-1-5-21-811882470-90441414-600605057-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome SearchScopes: HKU\S-1-5-21-811882470-90441414-600605057-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-811882470-90441414-600605057-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Pas de nom -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> Pas de fichier BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-09-20] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2017-12-11] () Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2017-12-11] () Handler: mso-minsb-roaming.16 - Pas de valeur CLSID Handler: mso-minsb.16 - Pas de valeur CLSID Handler: osf-roaming.16 - Pas de valeur CLSID Handler: osf.16 - Pas de valeur CLSID Edge: ====== Edge Session Restore: HKU\S-1-5-21-811882470-90441414-600605057-1001 -> est activé. FireFox: ======== FF DefaultProfile: u6yduvik.default FF ProfilePath: C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default [2018-01-29] FF NetworkProxy: Mozilla\Firefox\Profiles\u6yduvik.default -> autoconfig_url", "data:text/javascript,var%20pac_engine%20%3D%20(function%20quine(browser)%7B%0A%0Avar%20E%20%3D%20%7B%7D%3B%0A%2F%2F%20XXX%20shachar%3A%20remove%20this%20and%20everything%20that%20uses%20it%0AE.def_ext%20%3D%20%5B'gif'%2C%20'png'%2C%20'jpg'%2C%20'mp3'%2C%20'css'%2C%20'mp4'%2C%20'wmv'%2C%20'flv'%2C%20'swf'%2C%0A%20%20%20%20'mkv'%2C%20'ico'%2C%20'f4v'%2C%20'h264'%2C%20'webp'%2C%20'webm'%5D%3B%0A%0A%2F%2F%20XXX%20note%20that%20console.log%20cannot%20be%20used%20in%20the%20pac%20file%20since%20it%20causes%0A%2F%2F%20IE10%20to%20reject%20the%20pac%20file%0Avar%20g_pac_engine%20%3D%20%7B%7D%3B%0A%0Afunction%20pac_redir(url%2C%20host%2C%20do_redir)%7B%0A%20%20%20%20if%20(!do_redir%20%7C%7C%20!g_pac_engine.redir_direct)%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20var%20ip%20%3D%20E.dns_resolver(host)%3B%0A%20%20%20%20if%20(browser.isInNet(ip%2C%20'10.0.0.0'%2C%20'255.0.0.0')%20%7C%7C%0A%20%20%20%20%20%20%20%20browser.isInNet(ip%2C%20'172.16.0.0'%2C%20'255.240.0.0')%20%7C%7C%0A%20%20%20%20%20%20%20%20browser.isInNet(ip%2C%20'192.168.0.0'%2C%20'255.255.0.0')%20%7C%7C%0A%20%20%20%20%20%20%20%20browser.isInNet(ip%2C%20'127.0.0.0'%2C%20'255.0.0.0'))%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(browser.isPlainHostName(host))%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20var%20m%20%3D%20url.match(%2F%5E.%2B%3A(%5B0-9%5D%2B)%5C%2F.*%24%2F)%3B%0A%20%20%20%20if%20(m%20%26%26%20m.length%3D%3D2%20%26%26%20m%5B1%5D!%3D'80')%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20if%20(url.match(%2F%5Ehttps%3A.*%24%2F))%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20return%20%7Bproxy%3A%20false%2C%0A%20%20%20%20%20%20%20%20str%3A%20'PROXY%20127.0.0.1%3A'%2Bg_pac_engine.redir_port%2B'%3B%20DIRECT'%7D%3B%0A%7D%0A%0Afunction%20get_ext(url)%7B%0A%20%20%20%20var%20ext%20%3D%20''%2C%20index%20%3D%20url.indexOf('%3F')%3B%0A%20%20%20%20if%20(index%3E%3D0)%0A%20%20%20%20%20%20%20%20url%20%3D%20url.slice(0%2C%20index)%3B%0A%20%20%20%20var%20ext_index%20%3D%20url.lastIndexOf('.'%2C%20url.length)%3B%0A%20%20%20%20var%20_ext_index%20%3D%20url.lastIndexOf('%2F'%2C%20url.length)%3B%0A%20%20%20%20if%20(ext_index%3E%3D0%20%26%26%20ext_index%3E_ext_index)%0A%20%20%20%20%20%20%20%20ext%20%3D%20url.slice(ext_index%2B1)%3B%0A%20%20%20%20else%20if%20(_ext_index%3E%3D0)%0A%20%20%20%20%20%20%20%20ext%20%3D%20url.slice(_ext_index%2B1)%3B%0A%20%20%20%20return%20ext%3B%0A%7D%0A%0Afunction%20is_ip(host)%7B%20return%20%2F%5E%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%24%2F.test(host)%3B%20%7D%0A%0Afunction%20handle_then(value%2C%20url%2C%20host%2C%20do_redir%2C%20exception%2C%20orig_proxy)%7B%0A%20%20%20%20if%20(value%3D%3D'DIRECT')%0A%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20var%20n%20%3D%20value.split('%20')%3B%0A%20%20%20%20if%20(exception%20%26%26%20n%5B0%5D%3D%3D'PROXY')%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20if%20(n.length%3D%3D1)%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20null%3B%0A%20%20%20%20%20%20%20%20if%20(!n%5B1%5D.indexOf('XX')%20%26%26%20orig_proxy)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20c%20%3D%20orig_proxy.split('%20')%5B1%5D.split('.')%5B0%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20true%2C%20str%3A%20'PROXY%20'%2Bn%5B1%5D.replace('XX'%2C%20c)%7D%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20if%20(n.length%3C2)%0A%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20else%20if%20(!%7BPROXY%3A%201%2C%20SOCKS%3A%201%2C%20SOCKS5%3A%201%7D%5Bn%5B0%5D%5D)%0A%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20if%20(g_pac_engine.ext)%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20true%2C%20str%3A%20value%7D%3B%0A%20%20%20%20return%20%7Bproxy%3A%20true%2C%20str%3A%20'PROXY%20127.0.0.1%3A'%2Bg_pac_engine.proxy_port%7D%3B%0A%7D%0A%0Afunction%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%20opt)%7B%0A%20%20%20%20if%20(!cmd%5B'if'%5D)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20if%20(cmd.dst_dns)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20handle_then(cmd.then%2C%20url%2C%20host%2C%20do_redir%2C%20opt.exception%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20opt.orig_proxy)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20cmd%5B'if'%5D%20%3D%20%5B%7Bext%3A%20'def-ext'%2C%20type%3A%20'in'%2C%20then%3A%20'DIRECT'%7D%5D%3B%0A%20%20%20%20%7D%0A%20%20%20%20var%20ext%20%3D%20get_ext(url)%3B%0A%20%20%20%20for%20(var%20i%3D0%3B%20i%3Ccmd%5B'if'%5D.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20_if%20%3D%20cmd%5B'if'%5D%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20var%20arg%20%3D%20null%2C%20value%20%3D%20null%3B%0A%20%20%20%20%20%20%20%20var%20type%20%3D%20'%3D%3D'%3B%0A%20%20%20%20%20%20%20%20if%20(!_if.then)%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20if%20(_if.type)%0A%20%20%20%20%20%20%20%20%20%20%20%20type%20%3D%20_if.type%3B%0A%20%20%20%20%20%20%20%20if%20(_if.host)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20host%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.host%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%20if%20(_if.url)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20url%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.url%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%20if%20(_if.ext)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20ext%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.ext%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(value%3D%3D'def-ext'%20%26%26%20!(value%20%3D%20rule%5B'def-ext'%5D))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20E.def_ext%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%20if%20(_if.main)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20opt.is_main%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.main%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20var%20cmp%3B%0A%20%20%20%20%20%20%20%20switch%20(type)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20case%20'%3D%3D'%3A%20cmp%20%3D%20arg%3D%3Dvalue%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!%3D'%3A%20cmp%20%3D%20arg!%3Dvalue%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'%3D~'%3A%20cmp%20%3D%20arg.match(value)%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!~'%3A%20cmp%20%3D%20!arg.match(value)%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'%3Da'%3A%0A%20%20%20%20%20%20%20%20case%20'in'%3A%20cmp%20%3D%20value.indexOf(arg)!%3D-1%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!a'%3A%0A%20%20%20%20%20%20%20%20case%20'not_in'%3A%20cmp%20%3D%20value.indexOf(arg)%3D%3D-1%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'%3Do'%3A%20cmp%20%3D%20!!value%5Barg%5D%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!o'%3A%20cmp%20%3D%20!value%5Barg%5D%3B%20break%3B%0A%20%20%20%20%20%20%20%20default%3A%20continue%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(cmp)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20handle_then(_if.then%2C%20url%2C%20host%2C%20do_redir%2C%20opt.exception%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20opt.orig_proxy)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(_if%5B'else'%5D)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20handle_then(_if%5B'else'%5D%2C%20url%2C%20host%2C%20do_redir%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20opt.exception%2C%20opt.orig_proxy)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20return%20handle_then(cmd.then%2C%20url%2C%20host%2C%20do_redir%2C%20opt.exception%2C%0A%20%20%20%20%20%20%20%20opt.orig_proxy)%3B%0A%7D%0A%0Afunction%20inet_aton(str)%7B%0A%20%20%20%20var%20laddr%20%3D%200%2C%20i%2C%20parts%20%3D%20%2F%5E(%5Cd%2B)%5C.(%5Cd%2B)%5C.(%5Cd%2B)%5C.(%5Cd%2B)%24%2F.exec(str)%3B%0A%20%20%20%20if%20(!parts)%0A%20%20%20%20%20%20%20%20return%20null%3B%0A%20%20%20%20parts.shift()%3B%0A%20%20%20%20for%20(i%3D0%3B%20i%3Cparts.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20laddr%20*%3D%20256%3B%0A%20%20%20%20%20%20%20%20laddr%20%2B%3D%20%2Bparts%5Bi%5D%3B%0A%20%20%20%20%7D%0A%20%20%20%20return%20laddr%3B%0A%7D%0A%0Afunction%20set_rule(name%2C%20rule%2C%20cmd%2C%20hosts)%7B%0A%20%20%20%20var%20_cif%20%3D%20cmd%5B'if'%5D%2C%20i%3B%0A%20%20%20%20if%20(_cif)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20for%20(i%3D0%3B%20i%3C_cif.length%3B%20i%2B%2B)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20_if%20%3D%20_cif%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(_if.type%3D%3D'%3D~'%20%7C%7C%20_if.type%3D%3D'!~')%0A%20%20%20%20%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if%20(_if.host)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20_if.host%20%3D%20new%20RegExp(_if.host)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20else%20if%20(_if.url)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20_if.url%20%3D%20new%20RegExp(_if.url)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20else%20if%20(_if.ext)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20_if.ext%20%3D%20new%20RegExp(_if.ext)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20if%20(!cmd.hosts)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20hosts.host s%5B'*'%5D%20%3D%20function(url%2C%20host%2C%20do_redir%2C%20opt)%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%20opt)%3B%20%7D%3B%0A%20%20%20%20%20%20%20%20return%3B%0A%20%20%20%20%7D%0A%20%20%20%20for%20(i%3D0%3B%20i%3Ccmd.hosts.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20_host%20%3D%20cmd.hosts%5Bi%5D%2C%20n%3B%0A%20%20%20%20%20%20%20%20if%20(n%20%3D%20_host.match(%2F%5E((%5Cd%7B1%2C3%7D%5C.)%7B3%7D%5Cd%7B1%2C3%7D)(%5C%2F(%5Cd%2B))%3F%24%2F))%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!cmd.ips)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20cmd.ips%20%3D%20%5B%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20bits%20%3D%2032%20-%20(n%5B4%5D%20%3F%20%2Bn%5B4%5D%20%3A%2032)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(bits%3C0)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20bits%20%3D%200%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20mask%20%3D%20inet_aton(n%5B1%5D)%20%3E%3E%3E%20bits%20%3C%3C%20bits%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.ips.push(%7Bmask%3A%20mask%2C%20bits%3A%20bits%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20func%3A%20function(url%2C%20host%2C%20do_redir%2C%20exception)%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20return%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20exception)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%7D%7D)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20hosts.hosts%5B_host%5D%20%3D%20function(url%2C%20host%2C%20do_redir%2C%20opt)%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%20opt)%3B%20%7D%3B%0A%20%20%20%20%7D%0A%7D%0A%0Afunction%20parse_cmds(name%2C%20rule%2C%20rules%2C%20hosts%2C%20by_rules)%7B%0A%20%20%20%20var%20cmds%20%3D%20rule.cmds%3B%0A%20%20%20%20if%20(!cmds)%0A%20%20%20%20%20%20%20%20return%3B%0A%20%20%20%20for%20(var%20i%3D0%3B%20i%3Ccmds.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20cmd%20%3D%20cmds%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20if%20(cmd.rule)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20_name%20%3D%20cmd.rule%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20parse_cmds(_name%2C%20rules%5B_name%5D%2C%20rules%2C%20hosts)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(!cmd.hosts%20%26%26%20!by_rules)%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20if%20(!cmd.then)%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20set_rule(name%2C%20rule%2C%20cmd%2C%20hosts)%3B%0A%20%20%20%20%7D%0A%7D%0Afunction%20hex_decode(h)%7B%0A%20%20%20%20var%20s%20%3D%20''%3B%0A%20%20%20%20for%20(var%20i%20%3D%200%3B%20i%20%3C%20h.length%3B%20i%2B%3D2)%0A%20%20%20%20%20%20%20%20s%20%2B%3D%20String.fromCharCode(parseInt(h.substr(i%2C%202)%2C%2016))%3B%0A%20%20%20%20return%20decodeURIComponent(escape(s))%3B%0A%7D%0Afunction%20local_hola_cb(url)%7B%0A%20%20%20%20var%20n%3B%0A%20%20%20%20try%20%7B%0A%20%20%20%20%20%20%20%20if%20(n%20%3D%20url.match(%2F%5Ehttp%3A%5C%2F%5C%2F(.*).local.hola%5C%2F%3F%24%2F))%0A%20%20%20%20%20%20%20%20%20%20%20%20n%20%3D%20JSON.parse(hex_decode(n%5B1%5D))%3B%0A%20%20%20%20%7D%20catch(e)%7B%20n%20%3D%20null%3B%20%7D%0A%20%20%20%20if%20(!n%20%7C%7C%20n.key!%3Dg_pac_engine.key)%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%200%2C%20str%3A%20'PROXY%20127.0.0.1%3A0'%7D%3B%0A%20%20%20%20if%20(!g_pac_engine.local_redir)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20g_pac_engine.local_redir%20%3D%20%7B%7D%3B%0A%20%20%20%20%20%20%20%20g_pac_engine.local_counter%20%3D%200%3B%0A%20%20%20%20%7D%0A%20%20%20%20var%20set%20%3D%20n.set%3B%0A%20%20%20%20var%20proxy%20%3D%20n.proxy%3B%0A%20%20%20%20var%20entry%20%3D%20g_pac_engine.local_redir%5Bset%5D%3B%0A%20%20%20%20if%20(!entry%20%7C%7C%20entry.proxy%20!%3D%20proxy)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20entry%20%3D%20g_pac_engine.local_redir%5Bset%5D%20%3D%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20proxy%3A%20proxy%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20count%3A%200%2C%0A%20%20%20%20%20%20%20%20%7D%3B%0A%20%20%20%20%7D%0A%20%20%20%20entry.count%2B%2B%3B%0A%20%20%20%20entry.ts%20%3D%20Date.now()%3B%0A%20%20%20%20return%20%7Bproxy%3A%200%2C%20str%3A%20'PROXY%20127.0.0.1%3A0'%7D%3B%0A%7D%0A%0AE.init%20%3D%20function(json%2C%20options)%7B%0A%20%20%20%20options%20%3D%20options%7C%7C%7B%7D%3B%0A%20%20%20%20g_pac_engine%20%3D%20%7B%0A%20%20%20%20%20%20%20%20hosts%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20ips%3A%20%5B%5D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_cache%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_counter%3A%200%2C%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20exceptions%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20ips%3A%20%5B%5D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_cache%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_counter%3A%200%2C%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20ext%3A%20options.ext%7C%7C0%2C%0A%20%20%20%20%20%20%20%20by_rules%3A%20options.by_rules%7C%7C0%2C%0A%20%20%20%20%20%20%20%20do_redir%3A%20options.do_redir%7C%7C0%2C%0A%20%20%20%20%20%20%20%20redir_direct%3A%20options.redir_direct%3D%3D%3Dundefined%20%7C%7C%20options.redir_direct%2C%0A%20%20%20%20%20%20%20%20proxy_port%3A%20options.proxy_port%7C%7C6857%2C%0A%20%20%20%20%20%20%20%20redir_port%3A%20options.redir_port%7C%7C6850%2C%0A%20%20%20%20%20%20%20%20key%3A%20options.key%2C%0A%20%20%20%20%20%20%20%20inited%3A%20true%2C%0A%20%20%20%20%7D%3B%0A%20%20%20%20if%20(!json.unblocker_rules)%0A%20%20%20%20%20%20%20%20return%20-1%3B%0A%20%20%20%20var%20rules%20%3D%20json.unblocker_rules%2C%20rule%2C%20i%3B%0A%20%20%20%20if%20(!g_pac_engine.by_rules)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20for%20(i%20in%20rules)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(rule.internal%20%7C%7C%20(g_pac_engine.ext%20%26%26%20!rule.enabled))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.hosts)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20else%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20g_pac_engine.rules%20%3D%20%7B%7D%3B%0A%20%20%20%20%20%20%20%20for%20(i%20in%20rules)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(rule.internal%20%7C%7C%20(g_pac_engine.ext%20%26%26%20!rule.enabled))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!rule.root_url)%0A%20%20%20%20%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.hosts)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!rule.cmds)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20g_pac_engine.rules%5Bi%5D%20%3D%20%7Bhosts%3A%20%7B%7D%2C%20ips%3A%20%5B%5D%2C%20hosts_cache%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20hosts_counter%3A%200%7D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.rules%5Bi%5D%2C%201)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20g_pac_engine.hosts.hosts%5B'local.hola'%5D%20%3D%20local_hola_cb%3B%0A%20%20%20%20g_pac_engine.hosts.hosts%5B'127.255.255.255'%5D%20%3D%20function(url%2C%20host)%7B%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%200%2C%20str%3A%20'PROXY%20'%2Bhost%2B'%3A0'%7D%3B%20%7D%3B%0A%20%20%20%20if%20(json.unblocker_globals)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20rules%20%3D%20json.unblocker_globals%3B%0A%20%20%20%20%20%20%20%20for%20(i%20in%20rules)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.exceptions)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20return%200%3B%0A%7D%3B%0A%0AE.firefox_init%20%3D%20function(browser)%7B%0A%20%20%20%20browser.runtime.onMessage.addListener(function(msg)%7B%0A%20%20%20%20%20%20%20%20switch%20(msg.id)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20case%20'init'%3A%20E.init(msg.json%2C%20msg.options)%3B%20break%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D)%3B%0A%20%20%20%20browser.runtime.sendMessage(%7Bid%3A%20'init'%2C%20from_pac_script%3A%20true%7D)%3B%0A%7D%3B%0A%0Afunction%20find_proxy_for_url(url%2C%20host%2C%20hosts%2C%20opt)%7B%0A%20%20%20%20opt%20%3D%20opt%7C%7C%7B%7D%3B%0A%20%20%20%20var%20do_redir%20%3D%20g_pac_engine.do_redir%3B%0A%20%20%20%20if%20(hosts.hosts_cache)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20c%20%3D%20hosts.hosts_cache%5Bhost%5D%3B%0A%20%20%20%20%20%20%20%20if%20(c%20%26%26%20c.func)%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20c.func(url%2C%20host%2C%20do_redir%2C%20opt)%3B%0A%20%20%20%20%20%20%20%20if%20(c)%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(hosts.hosts_counter%3E5000)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20hosts.hosts_counter%20%3D%200%3B%0A%20%20%20%20%20%20%20%20hosts.hosts_cache%20%3D%20%7B%7D%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(is_ip(host))%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20ip%20%3D%20inet_aton(host)%3B%0A%20%20%20%20%20%20%20%20var%20ips%20%3D%20hosts.ips%3B%0A%20%20%20%20%20%20%20%20for%20(var%20 i%3D0%3B%20i%3Cips.length%3B%20i%2B%2B)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20_ip%20%3D%20ips%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20((ip%20%3E%3E%3E%20_ip.bits%20%3C%3C%20_ip.bits)%5E_ip.mask)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_cache%5Bhost%5D%20%3D%20%7Bfunc%3A%20_ip.func%7D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_counter%2B%2B%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20_ip.func(url%2C%20host%2C%20do_redir%2C%20opt)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20var%20index%20%3D%20-1%3B%0A%20%20%20%20for%20(%3B%3B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20func%20%3D%20hosts.hosts%5B'*'%5D%7C%7Chosts.hosts%5Bhost.substr(index%2B1)%5D%3B%0A%20%20%20%20%20%20%20%20if%20(func)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_cache%5Bhost%5D%20%3D%20%7Bfunc%3A%20func%7D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_counter%2B%2B%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20func(url%2C%20host%2C%20do_redir%2C%20opt)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20((index%20%3D%20host.indexOf('.'%2C%20index%2B1))%3C0)%0A%20%20%20%20%20%20%20%20%20%20%20%20break%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(opt.exception)%0A%20%20%20%20%20%20%20%20return%20null%3B%0A%20%20%20%20hosts.hosts_cache%5Bhost%5D%20%3D%20%7B%7D%3B%0A%20%20%20%20hosts.hosts_counter%2B%2B%3B%0A%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%7D%0A%0AE.FindProxyForURL%20%3D%20function(url%2C%20host)%7B%0A%20%20%20%20var%20pac%20%3D%20g_pac_engine%2C%20locals%20%3D%20pac.local_redir%2C%20ret%3B%0A%20%20%20%20if%20(!pac.inited)%0A%20%20%20%20%20%20%20%20return%20'DIRECT'%3B%0A%20%20%20%20if%20(host.match(%2F%5E(.*)%5C.local%5C.hola%24%2F))%0A%20%20%20%20%20%20%20%20host%20%3D%20'local.hola'%3B%0A%20%20%20%20if%20(host.match(%2F%5E(.*)%5C.trigger%5C.hola%5C.org%24%2F))%0A%20%20%20%20%20%20%20%20host%20%3D%20host.replace('.trigger.hola.org'%2C%20'')%3B%0A%20%20%20%20if%20(locals%20%26%26%20host!%3D'local.hola')%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20then%20%3D%20locals%5Burl%5D%3B%0A%20%20%20%20%20%20%20%20if%20(then%20%26%26%20Date.now()%20-%20then.ts%20%3E%202000)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20then%20%3D%20false%3B%0A%20%20%20%20%20%20%20%20%20%20%20delete%20locals%5Burl%5D%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(then)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20then.count--%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!then.count)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20delete%20locals%5Burl%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20ret%20%3D%20handle_then(then.proxy%2C%20url%2C%20host%2C%20pac.do_redir)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20pac.local_counter%2B%2B%3B%0A%20%20%20%20%20%20%20%20if%20(!(pac.local_counter%251000))%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20cur_ts%20%3D%20Date.now()%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20for%20(var%20i%20in%20locals)%0A%20%20%20%20%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20var%20local%20%3D%20locals%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if%20(cur_ts-local.ts%20%3E%2010000)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20delete%20locals%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20pac.local_counter%20%3D%200%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20if%20(!ret)%0A%20%20%20%20%20%20%20%20ret%20%3D%20find_proxy_for_url(url%2C%20host%2C%20pac.hosts)%3B%0A%20%20%20%20if%20(ret.proxy)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20ex%20%3D%20find_proxy_for_url(url%2C%20host%2C%20pac.exceptions%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%7Bexception%3A%201%2C%20orig_proxy%3A%20ret.str%7D)%3B%0A%20%20%20%20%20%20%20%20if%20(ex)%0A%20%20%20%20%20%20%20%20%20%20%20%20ret%20%3D%20ex%3B%0A%20%20%20%20%7D%0A%20%20%20%20return%20ret.str%3B%0A%7D%3B%0A%0AE.find_proxy_for_url_rule%20%3D%20function(rule%2C%20url%2C%20host%2C%20is_main%2C%20no_global)%7B%0A%20%20%20%20var%20pac%20%3D%20g_pac_engine%2C%20ret%3B%0A%20%20%20%20if%20(host.match(%2F%5E(.*)%5C.trigger%5C.hola%5C.org%2F))%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20host%20%3D%20host.replace('.trigger.hola.org'%2C%20'')%3B%0A%20%20%20%20%20%20%20%20url%20%3D%20url.replace('.trigger.hola.org'%2C%20'')%3B%0A%20%20%20%20%7D%0A%20%20%20%20var%20r%20%3D%20pac.rules%20%26%26%20rule%20%3F%20pac.rules%5Brule%5D%20%3A%20pac.hosts%3B%0A%20%20%20%20if%20(!r)%0A%20%20%20%20%20%20%20%20return%20'DIRECT'%3B%0A%20%20%20%20ret%20%3D%20find_proxy_for_url(url%2C%20host%2C%20r%2C%20%7Bis_main%3A%20is_main%7D)%3B%0A%20%20%20%20if%20(ret.proxy%20%26%26%20!no_global)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20ex%20%3D%20find_proxy_for_url(url%2C%20host%2C%20pac.exceptions%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%7Bexception%3A%201%2C%20orig_proxy%3A%20ret.str%7D)%3B%0A%20%20%20%20%20%20%20%20if%20(ex)%0A%20%20%20%20%20%20%20%20%20%20%20%20ret%20%3D%20ex%3B%0A%20%20%20%20%7D%0A%20%20%20%20return%20ret.str%3B%0A%7D%3B%0A%0AE.find_proxy_for_url_exception%20%3D%20function(url%2C%20host%2C%20orig)%7B%0A%20%20%20%20var%20ret%20%3D%20find_proxy_for_url(url%2C%20host%2C%20g_pac_engine.exceptions%2C%0A%20%20%20%20%20%20%20%20%7Bexception%3A%201%2C%20orig_proxy%3A%20orig%7D)%3B%0A%20%20%20%20return%20ret%20%3F%20ret.str%20%3A%20orig%3B%0A%7D%3B%0A%0AE.t%20%3D%20%7B%0A%20%20%20%20global_var%3A%20function()%7B%20return%20g_pac_engine%3B%20%7D%2C%0A%20%20%20%20pac_redir%3A%20pac_redir%2C%0A%20%20%20%20get_ext%3A%20get_ext%2C%0A%7D%3B%0A%0AE.gen_pac%20%3D%20function(json%2C%20options)%7B%0A%20%20%20%20return%20'var%20pac_engine%20%3D%20('%2Bquine%2B')(%7B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'%20%20%20%20isInNet%3A%20isInNet%2C%20isPlainHostName%3A%20isPlainHostName%7D)%3B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'function%20FindProxyForURL(url%2C%20host)%7B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'%20%20%20%20return%20pac_engine.FindProxyForURL(url%2C%20host)%3B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'%7D%5Cn'%0A%20%20%20%20%20%20%20%20%2B'pac_engine.dns_resolver%20%3D%20dnsResolve%3B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'pac_engine.init('%2BJSON.stringify(json)%2B'%2C%20'%0A%20%20%20%20%20%20%20%20%20%20%20%20%2BJSON.stringify(options)%2B')%3B%5Cn'%3B%0A%7D%3B%0A%0AE.gen_firefox_pac%20%3D%20function()%7B%0A%20%20%20%20return%20'var%20pac_engine%20%3D%20('%2Bquine%2B')(%7B%7D)%3B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'function%20FindProxyForURL(url%2C%20host)%7B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'%20%20%20%20return%20pac_engine.FindProxyForURL(url%2C%20host)%3B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'%7D%5Cn'%0A%20%20%20%20%20%20%20%20%2B'pac_engine.firefox_init(browser)%3B%5Cn'%3B%0A%7D%3B%0A%0Areturn%20E%3B%20%7D)(%7B%0A%20%20%20%20isInNet%3A%20isInNet%2C%20isPlainHostName%3A%20isPlainHostName%7D)%3B%0Afunction%20FindProxyForURL(url%2C%20host)%7B%0A%20%20%20%20return%20pac_engine.FindProxyForURL(url%2C%20host)%3B%0A%7D%0Apac_engine.dns_resolver%20%3D%20dnsResolve%3B%0Apac_engine.init(%7B%22unblocker_rules%22%3A%7B%7D%7D%2C%20%7B%22do_redir%22%3Afalse%2C%22ext%22%3A1%2C%22key%22%3A%2268765f85fc53221a7e1da7aa49663fa89674feaef79c7064bce6444e3fe6%22%7D)%3B%0A" FF Session Restore: Mozilla\Firefox\Profiles\u6yduvik.default -> est activé. FF Extension: (Grammarly for Firefox) - C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2017-11-29] FF Extension: (AdBlocker Ultimate) - C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-12-12] FF Extension: (__MSG_extName__) - C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\Extensions\firefoxdav@icloud.com.xpi [2017-12-14] FF Extension: (Unlimited Free VPN - Hola) - C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi [2017-12-30] FF Extension: (Avast Passwords) - C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2018-01-18] FF Extension: (Avast SafePrice) - C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\Extensions\sp@avast.com.xpi [2017-12-05] FF Extension: (Avast Online Security) - C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\Extensions\wrc@avast.com.xpi [2017-11-10] FF Extension: (Video DownloadHelper) - C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-19] FF Extension: (Pas de nom) - C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\u6yduvik.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2018-01-17] FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2017-11-30] [Legacy] FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-17] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-09-13] (Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-09-13] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-17] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-09-13] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-12-01] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-12-01] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-12-01] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-12-01] (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-09-13] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-811882470-90441414-600605057-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-09-13] (Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-11-30] CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-11-30] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.) R2 ASUS Flip Service; C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [14776 2015-11-18] (ASUS) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2017-12-21] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2017-12-21] (AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7780528 2018-01-15] (Microsoft Corporation) R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-10-02] (Intel Corporation) R2 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] () S3 FoxitPhantomService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1658944 2017-12-11] (Foxit Software Inc.) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-10-15] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel Corporation) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-12-02] () R2 SAService; C:\Windows\system32\SAsrv.exe [427224 2015-04-17] (Conexant Systems, Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH) R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224 2015-12-02] (Intel® Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [88568 2016-03-03] (ASUS Corporation) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [185096 2017-12-21] (AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2017-12-21] (AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2017-12-21] (AVAST Software) R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2017-12-21] (AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2017-12-21] (AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [149344 2017-12-21] (AVAST Software) S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2017-12-21] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146664 2017-12-21] (AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110336 2017-12-21] (AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84384 2017-12-21] (AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1025176 2017-12-21] (AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [457400 2017-12-21] (AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204456 2017-12-21] (AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [358672 2017-12-21] (AVAST Software) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [57304 2015-10-02] (Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-10-02] (Intel Corporation) R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-10-02] (Intel Corporation) S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] () [Fichier non signé] R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [47928 2015-11-04] (Intel) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [732416 2016-10-15] (Intel Corporation) R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [135992 2015-11-04] (Intel) R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [71992 2015-11-09] (Intel) R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (QUALCOMM Incorporated) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) ========================== MD5 Pilotes ======================= C:\WINDOWS\System32\drivers\1394ohci.sys 08312DEEF0D3F8647AA53AD90A69094E C:\WINDOWS\System32\drivers\3ware.sys 645009E711BBF117CCEE917A03FB0CDD C:\WINDOWS\System32\drivers\ACPI.sys 69481E5474C7E61CDB3FE6A8A0F3B1B4 C:\WINDOWS\System32\drivers\AcpiDev.sys 44EA35A4B397898A83BF1B9B4B8DAE35 C:\WINDOWS\System32\Drivers\acpiex.sys 91D113A1532B8AB1E25B7DE5AB3C2F83 C:\WINDOWS\System32\drivers\acpipagr.sys 620BB2682BA625DF037072D89F44F6EE C:\WINDOWS\System32\drivers\acpipmi.sys B9805A3C479390CEAEA5AEF5E4A90A2E C:\WINDOWS\System32\drivers\acpitime.sys ABD4EB55C661143B015BD0B9B47B235C C:\WINDOWS\System32\drivers\ADP80XX.SYS 8C58BD711FAD5F11E8CFDBC5CED973A5 C:\WINDOWS\system32\drivers\afd.sys 7AE4EBDC221235BF9E1008B515C0B8DB C:\WINDOWS\System32\DRIVERS\ahcache.sys 56166D110D3ECFFC595E5FA02D9BA491 C:\WINDOWS\system32\DRIVERS\AiCharger.sys 50910888109FA9C041D9256541BE70EC C:\WINDOWS\System32\drivers\amdk8.sys 62619E31AFF88F906A7E793AC4A9FF51 C:\WINDOWS\System32\drivers\amdppm.sys 735142DD039BEB35632765C41FC6E397 C:\WINDOWS\System32\drivers\amdsata.sys F1C16AABA27E9E153AEC7BD2AB853F30 C:\WINDOWS\System32\drivers\amdsbs.sys C834D0F1ECB8473E9E6D18EE1BCEECB2 C:\WINDOWS\System32\drivers\amdxata.sys 49203D2FFE30CBB36BE66A0E70F3D954 C:\WINDOWS\system32\drivers\AmUStor.SYS FA28AB5BD11BC4845EC54E051DE8B64E C:\WINDOWS\System32\drivers\appid.sys 3692C75C47285D388C886D162F54C430 C:\WINDOWS\System32\drivers\applockerfltr.sys 1E085E2302D568F0CE041732B3E887B0 C:\WINDOWS\System32\drivers\arcsas.sys B42C83DE28776B80DBA1310C56DD4F74 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 116DD55EEF8843D7C526EB17A932822F C:\WINDOWS\System32\drivers\AsusPTPFilter.sys 82D7B2A7D7BAA9EE31CCF75AFC10FCDD C:\WINDOWS\System32\drivers\aswArPot.sys 6212832F13B296DDBC85B24E22EDB5EC C:\WINDOWS\System32\drivers\aswbidsdrivera.sys 9E3CAA4E0E81BDC0E529BF3B32F9A08F C:\WINDOWS\System32\drivers\aswbidsha.sys FD31AC49D034541FF25BD6B158153035 C:\WINDOWS\System32\drivers\aswbloga.sys 47DF29AA4FBE5A290B309D7F9109233E C:\WINDOWS\System32\drivers\aswbuniva.sys 0C9979B3B4B8472EB4286DFBBE37DEDA C:\WINDOWS\System32\drivers\aswHdsKe.sys 98A539F491E18AD6B9A9B62D6588F86E C:\WINDOWS\System32\drivers\aswHwid.sys 0A857F3B9D698BDABAE369906E7E785E C:\WINDOWS\System32\drivers\aswMonFlt.sys EB132BE4994AFCE8BF37D4A6C4B4627B C:\WINDOWS\System32\drivers\aswRdr2.sys C59C55F8A6ADCDB0A0550C2A4DA54AAC C:\WINDOWS\System32\drivers\aswRvrt.sys EEE0BE78C10DD68D6ABB076E88D60B96 C:\WINDOWS\System32\drivers\aswSnx.sys A2287AC5418073C2A584814C8B2997F8 C:\WINDOWS\System32\drivers\aswSP.sys 32E1CDA6291ACE8803CC21D426600B31 C:\WINDOWS\System32\drivers\aswStm.sys CFED6D223DFB776AD9FCF1661F0B8D1C C:\WINDOWS\System32\drivers\aswVmm.sys BC5A2D81EACCC1791AA19C45E1A083CC C:\WINDOWS\System32\drivers\asyncmac.sys C2151380227CD1F7DDA2401C1F151367 C:\WINDOWS\System32\drivers\atapi.sys 6191B9B2EE0E8CB957C683B9B341CC86 C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 0E717D7FED23731863EC44B4031DC268 C:\WINDOWS\System32\drivers\bxvbda.sys A921805C1ED3253DF48FCA4D724173EB C:\WINDOWS\System32\drivers\bam.sys 763CF81762483E244BAEB83DEFFC53F3 C:\WINDOWS\System32\drivers\BasicDisplay.sys 2A7267AA15E508F6D05A5B562F1FD1CE C:\WINDOWS\System32\drivers\BasicRender.sys 2E1EE0F10FAF1250D1AC05BFB0E6BD3D C:\WINDOWS\System32\drivers\bcmfn2.sys 739D089777D2B66DBE7201E5EA4BA2D7 C:\Windows\System32\Drivers\Beep.sys EDDAA3A563E7EB71C991FE91249C7D81 C:\WINDOWS\System32\DRIVERS\bowser.sys D030A1203680D66716F4E74053468627 C:\WINDOWS\System32\drivers\BthAvrcpTg.sys A4863B7B1F0DB513D6E34547BACC211A C:\WINDOWS\system32\DRIVERS\BthEnum.sys 82BD96D56574231AD0E9BBF293EA2E7F C:\WINDOWS\System32\drivers\bthhfenum.sys 9C9EE272C11252C651C5DE6A1AC1EDAA C:\WINDOWS\System32\drivers\BthHFHid.sys 69734E386826ED857C889330F35B4D9C C:\WINDOWS\system32\DRIVERS\bthl2cap.sys 338B8D45C7DFB03DB7957188E16C9661 C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys 47BF82E2A6D11279C8501E08518AB835 C:\WINDOWS\System32\drivers\bthmodem.sys A94AFAEA86F5F792BB4ECA095B231464 C:\WINDOWS\System32\drivers\bthpan.sys 4F58D8C265FFA943878CF7F922432847 C:\WINDOWS\System32\drivers\BTHport.sys D970480A59C314CC344118D7B185D7E6 C:\WINDOWS\System32\drivers\BTHUSB.sys 55C836530A9602255BFB4F5D9DA2B737 C:\WINDOWS\System32\drivers\bttflt.sys 39E7437FC59CDD7A303ABD514E462E8B C:\WINDOWS\System32\drivers\buttonconverter.sys 522888590B0C19BC8128119060AE7901 C:\WINDOWS\System32\drivers\CAD.sys 2AB01CE5E233A6FBA3E91BD57772AA4B C:\WINDOWS\System32\drivers\capimg.sys F6F97879F53AD57194C6BC8272FD73EA C:\WINDOWS\System32\DRIVERS\cdfs.sys 9E82A95D77AC78C84BA75FF896B060BF C:\WINDOWS\System32\drivers\cdrom.sys 6D83565C1652E80447EDEA6947FA89D7 C:\WINDOWS\System32\drivers\cht4sx64.sys D81954CE5E016FD716EDDB2B2FD9BA58 C:\WINDOWS\System32\drivers\cht4vx64.sys F9A8570805807FFD66488F0A858E1308 C:\WINDOWS\System32\drivers\circlass.sys 9798D58461706930190F1F2F6BF21D80 C:\WINDOWS\System32\drivers\cldflt.sys 3B5973C9D50DE90CEB6D7DC85216AA86 C:\WINDOWS\System32\drivers\CLFS.sys 59D46CE57A49353A733D162DBA65A4FA C:\WINDOWS\System32\drivers\CmBatt.sys 2BA3BA38B5A6A667B0EAEC477276707B C:\WINDOWS\System32\Drivers\cng.sys B3CC988A9D8B8EC66ED2B7B7B3413652 C:\WINDOWS\System32\DRIVERS\cnghwassist.sys C65AF00EF12A1755E7CA370B0C71935D C:\WINDOWS\system32\drivers\CHDRT64.sys 7EDE5E1AC5A73290F1AF992774EB0D38 C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys A50300498D56B2448F3593D25478D508 C:\WINDOWS\System32\drivers\condrv.sys 65602B0DB49199647FECB2D1212147BE C:\WINDOWS\System32\drivers\dam.sys 72BE43ABD786E86AAE7EA2193201E100 C:\WINDOWS\System32\Drivers\dfsc.sys 9910E9CFF5ECDCB225F82E72CE9DE459 C:\WINDOWS\System32\drivers\ssudbus.sys 9593475FBC857A05D93BFF4FA7323C2B C:\WINDOWS\System32\drivers\disk.sys 811173C821171BB910219E53C7FD97AD C:\WINDOWS\System32\drivers\dmvsc.sys 569FE16775E15A49DC904DE20BF8CAA0 C:\WINDOWS\System32\drivers\dptf_acpi.sys 85680CFC129C7BD79B09404DB833DB78 C:\WINDOWS\System32\drivers\dptf_cpu.sys 4FC126DB5602E8661E9D78818C3FCED7 C:\WINDOWS\System32\drivers\drmkaud.sys F4800922F4ABA619585CE320A72E6389 C:\WINDOWS\System32\drivers\dxgkrnl.sys 0DF6B436F579E1DD23C8EBD61EE749E8 C:\WINDOWS\System32\drivers\evbda.sys C99D40C97841E0A7F0F90B8629593A97 C:\WINDOWS\System32\drivers\EhStorClass.sys 260BBD6B1ED06298E509B452354EDB91 C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys F3BEBDC1B9DBA32F183079EAE6244837 C:\WINDOWS\System32\drivers\errdev.sys 1B63CA857FD03FD0A5A1379F2996784F C:\WINDOWS\system32\DRIVERS\esif_lf.sys 438D377AF3651B762568AB6CFAE3C831 C:\Windows\System32\Drivers\exfat.sys F1ACA42D448E3986565EA54275EEEA65 C:\Windows\system32\drivers\farmntio.sys 0EE1D766D9B671AB101978723FE3558B C:\Windows\System32\Drivers\fastfat.sys 0AF4B36754A6EAE794EE4398E219A9E1 C:\WINDOWS\System32\drivers\fdc.sys 7CD8426A33F06EB72BFEC51F7C264AF8 C:\WINDOWS\System32\drivers\filecrypt.sys DE51BBBCF358188F9736F031546F9908 C:\WINDOWS\System32\drivers\fileinfo.sys 822F664952B0F8D11BB6BD2F11779602 C:\WINDOWS\System32\drivers\filetrace.sys 5A4935682A0D47A4EAC4BE3C2ACF74D6 C:\WINDOWS\System32\drivers\flpydisk.sys 60641F22D1D38EAD197C25F0339C9712 C:\WINDOWS\System32\drivers\fltmgr.sys 56F9EAA7099159759B2F6C523007A13F C:\WINDOWS\System32\drivers\FsDepends.sys 5D8A0E58E3F82583697E3F07052435AA C:\Windows\System32\Drivers\Fs_Rec.sys BB82CC2F51F7C3D5DCD13FA3B040D8F8 C:\WINDOWS\System32\DRIVERS\fvevol.sys 69C669540A850553AF9589DB05A2A7D0 C:\WINDOWS\System32\drivers\vmgencounter.sys 3B5DDF1061930A0A891FA63DB0CB878B C:\WINDOWS\System32\drivers\genericusbfn.sys 8B34E3F794F652082D7E8AF112F71681 C:\WINDOWS\System32\Drivers\msgpioclx.sys 127C23F4720C8902A3AB0FEE12205317 C:\WINDOWS\System32\drivers\gpuenergydrv.sys C7DEA3458E50B691E69EFF0B47CBCCDB C:\WINDOWS\System32\drivers\HDAudBus.sys 99A34FD1F6431A10D8C3BB50E170D0F2 C:\WINDOWS\System32\drivers\HidBatt.sys 2443FC6EEB9CF092B62127D867901B02 C:\WINDOWS\System32\drivers\hidbth.sys 205043CDC16ADE85E252DD54AE925161 C:\WINDOWS\System32\drivers\hidi2c.sys B521DDDC9038C066B1B957BF063A531A C:\WINDOWS\System32\drivers\hidinterrupt.sys 5AC0EBFA76E93273A806176D3178E986 C:\WINDOWS\System32\drivers\hidir.sys 366AC0E05EBF5D5C375F65CD8BC7F0DF C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys 38DA94B6DD8022DA43810E4328608E54 C:\WINDOWS\System32\drivers\hidusb.sys 7CB54D02746024648FCE184FC3F941FF C:\WINDOWS\System32\drivers\HID_PCI.sys 78C78504A6C58E7A7F3156707A64CC2E C:\WINDOWS\System32\drivers\HpSAMD.sys 835FB95D85D362057A72D21A48C2C7F8 C:\WINDOWS\System32\drivers\HTTP.sys 717D6E92D0143BCC4C36976BFFD94753 C:\WINDOWS\System32\drivers\hvservice.sys 9F2CFC90306532866C62BDCDFD2532AA C:\WINDOWS\System32\Drivers\mshwnclx.sys 3737FE486929AFC48F1D10677B698E52 C:\WINDOWS\System32\drivers\hwpolicy.sys 3C65EBF7F1BFD98426C355D66876ECEE C:\WINDOWS\System32\drivers\hyperkbd.sys 7E00234C67A322988AFEA717D5609C9E C:\WINDOWS\System32\drivers\HyperVideo.sys FBF5BB641DE99AE1DF4835E88D4F8993 C:\WINDOWS\System32\drivers\i8042prt.sys 56FF074E50F9042FD2856AB3418F4B18 C:\WINDOWS\System32\drivers\iagpio.sys B5EC43755E62591197DE5CBBDAA9FEB7 C:\WINDOWS\System32\drivers\iai2c.sys D8CA23F9C5FEF44296FDE1E005C06EC0 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 7B769C9D19C013F94874C4B15D59A005 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys E0F1B3A2A70FABE3BE1C9140BB55E607 C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 89A869BCC0588A3009ECB875B09ECD39 C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys 2E693DF3C02A0859DB8DE25772751100 C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys 54829E0B5F2FF133E6AEF13104689FA1 C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7 C:\WINDOWS\System32\drivers\iaStorA.sys 41E45C6BEBD99C7359EC2E28D346DD47 C:\WINDOWS\System32\drivers\iaStorAV.sys 435883A27A376B125BD4DF888417C85F C:\WINDOWS\System32\drivers\iaStorV.sys 7118E4390C4ACDE61E280CE52BCAF44E C:\WINDOWS\System32\drivers\ibbus.sys 9DBE8C359ABACE1BE1BBAB687D114506 C:\WINDOWS\system32\DRIVERS\ibtusb.sys F1298C1E50E68D77FCB76073B058B69F C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igdkmd64.sys 0BE62DDF66932D1BC1FCB5DF74173680 C:\WINDOWS\System32\drivers\IndirectKmd.sys 42CAF6216A6E516DC56BA319ACC7EEC5 C:\WINDOWS\system32\DRIVERS\IntcDAud.sys A6087A824507CAB1ED568895F8081950 C:\WINDOWS\System32\drivers\intelide.sys 40943C1CD031ACE06A8374AD56B9E5EA C:\WINDOWS\System32\drivers\intelpep.sys 327D9CCF5492543AEF3979F9EEAD02BE C:\WINDOWS\System32\drivers\intelppm.sys 10F2757836F41BFAEA2AE19F6FE869B2 C:\WINDOWS\System32\drivers\invdimm.sys 8387E90B551B9B7F32EDC69909591E9E C:\WINDOWS\System32\drivers\iorate.sys E207078E0E1BB3524277DB9077E4148E C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys FD8F64B7B345E539F2EA7F72846F83B4 C:\WINDOWS\System32\drivers\IPMIDrv.sys 8AAB863E72A4F9C578FED2EE3541545B C:\WINDOWS\System32\drivers\ipnat.sys 7BEC2AF23F586EFF0DB4DBF4331B0C70 C:\WINDOWS\System32\drivers\ipt.sys 35A54F19E703D4FE5919F812F6CC5D0A C:\WINDOWS\system32\drivers\irda.sys 359CDDBC825959DA28FA886B3C271B53 C:\WINDOWS\System32\drivers\irenum.sys F88664A2A82DDA456180FFF95A771765 C:\WINDOWS\System32\drivers\isapnp.sys 2296B158C43C306B0AC5B4D57EA9F0E1 C:\WINDOWS\System32\drivers\msiscsi.sys 2DC0765992CFECE3B13F3BFD20E69DCC C:\WINDOWS\System32\drivers\ISH.sys 544FB0543707090EFA59C83F33BAC0EE C:\WINDOWS\System32\drivers\ISH_BusDriver.sys 4F0F84A73442B7AD12EF3C2C645058E0 C:\WINDOWS\System32\drivers\kbdclass.sys E320F986BBE0CD9324EA0A193EBF29B1 C:\WINDOWS\System32\drivers\kbdhid.sys AFF5DDCC1A79217C9526FF5E01A69E89 C:\WINDOWS\System32\drivers\kdnic.sys 916E62AF3386F7A74603E5C545F6FF2D C:\WINDOWS\System32\Drivers\ksecdd.sys 69FA8BEBADF807089FEFCD3F59CFAC1E C:\WINDOWS\System32\Drivers\ksecpkg.sys C1081E2B36F77781167FD9401119B98E C:\WINDOWS\system32\drivers\ksthunk.sys DD8C4726127CFE313233372D70787C37 C:\WINDOWS\System32\drivers\lltdio.sys CB5A6E117502156794F0DA9E61506006 C:\WINDOWS\System32\drivers\lsi_sas.sys 20048BEE892138A745B1C23EBB0E069F C:\WINDOWS\System32\drivers\lsi_sas2i.sys 9EAB16572B576979D585DDEDB12417CD C:\WINDOWS\System32\drivers\lsi_sas3i.sys 3B7B359C0870317106DF3438D4FF491D C:\WINDOWS\System32\drivers\lsi_sss.sys 2DE03BA338A4B0ACDB416A30F1C7D56F C:\WINDOWS\system32\drivers\luafv.sys 9A497169E145FCE2D8AA7DBC67377F64 C:\WINDOWS\System32\drivers\mausbhost.sys BF56CB9D02DEE8CA9CBA50220BE16F15 C:\WINDOWS\System32\drivers\mausbip.sys 01BDEE1FFF6D2216797DFEE4ABD937D9 C:\WINDOWS\System32\drivers\megasas.sys C7B8B5053D646CBD30BE1BA6B487D396 C:\WINDOWS\System32\drivers\MegaSas2i.sys EB8ED3204499DDB2D3BA094A4563EE3E C:\WINDOWS\System32\drivers\megasr.sys F1C1D4E752DE1D58295040E5BE8813AF C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys FB4FD57CB9A6424C91D041844ADA059E C:\WINDOWS\System32\drivers\mlx4_bus.sys 16B078D1089FEA98710C9D07C152DCEE C:\WINDOWS\system32\drivers\mmcss.sys 20C57CE47B1A877C48A4B68E9A4E21FA C:\WINDOWS\System32\drivers\modem.sys A4467A5C080318F0CCCF5ED463821F8B C:\WINDOWS\System32\drivers\monitor.sys 78BE85C1F1C7F3AF6C87BCE127007D5A C:\WINDOWS\System32\drivers\mouclass.sys 8E262B34A8BD184B4B3025AA8C396B00 C:\WINDOWS\System32\drivers\mouhid.sys C094A555F148495EA130D3BBC5232D5E C:\WINDOWS\System32\drivers\mountmgr.sys 6434BC884502E95EEA2379C92DD22B60 C:\WINDOWS\System32\drivers\mpsdrv.sys F36E4074C66DD31855A8D79EF0AE8066 C:\WINDOWS\system32\drivers\mrxdav.sys 215D672CB71987CD98EB2298EFB84DDC C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 34898F29BF0E9A84E183046318D17814 C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 87FF93E7420C9068C0D5B2F3109809F4 C:\WINDOWS\System32\drivers\bridge.sys 167408B38458ECAE545C57527BC99024 C:\Windows\System32\Drivers\Msfs.sys AE111778CA6AC08862B3C713F0413333 C:\WINDOWS\System32\drivers\msgpiowin32.sys 6DDDFCAB646BBBCFC583135C4430E10F C:\WINDOWS\System32\drivers\mshidkmdf.sys 01C6A86BEA8279E557A5056148F068BF C:\WINDOWS\System32\drivers\mshidumdf.sys F65ABC7DE945047147F17330F79732CB C:\WINDOWS\System32\drivers\msisadrv.sys 05B23012427801E710BDD12720B9020B C:\WINDOWS\System32\drivers\MSKSSRV.sys B25B2CD3E052D68075A3814AAA0C6421 C:\WINDOWS\System32\drivers\mslldp.sys C3F5EA6B9041A30B4F11BE2E7863E487 C:\WINDOWS\System32\drivers\MSPCLOCK.sys 601D666820F0408B896791D19BE6D258 C:\WINDOWS\System32\drivers\MSPQM.sys 46E61FBA0097E48E5628C74A3F72233A C:\Windows\System32\Drivers\MsRPC.sys 4EB9B77179BDEE89C496E60D4BF85CC1 C:\WINDOWS\System32\drivers\mssmbios.sys CBD56E0B55FB3672BA80382EC2F8835C C:\WINDOWS\System32\drivers\MSTEE.sys 5734B2A36D3BB13A638E5305EEEC582D C:\WINDOWS\System32\drivers\MTConfig.sys 85270E0DC6907C6B99F72A36F17AED34 C:\WINDOWS\System32\Drivers\mup.sys DB5B1539F5EBB3DD3A7ED25ADBC4D6D9 C:\WINDOWS\System32\drivers\mvumis.sys 3C57FF3BCF496D24C39C2198158864BB C:\WINDOWS\System32\DRIVERS\nwifi.sys 8A9CD53B0FBE679116638120CCBB201E C:\WINDOWS\System32\drivers\ndfltr.sys 77B047B109CE758A017F58FAE5038D0D C:\WINDOWS\System32\drivers\ndis.sys 7FF306C78B0DC31192657B47539D5688 C:\WINDOWS\System32\drivers\ndiscap.sys 067AE5BA349CC35AF8975D22DC483DDF C:\WINDOWS\System32\drivers\NdisImPlatform.sys 6FC4D7EB5D38CFB7966405036116F065 C:\WINDOWS\System32\DRIVERS\ndistapi.sys ED7CC4E16B76B2603C9F827188EA63B4 C:\WINDOWS\System32\drivers\ndisuio.sys 8D977AFC195A3F4B15B05D02B2BD0292 C:\WINDOWS\System32\drivers\NdisVirtualBus.sys DC1D26D62F40B7552BCF49D92774F0C5 C:\WINDOWS\System32\drivers\ndiswan.sys 66F56AC744101DB870934D0EB31C2426 C:\WINDOWS\System32\DRIVERS\ndiswan.sys 66F56AC744101DB870934D0EB31C2426 C:\WINDOWS\System32\DRIVERS\NDProxy.sys 8ABF5B8D5839F8DAE2E0D3165AE732F6 C:\WINDOWS\System32\drivers\Ndu.sys A791792DC412CCD83DA0AF6871682552 C:\WINDOWS\System32\drivers\netaapl64.sys EE00C544C025958AF50C7B199F3C8595 C:\WINDOWS\System32\drivers\NetAdapterCx.sys BE79982A50AC88BC0765F3AFECFCB596 C:\WINDOWS\System32\drivers\netbios.sys E899D26A0C2555AC30ACDD526056E51F C:\WINDOWS\System32\DRIVERS\netbt.sys 7FC54F2AF5EC52C7AC05AD90FFC757E6 C:\WINDOWS\System32\drivers\netvsc.sys 680EB4AEA08EAC80C384E90E430DF16D C:\WINDOWS\System32\drivers\Netwtw04.sys 9018527E56D9CADB80FE5D1CB824D5D9 C:\Windows\System32\Drivers\Npfs.sys 84EB8F01B140618518AFF30B9951F132 C:\WINDOWS\System32\drivers\npsvctrig.sys 5CB8082E51DE7D19042F0FF8C517CB0D C:\WINDOWS\System32\drivers\nsiproxy.sys 958921BB7AE2671983743FDA0DD587C4 C:\Windows\System32\Drivers\NTFS.sys E20EC8E25969ABD9F5FED6EDEA57EC0C C:\Windows\System32\Drivers\Null.sys 0D1E03A5F87F4DE04D97622C686910A2 C:\WINDOWS\System32\drivers\nvdimmn.sys 532F27A2B62D70C327E763F035AED6C1 C:\WINDOWS\System32\drivers\nvraid.sys 7E04652EB1A476BC0A72ECDC613AF0C5 C:\WINDOWS\System32\drivers\nvstor.sys 880B3E874914DAEF97119876543AE117 C:\WINDOWS\System32\drivers\parport.sys 2E07EC2C1622F5E7B535D62DCD61F3AB C:\WINDOWS\System32\drivers\partmgr.sys 023DDF9DE429B2E6F0BADA72AA98EF8B C:\WINDOWS\System32\drivers\pci.sys 9BF965EE361849567DB1664BEDFA9569 C:\WINDOWS\System32\drivers\pciide.sys E5AF806815ED797086629741F29E4156 C:\WINDOWS\System32\drivers\pcmcia.sys 2A631D447B988AFBE847CBAA8E5CC298 C:\WINDOWS\System32\drivers\pcw.sys ACD510CF2B631A2D36B2CFB7D31E22FD C:\WINDOWS\System32\drivers\pdc.sys 1796112EB89559910BC18865A29C8894 C:\WINDOWS\System32\drivers\peauth.sys F21127EDE5D72090A1B029AFF4AFFD17 C:\WINDOWS\System32\drivers\percsas2i.sys 35FD028E4323018202C0B7D115FD3AEF C:\WINDOWS\System32\drivers\percsas3i.sys F9F3D8BE9BC9241CC726197261362AC4 C:\WINDOWS\System32\drivers\pmem.sys 36D43EA5517F3F4AAAC8EE061C957EF1 C:\WINDOWS\System32\drivers\pnpmem.sys 59048555B59FD69287CFAB6022B5CC86 C:\WINDOWS\System32\drivers\raspptp.sys AACA74DEF7BE3DED322411787494878B C:\WINDOWS\System32\drivers\processr.sys B1111C47F128C946BDC87A18E44007EB C:\WINDOWS\System32\drivers\pacer.sys 5818FE76C3C6AE0CA723EBE483BF447F C:\WINDOWS\system32\drivers\qwavedrv.sys 16F9A6B593B52EB18F7ECB9D251BDF7A C:\WINDOWS\System32\DRIVERS\ramdisk.sys 13600C467512147E99052806F2C1307A C:\WINDOWS\System32\DRIVERS\rasacd.sys F57D1DE0C9522BCD590A69D044641B5A C:\WINDOWS\System32\drivers\AgileVpn.sys ED0EE10911C16AD8B21B9003C90E968F C:\WINDOWS\System32\drivers\rasl2tp.sys E0220BB6580D34001D4D1D133052DAA4 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 12EE1D92F4E5FAE4B6F65195A2016CE5 C:\WINDOWS\System32\drivers\rassstp.sys 91CE469015979E5B3C3DBC2C41A476E8 C:\WINDOWS\System32\DRIVERS\rdbss.sys 4525664EFB5EB71D4B155405F78D93DB C:\WINDOWS\System32\drivers\rdpbus.sys 8A5285B38A203D15110E142DE68406DD C:\WINDOWS\System32\drivers\rdpdr.sys DF83769C92527DB50653F8FB57D001FF C:\WINDOWS\System32\drivers\rdpvideominiport.sys 4D1A63ACEC42A88E52AFC4E84A8CE9EE C:\WINDOWS\System32\drivers\rdyboost.sys 12AF835862F2B6B2FB9DEA8BA2288587 C:\Windows\System32\Drivers\ReFS.sys FB0577F6BC9E07549CEACF5224327499 C:\Windows\System32\Drivers\ReFSv1.sys 4136BCA61BCDCC79DCE145F9CB639CD6 C:\WINDOWS\System32\drivers\rfcomm.sys 5BF7698021DB13B55753FD921BEBE318 C:\WINDOWS\System32\drivers\rhproxy.sys BBC228CA2F96B784B01FE7F1C5E3CFBB C:\WINDOWS\System32\drivers\rspndr.sys 27B80E5766B114621980F82FB78E912A C:\WINDOWS\System32\drivers\vms3cap.sys F0FA6B67B16EEFDEF8E8AFAD47A4F9B8 C:\WINDOWS\System32\drivers\sbp2port.sys 324FA3C337EB54B43448F7B08444DC8D C:\WINDOWS\System32\DRIVERS\scfilter.sys 62A33CE69DB508BCEC63F4D3BFF400CE C:\WINDOWS\System32\drivers\scmbus.sys 7B057373146CC4E5A1F1DA665EA55DC7 C:\WINDOWS\System32\drivers\sdbus.sys 0FB6CCFA52FE5AD0B8D86E8AB370EF34 C:\WINDOWS\System32\drivers\SDFRd.sys 6D3853838864886B4F10B074282772E0 C:\WINDOWS\System32\drivers\sdstor.sys C289832A3174DC9D393C7603C511DF79 C:\WINDOWS\System32\drivers\WUDFRd.sys A86A249314FD0A780214028B0C31A386 C:\WINDOWS\System32\drivers\SerCx.sys 75A27472AFD009255DBDE52038E3BDB5 C:\WINDOWS\System32\drivers\SerCx2.sys 84005F54308109A022413D628E966412 C:\WINDOWS\System32\drivers\serenum.sys 40384793F74CFFA45BCC38DF65E978EC C:\WINDOWS\System32\drivers\serial.sys 699470AD24D67908991A777716A352FD C:\WINDOWS\System32\drivers\sermouse.sys 92453F065F52A8EF0328A926B2C9502F C:\WINDOWS\System32\drivers\sfloppy.sys 1D8920C40F19B5FBA5F4897779840AD1 C:\WINDOWS\System32\drivers\SiSRaid2.sys A871F9CC9CF388DC7193D22EF8D8C8DF C:\WINDOWS\System32\drivers\sisraid4.sys D30FC341550CC364880950152AE8B1C5 C:\WINDOWS\System32\drivers\spaceport.sys B2ABF0F8A49752B5CD9DEE2EADF7416A C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys CCECE7E96B4F7B0E9F0FC82F6DADA917 C:\WINDOWS\System32\drivers\SpbCx.sys 545507AF670BC88B89200A118513ED9A C:\WINDOWS\System32\DRIVERS\srv.sys 485BABF47A46EB298AB11E447B0D800C C:\WINDOWS\System32\DRIVERS\srv2.sys 41181D890542EB0E8D9822F73F9FD5D7 C:\WINDOWS\System32\DRIVERS\srvnet.sys 43480B3EE4D23F5AA8EE7C6D83B09487 C:\WINDOWS\System32\drivers\ssudqcfilter.sys 5253D5FC68C3620D2F57774152D6B2D9 C:\WINDOWS\System32\drivers\stexstor.sys 162A805E13B3C0DD06AE8B6FC1900156 C:\WINDOWS\system32\DRIVERS\serscan.sys 0690CE515A295BD101415C7E411C43F3 C:\WINDOWS\System32\drivers\storahci.sys DD1F00B80DDD12252B7B228ABCE181A9 C:\WINDOWS\System32\drivers\vmstorfl.sys A12CFAAA0F113A25D8CEFE58B1CBB207 C:\WINDOWS\System32\drivers\stornvme.sys B6F8D1FA73F6E102AEA60D2BBD1DDF78 C:\WINDOWS\System32\drivers\storqosflt.sys 57377953F5688158054BC8CB5A243115 C:\WINDOWS\System32\drivers\storufs.sys B59D29E535AF7E82717C2AD2C57EEC67 C:\WINDOWS\System32\drivers\storvsc.sys 9B431079624306B5659B3B7208A71C75 C:\WINDOWS\System32\drivers\swenum.sys 027B27E4B9DB3931D64159B81BD915A0 C:\WINDOWS\System32\drivers\Synth3dVsc.sys AB15F9FDCD11D5283891BC956E8C5C95 C:\WINDOWS\System32\drivers\tcpip.sys 9900BD38D592CF4EE6F2EAE3847A24D8 C:\WINDOWS\System32\drivers\tcpip.sys 9900BD38D592CF4EE6F2EAE3847A24D8 C:\WINDOWS\System32\drivers\tcpipreg.sys 74A1BF4093FA7B7D6C9366A39911A78E C:\WINDOWS\system32\DRIVERS\tdx.sys 571D82ABAC428D902ACA0CF60373C039 C:\WINDOWS\System32\drivers\terminpt.sys B4B68E1DB59456419D9E49645729502A C:\WINDOWS\System32\drivers\tpm.sys 1658D060057C85DEC82BFCB018C4C22F C:\WINDOWS\System32\drivers\TsUsbFlt.sys 8D811209E34358EAD3FD8E40F657E59C C:\WINDOWS\System32\drivers\TsUsbGD.sys 68DE1735FB020AE8948BD7B60F2EBD3B C:\WINDOWS\System32\drivers\tunnel.sys ACD39B0E5CFDA7B1AB7DF33FC5CC0E46 C:\WINDOWS\System32\drivers\uaspstor.sys 04FC2C7F73AE58BF0DD674164E28A6DF C:\WINDOWS\System32\Drivers\UcmCx.sys E437FC4B1833F6B745184F78C4921FB8 C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys 950A3E42167904CAB9AA64863C31CEB5 C:\WINDOWS\System32\drivers\UcmUcsi.sys 149CBBB74DFC3E52F242029A27B0F8EB C:\WINDOWS\System32\drivers\ucx01000.sys E6E91B3980A495D2A9D28A09580EA993 C:\WINDOWS\System32\drivers\udecx.sys DACA289DFFA7658C04FEF6DCFA2AA9CE C:\WINDOWS\System32\DRIVERS\udfs.sys 12383D410AEF99AD6979A8EFD3D61888 C:\WINDOWS\System32\drivers\UEFI.sys AB7FE51D818B6059C2F56FA62268CCAC C:\WINDOWS\System32\drivers\ufx01000.sys 58447F28E697A93521DD20530A8D50ED C:\WINDOWS\System32\drivers\UfxChipidea.sys 69ED2D00A7787D9D84E6C90CE0B02B2D C:\WINDOWS\System32\drivers\ufxsynopsys.sys F061EC57330FBC597A4E7298BE667780 C:\WINDOWS\System32\drivers\umbus.sys D40BCED160D332005AF612E1228825E6 C:\WINDOWS\System32\drivers\umpass.sys 64CF24D7B1FA4975C52A31BF4C82EB73 C:\WINDOWS\System32\drivers\urschipidea.sys ACE4C3B4C7D17B154FFC5BBE5F7A9835 C:\WINDOWS\System32\drivers\urscx01000.sys ECE40EB976A5ACB366808AECF6B235BA C:\WINDOWS\System32\drivers\urssynopsys.sys EB738F830D3E7EA62A218F101EF91FD4 C:\WINDOWS\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473 C:\WINDOWS\System32\drivers\usbccgp.sys B43E28E5CF868517EEC0923AB2BC366B C:\WINDOWS\System32\drivers\usbcir.sys 1080D80B5F6D249F23BAE1C0C36233A4 C:\WINDOWS\System32\drivers\usbehci.sys EE162DA2C92026A5B96ED89737975AA8 C:\WINDOWS\System32\drivers\usbhub.sys C27FEE9758E3BEDE4D48B5EDBE1122CF C:\WINDOWS\System32\drivers\UsbHub3.sys 4FA9C956E569D0D380C2859542361780 C:\WINDOWS\System32\drivers\usbohci.sys 44B954306BB2B311E070EDA276FECAB1 C:\WINDOWS\System32\drivers\usbprint.sys EEF26F9034F0608B93D4D239534BB0BA C:\WINDOWS\System32\drivers\usbscan.sys E55C9AF5EE8905879048118824B06816 C:\WINDOWS\System32\drivers\usbser.sys 913CFF365DB1803525DBD2AA8B8188B4 C:\WINDOWS\System32\drivers\USBSTOR.SYS 441CAE778B6A1FF6E618E37814A7A52A C:\WINDOWS\System32\drivers\usbuhci.sys 2D6BB2157B37B2D9DABF8C218F2A805B C:\WINDOWS\System32\Drivers\usbvideo.sys 68788AE61B2E6A7D97CAD73B632F5BF5 C:\WINDOWS\System32\drivers\USBXHCI.SYS 41E5A6188180DC72BCECA999ED2532D4 C:\WINDOWS\System32\drivers\vdrvroot.sys C77C537077822D8EA529AD4EBFD971D6 C:\WINDOWS\System32\drivers\VerifierExt.sys 9D4EEE333603F3675685F644053499D5 C:\WINDOWS\System32\drivers\vhdmp.sys 9240C24121E3A581F8BC198413AEA06E C:\WINDOWS\System32\drivers\vhf.sys E10FEBB566E1F0A3936AB304F338637E C:\WINDOWS\System32\drivers\vmbus.sys 079B4378614A40A308F9C721A50C7B87 C:\WINDOWS\System32\drivers\VMBusHID.sys DC9E0600B356258E31403789119C78A9 C:\WINDOWS\System32\drivers\vmgid.sys B24F74B2710B66F647419697BDB9E163 C:\WINDOWS\System32\drivers\vnvdimm.sys D81F6B790519A60F3D1788B45D04B749 C:\WINDOWS\System32\drivers\volmgr.sys C9052650BBF2124CD525A26D5C2A6671 C:\WINDOWS\System32\drivers\volmgrx.sys 6D6CACED512C1EF1FEAC215E37E3A9BC C:\WINDOWS\System32\drivers\volsnap.sys 5B27846CF4B1C21AFB3A35A8336BA02F C:\WINDOWS\System32\drivers\volume.sys 72A95A844D6BAF2924A4C15BEDFD6BCA C:\WINDOWS\System32\drivers\vpci.sys 702273C7C1BE9D366BAF1305D382F03C C:\WINDOWS\System32\drivers\vsmraid.sys 075CE3C9E77D2666AFA888951E5F07A9 C:\WINDOWS\System32\drivers\vstxraid.sys 26D00E85BE4726B114335250FCDEDA89 C:\WINDOWS\System32\drivers\vwifibus.sys 3DFDB573E4D49EA8F416B573525B7A86 C:\WINDOWS\System32\drivers\vwififlt.sys A40FA64655AB5B8773A96A821616C5FC C:\WINDOWS\System32\drivers\vwifimp.sys 0D34F98DBDF09D239533AC345C360F03 C:\WINDOWS\System32\drivers\wacompen.sys 5B5430522E0BDF2A753D758710BE7C5E C:\WINDOWS\System32\DRIVERS\wanarp.sys 1FC3A8FB032B62A88283BC8113FDF1C5 C:\WINDOWS\System32\DRIVERS\wanarp.sys 1FC3A8FB032B62A88283BC8113FDF1C5 C:\WINDOWS\system32\drivers\wcifs.sys 520E4FD6B5BF5349DD1499F2AEFB7C50 C:\WINDOWS\system32\drivers\wcnfs.sys 9DE3FDFF295F2534DF0A8B6FC4F06355 C:\WINDOWS\System32\drivers\WdBoot.sys 6FD8F1FBED780A7F3DF329C834E52AC5 C:\WINDOWS\System32\drivers\Wdf01000.sys FCC960498E3CD899F0A429F7CF9E77AD C:\WINDOWS\System32\drivers\WdFilter.sys 7D182F0F227FC141C5D2085175BE05F6 C:\WINDOWS\System32\DRIVERS\wdiwifi.sys 2D50C46EFE924BC24F63A45D2DB1AA3A C:\WINDOWS\System32\Drivers\WdNisDrv.sys 0D38C257A7B34A818726BA2F323B196E C:\WINDOWS\System32\drivers\wdnsfltr.sys DF58AA71FBA55E15F572C93447696DEC C:\WINDOWS\System32\drivers\wfplwfs.sys 8E101DF42D36E04EC610581BA478B38F C:\WINDOWS\System32\drivers\wimmount.sys C8D3FC38426E990E2787771678B19C6D C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys 0484B0D01EA6F7017519EBDDBADE759D C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys 813EE0F4D4B8D599DB1968682D080732 C:\WINDOWS\System32\drivers\winmad.sys E23475E9150E6A50B12DB176EA5CDD56 C:\WINDOWS\System32\drivers\winnat.sys EABEF39BBEEDB3845C36893931DADCD1 C:\WINDOWS\System32\drivers\WinUSB.SYS E92F3539C4758F6A9F4B80CBAC75B3E6 C:\WINDOWS\System32\drivers\winverbs.sys 59126AFCC64270747B5CC9B44A4A48F4 C:\WINDOWS\System32\drivers\wmiacpi.sys E8C793ED028E132771988760819E3754 C:\Windows\System32\Drivers\Wof.sys 8D6E6F6C233AF450C50FA615530B44D2 C:\WINDOWS\System32\drivers\WpdUpFltr.sys 9EAE1EF282864674355B4B81DF6AE935 C:\WINDOWS\system32\drivers\ws2ifsl.sys 367B3ED0C688AFE28C376B0230814567 C:\WINDOWS\System32\drivers\WSDPrint.sys 7B44553610A89F2011CF69BEA9AFD4CB C:\WINDOWS\system32\DRIVERS\WSDScan.sys 8068DC839C3729FFC70821FBEF05D5ED C:\WINDOWS\System32\drivers\WudfPf.sys BD5E68B369DF3453A0A87663C6C5476D C:\WINDOWS\system32\DRIVERS\WUDFRd.sys A86A249314FD0A780214028B0C31A386 C:\WINDOWS\system32\DRIVERS\WUDFRd.sys A86A249314FD0A780214028B0C31A386 C:\WINDOWS\System32\drivers\xboxgip.sys 2244A4CEFE8F9C74091369ACE2E9EBC6 C:\WINDOWS\System32\drivers\xinputhid.sys 4A91B49C6B1E41151D47CB919ADF013A ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-01-29 13:08 - 2018-01-29 13:09 - 000077070 _____ C:\Users\mathi\Desktop\FRST.txt 2018-01-29 13:07 - 2018-01-29 13:07 - 002393088 _____ (Farbar) C:\Users\mathi\Desktop\FRST64.exe 2018-01-29 13:01 - 2018-01-29 13:01 - 000146743 _____ C:\Users\mathi\Desktop\ZHPDiag.txt 2018-01-29 12:57 - 2018-01-29 12:57 - 002967936 _____ C:\Users\mathi\Desktop\ZHPDiag3.exe 2018-01-29 12:57 - 2018-01-29 12:57 - 000000867 _____ C:\Users\mathi\Desktop\ZHPDiag.lnk 2018-01-29 12:55 - 2018-01-29 12:55 - 000315000 _____ C:\Users\mathi\Desktop\winchk_2.0.exe 2018-01-29 12:55 - 2018-01-29 12:55 - 000000736 _____ C:\WinChk.txt 2018-01-29 12:49 - 2018-01-29 12:53 - 000000386 _____ C:\Users\mathi\Desktop\ckfiles.txt 2018-01-29 12:48 - 2018-01-29 12:48 - 000468480 _____ () C:\Users\mathi\Desktop\CKScanner.exe 2018-01-29 12:35 - 2018-01-29 12:36 - 000000000 ____D C:\Users\mathi\AppData\Roaming\TP 2018-01-29 11:43 - 2018-01-29 11:43 - 000000000 ____D C:\ProgramData\SWCUTemp 2018-01-29 10:55 - 2018-01-29 10:55 - 000000000 ____D C:\Program Files\Microsoft Office 15 2018-01-29 08:31 - 2018-01-29 12:59 - 000000000 ____D C:\Users\mathi\AppData\Roaming\ZHP 2018-01-29 08:31 - 2018-01-29 08:31 - 000000877 _____ C:\Users\mathi\Desktop\ZHPCleaner.lnk 2018-01-28 21:24 - 2018-01-29 13:08 - 000000000 ____D C:\FRST 2018-01-28 20:51 - 2018-01-28 21:08 - 000351114 _____ C:\WINDOWS\ntbtlog.txt 2018-01-28 20:51 - 2018-01-28 20:51 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2018-01-27 14:22 - 2018-01-27 14:22 - 000000000 ____D C:\Users\mathi\Documents\60771 2018-01-27 13:39 - 2018-01-27 13:39 - 000000000 ____D C:\Users\mathi\AppData\Local\CrashDumps 2018-01-23 21:45 - 2018-01-23 21:45 - 000002377 _____ C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2018-01-23 21:45 - 2018-01-23 21:45 - 000002340 _____ C:\Users\mathi\Desktop\Chromium.lnk 2018-01-22 12:44 - 2018-01-22 12:44 - 000000112 ____H C:\3F9FAEEDE1C0 2018-01-22 12:44 - 2018-01-22 12:44 - 000000040 ____H C:\6CC7DC595464 2018-01-22 12:44 - 2018-01-22 12:44 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2018-01-21 12:47 - 2018-01-21 16:01 - 000000000 ____D C:\ProgramData\RogueKiller 2018-01-21 12:47 - 2018-01-21 12:47 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2018-01-21 12:47 - 2018-01-21 12:47 - 000000901 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2018-01-21 12:47 - 2018-01-21 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2018-01-21 12:47 - 2018-01-21 12:47 - 000000000 ____D C:\Program Files\RogueKiller 2018-01-21 12:05 - 2018-01-29 12:57 - 000000000 ____D C:\Users\mathi\AppData\Local\ZHP 2018-01-21 11:43 - 2018-01-29 08:26 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1FEAF5A0-9D07-44BC-8624-2323ABFE3A66} 2018-01-21 10:57 - 2018-01-21 11:00 - 000000000 ____D C:\AdwCleaner 2018-01-20 19:46 - 2018-01-20 19:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-811882470-90441414-600605057-1001 2018-01-20 15:38 - 2018-01-20 15:38 - 000000000 ____D C:\Users\mathi\AppData\Local\Foxit PhantomPDF 2018-01-20 15:25 - 2018-01-20 15:25 - 000000000 ____D C:\Users\mathi\AppData\Roaming\SolidDocuments 2018-01-20 15:25 - 2018-01-20 15:25 - 000000000 ____D C:\ProgramData\SolidDocuments 2018-01-20 15:20 - 2018-01-20 15:20 - 000000000 ____D C:\ProgramData\Foxit Software 2018-01-20 15:19 - 2018-01-20 15:19 - 000001164 _____ C:\Users\Public\Desktop\Foxit PhantomPDF.lnk 2018-01-20 15:19 - 2018-01-20 15:19 - 000000000 ____D C:\Users\Public\Foxit Software 2018-01-20 15:19 - 2018-01-20 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF 2018-01-20 15:18 - 2018-01-20 15:18 - 000000000 ____D C:\Program Files (x86)\Foxit Software 2018-01-18 11:57 - 2018-01-18 11:57 - 000000000 ____D C:\Users\mathi\AppData\Local\AVAST Software 2018-01-17 15:12 - 2018-01-27 13:42 - 000003618 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2018-01-17 15:03 - 2018-01-17 15:03 - 000000000 ___HD C:\$AV_ASW 2018-01-14 16:31 - 2018-01-29 11:43 - 000004608 ___RH C:\farstone_pe.letter 2018-01-14 16:30 - 2018-01-14 16:30 - 704634144 _____ C:\WINDOWS\MEMORY.DMP 2018-01-14 16:30 - 2018-01-14 16:30 - 002192132 _____ C:\WINDOWS\Minidump\011418-14781-01.dmp 2018-01-14 16:30 - 2018-01-14 16:30 - 000000000 ____D C:\WINDOWS\Minidump 2018-01-14 15:25 - 2018-01-01 13:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys 2018-01-14 15:25 - 2018-01-01 13:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-01-14 15:25 - 2018-01-01 13:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2018-01-14 15:25 - 2018-01-01 13:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys 2018-01-14 15:25 - 2018-01-01 13:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2018-01-14 15:25 - 2018-01-01 13:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2018-01-14 15:25 - 2018-01-01 13:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2018-01-14 15:25 - 2018-01-01 13:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2018-01-14 15:25 - 2018-01-01 13:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2018-01-14 15:25 - 2018-01-01 13:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2018-01-14 15:25 - 2018-01-01 13:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2018-01-14 15:25 - 2018-01-01 13:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2018-01-14 15:25 - 2018-01-01 13:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2018-01-14 15:25 - 2018-01-01 13:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2018-01-14 15:25 - 2018-01-01 12:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2018-01-14 15:25 - 2018-01-01 12:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2018-01-14 15:25 - 2018-01-01 12:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2018-01-14 15:25 - 2018-01-01 12:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-01-14 15:25 - 2018-01-01 12:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2018-01-14 15:25 - 2018-01-01 12:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2018-01-14 15:25 - 2018-01-01 12:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2018-01-14 15:25 - 2018-01-01 12:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2018-01-14 15:25 - 2018-01-01 12:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2018-01-14 15:25 - 2018-01-01 12:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2018-01-14 15:25 - 2018-01-01 12:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2018-01-14 15:25 - 2018-01-01 12:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2018-01-14 15:25 - 2018-01-01 12:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2018-01-14 15:25 - 2018-01-01 12:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2018-01-14 15:25 - 2018-01-01 12:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2018-01-14 15:25 - 2018-01-01 12:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2018-01-14 15:25 - 2018-01-01 12:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2018-01-14 15:25 - 2018-01-01 12:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2018-01-14 15:25 - 2018-01-01 12:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2018-01-14 15:25 - 2018-01-01 12:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2018-01-14 15:25 - 2018-01-01 12:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2018-01-14 15:25 - 2018-01-01 12:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2018-01-14 15:25 - 2018-01-01 12:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2018-01-14 15:25 - 2018-01-01 12:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2018-01-14 15:25 - 2018-01-01 12:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-01-14 15:25 - 2018-01-01 12:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2018-01-14 15:25 - 2018-01-01 12:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2018-01-14 15:25 - 2018-01-01 12:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2018-01-14 15:25 - 2018-01-01 12:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2018-01-14 15:25 - 2018-01-01 12:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2018-01-14 15:25 - 2018-01-01 12:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-01-14 15:25 - 2018-01-01 12:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2018-01-14 15:25 - 2018-01-01 12:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2018-01-14 15:25 - 2018-01-01 12:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-01-14 15:25 - 2018-01-01 12:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2018-01-14 15:25 - 2018-01-01 12:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2018-01-14 15:25 - 2018-01-01 12:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2018-01-14 15:24 - 2018-01-01 18:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2018-01-14 15:24 - 2018-01-01 13:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-01-14 15:24 - 2018-01-01 13:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-01-14 15:24 - 2018-01-01 13:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll 2018-01-14 15:24 - 2018-01-01 13:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-01-14 15:24 - 2018-01-01 13:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-01-14 15:24 - 2018-01-01 13:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2018-01-14 15:24 - 2018-01-01 13:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2018-01-14 15:24 - 2018-01-01 13:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2018-01-14 15:24 - 2018-01-01 13:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2018-01-14 15:24 - 2018-01-01 13:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll 2018-01-14 15:24 - 2018-01-01 13:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2018-01-14 15:24 - 2018-01-01 13:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2018-01-14 15:24 - 2018-01-01 13:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2018-01-14 15:24 - 2018-01-01 13:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2018-01-14 15:24 - 2018-01-01 13:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2018-01-14 15:24 - 2018-01-01 13:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2018-01-14 15:24 - 2018-01-01 13:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2018-01-14 15:24 - 2018-01-01 13:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2018-01-14 15:24 - 2018-01-01 13:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2018-01-14 15:24 - 2018-01-01 13:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2018-01-14 15:24 - 2018-01-01 13:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2018-01-14 15:24 - 2018-01-01 13:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2018-01-14 15:24 - 2018-01-01 13:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2018-01-14 15:24 - 2018-01-01 13:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys 2018-01-14 15:24 - 2018-01-01 13:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2018-01-14 15:24 - 2018-01-01 13:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2018-01-14 15:24 - 2018-01-01 13:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2018-01-14 15:24 - 2018-01-01 13:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2018-01-14 15:24 - 2018-01-01 13:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys 2018-01-14 15:24 - 2018-01-01 13:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2018-01-14 15:24 - 2018-01-01 13:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2018-01-14 15:24 - 2018-01-01 13:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2018-01-14 15:24 - 2018-01-01 13:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2018-01-14 15:24 - 2018-01-01 13:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2018-01-14 15:24 - 2018-01-01 13:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2018-01-14 15:24 - 2018-01-01 13:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys 2018-01-14 15:24 - 2018-01-01 13:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2018-01-14 15:24 - 2018-01-01 13:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2018-01-14 15:24 - 2018-01-01 13:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2018-01-14 15:24 - 2018-01-01 13:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2018-01-14 15:24 - 2018-01-01 13:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys 2018-01-14 15:24 - 2018-01-01 13:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2018-01-14 15:24 - 2018-01-01 13:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2018-01-14 15:24 - 2018-01-01 13:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2018-01-14 15:24 - 2018-01-01 13:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe 2018-01-14 15:24 - 2018-01-01 13:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll 2018-01-14 15:24 - 2018-01-01 13:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys 2018-01-14 15:24 - 2018-01-01 13:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2018-01-14 15:24 - 2018-01-01 13:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll 2018-01-14 15:24 - 2018-01-01 13:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2018-01-14 15:24 - 2018-01-01 13:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2018-01-14 15:24 - 2018-01-01 13:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2018-01-14 15:24 - 2018-01-01 13:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2018-01-14 15:24 - 2018-01-01 13:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2018-01-14 15:24 - 2018-01-01 13:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2018-01-14 15:24 - 2018-01-01 13:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2018-01-14 15:24 - 2018-01-01 13:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2018-01-14 15:24 - 2018-01-01 13:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys 2018-01-14 15:24 - 2018-01-01 13:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2018-01-14 15:24 - 2018-01-01 13:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2018-01-14 15:24 - 2018-01-01 13:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2018-01-14 15:24 - 2018-01-01 13:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2018-01-14 15:24 - 2018-01-01 13:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2018-01-14 15:24 - 2018-01-01 13:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2018-01-14 15:24 - 2018-01-01 13:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2018-01-14 15:24 - 2018-01-01 13:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2018-01-14 15:24 - 2018-01-01 13:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2018-01-14 15:24 - 2018-01-01 12:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2018-01-14 15:24 - 2018-01-01 12:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2018-01-14 15:24 - 2018-01-01 12:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2018-01-14 15:24 - 2018-01-01 12:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2018-01-14 15:24 - 2018-01-01 12:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2018-01-14 15:24 - 2018-01-01 12:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2018-01-14 15:24 - 2018-01-01 12:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2018-01-14 15:24 - 2018-01-01 12:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2018-01-14 15:24 - 2018-01-01 12:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2018-01-14 15:24 - 2018-01-01 12:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2018-01-14 15:24 - 2018-01-01 12:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2018-01-14 15:24 - 2018-01-01 12:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2018-01-14 15:24 - 2018-01-01 12:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2018-01-14 15:24 - 2018-01-01 12:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2018-01-14 15:24 - 2018-01-01 12:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2018-01-14 15:24 - 2018-01-01 12:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe 2018-01-14 15:24 - 2018-01-01 12:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll 2018-01-14 15:24 - 2018-01-01 12:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2018-01-14 15:24 - 2018-01-01 12:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2018-01-14 15:24 - 2018-01-01 12:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2018-01-14 15:24 - 2018-01-01 12:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2018-01-14 15:24 - 2018-01-01 12:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2018-01-14 15:24 - 2018-01-01 12:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2018-01-14 15:24 - 2018-01-01 12:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe 2018-01-14 15:24 - 2018-01-01 12:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2018-01-14 15:24 - 2018-01-01 12:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2018-01-14 15:24 - 2018-01-01 12:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2018-01-14 15:24 - 2018-01-01 12:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2018-01-14 15:24 - 2018-01-01 12:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys 2018-01-14 15:24 - 2018-01-01 12:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll 2018-01-14 15:24 - 2018-01-01 12:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2018-01-14 15:24 - 2018-01-01 12:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll 2018-01-14 15:24 - 2018-01-01 12:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys 2018-01-14 15:24 - 2018-01-01 12:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2018-01-14 15:24 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll 2018-01-14 15:24 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys 2018-01-14 15:24 - 2018-01-01 12:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2018-01-14 15:24 - 2018-01-01 12:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys 2018-01-14 15:24 - 2018-01-01 12:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2018-01-14 15:24 - 2018-01-01 12:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll 2018-01-14 15:24 - 2018-01-01 12:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys 2018-01-14 15:24 - 2018-01-01 12:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2018-01-14 15:24 - 2018-01-01 12:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2018-01-14 15:24 - 2018-01-01 12:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2018-01-14 15:24 - 2018-01-01 12:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2018-01-14 15:24 - 2018-01-01 12:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll 2018-01-14 15:24 - 2018-01-01 12:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2018-01-14 15:24 - 2018-01-01 12:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2018-01-14 15:24 - 2018-01-01 12:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2018-01-14 15:24 - 2018-01-01 12:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2018-01-14 15:24 - 2018-01-01 12:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2018-01-14 15:24 - 2018-01-01 12:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2018-01-14 15:24 - 2018-01-01 12:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2018-01-14 15:24 - 2018-01-01 12:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2018-01-14 15:24 - 2018-01-01 12:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2018-01-14 15:24 - 2018-01-01 12:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2018-01-14 15:24 - 2018-01-01 12:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll 2018-01-14 15:24 - 2018-01-01 12:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2018-01-14 15:24 - 2018-01-01 12:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2018-01-14 15:24 - 2018-01-01 12:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2018-01-14 15:24 - 2018-01-01 12:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2018-01-14 15:24 - 2018-01-01 12:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2018-01-14 15:24 - 2018-01-01 12:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2018-01-14 15:24 - 2018-01-01 12:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2018-01-14 15:24 - 2018-01-01 12:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2018-01-14 15:24 - 2018-01-01 12:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2018-01-14 15:24 - 2018-01-01 12:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2018-01-14 15:24 - 2018-01-01 12:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2018-01-14 15:24 - 2018-01-01 12:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll 2018-01-14 15:24 - 2018-01-01 12:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2018-01-14 15:24 - 2018-01-01 12:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2018-01-14 15:24 - 2018-01-01 12:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-01-14 15:24 - 2018-01-01 12:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2018-01-14 15:24 - 2018-01-01 12:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2018-01-14 15:24 - 2018-01-01 12:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2018-01-14 15:24 - 2018-01-01 12:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2018-01-14 15:24 - 2018-01-01 12:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2018-01-14 15:24 - 2018-01-01 12:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2018-01-14 15:24 - 2018-01-01 12:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2018-01-14 15:24 - 2018-01-01 12:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2018-01-14 15:24 - 2018-01-01 12:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2018-01-14 15:24 - 2018-01-01 12:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2018-01-14 15:24 - 2018-01-01 12:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2018-01-14 15:24 - 2018-01-01 12:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2018-01-14 15:24 - 2018-01-01 12:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2018-01-14 15:24 - 2018-01-01 12:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-01-14 15:24 - 2018-01-01 12:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2018-01-14 15:24 - 2018-01-01 12:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2018-01-14 15:24 - 2018-01-01 12:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2018-01-14 15:24 - 2018-01-01 12:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2018-01-14 15:24 - 2018-01-01 12:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-01-14 15:24 - 2018-01-01 12:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2018-01-14 15:24 - 2018-01-01 12:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2018-01-14 15:24 - 2018-01-01 12:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2018-01-14 15:24 - 2018-01-01 12:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll 2018-01-14 15:24 - 2018-01-01 12:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2018-01-14 15:24 - 2018-01-01 12:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll 2018-01-14 15:24 - 2018-01-01 12:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2018-01-14 15:24 - 2018-01-01 12:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2018-01-14 15:24 - 2018-01-01 12:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2018-01-14 15:24 - 2018-01-01 12:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2018-01-14 15:24 - 2018-01-01 12:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll 2018-01-14 15:24 - 2018-01-01 12:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2018-01-14 15:24 - 2018-01-01 12:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2018-01-14 15:24 - 2018-01-01 12:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2018-01-06 13:10 - 2018-01-29 12:00 - 000003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2018-01-06 13:10 - 2018-01-29 12:00 - 000003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2018-01-06 13:10 - 2018-01-27 13:42 - 000002968 _____ C:\WINDOWS\System32\Tasks\Update Checker 2018-01-04 19:53 - 2018-01-04 19:53 - 000000000 ____D C:\Users\mathi\Documents\Modèles Office personnalisés 2018-01-04 12:41 - 2018-01-04 12:41 - 000000000 ____D C:\Program Files (x86)\MSECache 2017-12-30 15:01 - 2017-12-30 15:16 - 000000000 ____D C:\Users\mathi\AppData\Roaming\PhotoFiltre Studio X 2017-12-30 15:00 - 2017-12-30 15:00 - 000001163 _____ C:\Users\mathi\Desktop\PhotoFiltre Studio X.lnk 2017-12-30 15:00 - 2017-12-30 15:00 - 000000000 ____D C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X 2017-12-30 15:00 - 2017-12-30 15:00 - 000000000 ____D C:\Program Files (x86)\PhotoFiltre Studio X 2017-12-24 11:49 - 2017-12-24 11:49 - 000291567 _____ C:\Users\mathi\Documents\Free christine.pdf 2017-12-21 17:16 - 2017-12-21 17:16 - 000365680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-12-21 17:16 - 2017-12-21 17:15 - 000149344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys 2017-12-19 13:48 - 2017-12-19 13:48 - 000002291 _____ C:\Users\Public\Desktop\HP DeskJet 3700 series.lnk 2017-12-19 13:48 - 2017-12-19 13:48 - 000001238 _____ C:\Users\Public\Desktop\Achat de consommables - HP DeskJet 3700 series.lnk 2017-12-17 19:29 - 2018-01-04 12:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple 2017-12-17 19:29 - 2017-12-17 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2017-12-17 19:29 - 2017-12-17 19:29 - 000000000 ____D C:\Program Files (x86)\Apple Software Update 2017-12-17 19:27 - 2017-12-17 19:27 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk 2017-12-17 19:27 - 2017-12-17 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-12-17 19:27 - 2017-12-17 19:27 - 000000000 ____D C:\Program Files\iTunes 2017-12-17 19:27 - 2017-12-17 19:27 - 000000000 ____D C:\Program Files\iPod 2017-12-13 12:52 - 2017-12-07 23:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-12-13 12:52 - 2017-11-26 14:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-12-13 12:52 - 2017-11-26 14:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-12-13 12:52 - 2017-11-26 14:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-12-13 12:52 - 2017-11-26 14:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-12-13 12:52 - 2017-11-26 13:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-12-13 12:52 - 2017-11-26 12:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-12-13 12:51 - 2017-12-08 07:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll 2017-12-13 12:51 - 2017-12-08 00:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-12-13 12:51 - 2017-12-08 00:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-12-13 12:51 - 2017-12-08 00:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-12-13 12:51 - 2017-12-08 00:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll 2017-12-13 12:51 - 2017-12-08 00:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2017-12-13 12:51 - 2017-12-08 00:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2017-12-13 12:51 - 2017-12-08 00:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2017-12-13 12:51 - 2017-12-08 00:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-12-13 12:51 - 2017-12-08 00:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-12-13 12:51 - 2017-12-08 00:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2017-12-13 12:51 - 2017-12-08 00:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-12-13 12:51 - 2017-12-08 00:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2017-12-13 12:51 - 2017-12-08 00:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2017-12-13 12:51 - 2017-12-08 00:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2017-12-13 12:51 - 2017-12-08 00:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2017-12-13 12:51 - 2017-12-07 23:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-12-13 12:51 - 2017-12-07 23:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-12-13 12:51 - 2017-12-07 23:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2017-12-13 12:51 - 2017-12-07 23:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-12-13 12:51 - 2017-12-07 23:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll 2017-12-13 12:51 - 2017-12-07 23:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-12-13 12:51 - 2017-12-07 23:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2017-12-13 12:51 - 2017-12-07 23:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2017-12-13 12:51 - 2017-12-07 23:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx 2017-12-13 12:51 - 2017-12-07 23:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-12-13 12:51 - 2017-12-07 23:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll 2017-12-13 12:51 - 2017-12-07 23:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2017-12-13 12:51 - 2017-12-07 23:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll 2017-12-13 12:51 - 2017-12-07 23:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2017-12-13 12:51 - 2017-12-07 23:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe 2017-12-13 12:51 - 2017-12-07 23:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe 2017-12-13 12:51 - 2017-12-07 23:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll 2017-12-13 12:51 - 2017-12-07 23:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll 2017-12-13 12:51 - 2017-12-07 23:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll 2017-12-13 12:51 - 2017-12-07 23:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-12-13 12:51 - 2017-12-07 23:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll 2017-12-13 12:51 - 2017-12-07 23:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2017-12-13 12:51 - 2017-12-07 23:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll 2017-12-13 12:51 - 2017-12-07 23:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2017-12-13 12:51 - 2017-12-07 23:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll 2017-12-13 12:51 - 2017-12-07 23:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll 2017-12-13 12:51 - 2017-12-07 23:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe 2017-12-13 12:51 - 2017-12-07 23:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll 2017-12-13 12:51 - 2017-12-07 23:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2017-12-13 12:51 - 2017-12-07 23:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll 2017-12-13 12:51 - 2017-12-07 23:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2017-12-13 12:51 - 2017-12-07 23:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll 2017-12-13 12:51 - 2017-12-07 23:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2017-12-13 12:51 - 2017-12-07 23:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll 2017-12-13 12:51 - 2017-12-07 23:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe 2017-12-13 12:51 - 2017-12-07 23:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll 2017-12-13 12:51 - 2017-12-07 23:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2017-12-13 12:51 - 2017-12-07 23:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-12-13 12:51 - 2017-12-07 23:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2017-12-13 12:51 - 2017-12-07 23:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2017-12-13 12:51 - 2017-12-07 23:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2017-12-13 12:51 - 2017-12-07 23:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2017-12-13 12:51 - 2017-12-07 23:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll 2017-12-13 12:51 - 2017-12-07 23:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-12-13 12:51 - 2017-12-07 23:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2017-12-13 12:51 - 2017-12-07 23:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2017-12-13 12:51 - 2017-12-07 23:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-12-13 12:51 - 2017-12-07 23:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2017-12-13 12:51 - 2017-12-07 23:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2017-12-13 12:51 - 2017-12-07 23:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll 2017-12-13 12:51 - 2017-12-07 23:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-12-13 12:51 - 2017-12-07 22:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-12-13 12:51 - 2017-12-07 22:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-12-13 12:51 - 2017-12-07 22:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2017-12-13 12:51 - 2017-12-07 22:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-12-13 12:51 - 2017-12-07 22:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-12-13 12:51 - 2017-12-07 22:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2017-12-13 12:51 - 2017-12-07 22:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2017-12-13 12:51 - 2017-12-07 22:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-12-13 12:51 - 2017-12-07 22:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-12-13 12:51 - 2017-11-26 21:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2017-12-13 12:51 - 2017-11-26 21:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2017-12-13 12:51 - 2017-11-26 21:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2017-12-13 12:51 - 2017-11-26 17:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2017-12-13 12:51 - 2017-11-26 14:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2017-12-13 12:51 - 2017-11-26 14:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2017-12-13 12:51 - 2017-11-26 14:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-12-13 12:51 - 2017-11-26 14:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-12-13 12:51 - 2017-11-26 14:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2017-12-13 12:51 - 2017-11-26 14:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-12-13 12:51 - 2017-11-26 14:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-12-13 12:51 - 2017-11-26 14:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-12-13 12:51 - 2017-11-26 14:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-12-13 12:51 - 2017-11-26 14:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2017-12-13 12:51 - 2017-11-26 14:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-12-13 12:51 - 2017-11-26 14:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2017-12-13 12:51 - 2017-11-26 14:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll 2017-12-13 12:51 - 2017-11-26 14:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2017-12-13 12:51 - 2017-11-26 14:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys 2017-12-13 12:51 - 2017-11-26 14:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-12-13 12:51 - 2017-11-26 14:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-12-13 12:51 - 2017-11-26 14:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2017-12-13 12:51 - 2017-11-26 14:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-12-13 12:51 - 2017-11-26 14:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2017-12-13 12:51 - 2017-11-26 14:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-12-13 12:51 - 2017-11-26 14:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2017-12-13 12:51 - 2017-11-26 14:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2017-12-13 12:51 - 2017-11-26 14:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-12-13 12:51 - 2017-11-26 14:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-12-13 12:51 - 2017-11-26 14:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-12-13 12:51 - 2017-11-26 13:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-12-13 12:51 - 2017-11-26 13:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-12-13 12:51 - 2017-11-26 13:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2017-12-13 12:51 - 2017-11-26 13:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll 2017-12-13 12:51 - 2017-11-26 13:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-12-13 12:51 - 2017-11-26 13:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2017-12-13 12:51 - 2017-11-26 13:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll 2017-12-13 12:51 - 2017-11-26 13:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-12-13 12:51 - 2017-11-26 13:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2017-12-13 12:51 - 2017-11-26 13:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-12-13 12:51 - 2017-11-26 13:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2017-12-13 12:51 - 2017-11-26 13:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-12-13 12:51 - 2017-11-26 13:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll 2017-12-13 12:51 - 2017-11-26 13:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2017-12-13 12:51 - 2017-11-26 13:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll 2017-12-13 12:51 - 2017-11-26 13:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2017-12-13 12:51 - 2017-11-26 13:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll 2017-12-13 12:51 - 2017-11-26 13:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll 2017-12-13 12:51 - 2017-11-26 13:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2017-12-13 12:51 - 2017-11-26 13:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-12-13 12:51 - 2017-11-26 13:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll 2017-12-13 12:51 - 2017-11-26 13:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll 2017-12-13 12:51 - 2017-11-26 13:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2017-12-13 12:51 - 2017-11-26 13:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll 2017-12-13 12:51 - 2017-11-26 13:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-12-13 12:51 - 2017-11-26 13:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-12-13 12:51 - 2017-11-26 13:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2017-12-13 12:51 - 2017-11-26 13:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-12-13 12:51 - 2017-11-26 13:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-12-13 12:51 - 2017-11-26 13:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll 2017-12-13 12:51 - 2017-11-26 13:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-12-13 12:51 - 2017-11-26 13:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2017-12-13 12:51 - 2017-11-26 13:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-12-13 12:51 - 2017-11-26 13:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll 2017-12-13 12:51 - 2017-11-26 13:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2017-12-13 12:51 - 2017-11-26 13:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2017-12-13 12:51 - 2017-11-26 13:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-12-13 12:51 - 2017-11-26 13:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-12-13 12:51 - 2017-11-26 13:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-12-13 12:51 - 2017-11-26 13:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-12-13 12:51 - 2017-11-26 13:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-12-13 12:51 - 2017-11-26 13:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-12-13 12:51 - 2017-11-26 13:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-12-13 12:51 - 2017-11-26 12:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-12-13 12:51 - 2017-11-26 12:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-12-13 12:51 - 2017-11-26 12:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll 2017-12-13 12:51 - 2017-11-26 12:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2017-12-13 12:51 - 2017-11-26 12:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll 2017-12-13 12:51 - 2017-11-26 12:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2017-12-13 12:51 - 2017-11-26 12:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll 2017-12-13 12:51 - 2017-11-26 12:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2017-12-13 12:51 - 2017-11-26 12:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-12-13 12:51 - 2017-11-26 12:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll 2017-12-13 12:51 - 2017-11-26 12:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-12-13 12:51 - 2017-11-26 12:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-12-13 12:51 - 2017-11-26 12:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-12-13 12:51 - 2017-11-26 12:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-12-13 12:51 - 2017-11-26 12:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-12-13 12:51 - 2017-11-26 11:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-12-13 12:51 - 2017-11-26 11:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2017-12-13 12:51 - 2017-11-26 11:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-12-13 12:51 - 2017-11-26 11:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2017-12-13 12:51 - 2017-11-26 11:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2017-12-13 12:51 - 2017-11-26 11:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-12-13 12:51 - 2017-11-26 11:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll 2017-12-13 12:51 - 2017-11-26 11:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2017-12-13 12:51 - 2017-11-26 11:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2017-12-13 12:51 - 2017-11-26 11:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2017-12-13 12:51 - 2017-11-26 11:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll 2017-12-13 12:51 - 2017-11-26 11:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-12-13 12:51 - 2017-11-26 11:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-12-13 12:51 - 2017-11-26 11:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-12-13 12:51 - 2017-11-26 11:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll 2017-12-13 12:51 - 2017-11-26 11:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-12-13 12:51 - 2017-11-26 11:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll 2017-12-13 12:51 - 2017-11-26 11:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-12-13 12:51 - 2017-11-26 11:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll 2017-12-13 12:51 - 2017-11-26 11:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-12-13 12:51 - 2017-11-26 11:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2017-12-13 12:51 - 2017-11-26 11:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-12-13 12:51 - 2017-11-26 11:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2017-12-13 12:51 - 2017-11-26 11:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-12-13 12:51 - 2017-11-26 11:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-12-13 12:51 - 2017-11-26 11:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2017-12-13 12:51 - 2017-11-26 11:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll 2017-12-13 12:51 - 2017-11-19 08:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll 2017-12-13 12:51 - 2017-11-19 03:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll 2017-12-11 17:39 - 2017-12-11 17:39 - 000001209 _____ C:\Users\Public\Desktop\LibreOffice 5.4.lnk 2017-12-11 17:39 - 2017-12-11 17:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4 2017-12-11 17:39 - 2017-12-11 17:39 - 000000000 ____D C:\Program Files\LibreOffice 5 2017-12-07 10:18 - 2017-12-07 10:18 - 000000000 ____D C:\Users\mathi\AppData\Roaming\office6 2017-12-06 17:05 - 2018-01-27 13:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software 2017-12-06 17:05 - 2017-12-06 17:05 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2017-12-03 23:50 - 2017-12-03 23:50 - 000440128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll 2017-12-03 23:50 - 2017-12-03 23:50 - 000263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll 2017-12-03 23:50 - 2017-12-03 23:50 - 000242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll 2017-12-03 23:50 - 2017-12-03 23:50 - 000083792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll 2017-12-03 23:38 - 2017-12-03 23:38 - 000641696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll 2017-12-03 23:38 - 2017-12-03 23:38 - 000389296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll 2017-12-03 23:38 - 2017-12-03 23:38 - 000331432 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll 2017-12-03 23:38 - 2017-12-03 23:38 - 000087728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll 2017-11-21 17:25 - 2017-11-21 17:25 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump 2017-11-18 11:15 - 2017-11-18 11:15 - 000230438 _____ C:\Users\mathi\Documents\Déclaration sur lhonneur.pdf 2017-11-17 17:25 - 2017-11-17 21:36 - 000000000 ____D C:\Users\mathi\AppData\Local\EvernoteNW 2017-11-16 19:22 - 2017-11-17 17:22 - 000002523 _____ C:\Users\Public\Desktop\Evernote.lnk 2017-11-16 19:22 - 2017-11-17 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote 2017-11-16 19:22 - 2017-11-16 19:34 - 000000000 ____D C:\Users\mathi\Evernote 2017-11-16 16:58 - 2017-11-16 16:58 - 000000000 ____D C:\Users\mathi\AppData\Local\Evernote 2017-11-15 12:55 - 2017-10-25 10:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll 2017-11-15 12:55 - 2017-10-25 05:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe 2017-11-15 12:55 - 2017-10-25 05:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-11-15 12:55 - 2017-10-25 05:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll 2017-11-15 12:55 - 2017-10-25 05:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll 2017-11-15 12:55 - 2017-10-25 05:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-11-15 12:55 - 2017-10-25 05:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys 2017-11-15 12:55 - 2017-10-25 05:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2017-11-15 12:55 - 2017-10-25 05:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2017-11-15 12:55 - 2017-10-25 05:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-11-15 12:55 - 2017-10-25 05:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-11-15 12:55 - 2017-10-25 05:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-11-15 12:55 - 2017-10-25 05:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-11-15 12:55 - 2017-10-25 04:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2017-11-15 12:55 - 2017-10-25 04:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-11-15 12:55 - 2017-10-25 04:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-11-15 12:55 - 2017-10-25 04:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-11-15 12:55 - 2017-10-25 04:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-11-15 12:55 - 2017-10-25 04:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll 2017-11-15 12:55 - 2017-10-25 04:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll 2017-11-15 12:55 - 2017-10-25 04:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll 2017-11-15 12:55 - 2017-10-25 04:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll 2017-11-15 12:55 - 2017-10-25 04:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll 2017-11-15 12:55 - 2017-10-25 04:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys 2017-11-15 12:55 - 2017-10-25 04:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe 2017-11-15 12:55 - 2017-10-25 04:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-11-15 12:55 - 2017-10-25 04:12 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2017-11-15 12:55 - 2017-10-25 04:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-11-15 12:55 - 2017-10-25 04:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-11-15 12:55 - 2017-10-25 04:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-11-15 12:55 - 2017-10-25 04:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll 2017-11-15 12:55 - 2017-10-25 04:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll 2017-11-15 12:55 - 2017-10-25 04:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll 2017-11-15 12:55 - 2017-10-25 04:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2017-11-15 12:55 - 2017-10-25 04:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe 2017-11-15 12:55 - 2017-10-25 04:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-11-15 12:55 - 2017-10-25 03:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-11-15 12:55 - 2017-10-25 03:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll 2017-11-15 12:55 - 2017-10-20 06:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-11-10 10:32 - 2017-12-21 17:16 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2017-11-10 09:11 - 2017-12-21 17:16 - 000185096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2017-11-09 09:05 - 2017-12-21 17:16 - 000457400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-11-09 09:05 - 2017-12-21 17:16 - 000358672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-11-09 09:05 - 2017-12-21 17:16 - 000204456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-11-09 09:05 - 2017-12-21 17:16 - 000146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-11-09 09:05 - 2017-12-21 17:16 - 000110336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-11-09 09:05 - 2017-12-21 17:16 - 000084384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-11-09 09:05 - 2017-12-21 17:16 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-11-09 09:05 - 2017-12-21 17:15 - 001025176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-11-09 09:05 - 2017-12-21 17:15 - 000343768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-11-09 09:05 - 2017-12-21 17:15 - 000321512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-11-09 09:05 - 2017-12-21 17:15 - 000199448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-11-09 09:05 - 2017-12-21 17:15 - 000057696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-11-09 09:05 - 2017-11-09 09:05 - 000001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk 2017-11-09 09:05 - 2017-11-09 09:05 - 000001969 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk 2017-11-09 09:05 - 2017-11-09 09:05 - 000000000 ____D C:\Users\mathi\AppData\Roaming\AVAST Software 2017-11-09 09:00 - 2017-11-09 09:00 - 000000000 ____D C:\Program Files\AVAST Software 2017-11-09 08:59 - 2017-11-09 11:42 - 000000000 ____D C:\ProgramData\AVAST Software 2017-11-07 10:13 - 2017-11-07 18:13 - 000000000 ____D C:\Users\mathi\dwhelper 2017-11-07 10:12 - 2017-11-07 10:13 - 000000000 ____D C:\Program Files\ConvertHelper3 2017-11-04 14:57 - 2017-12-22 19:58 - 000000000 ____D C:\Users\mathi\AppData\Local\PlaceholderTileLogoFolder ==================== Trois mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-01-29 13:00 - 2017-10-23 14:41 - 000000000 ____D C:\Users\mathi\AppData\Local\Packages 2018-01-29 13:00 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-01-29 13:00 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-01-29 12:53 - 2017-07-07 11:32 - 000000000 ____D C:\Users\mathi\AppData\Roaming\hubiC 2018-01-29 12:27 - 2017-10-23 14:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-01-29 11:54 - 2017-07-07 14:01 - 000000000 ____D C:\Users\mathi\AppData\LocalLow\Mozilla 2018-01-29 11:49 - 2017-10-23 14:51 - 003175454 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-01-29 11:49 - 2017-09-30 15:40 - 001513928 _____ C:\WINDOWS\system32\perfh00C.dat 2018-01-29 11:49 - 2017-09-30 15:40 - 000357070 _____ C:\WINDOWS\system32\perfc00C.dat 2018-01-29 11:44 - 2017-09-19 13:32 - 000000000 ___RD C:\Users\mathi\iCloudDrive 2018-01-29 11:43 - 2017-10-23 14:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-01-29 11:43 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2018-01-29 11:43 - 2017-07-07 11:00 - 000000000 __SHD C:\Users\mathi\IntelGraphicsProfiles 2018-01-29 10:56 - 2016-06-27 20:50 - 000000000 ____D C:\Program Files\Microsoft Office 2018-01-29 10:55 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-01-29 08:46 - 2017-07-07 11:03 - 000000000 ___RD C:\Users\mathi\OneDrive 2018-01-29 08:46 - 2016-03-24 13:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-01-29 08:24 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-01-28 21:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-01-28 20:37 - 2017-10-23 14:40 - 000510656 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-01-27 14:36 - 2017-07-15 21:25 - 000000000 ____D C:\Users\mathi\AppData\Local\Adobe 2018-01-27 14:36 - 2017-07-07 11:00 - 000000000 ____D C:\Users\mathi\AppData\Roaming\Adobe 2018-01-27 11:11 - 2017-07-12 10:50 - 000000583 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2018-01-23 21:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-01-23 21:45 - 2017-07-07 18:37 - 000000000 ____D C:\Users\mathi\AppData\Local\Chromium 2018-01-22 12:44 - 2017-10-02 10:59 - 000000000 ____D C:\ProgramData\Adobe 2018-01-21 18:29 - 2016-03-24 13:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-01-21 13:22 - 2017-07-07 11:18 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2018-01-21 12:38 - 2017-07-07 11:07 - 000000000 ____D C:\Users\mathi\AppData\Roaming\Skype 2018-01-21 12:20 - 2017-08-06 10:11 - 000000000 ____D C:\Users\mathi\AppData\Local\Google 2018-01-21 11:05 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2018-01-20 19:50 - 2017-07-07 18:12 - 000000000 ____D C:\Users\mathi\AppData\Local\ElevatedDiagnostics 2018-01-20 15:21 - 2017-07-07 11:06 - 000000000 ____D C:\Users\mathi\AppData\Roaming\Foxit Software 2018-01-20 15:18 - 2017-10-12 13:42 - 000000000 ____D C:\Users\mathi\AppData\Roaming\Wondershare 2018-01-20 15:18 - 2017-10-12 13:38 - 000000000 ____D C:\Users\Public\Documents\Wondershare 2018-01-20 15:17 - 2016-03-24 13:04 - 000000000 ____D C:\ProgramData\Package Cache 2018-01-20 13:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-01-18 21:16 - 2017-10-23 14:41 - 000000000 ____D C:\Users\mathi 2018-01-18 12:39 - 2017-08-30 10:35 - 000001258 _____ C:\Users\mathi\Desktop\Multi Virus Cleaner 2018.lnk 2018-01-18 12:39 - 2017-08-30 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi Virus Cleaner 2018 2018-01-17 15:12 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-01-17 15:12 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-01-14 18:42 - 2017-07-07 11:02 - 000000000 ____D C:\Users\mathi\AppData\Local\Comms 2018-01-14 18:36 - 2017-10-23 14:49 - 000000000 ___RD C:\Users\mathi\3D Objects 2018-01-14 18:36 - 2016-06-27 20:15 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-01-14 16:31 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF 2018-01-14 16:30 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2018-01-14 16:30 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12 2018-01-14 16:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput 2018-01-14 16:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2018-01-14 16:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe 2018-01-14 16:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz 2018-01-14 16:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser 2018-01-14 16:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning 2018-01-14 16:30 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism 2018-01-14 15:27 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-01-14 15:26 - 2017-09-29 14:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2018-01-14 15:26 - 2017-09-29 14:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2018-01-14 15:26 - 2017-09-29 14:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2018-01-12 10:19 - 2017-07-07 16:13 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-01-12 10:18 - 2017-10-11 08:09 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-01-12 10:18 - 2017-07-07 16:13 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-01-06 12:38 - 2017-08-26 08:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-01-06 12:38 - 2017-07-07 13:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-01-05 10:34 - 2017-07-07 13:53 - 000001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2018-01-04 12:42 - 2017-10-23 14:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel 2018-01-04 12:42 - 2017-10-23 14:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUS 2018-01-04 12:36 - 2017-08-04 13:43 - 000000184 _____ C:\Users\mathi\AppData\Roaming\sp_data.sys ==================== Fichiers à la racine de certains dossiers ======= 2017-08-04 13:43 - 2018-01-04 12:36 - 000000184 _____ () C:\Users\mathi\AppData\Roaming\sp_data.sys ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-12-30 16:03 ==================== Fin de FRST.txt ============================ Addition Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27.01.2018 Exécuté par mathi (29-01-2018 13:09:36) Exécuté depuis C:\Users\mathi\Desktop Windows 10 Home Version 1709 16299.192 (X64) (2017-10-23 13:48:47) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-811882470-90441414-600605057-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-811882470-90441414-600605057-503 - Limited - Disabled) Invité (S-1-5-21-811882470-90441414-600605057-501 - Limited - Disabled) mathi (S-1-5-21-811882470-90441414-600605057-1001 - Administrator - Enabled) => C:\Users\mathi WDAGUtilityAccount (S-1-5-21-811882470-90441414-600605057-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated) Alcor Micro USB Card Reader Driver (HKLM-x32\...\{5013D154-A876-4AE4-B4A6-43C3B39BF174}) (Version: 20.8.20117.44411 - Alcor Micro Corp.) Hidden Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5013D154-A876-4AE4-B4A6-43C3B39BF174}) (Version: 20.8.20117.44411 - Alcor Micro Corp.) Apple Application Support (32 bits) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.) Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.) ASUS FlipLock (HKLM\...\{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}) (Version: 1.0.14 - ASUS) ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 6.1.14 - ASUS) ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS) ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.8 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0042 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.142 - ICEpower a/s) Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Chromium (HKU\S-1-5-21-811882470-90441414-600605057-1001\...\Chromium) (Version: 66.0.3330.0 - Chromium) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.34.52 - Conexant) ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.) Étude pour l'amélioration du produit HP DeskJet 3700 series (HKLM\...\{BE9A9467-2978-49B4-BE1C-D9C766EF4C76}) (Version: 40.2.1085.16258 - HP Inc.) Evernote v. 6.7.5 (HKLM-x32\...\{65B334F4-9E45-11E7-A6A5-005056951CAD}) (Version: 6.7.5.5825 - Evernote Corp.) Foxit PhantomPDF (HKLM-x32\...\{7BDAB862-E01F-11E7-986C-000C296BF29B}) (Version: 9.0.1.1049 - Foxit Software Inc.) HP DeskJet 3700 series Aide (HKLM-x32\...\{CDCD1F51-D1D8-4B3B-B1EF-9E5C370D0C7B}) (Version: 40.0.0 - HP) HP Dropbox Plugin (HKLM-x32\...\{6401399A-F5DA-4C04-87AA-E8107DF00751}) (Version: 36.0.41.58587 - HP) HP Google Drive Plugin (HKLM-x32\...\{63BCC696-0FB4-4E9C-8144-2DA4F248FC17}) (Version: 36.0.41.58587 - HP) HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard) hubiC - x64 (HKLM\...\{CE2A3177-F286-4F6A-9694-DE8EED87D583}) (Version: 2.1.1.145 - OVH) Hidden hubiC (HKLM-x32\...\{51fea8cc-5bb6-4312-86f5-1802a10e030d}) (Version: 2.1.1.145 - OVH) iCloud (HKLM\...\{99868C9C-C141-4DDE-A2C7-9DDF00F68F17}) (Version: 7.2.0.67 - Apple Inc.) Intel(R) Chipset Device Software (HKLM-x32\...\{d4874f67-8c81-475b-91e0-8de9b2892499}) (Version: 10.1.1.12 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10604.207 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4380 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel(R) WiDi (HKLM\...\{6C02A234-7A14-4737-9D89-B0C47A64F94E}) (Version: 6.0.52.0 - Intel Corporation) Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2}) (Version: 3.2.1184 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation) Intel® Integrated Sensor Solution (HKLM-x32\...\{755abcd0-2942-482b-a27d-22921a5849f0}) (Version: 3.0.14.3056 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{03635e3e-3e57-4d80-9c7d-80c9f62bfc80}) (Version: 18.32.0 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) ISS_Drivers_x64 (HKLM\...\{7E28859E-AD3D-4FC2-8D70-E345F8C87722}) (Version: 3.0.14.3056 - Intel Corporation) Hidden iTunes (HKLM\...\{F3D76007-5A86-4D79-AFF5-103760F02B60}) (Version: 12.7.2.60 - Apple Inc.) LibreOffice 5.4.3.2 (HKLM\...\{5FFD3D4F-8AA0-4C6F-8B3C-AB0D8CD297C9}) (Version: 5.4.3.2 - The Document Foundation) Logiciel de base du périphérique HP Deskjet 2050 J510 series (HKLM\...\{B7F83103-C83C-4081-B9B7-50FC6A6F929E}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) Logiciel de base du périphérique HP DeskJet 3700 series (HKLM\...\{753849E2-17C3-4092-A64C-FEB1F25A11BE}) (Version: 40.2.1085.16258 - HP Inc.) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 57.0.4 (x64 fr) (HKLM\...\Mozilla Firefox 57.0.4 (x64 fr)) (Version: 57.0.4 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla) Multi Virus Cleaner 2018 (HKLM-x32\...\Multi Virus Cleaner 2018_is1) (Version: 18.2.0 - AxBx) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.318.0 - Tracker Software Products Ltd) PhotoFiltre Studio X (HKU\S-1-5-21-811882470-90441414-600605057-1001\...\PhotoFiltre Studio X) (Version: - ) RogueKiller version 12.12.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.0.0 - Adlice Software) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer) TotalRecovery Pro (HKLM-x32\...\TotalRecovery) (Version: 10.0.11.2 - FarStone Inc.) Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (02/25/2016 11.0.0.8) (HKLM\...\C876BE7978CF162DC7BA3966A7B8C3A1A33FFB83) (Version: 02/25/2016 11.0.0.8 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS) Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-811882470-90441414-600605057-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\mathi\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-811882470-90441414-600605057-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\mathi\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-811882470-90441414-600605057-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\mathi\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => Pas de fichier ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software) ShellIconOverlayIdentifiers: [HubicBackupRootOverlayHandler] -> {2DF0C6DB-1E85-4894-9D4F-63CB0EAB17EA} => C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [HubicPublishedItemOverlayHandler] -> {7C76B697-27DF-4CFF-9909-863905561298} => C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [HubicSyncItemOverlayHandler] -> {9B497753-D273-4A80-9DE8-72248D7FA595} => C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [HubicUnsyncItemOverlayHandler] -> {D5454A6E-0904-4BA3-9E4A-240A5080259D} => C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software) ContextMenuHandlers1-x32: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.) ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-12-08] (Apple Inc.) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software) ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2016-11-30] (Intel Corporation) ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software) ContextMenuHandlers6-x32: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {7E5D34EC-F570-41EF-8323-4FD0C760390C} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {884174A0-35C6-4F4F-970B-3E94C34359C1} - System32\Tasks\S-1-5-21-811882470-90441414-600605057-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation) Task: {8BAAC1B5-EE10-468F-966F-2741FA6189C8} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {A0380F9C-1E39-4685-92AB-D7135ECF0363} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-17] (Adobe Systems Incorporated) Task: {C8F153AE-4AEE-4A29-83BD-FE65EDFF7C33} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2014-08-13 07:30 - 2014-08-13 07:30 - 000073032 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe 2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-11-30 18:54 - 2017-11-30 18:54 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-12-13 12:51 - 2017-11-26 13:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-12-13 12:51 - 2017-11-26 13:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-11-18 12:46 - 2015-11-18 12:46 - 000016312 _____ () C:\Program Files\ASUS\ASUS FlipLock\FlipControlPTP.exe 2015-11-18 12:46 - 2015-11-18 12:46 - 000028088 _____ () C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe 2014-03-25 10:14 - 2014-03-25 10:14 - 000071024 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe 2015-11-18 12:46 - 2015-11-18 12:46 - 000018872 _____ () C:\Program Files\ASUS\ASUS FlipLock\WifiPowerManager.exe 2017-12-21 17:15 - 2017-12-21 17:15 - 000067984 _____ () C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll 2017-12-21 17:15 - 2017-12-21 17:15 - 000067920 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll 2017-11-03 22:00 - 2017-11-03 22:00 - 001349224 _____ () C:\Program Files\LibreOffice 5\program\libxml2.dll 2017-11-03 22:00 - 2017-11-03 22:00 - 000231528 _____ () C:\Program Files\LibreOffice 5\program\libxslt.dll 2014-03-25 10:14 - 2014-03-25 10:14 - 000088576 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\zlibwapi.dll 2015-08-18 08:18 - 2015-08-18 08:18 - 000332800 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBCmdDsp.dll 2015-08-18 05:30 - 2015-08-18 05:30 - 000085504 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FlBckpBk.dll 2015-08-18 05:28 - 2015-08-18 05:28 - 000323584 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FlBckpRt.dll 2014-11-25 04:22 - 2014-11-25 04:22 - 000089088 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EfbCheckImg.dll 2015-08-18 05:26 - 2015-08-18 05:26 - 000223232 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskClone.dll 2014-09-22 03:40 - 2014-09-22 03:40 - 000194560 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EFBSearchTool.dll 2014-09-22 03:40 - 2014-09-22 03:40 - 000022528 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBEventMgr.dll 2015-07-27 06:50 - 2015-07-27 06:50 - 000224256 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskMgr.dll 2015-08-18 08:17 - 2015-08-18 08:17 - 000104448 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\BootConfig.dll 2014-05-21 04:04 - 2014-05-21 04:04 - 000018432 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSToken.dll 2015-08-18 06:23 - 2015-08-18 06:23 - 000114176 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EasyFuncs.dll 2014-03-14 08:04 - 2014-03-14 08:04 - 000012288 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSFat32.dll 2014-03-14 08:04 - 2014-03-14 08:04 - 000201216 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\NtfsLib.dll 2014-03-14 08:04 - 2014-03-14 08:04 - 000013312 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\VssNew.dll 2014-11-05 01:44 - 2014-11-05 01:44 - 000017408 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\VDiskConvert.dll 2014-03-25 10:14 - 2014-03-25 10:14 - 000194048 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\NetTool.dll 2014-09-22 03:41 - 2014-09-22 03:41 - 000239104 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\diskpart.dll 2014-09-04 03:41 - 2014-09-04 03:41 - 000037888 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\RapidClone.dll 2014-08-20 02:23 - 2014-08-20 02:23 - 000075264 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskInterface.dll 2014-03-25 10:14 - 2014-03-25 10:14 - 000157552 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FtpPipeModule.dll 2017-11-30 18:55 - 2017-11-30 18:55 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2017-11-30 18:54 - 2017-11-30 18:54 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2017-11-30 18:55 - 2017-11-30 18:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2017-12-21 17:15 - 2017-12-21 17:15 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-12-21 17:15 - 2017-12-21 17:15 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2017-12-21 17:15 - 2017-12-21 17:15 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll 2017-11-09 09:04 - 2017-11-09 09:04 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-12-21 17:15 - 2017-12-21 17:15 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-12-21 17:15 - 2017-12-21 17:15 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2015-11-18 12:46 - 2015-11-18 12:46 - 000009216 _____ () C:\Program Files\ASUS\ASUS FlipLock\WMIProc.dll 2015-10-16 06:14 - 2015-10-16 06:14 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-03-25 10:14 - 2014-03-25 10:14 - 000091584 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\TransferManager.dll 2014-03-25 10:14 - 2014-03-25 10:14 - 000062832 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\CommonFun.dll 2014-03-25 10:14 - 2014-03-25 10:14 - 000054712 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FTPFunModule.dll 2014-03-25 10:14 - 2014-03-25 10:14 - 000617952 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\XpIcfOpt.dll 2013-04-27 09:24 - 2013-04-27 09:24 - 000071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-811882470-90441414-600605057-1001\...\sharepoint.com -> hxxps://etudsorbonnenouvellefr-files.sharepoint.com ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-811882470-90441414-600605057-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mathi\Pictures\Hexagone\Sans titre 1.bmp DNS Servers: 172.20.10.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKU\S-1-5-21-811882470-90441414-600605057-1001\...\StartupApproved\Run: => "Skype" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{6873962F-A285-48C8-AD4C-463A1E948AA5}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{4E55111B-6334-4A39-B935-4B2EB4D9A1CD}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{ABF2CA52-D0BB-463C-8923-F57BE72F601B}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{7AE3F348-3643-4887-BB62-5C42B09AC245}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{FEB72168-C669-4301-BE0E-D38541F4AF7F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{D05A1F2F-3239-42FD-B68C-5D47E0315066}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{0D0C16E2-52CB-4125-BE30-F9B7E11701E1}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{758AD3D4-2AD4-4312-9B11-E1ABECD18C84}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [UDP Query User{1B6244A9-3906-4277-970D-39D5667031FE}C:\users\mathi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mathi\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{655C1541-C68F-4139-BDE3-552B82BF8F68}C:\users\mathi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mathi\appdata\roaming\spotify\spotify.exe FirewallRules: [{C66EB0F3-E31A-4287-B3D7-8F2DDFD8F1CD}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{1814C493-F84B-4E2A-9075-EAD2DAF661C8}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe FirewallRules: [{595D4AA2-FC82-4BCB-B55B-EF2F737B84AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E5036841-AE8B-4663-A51B-B2DDA28A0DD7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{91BC21FE-A907-40FE-B8A4-0D491AB232AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5C00C3E5-4BC0-4586-AF09-06C2B770DC75}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [UDP Query User{1A4EA27E-2144-4F95-9EFC-169E034801B8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{15CED565-2301-495A-8DF9-AAAF1CC2833F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{04BD37A9-D275-489D-B6A6-676A3879293E}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{A18D49AA-8A42-4F04-B0A8-A1D1D6C56D3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7307331B-6955-49C6-B48A-941C0A20B4FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{97471493-F33B-4D83-9779-7816B3A596CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A6D932F2-78BF-45F3-A0C2-1DD9C5341971}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{B51601E2-B10D-4327-AE6C-4F475F92CAD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{758D054B-9FA2-42FE-B36D-18B365AD32D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{B2964C46-9D00-470F-9121-FE1F0BC9E5DB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{A437604F-87A7-4647-AD60-9A8708BB8797}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{C4D507C3-311D-4111-B02B-2080B4DE4FE8}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe FirewallRules: [{8CA99761-63A5-4666-81C9-04CA604FBDD4}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe FirewallRules: [{2B8DB5AC-91F5-461F-A9A8-1E49067AC00A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe FirewallRules: [{06EA5897-F410-44F2-9780-BA75824E0FFD}] => (Allow) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe FirewallRules: [{8037A043-55A8-404D-BCB0-EE0C0313BB7F}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{BD4129B5-4F42-490E-8049-1280C129A28D}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{C0AB7680-BBE8-43C2-B90C-55095AD63AEE}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{FDF0075E-AB1C-4702-81D6-6B9C024113A1}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{28CE90C5-B7F8-468A-B184-5C635BC683BD}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{3ABC6A2B-837D-49E9-89E1-6E6D4ADEB3FB}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{D92FBA01-D30C-444F-AC93-ADBF2EF706E9}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{A6810695-532D-4B8E-B536-09A2B4E1BBBA}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{015BC021-0B1D-46AE-AE7D-06213A9EBDD7}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{71737571-4C18-4F71-9FBC-BF052937EA4E}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{56F3CF50-4903-45BB-BBF7-BA6B19065DC7}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{9951068E-E078-4460-8950-512F4F788582}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{C405F752-FB14-49EB-89B5-AF78513B06E2}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{7F00E1A5-A564-409A-B6C0-2A8932D72969}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{59B46E9A-0329-42AE-B227-1686CE20A933}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{0A05E07F-0D0D-4F93-AD34-78A4DB031B99}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{5AB9C517-A7D3-407C-A3F7-734CDA105D28}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{046C4912-47B0-49B8-8BA3-9AA798BE5C07}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{E1987F4C-23F1-4DC1-A573-F778525DFBC3}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{3FBF3CEC-A128-4538-BE2F-7A60A541CBBC}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\DeviceSetup.exe FirewallRules: [{8CC31125-8C82-45B0-B956-4F95382C2E93}] => (Allow) LPort=5357 FirewallRules: [{6AD0ED9A-1A60-47A6-99AF-548C34D5C7A8}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{DF7E1951-A037-482F-BEBD-A9A6CE766697}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{F282DB07-A35F-4F2E-B476-2D65630D0787}] => (Allow) LPort=1688 FirewallRules: [{17C51898-D1A4-4938-910F-4497588A5370}] => (Allow) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\outlook.exe FirewallRules: [{4C7CF8EB-6617-49B1-AE77-DC5C8F07EE08}] => (Allow) %systemroot%\system32\alg.exe ==================== Points de restauration ========================= 29-01-2018 12:47:15 Avant désinfection ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (01/29/2018 01:09:29 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-02-04T19:39:29Z. Code d’erreur : 0x80070002. Error: (01/29/2018 01:08:59 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-02-04T19:39:59Z. Code d’erreur : 0x80070002. Error: (01/29/2018 01:08:29 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-02-04T19:39:29Z. Code d’erreur : 0x80070002. Error: (01/29/2018 01:07:59 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-02-04T19:39:59Z. Code d’erreur : 0x80070002. Error: (01/29/2018 01:07:29 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-02-04T19:39:29Z. Code d’erreur : 0x80070002. Error: (01/29/2018 01:06:59 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-02-04T19:39:59Z. Code d’erreur : 0x80070002. Error: (01/29/2018 01:06:29 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-02-04T19:39:29Z. Code d’erreur : 0x80070002. Error: (01/29/2018 01:05:59 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-02-04T19:39:59Z. Code d’erreur : 0x80070002. Error: (01/29/2018 01:05:29 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-02-04T19:39:29Z. Code d’erreur : 0x80070002. Error: (01/29/2018 01:04:59 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-02-04T19:39:59Z. Code d’erreur : 0x80070002. Erreurs système: ============= Error: (01/29/2018 11:43:40 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (01/29/2018 11:43:40 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (01/29/2018 11:43:00 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SDM0ICP) Description: Le serveur {0002DF02-0000-0000-C000-000000000046} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/29/2018 11:42:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SDM0ICP) Description: Le serveur {0002DF02-0000-0000-C000-000000000046} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/28/2018 09:58:46 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (01/28/2018 09:58:46 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (01/28/2018 09:09:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (01/28/2018 09:09:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (01/28/2018 09:08:51 PM) (Source: DCOM) (EventID: 10005) (User: AUTORITE NT) Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service dps avec les arguments « Non disponible » pour exécuter le serveur : {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (01/28/2018 09:08:51 PM) (Source: DCOM) (EventID: 10005) (User: AUTORITE NT) Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service dps avec les arguments « Non disponible » pour exécuter le serveur : {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} CodeIntegrity: =================================== Date: 2018-01-17 08:13:10.707 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-17 08:13:10.704 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-17 08:13:10.465 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-17 08:13:10.463 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-14 22:27:50.323 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-14 22:27:50.305 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-14 22:27:49.223 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-14 22:27:49.220 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-11 08:44:34.152 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-11 08:44:34.150 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) m3-6Y30 CPU @ 0.90GHz Pourcentage de mémoire utilisée: 81% Mémoire physique - RAM - totale: 3992.29 MB Mémoire physique - RAM - disponible: 750.07 MB Mémoire virtuelle totale: 9112.29 MB Mémoire virtuelle disponible: 4010.41 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:118.48 GB) (Free:16.14 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 0599ECB1) Partition: GPT. ==================== Fin de Addition.txt ============================ Shortcut Résultats d'analyse des raccourcis de l'utilisateur (x64) Version: 27.01.2018 Exécuté par mathi (29-01-2018 13:10:00) Exécuté depuis C:\Users\mathi\Desktop Mode d'amorçage: Normal ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\mathi\Documents () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\mathi\Downloads () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\mathi\Music () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\mathi\Pictures () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\mathi\Videos () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\mathi () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk -> C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Conexant Systems, Inc) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{19589375-5C58-4AFA-842F-8B34744CCEAD}\AppleSoftwareUpdateIco.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hubiC.lnk -> C:\Program Files\OVH\hubiC\hubiC.exe (OVH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk -> C:\Windows\system32\GfxUIEx.exe (Pas de fichier) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller\RogueKiller.lnk -> C:\Program Files\RogueKiller\RogueKiller64.exe (Adlice Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer License.lnk -> C:\Program Files\Tracker Software\PDF Viewer\Help\PDFVLicense.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer Users Manual.lnk -> C:\Program Files\Tracker Software\PDF Viewer\Help\PDFVwrManSm.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer.lnk -> C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\Tracker Updater.lnk -> C:\Program Files\Tracker Software\Update\TrackerUpdate.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\Uninstall.lnk -> C:\Program Files\Tracker Software\PDF Viewer\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi Virus Cleaner 2018\Désinstaller Multi Virus Cleaner 2018.lnk -> C:\Program Files (x86)\AxBx\Multi Virus Cleaner 2018\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi Virus Cleaner 2018\Multi Virus Cleaner 2018.lnk -> C:\Program Files (x86)\AxBx\Multi Virus Cleaner 2018\MVC.exe (AxBx) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi Virus Cleaner 2018\Page d'accueil de Multi Virus Cleaner 2018.lnk -> C:\Program Files (x86)\AxBx\Multi Virus Cleaner 2018\MVC.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4\LibreOffice Base.lnk -> C:\Program Files\LibreOffice 5\program\sbase.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4\LibreOffice Calc.lnk -> C:\Program Files\LibreOffice 5\program\scalc.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4\LibreOffice Draw.lnk -> C:\Program Files\LibreOffice 5\program\sdraw.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4\LibreOffice Impress.lnk -> C:\Program Files\LibreOffice 5\program\simpress.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4\LibreOffice Math.lnk -> C:\Program Files\LibreOffice 5\program\smath.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4\LibreOffice Writer.lnk -> C:\Program Files\LibreOffice 5\program\swriter.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4\LibreOffice.lnk -> C:\Program Files\LibreOffice 5\program\soffice.exe (The Document Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\À propos d’iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\fr.lproj\About iTunes.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation\Intel(R) WiDi Receiver Updater.lnk -> C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Photos iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower\AudioWizard\AudioWizard.lnk -> C:\Windows\Installer\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}\NewShortcut2_CAFC68A201474C958303AEAC0F6DBEDB.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP DeskJet 3700 series\HP TWAIN Administration.lnk -> C:\Program Files (x86)\HP\HP DeskJet 3700 series\bin\TwainUtilityUI.exe (HP Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF\Activation.lnk -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\Activation.exe (Foxit Software Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF\Foxit PhantomPDF.lnk -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDF.exe (Foxit Software Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FarStone\TotalRecovery Pro\TotalRecovery Pro.lnk -> C:\Program Files (x86)\FarStone\TotalRecovery Pro\Client\FSLoader.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FarStone\TotalRecovery Pro\UnInstall TotalRecovery Pro.lnk -> C:\Program Files (x86)\FarStone\TotalRecovery Pro\uninst.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote\Evernote.lnk -> C:\Windows\Installer\{65B334F4-9E45-11E7-A6A5-005056951CAD}\Evernote.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant\SAII\SmartAudio.lnk -> C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Conexant Systems, Inc) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS HiPost.lnk -> C:\Program Files (x86)\ASUS\ASUS HiPost\SmartClipboardASUS.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Install.lnk -> C:\eSupport\eDriver\AsInsWiz.exe (ASUSTek Computer INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Live Update.Lnk -> C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS On-Screen Display.lnk -> C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSDMgr.exe (ASUSTek Computer Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\eManual.Lnk -> C:\eSupport\Manual\eManual.exe (ASUSTek Computer Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\USB Charger Plus.lnk -> C:\Windows\Installer\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}\_03B938BA8B4575BDE7A878.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WinFlash.Lnk -> C:\Program Files (x86)\ASUS\WinFlash\WinFlash.exe (ASUSTek Computer Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Splendid Utility\Splendid Utility.Lnk -> C:\Program Files (x86)\ASUS\Splendid\ACVT.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS FlipLock\ASUS FlipLock.lnk -> C:\Program Files\ASUS\ASUS FlipLock\TransformTutorial.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files (x86)\7-Zip\7zFM.exe (Igor Pavlov) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files (x86)\7-Zip\7-zip.chm () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\Links\Desktop.lnk -> C:\Users\mathi\Desktop () Shortcut: C:\Users\mathi\Links\Downloads.lnk -> C:\Users\mathi\Downloads () Shortcut: C:\Users\mathi\Links\hubiC.lnk -> C:\Users\mathi\hubiC () Shortcut: C:\Users\mathi\Links\iCloud Drive.lnk -> C:\Users\mathi\iCloudDrive () Shortcut: C:\Users\mathi\Links\OneDrive.lnk -> C:\Users\mathi\OneDrive () Shortcut: C:\Users\mathi\Desktop\Chromium.lnk -> C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) Shortcut: C:\Users\mathi\Desktop\Multi Virus Cleaner 2018.lnk -> C:\Program Files (x86)\AxBx\Multi Virus Cleaner 2018\MVC.exe (AxBx) Shortcut: C:\Users\mathi\Desktop\PhotoFiltre Studio X.lnk -> C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe (PhotoFiltre) Shortcut: C:\Users\mathi\Desktop\ZHPCleaner.lnk -> C:\Users\mathi\AppData\Roaming\ZHP\ZHPCleaner.exe () Shortcut: C:\Users\mathi\Desktop\ZHPDiag.lnk -> C:\Users\mathi\AppData\Roaming\ZHP\ZHPDiag3.exe () Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk -> C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Toasts App.lnk -> C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSWin8Toa.exe () Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eye Care Switcher.lnk -> C:\Program Files (x86)\ASUS\Splendid\Eye Care Switcher.exe () Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk -> C:\Windows\System32\fodhelper.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X\Désinstaller PhotoFiltre Studio X.lnk -> C:\Program Files (x86)\PhotoFiltre Studio X\Uninst.exe () Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X\Informations sur PhotoFiltre Studio.lnk -> C:\Program Files (x86)\PhotoFiltre Studio X\PhotoFiltre Studio.htm () Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X\Informations sur PhotoMasque.lnk -> C:\Program Files (x86)\PhotoFiltre Studio X\PhotoMasque.htm () Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X\PhotoFiltre Studio X.lnk -> C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe (PhotoFiltre) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud Drive.lnk -> C:\Users\mathi\iCloudDrive () Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\internet explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\SendTo\Evernote.lnk -> C:\Program Files (x86)\Evernote\Evernote\Evernote.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\SendTo\Transfert de fichiers Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk -> C:\Users\mathi\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Achat de consommables - HP DeskJet 3700 series.lnk -> C:\Program Files\HP\HP DeskJet 3700 series\Bin\hpqDTSS.exe (HP Inc.) Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) Shortcut: C:\Users\Public\Desktop\ASUS HiPost.lnk -> C:\Program Files (x86)\ASUS\ASUS HiPost\SmartClipboardASUS.exe () Shortcut: C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) Shortcut: C:\Users\Public\Desktop\Evernote.lnk -> C:\Windows\Installer\{65B334F4-9E45-11E7-A6A5-005056951CAD}\Evernote.ico () Shortcut: C:\Users\Public\Desktop\Eye Care Switcher.Lnk -> C:\Program Files (x86)\ASUS\Splendid\Eye Care Switcher.exe () Shortcut: C:\Users\Public\Desktop\Foxit PhantomPDF.lnk -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDF.exe (Foxit Software Inc.) Shortcut: C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk -> C:\Program Files (x86)\HP\Diagnostics\PSDR\HPPSDr.exe () Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.) Shortcut: C:\Users\Public\Desktop\LibreOffice 5.4.lnk -> C:\Program Files\LibreOffice 5\program\soffice.exe (The Document Foundation) Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\PDF-Viewer.lnk -> C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\Users\Public\Desktop\RogueKiller.lnk -> C:\Program Files\RogueKiller\RogueKiller64.exe (Adlice Software) Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe () Shortcut: C:\Users\Public\Desktop\TeamViewer 10.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS GIFTBOX.lnk -> C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe (ASUSTek Computer Inc) -> store:default ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4\LibreOffice (Safe Mode).lnk -> C:\Program Files\LibreOffice 5\program\soffice.exe (The Document Foundation) -> --safe-mode ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendrier.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Keynote.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> keynote ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Localiser mon iPhone.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notes.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Numbers.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> numbers ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Pages.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> pages ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Rappels.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP DeskJet 3700 series\HP DeskJet 3700 series.lnk -> C:\Program Files\HP\HP DeskJet 3700 series\Bin\HP DeskJet 3700 series.exe (HP Inc.) -> -Start UDCDevicePage ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 2050 J510 series\HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe (Hewlett-Packard Co.) -> -Start UDCDevicePage ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF\Désinstaller.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {7BDAB862-E01F-11E7-986C-000C296BF29B} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto: ShortcutWithArgument: C:\Users\mathi\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto ShortcutWithArgument: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\mathi\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe (Hewlett-Packard Co.) -> -Start UDCDevicePage ShortcutWithArgument: C:\Users\Public\Desktop\HP DeskJet 3700 series.lnk -> C:\Program Files\HP\HP DeskJet 3700 series\Bin\HP DeskJet 3700 series.exe (HP Inc.) -> -Start UDCDevicePage ShortcutWithArgument: C:\Users\Public\Desktop\hubiC.lnk -> C:\Program Files\OVH\hubiC\hubiC.exe (OVH) -> run --showsync InternetURL: C:\Users\mathi\Music\EP 2 - EP\.albumdabster.com.url -> URL: hxxp://albumdabster.com/ InternetURL: C:\Users\mathi\Favorites\..____ Golondrina ____._.____ Espagnol pour débutants ____...url -> URL: hxxp://www.golondrina.net/ InternetURL: C:\Users\mathi\Favorites\1.2 Semestre 2 - LEA Reims.url -> URL: hxxp://leareims.canalblog.com/archives/1_2_semestre_2/index.html InternetURL: C:\Users\mathi\Favorites\10 conseils pour des révisions au top.url -> URL: hxxp://www.digischool.fr/initiatives/10-conseils-revisions-top-14686.php InternetURL: C:\Users\mathi\Favorites\Académie en ligne _ tous les cours de l'année en accès gratuit.url -> URL: hxxp://www.academie-en-ligne.fr/Lycee/Ressources.aspx?PREFIXE=AL7ES21 InternetURL: C:\Users\mathi\Favorites\Alternatives Economiques Education.url -> URL: hxxp://www.alternatives-economiques-education.fr/ InternetURL: C:\Users\mathi\Favorites\Answers.url -> URL: hxxp://wiki.answers.com/#page1 InternetURL: C:\Users\mathi\Favorites\Apprendre l'anglais - e Learn English Language.url -> URL: hxxp://www.elearnenglishlanguage.com/anglais/apprendreanglais.html InternetURL: C:\Users\mathi\Favorites\Apprendre Tous Cours.url -> URL: hxxp://www.apprendre-tous-cours.com/ InternetURL: C:\Users\mathi\Favorites\Auto-formation _ Etudoc's Weblog.url -> URL: hxxp://etudoc.wordpress.com/auto-formation/ InternetURL: C:\Users\mathi\Favorites\BBC - Languages - Spanish - Mi Vida Loca.url -> URL: hxxp://www.bbc.co.uk/languages/spanish/mividaloca/full_details.shtml InternetURL: C:\Users\mathi\Favorites\BBC - Learning_ online learning resources.url -> URL: hxxp://www.bbc.co.uk/learning/ InternetURL: C:\Users\mathi\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\mathi\Favorites\Book Store.url -> URL: hxxp://livregratuit.tk/animate-espagnol-2e-annee-ed.-2012-cah.html InternetURL: C:\Users\mathi\Favorites\Cabriel Clark Fucks Chris Harder! » free gay porn, sex video, movie tube.url -> URL: hxxp://freakygayporn.com/44822-cabriel-clark-fucks-chris-harder.html InternetURL: C:\Users\mathi\Favorites\CARTES HEURISTIQUES FLE - Agnès PICOT - PRISME.url -> URL: hxxp://www.prisme-asso.org/spip.php?article8146 InternetURL: C:\Users\mathi\Favorites\Cartes heuristiques à l'université - MindMeister Mind Map.url -> URL: hxxp://www.mindmeister.com/fr/334043638/cartes-heuristiques-l-universit InternetURL: C:\Users\mathi\Favorites\Civilisation anglaise.url -> URL: hxxp://www.ac-nancy-metz.fr/enseign/anglais/civigb.htm InternetURL: C:\Users\mathi\Favorites\Civilisation britannique - une introduction.url -> URL: hxxp://angleterre.org.uk/civi/civilisation.htm InternetURL: C:\Users\mathi\Favorites\Classemapping, Page 2 _ Scoop.it.url -> URL: hxxp://www.scoop.it/t/classemapping?page=2 InternetURL: C:\Users\mathi\Favorites\Comment étudier efficacement en 5 étapes « Formation 3.0.url -> URL: hxxp://format30.com/2012/03/13/comment-etudier-efficacement-en-5-etapes/ InternetURL: C:\Users\mathi\Favorites\Cours de LEA, économie.url -> URL: hxxp://cours-univ.fr/cours/licence/langues/licence-lea-economie.html InternetURL: C:\Users\mathi\Favorites\Cours d’espagnol pour les enfants en ligne _ Leçon d' espagnol gratuit!.url -> URL: hxxp://www.petralingua.com/fr/cours-de-langue/espagnol-pour-les-enfants-en-ligne.php InternetURL: C:\Users\mathi\Favorites\Cours LEA.url -> URL: hxxp://leanantes.com/Cours-LEA.php InternetURL: C:\Users\mathi\Favorites\Cours.url -> URL: hxxp://courslea1creteil.free.fr/cours.htm InternetURL: C:\Users\mathi\Favorites\Dictionary.url -> URL: hxxp://m.dictionary.com/d/?o=0&l=dir InternetURL: C:\Users\mathi\Favorites\Dictionnaires et Encyclopédies sur le Akademik.url -> URL: hxxp://translate.fracademic.com/?lang=spanish&did%5B%5D=esp_rus InternetURL: C:\Users\mathi\Favorites\DU langues études européenes - Recherche Google.url -> URL: hxxps://www.google.fr/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=DU++langues+%C3%A9tudes+europ%C3%A9enes&safe=off InternetURL: C:\Users\mathi\Favorites\Duo Pendant Le Lavage De Voiture Où John Despe Est Baisé Par Yohann Drissan Vidéo Gay Menoboy _ BerryProd _A Chacun Son Instant De Passivité_ Avec Pipes Sodo & Méga Ejac - 21'50 - Blog Mega Sperm.url -> URL: hxxp://www.mega-sperm.com/article-duo-pendant-le-lavage-de-voiture-ou-john-despe-est-baise-par-yohann-drissan-video-gay-menoboy-berr-123286203.html InternetURL: C:\Users\mathi\Favorites\Duo Safe De Mâles Virils Où Le Ttbm Musclé Jordan Fox Défonce Le Sexy Tatoué Matt Richie Vidéo Gay HardBritLads Avec Pipes Sodo & Méga Ejac Faciale - 20'49 - Blog Mega Sperm.url -> URL: hxxp://www.mega-sperm.com/article-baise-hard-des-virils-muscles-et-sexy-jordan-fox-matt-ritchie-pipes-sodo-mega-ejac-faciale-video-99455039.html InternetURL: C:\Users\mathi\Favorites\Economie-Finances-Bourse-Assurances.url -> URL: hxxp://www.liensutiles.org/econom.htm InternetURL: C:\Users\mathi\Favorites\Economía - BBC Mundo - Temas.url -> URL: hxxp://www.bbc.co.uk/mundo/temas/economia/ InternetURL: C:\Users\mathi\Favorites\Enseignement d'exploration en Seconde - Flachéco.url -> URL: hxxp://www.sesflacher.fr/pages/le-contenu-des-ses/enseignement-d-exploration-en-seconde.html InternetURL: C:\Users\mathi\Favorites\Escucha los 40 Principales en Yes.fm.url -> URL: hxxp://www.yes.fm/star/40Principales InternetURL: C:\Users\mathi\Favorites\Espagnol - Académie de Grenoble - Webs con recursos pedagógicos - 06-Manuels scolaires.url -> URL: hxxp://www.ac-grenoble.fr/disciplines/espagnol/mobile/articles.php?lng=fr&pg=201 InternetURL: C:\Users\mathi\Favorites\ExamTime - Changing the way you learn.url -> URL: hxxps://www.examtime.com/ InternetURL: C:\Users\mathi\Favorites\exercice Espagnol - Recherche - Intellego.fr.url -> URL: hxxp://www.intellego.fr/index.php?PageID=recherche&in_je_recherche_motscles=Espagnol&sel_je_recherche_type=rub_2&sel_je_recherche_niveau=&sel_je_recherche_matiere= InternetURL: C:\Users\mathi\Favorites\Featured blog of the month _ TeachingEnglish _ British Council _ BBC.url -> URL: hxxp://www.teachingenglish.org.uk/featured-blogs?utm_source=facebook-teachingenglish&utm_medium=wallpost&utm_campaign=bc-teachingenglish-facebook InternetURL: C:\Users\mathi\Favorites\First - Méga kit audio.url -> URL: hxxp://system.paraschool.com/soutien/first/index.jsp InternetURL: C:\Users\mathi\Favorites\Formule de Compte.url -> URL: hxxps://www.labanquepostale.fr/particuliers/espace_parents_jeune/espace_jeune/Gestion_quotidien/Formule_de_compte.Mode_emploi.html InternetURL: C:\Users\mathi\Favorites\Framindmap.url -> URL: hxxp://www.framindmap.org/framindmap.html InternetURL: C:\Users\mathi\Favorites\Free.url -> URL: hxxps://wifi.free.fr/?priv=53616c7465645f5f707f406a4147d43b04d6842f7d48ff97a58ddbe2e29e6f9f92696904992839eafb0738dbd66936c7aa4c9130aab23acee327d9b61cd853de6203665483c52d6eb0ea8a4f6ef05568819c35048d943aa94b801d3b21133db82e6c13e47a3217b6d975ebf723dbbded1d5c91aa67e27901ca3ae2aa69412211319756e87be4be146742bb23827dc8fc InternetURL: C:\Users\mathi\Favorites\Fucked on the couch.url -> URL: hxxp://www.pornhub.com/view_video.php?viewkey=421534034&utm_source=PBWeb&utm_medium=PT&utm_campaign=PBWeb InternetURL: C:\Users\mathi\Favorites\GAY STAR - VALENTIN PETROV FUCKS JOHNNY RAPID - VIDEO GAY GRATUITE.url -> URL: hxxp://www.gaysexyboy.fr/gay-star-valentin-petrov-fucks-johnny-rapid/# InternetURL: C:\Users\mathi\Favorites\Global Voices · Citizen media stories from around the world.url -> URL: hxxp://globalvoicesonline.org/?goal=0_e4b660ba17-8998013a8d-333937993 InternetURL: C:\Users\mathi\Favorites\Google Traduction.url -> URL: hxxp://translate.google.fr/m/translate InternetURL: C:\Users\mathi\Favorites\Home - Freeplane - free mind mapping and knowledge management software.url -> URL: hxxp://freeplane.sourceforge.net/wiki/index.php/Main_Page InternetURL: C:\Users\mathi\Favorites\Hostelworld.com.url -> URL: hxxps://m.hostelworld.com/ InternetURL: C:\Users\mathi\Favorites\https_wifi.free.fr__url=http_www.google.fr_.url -> URL: hxxps://wifi.free.fr/?url=hxxp://www.google.fr/ InternetURL: C:\Users\mathi\Favorites\interactive-notebooks - home.url -> URL: hxxp://interactive-notebooks.wikispaces.com/ InternetURL: C:\Users\mathi\Favorites\Introduction aux sciences économiques 400821.url -> URL: hxxp://www.doc-etudiant.fr/Commerce/Economie/Cours-Introduction-aux-sciences-economiques-400821/1.html InternetURL: C:\Users\mathi\Favorites\jule Spania - YouTube.url -> URL: hxxp://www.youtube.com/channel/UC0rdO4uSFFzGfu42yvzzFcg InternetURL: C:\Users\mathi\Favorites\KAMERON FROST » VIDEO GAY GRATUITE.url -> URL: hxxp://www.gaysexyboy.fr/tag/kameron-frost/ InternetURL: C:\Users\mathi\Favorites\Kirsty Mitchell Photography.url -> URL: hxxp://www.kirstymitchellphotography.com/ InternetURL: C:\Users\mathi\Favorites\Konbini _ all pop everything.url -> URL: hxxp://www.konbini.com/fr/ InternetURL: C:\Users\mathi\Favorites\L.E.A. Nice __ Cours d'Economie Complet Semestre 1.url -> URL: hxxp://leanicecours.xooit.fr/t24-Cours-d-Economie-Complet-Semestre-1.htm?q=lea+semestre InternetURL: C:\Users\mathi\Favorites\la-grammaire-par-les-exercices-3eme-nouvelle-edition.pdf.url -> URL: hxxp://ait-akki-hassan1.e-monsite.com/medias/files/la-grammaire-par-les-exercices-3eme-nouvelle-edition.pdf InternetURL: C:\Users\mathi\Favorites\language arts — free printable notebooking pages _ The Notebooking Fairy.url -> URL: hxxp://notebookingfairy.com/category/printable-pages/language-arts/ InternetURL: C:\Users\mathi\Favorites\Language Exchange lille - Franglish.url -> URL: hxxp://www.lille.franglish.eu/en/language-exchange-lille InternetURL: C:\Users\mathi\Favorites\Le Site de Ladoual.url -> URL: hxxp://ahl1.over-blog.com/m/3.html InternetURL: C:\Users\mathi\Favorites\LIGNE G NEW.indd.url -> URL: hxxp://www.marineo.fr/sites/default/files/LIGNE%20G%20HESDIN%20L%27ABBE%20-%20ST%20LEONARD%20-%20INQUETERIE%20-%20LA%20CAPELLE%20-%20MACQUINGHEN.pdf InternetURL: C:\Users\mathi\Favorites\Minds in Bloom.url -> URL: hxxp://www.minds-in-bloom.com/search?updated-max=2014-02-08T17:20:00-08:00&max-results=7&start=13&by-date=false&m=1 InternetURL: C:\Users\mathi\Favorites\Mobile.url -> URL: hxxp://m.voanews.com/ InternetURL: C:\Users\mathi\Favorites\Mode, beauté, déco, geekeries pour les jeunes - L'Etudiant Trendy.url -> URL: hxxp://www.letudiant.fr/trendy/ InternetURL: C:\Users\mathi\Favorites\Myself & Co _ Examens _ réviser avec le _mind mapping_ - L'Etudiant Trendy.url -> URL: hxxp://www.letudiant.fr/trendy/myself/mon-environnement/examens-reviser-avec-le-mind-mapping.html InternetURL: C:\Users\mathi\Favorites\Méthodologie _ fiche de révision et carte mentale ? Memo Histoire.url -> URL: hxxp://memohistoire.fr/?p=475 InternetURL: C:\Users\mathi\Favorites\O2 recrute _ Déposez votre candidature pour un emploi en ménage & repassage.url -> URL: hxxp://emploi-menage.fr/candidature-en-ligne-menage.shtml# InternetURL: C:\Users\mathi\Favorites\Padre Made in USA - 1x01 - Piloto _ Series Online, Peliculas Online, descargar series.url -> URL: hxxp://www.serieonline.net/padre-made-in-usa/temporada-1/01/ InternetURL: C:\Users\mathi\Favorites\Paroles Gaga.url -> URL: hxxp://gagavision.net/lady-gaga/paroles/ InternetURL: C:\Users\mathi\Favorites\PDF Magazines - Download Free Digital Magazines in PDF Format for iPad, Android Tablets and PC.url -> URL: hxxp://www.pdfmagazines.org/ InternetURL: C:\Users\mathi\Favorites\Personal Planner - Personalised Diary 2014 _ personal-planner.com.au.url -> URL: hxxp://www.personal-planner.com.au/AU/ InternetURL: C:\Users\mathi\Favorites\Portail Captif Communautaire SFR WiFi.url -> URL: hxxps://hotspot.wifi.sfr.fr/indexEncryptingChilli.php?res=notyet&uamip=192.168.2.1&uamport=3990&challenge=86e72f1d7c8e1bfcddfdbf44acb49653&userurl=http%3a%2f%2fwww.gstatic.com%2fgenerate_204&nasid=00-17-33-1a-b0-67&mac=78-92-9C-4A-44-D0&mode=4&channel=0 InternetURL: C:\Users\mathi\Favorites\Pour Les Mecs.url -> URL: hxxp://www.pour-les-mecs.com/ InternetURL: C:\Users\mathi\Favorites\Prise de Notes MERAS®.url -> URL: hxxp://www.meras-prisedenotes.com/audiofr.php InternetURL: C:\Users\mathi\Favorites\Radio online, información y noticias de actualidad _ COPE.url -> URL: hxxp://www.cope.es/ InternetURL: C:\Users\mathi\Favorites\Regarder Abraham Lincoln _ Chasseur de Vampires en Streaming gratuitement sans limit _ Regarder Films En Streaming Et Sans Limite – Serie en Streaming – Films Spectacles Gratuit..url -> URL: hxxp://www.k-streaming.com/film-abraham-lincoln-chasseur-de-vampires-en-streaming-french/ InternetURL: C:\Users\mathi\Favorites\Ressources sur les cartes heuristiques — Lettres — Éduscol numérique.url -> URL: hxxp://eduscol.education.fr/lettres/pratiques/tic/action-utilis/ressources-cart InternetURL: C:\Users\mathi\Favorites\Retour et véritables pancakes américains.url -> URL: hxxp://disonmangequoi.canalblog.com/archives/2008/08/21/10305165.html InternetURL: C:\Users\mathi\Favorites\Reussite Etudes _ Ensemble, apprenons (enfin) comment étudier avec plaisir et efficacité !.url -> URL: hxxp://reussite-etudes.fr/ InternetURL: C:\Users\mathi\Favorites\Reverso _ traducteur mobile.url -> URL: hxxp://mobile.reverso.net/ InternetURL: C:\Users\mathi\Favorites\S.E.S premiére et terminal - Intellego.fr.url -> URL: hxxp://www.intellego.fr/intelleblog/s.e.s-premiere-et-terminal/8215 InternetURL: C:\Users\mathi\Favorites\sciences éco.url -> URL: hxxp://arnold.chassagnon.free.fr/eco.php InternetURL: C:\Users\mathi\Favorites\Series online » Padre Made in USA.url -> URL: hxxp://www.seriestotales.com/serie/padre-made-in-usa/ InternetURL: C:\Users\mathi\Favorites\Sonidos _ Cadena SER.url -> URL: hxxp://www.cadenaser.com/escucha/ InternetURL: C:\Users\mathi\Favorites\SoundCloud to mp3- Téléchargement rapide et en ligne.url -> URL: hxxp://indie-france.olympe.in/apps/Soundcloudwidget.html InternetURL: C:\Users\mathi\Favorites\Spanish for Beginners - Self-Study Checklist - e Learn Spanish Language.url -> URL: hxxp://www.elearnspanishlanguage.com/beginnerschecklist.html InternetURL: C:\Users\mathi\Favorites\SpanishDict _ English to Spanish Translation, Dictionary and Translator _ Diccionario y traductor inglés español.url -> URL: hxxp://www.spanishdict.com/ InternetURL: C:\Users\mathi\Favorites\SparkNotes_ Romeo and Juliet.url -> URL: hxxp://www.sparknotes.com/shakespeare/romeojuliet/ InternetURL: C:\Users\mathi\Favorites\STYLNOXE _ Blog Mode Homme, Lifestyle & Voyages.url -> URL: hxxp://www.stylnoxe.com/ InternetURL: C:\Users\mathi\Favorites\Telecharger Livre du professeur Espagnol (Lycée) - La Collection.url -> URL: hxxp://www.wawacity.ws/fr/ebooks/136982-telecharger_livre-du-professeur-espagnol-lycee-la-collection.html InternetURL: C:\Users\mathi\Favorites\THE recette de panaches.url -> URL: hxxp://misscricri78.canalblog.com/archives/2007/06/21/5373989.html InternetURL: C:\Users\mathi\Favorites\Tripadvisor.url -> URL: hxxp://www.tripadvisor.com/Home-m25036 InternetURL: C:\Users\mathi\Favorites\Ty Roderick Fuck HARD Asher Hawk - Pornhub.com.url -> URL: hxxp://www.pornhub.com/view_video.php?viewkey=52767019 InternetURL: C:\Users\mathi\Favorites\Téléchargements gratuits _ Éditions Maison des Langues.url -> URL: hxxp://www.emdl.fr/espagnol/telechargements/ InternetURL: C:\Users\mathi\Favorites\Télécharger Ultralingua Dictionnaire Français-Anglais _ Anglais-Français - 01net.com - Telecharger.com.url -> URL: hxxp://www.01net.com/telecharger/windows/Bureautique/traducteur/fiches/17796.html InternetURL: C:\Users\mathi\Favorites\Télécharger Ultralingua Dictionnaire Français-Espagnol _ Espagnol-Français - 01net.com - Telecharger.com.url -> URL: hxxp://www.01net.com/telecharger/windows/Bureautique/traducteur/fiches/17793.html InternetURL: C:\Users\mathi\Favorites\Video Download.url -> URL: javascript:window.location='ilsvideodownloader://'+escape(window.location) InternetURL: C:\Users\mathi\Favorites\vêtements mode pour homme de style Coréen 2014 en ligne _ Milanoo.com.url -> URL: hxxp://www.milanoo.com/fr/Achat-Vestes-Manteaux-c1161?Promotion=frGDNIntModeHommefr130910&gclid=CLDE-eiSmL0CFS7MtAodlTAA3w InternetURL: C:\Users\mathi\Favorites\Watch Online Fresh Meat Season 1 Episode 1 - Series 1, Episode 1 - Watch Series.url -> URL: hxxp://watchseries.lt/episode/fresh_meat_s1_e1.html InternetURL: C:\Users\mathi\Favorites\Why you get 'th_ wrong in English _ Speak More Clearly.url -> URL: hxxp://www.speakmoreclearly.com/blog/why-you-get-th-wrong-in-english InternetURL: C:\Users\mathi\Favorites\Wifi.url -> URL: hxxps://hotspotwifi.bouyguestelecom.fr/ InternetURL: C:\Users\mathi\Favorites\Word frequency_ based on 450 million word COCA corpus.url -> URL: hxxp://www.wordfrequency.info/free.asp InternetURL: C:\Users\mathi\Favorites\Volet des favoris\,_ Diego Sans, Jake Andrews & Jordan Levine.url -> URL: hxxp://safadezasmil.blogspot.fr/2013/02/diego-sans-jake-andrews-jordan-levine.html?zx=6292dedeadaadc1e InternetURL: C:\Users\mathi\Favorites\Volet des favoris\4 _ 2013 Le catch et....url -> URL: hxxp://rrca.revues.org/514 InternetURL: C:\Users\mathi\Favorites\Volet des favoris\AdF.ly - shrink your URLs and get paid!.url -> URL: hxxp://adf.ly/1191538/hxxp://xdvideos.blogspot.com/2013/01/american-dad-01x01-piloto-sub-esp.html InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Bienvenue dans notre club !.url -> URL: hxxp://www.espagnolfacile.com/eclair2.php?auteur=ezrahlondon InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Blog-apprendre-espagnol.url -> URL: hxxp://blog-apprendre-espagnol.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Boutique Accessoires Acer.url -> URL: hxxp://go.acer.com/?id=14168 InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Cambridge Free English Dictionary and Thesaurus.url -> URL: hxxp://dictionary.cambridge.org/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\CapLondon _ LE site des français à londres.url -> URL: hxxp://www.caplondon.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\CIVILISATION AMERICAINE.url -> URL: hxxp://projetalbion.online.fr/civius.html InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Conversion pdf en word — Convertir pdf en word — convertir pdf en doc.url -> URL: hxxp://www.pdfenword.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Convert XPS to PDF online & free.url -> URL: hxxp://online2pdf.com/convert-xps-to-pdf InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Deconstructing Lady Gaga's _Telephone_ Video - Aylin Zafar - The Atlantic.url -> URL: hxxp://www.theatlantic.com/entertainment/archive/2010/03/deconstructing-lady-gagas-telephone-video/37458/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Dictionary definitions you can understand - YourDictionary.url -> URL: hxxp://www.yourdictionary.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Dictionary.com - Free Online English Dictionary.url -> URL: hxxp://dictionary.reference.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Déménager à Londres _ informations pratiques pour les français expatriés (futurs ou actuels) de Londres.url -> URL: hxxp://www.demenageralondres.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\e-anthologie.com ? Learning.url -> URL: hxxp://www.e-anthologie.com/category/learning InternetURL: C:\Users\mathi\Favorites\Volet des favoris\ebooks en ligne_ pdf.url -> URL: hxxp://booksenligne.blogspot.fr/search/label/pdf InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Elections - Lexique-anglais.url -> URL: hxxp://www.anglaisfacile.com/exercices/exercice-anglais-2/exercice-anglais-90891.php InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Emplois, stages, concours - France-Diplomatie-Ministère des Affaires étrangères.url -> URL: hxxp://www.diplomatie.gouv.fr/fr/le-ministere/emplois-stages-concours/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\English as a Second Language Podcast - powered by FeedBurner.url -> URL: hxxp://feeds.feedburner.com/EnglishAsASecondLanguagePodcast InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Français en difficulté.url -> URL: hxxp://www.mfe.org/index.php/Thematiques/Francais-en-difficulte InternetURL: C:\Users\mathi\Favorites\Volet des favoris\gagafrontrow.net_ Gagafrontrow Mp3Archives.url -> URL: hxxp://www.gagafrontrow.net/2009/04/gagafrontrow-mp3archives.html InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Galerie de composants Web Slice.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315 InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Gay Porn_ Dominant Boy Fucks Sweet Boy _ A Naked Guy - Naked Guys, Hot Videos and Gay Porn Blog!.url -> URL: hxxp://www.anakedguy.com/?p=17864 InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Hollister Co. - Site officiel d'achat.url -> URL: hxxp://eu.hollisterco.com/webapp/wcs/stores/servlet/StoreView?storeId=19158&catalogId=11558&langId=-2 InternetURL: C:\Users\mathi\Favorites\Volet des favoris\HQ iTunes Festival Rips by griffinlee on SoundCloud - Hear the world’s sounds.url -> URL: hxxps://soundcloud.com/putitonblackjesus/sets/hq-itunes-festival-rips InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Informations pour Expatriés, Guides de l'Expat - Portail de la Mobilité Internationale_ travailler et vivre à l'étranger - Easy Expat.url -> URL: hxxp://www.easyexpat.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Lance and Sean _ Redtube Free Gay Porn Videos, Movies & Clips.url -> URL: hxxp://xxxtubelo.com/584687 InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Landlord dictionary definition _ landlord defined.url -> URL: hxxp://www.yourdictionary.com/landlord InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Lire des BD en ligne [Résolu].url -> URL: hxxp://www.commentcamarche.net/forum/affich-6168086-lire-des-bd-en-ligne InternetURL: C:\Users\mathi\Favorites\Volet des favoris\MI VIDA COMO CARLA - Comedia _ Lectura gratuita de Cómics (Ch.1-P.1).url -> URL: hxxp://www.amilova.com/es/comics-manga/3109/mi-vida-como-carla/cap%C3%ADtulo-1/p%C3%A1gina-1.html InternetURL: C:\Users\mathi\Favorites\Volet des favoris\NO_TITLE.url -> URL: hxxp://apprendre-vite-et-bien.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Oxford Learner's Dictionaries _ Find pronunciation, clear meanings and definitions of words at OxfordLearnersDictionaries.com.url -> URL: hxxp://www.oxfordlearnersdictionaries.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Recette de alfarojes argentin a la confiture de lait.url -> URL: hxxp://www.atelierdeschefs.fr/fr/recette/17027-alfajores-argentins-a-la-confiture-de-lait.php InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Sites suggérés.url -> URL: hxxps://ieonline.microsoft.com/#ieslice InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Smooth Synonyms, Smooth Antonyms _ Thesaurus.com.url -> URL: hxxp://thesaurus.com/browse/smooth InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Synonyms Thesaurus with Antonyms & Definitions _ Synonym.com.url -> URL: hxxp://www.synonym.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Tell Me More Performance Anglais 10 niveaux _ Multiupload _ Liberty Land _ telechargement gratuit Reup.url -> URL: hxxp://www.libertyland.tv/liberte/19824616455011467a6e75d/tell-me-more-performance-anglais-10-niveaux.html InternetURL: C:\Users\mathi\Favorites\Volet des favoris\TheFredextreme1 - YouTube.url -> URL: hxxp://www.youtube.com/user/TheFredextreme1/videos InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Travailler en Angleterre, trouver un emploi à Londres et au Royaume Uni.url -> URL: hxxp://www.travailler-en-angleterre.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Télécharger Lady Gaga Live at iTunes Festival 2013.url -> URL: hxxp://www.zone-telechargement.com/docu-spect-sport/concerts/34710-lady-gaga-live-at-itunes-festival-2013.html InternetURL: C:\Users\mathi\Favorites\Volet des favoris\U.S.A. Learns.url -> URL: hxxp://www.usalearns.org/index/welcome.cfm?CFID=1899976&CFTOKEN=36284244&jsessionid=1a3047d7b1a64f99273076402e6d56656ead InternetURL: C:\Users\mathi\Favorites\Volet des favoris\US civilization.url -> URL: hxxp://www.ac-nancy-metz.fr/enseign/anglais/civius.htm InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Utilisez Votre Vision Périphérique Pour Lire Vite..url -> URL: hxxp://www.apprendre-vite-et-bien.com/utilisez-votre-vision-peripherique-pour-lire-vite/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Veronica Mars - Le Film » Film et Série en Streaming Sur Vk.Com _ Madevid _ Youwatch.url -> URL: hxxp://full-stream.net/6463-veronica-mars.html InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Vivre à Londres, partir à Londres, expatrié Londres.url -> URL: hxxp://www.expat-blog.com/fr/destination/europe/angleterre/londres/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Vocabulaire et exercices d'anglais gratuits_ anglais en ligne gratuit pour étudiants, adultes et professionnels « Idéalangues.url -> URL: hxxp://www.idealangues.com/complements-aux-sejours/cours-anglais-a-distance-apprendre-en-ligne-par-internet-telephone/anglais-en-ligne-gratuit/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Watch Bob's Burgers Serie Online - Watch Series.url -> URL: hxxp://watchseries.lt/serie/bobs_burgers InternetURL: C:\Users\mathi\Favorites\Volet des favoris\YouTube.url -> URL: hxxp://fr.youtube.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\¡Gol de Federico! - Vue d'ensemble du Livre.url -> URL: hxxp://www.childrenslibrary.org/icdl/BookReader?bookid=wilgold_00940080&twoPage=true&route=simple_0_0_0_French_61&size=0&fullscreen=false&pnum1=1&lang=Spanish&ilang=French InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Divers\AlloCiné.url -> URL: hxxp://www.allocine.fr/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Divers\Amazon.url -> URL: hxxp://www.amazon.fr/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Divers\Disney.url -> URL: hxxp://www.disney.fr/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Divers\eBay.url -> URL: hxxp://www.ebay.fr/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Divers\Expedia.url -> URL: hxxp://www.expedia.fr/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Divers\Facebook.url -> URL: hxxps://www.facebook.fr/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Divers\Flickr.url -> URL: hxxp://www.flickr.com/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Divers\Monster.url -> URL: hxxp://www.monster.fr/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Divers\Nouvelles Frontières.url -> URL: hxxp://www.nouvelles-frontieres.fr/ InternetURL: C:\Users\mathi\Favorites\Volet des favoris\Divers\Pages Jaunes.url -> URL: hxxp://www.pagesjaunes.fr/ InternetURL: C:\Users\mathi\Favorites\Links\Amazon.fr – Achats en ligne.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=fr_fr&c=142&bd=presario&tp=iefavbar&s=amazon&pf=cnnb&TYPE=4 InternetURL: C:\Users\mathi\Favorites\Links\WildTangent Games for HP.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=myhpgames&tp=iefavbar&pf=cnnb&locale=fr_FR&bd=all&c=143 InternetURL: C:\Users\mathi\Favorites\HP\Photos Snapfish.url -> URL: hxxp://www.snapfish.com/hp_notebook_desktopicon_2013_fr InternetURL: C:\Users\mathi\Favorites\HP\WildTangent Games for HP.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cnnb&locale=fr_fr&bd=all&c=143 InternetURL: C:\Users\mathi\Favorites\ASUS E-Service\ASUS Homepage.url -> URL: hxxp://www.asus.com/ InternetURL: C:\Users\mathi\Favorites\ASUS E-Service\ASUS Member.url -> URL: hxxps://account.asus.com/ ==================== Fin de Shortcut.txt =============================