Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13.01.2018 01 Exécuté par Elodie (administrateur) sur ELODIE-PC (13-01-2018 17:15:32) Exécuté depuis C:\Users\Elodie\Desktop Profils chargés: Elodie (Profils disponibles: Elodie) Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe (Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files\12c40875ea7426999fde403cff66ef98\6c334b61b9f1301a84e95af7672c6c96.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (Microsoft) C:\Program Files (x86)\Dell Wireless\DW1601\ConnectionManager.WBEService.exe (Wilocity) C:\Program Files (x86)\Dell Wireless\DW1601\SupplicantService\wpasvc.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files (x86)\tools\38979.exe (Qualcomm®Atheros®) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\Bluetooth Suite\BtvStack.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Qualcomm Atheros Inc.) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\awic\AWiCMgr.exe (Qualcomm Atheros Inc.) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\ihvs\AWiCDiag.exe (Qualcomm Atheros Inc.) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\Wcct.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Dashlane, Inc.) C:\Users\Elodie\AppData\Roaming\Dashlane\Dashlane.exe (Dashlane, Inc.) C:\Users\Elodie\AppData\Roaming\Dashlane\DashlanePlugin.exe (Spotify Ltd) C:\Users\Elodie\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (NaveAkzk ) C:\Users\Elodie\AppData\Roaming\fe3n10pkypz\gozlgi5xlpx.exe (NaveAkzk ) C:\Users\Elodie\AppData\Roaming\0oftgt5rqop\woilrmlm30f.exe ( ) C:\Users\Elodie\AppData\Roaming\qfw4rnvuuws\kk23phzdya4.exe ( ) C:\Users\Elodie\AppData\Roaming\gatvzzahmxj\n5qezunrunn.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe () C:\Users\Elodie\AppData\Local\Temp\is-UJHEF.tmp\gozlgi5xlpx.tmp ( ) C:\Users\Elodie\AppData\Roaming\nioudfg1yrz\vihne32qcuu.exe () C:\Users\Elodie\AppData\Local\Temp\is-ELLIG.tmp\woilrmlm30f.tmp ( ) C:\Users\Elodie\AppData\Roaming\td23c1iy5br\fkene4mtoqw.exe () C:\Users\Elodie\AppData\Local\Temp\is-DPPI9.tmp\kk23phzdya4.tmp () C:\Users\Elodie\AppData\Local\Temp\is-CTTI2.tmp\n5qezunrunn.tmp () C:\Users\Elodie\AppData\Local\Temp\is-CTTI3.tmp\vihne32qcuu.tmp () C:\Users\Elodie\AppData\Local\Temp\is-D25Q3.tmp\fkene4mtoqw.tmp (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe () C:\Program Files (x86)\Dell Wireless\DW1601\D5000WirelessDock.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe (Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Qualcomm Atheros Inc.) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\awic\AWiC.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Python Software Foundation) C:\Users\Elodie\AppData\Roaming\LookUpPro\python\pythonw.exe () C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\spectral\SocketServer.exe (Qualcomm Atheros Inc.) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\DirectConnect\DirectDisplay.exe (Qualcomm Atheros Inc.) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\DirectConnect\DCWpaSupplicant.exe (Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe () C:\Windows\Temp\gA9E6.tmp.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (O2Micro International) C:\Windows\System32\drivers\o2flash.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe () C:\Program Files (x86)\Dell Wireless\DW1601\UpdateService\WilocityUpdate.Service.exe (Opera Software) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe (Opera Software) C:\Program Files (x86)\Opera\50.0.2762.58\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe (Opera Software) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe (Opera Software) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe (Opera Software) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe (Opera Software) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe () C:\Program Files\uNappltlpuNmTk2y\App_uNmappltlpuNm.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe (Opera Software) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe (Microsoft Corporation) C:\Windows\System32\consent.exe (Farbar) C:\Users\Elodie\Desktop\FRST64 (1).exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [708952 2013-07-09] (Alps Electric Co., Ltd.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor) HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2013-11-01] () HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation) HKLM\...\Run: [AWiCMgr] => C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\AWiC\AWiCMgr.exe [189568 2013-09-24] (Qualcomm Atheros Inc.) HKLM\...\Run: [AWiCDiag] => C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\ihvs\AWiCDiag.exe [2782336 2013-09-24] (Qualcomm Atheros Inc.) HKLM\...\Run: [wcct] => C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\wcct.exe [1074304 2013-09-24] (Qualcomm Atheros Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM\...\Run: [uNmTk2yHPn] => C:\Program Files\uNappltlpuNmTk2y\.uNmappltlpuNm.vbs [168 2018-01-11] () HKLM\...\Run: [gplyra] => C:\Users\Elodie\AppData\Roaming\gplyra\gplyra\start.cmd <==== ATTENTION HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-09-05] (Intel Corporation) HKLM-x32\...\Run: [FLxHCIm64] => c:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [183808 2013-07-12] (Windows (R) Win 7 DDK provider) HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462974 2011-12-16] (Creative Technology Ltd) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-12-08] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [124536 2014-09-09] (LeapFrog Enterprises, Inc.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.) HKLM\...\RunOnce: [1ifiy4t22ug] => C:\Program Files (x86)\tools\38979.exe [1218048 2018-01-11] () HKLM\...\RunOnce: [ELODIE-PC] => C:\Windows\TEMP\g3754.tmp.exe [209408 2018-01-13] () <==== ATTENTION HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\Bluetooth Suite\BtvStack.exe [132736 2013-10-22] (Qualcomm®Atheros®) HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [Spotify] => C:\Users\Elodie\AppData\Roaming\Spotify\Spotify.exe [21070224 2017-12-25] (Spotify Ltd) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [Dashlane] => C:\Users\Elodie\AppData\Roaming\Dashlane\Dashlane.exe [456656 2018-01-02] (Dashlane, Inc.) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [DashlanePlugin] => C:\Users\Elodie\AppData\Roaming\Dashlane\DashlanePlugin.exe [502736 2018-01-02] (Dashlane, Inc.) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [Spotify Web Helper] => C:\Users\Elodie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2017-12-25] (Spotify Ltd) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-12-08] (Apple Inc.) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-12-08] (Apple Inc.) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-12-08] (Apple Inc.) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [YUAQMCKCZY.exe] => C:\Program Files\Windows Defender\NKZLSSCXGP\YUAQMCKCZY.exe HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [ZZOVUGXQJH.exe] => C:\Users\Elodie\AppData\Roaming\cd53dfa2cdd842caa5a11d90605f73f0\ZZOVUGXQJH.exe HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [4430988] => "C:\Users\Elodie\AppData\Roaming\5fn2honbxnx\nyhxpp4wy2d.exe" /VERYSILENT HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [1224191] => "C:\Users\Elodie\AppData\Roaming\ius1w2l1pws\xalodjk4wby.exe" /VERYSILENT HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [qQoyENqCekd.exe] => C:\ProgramData\bfda5face46e48f898850a29dc407025\qQoyENqCekd.exe HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [4748304] => "C:\Users\Elodie\AppData\Roaming\bwll3hter0u\oqtm5oqc4cy.exe" /VERYSILENT HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [PwNbsCe1aBfQ.exe] => C:\ProgramData\e1da8e2c8d45492081de4244eb728ca4\PwNbsCe1aBfQ.exe HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [315919] => "C:\Users\Elodie\AppData\Roaming\ohtzuh4fq0e\chi1tknpf3z.exe" /VERYSILENT HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [WI48g531QiCr.exe] => C:\ProgramData\b0866e3e383e41dd9025ec38e41092d6\WI48g531QiCr.exe HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [dOnMDPto4tl.exe] => C:\ProgramData\5e40f27b597048969b8a6c3cac8e862e\dOnMDPto4tl.exe HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [9837619] => "C:\Users\Elodie\AppData\Roaming\0b2yaesjz2p\mxl2350bgbm.exe" /VERYSILENT HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [cypbENbaBJ.exe] => C:\Users\Elodie\AppData\Roaming\6cb2218776f04b18970e687f5da1fc5f\cypbENbaBJ.exe HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [6501055] => "C:\Users\Elodie\AppData\Roaming\mnqze12cahc\aycjbajv5jt.exe" /VERYSILENT HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [1477591] => "C:\Users\Elodie\AppData\Roaming\ojq4nvk4101\f50mpmoalu3.exe" /VERYSILENT HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [i4YpkgRNqU.exe] => C:\Users\Elodie\AppData\Roaming\0680913d21264eb383138887e8bdaf41\i4YpkgRNqU.exe HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [2160475] => "C:\Users\Elodie\AppData\Roaming\pjlhcfkqxlr\g5zzqzmisvv.exe" /VERYSILENT HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [8066174] => "C:\Users\Elodie\AppData\Roaming\d3t1335b0ed\vg1e5ziynie.exe" /VERYSILENT HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [Ke9QAG1.exe] => C:\Users\Elodie\AppData\Local\Temp\d8496c08bc4a439eb30ff7473c0ece26\Ke9QAG1.exe <==== ATTENTION HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [6112891] => "C:\Users\Elodie\AppData\Roaming\wtbb1uovbyh\euf142llitk.exe" /VERYSILENT HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [2484554] => C:\Users\Elodie\AppData\Roaming\fe3n10pkypz\gozlgi5xlpx.exe [624680 2018-01-13] (NaveAkzk ) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [4487692] => C:\Users\Elodie\AppData\Roaming\0oftgt5rqop\woilrmlm30f.exe [624680 2018-01-13] (NaveAkzk ) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [LookUpPro] => C:\Users\Elodie\AppData\Roaming\LookUpPro\python\pythonw.exe [96408 2017-07-08] (Python Software Foundation) <==== ATTENTION HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [783836] => C:\Users\Elodie\AppData\Roaming\qfw4rnvuuws\kk23phzdya4.exe [692803 2018-01-13] ( ) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [564109] => C:\Users\Elodie\AppData\Roaming\gatvzzahmxj\n5qezunrunn.exe [692803 2018-01-13] ( ) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [5211559] => C:\Users\Elodie\AppData\Roaming\nioudfg1yrz\vihne32qcuu.exe [692803 2018-01-13] ( ) HKU\S-1-5-21-2152363354-3513739142-3557642019-1000\...\Run: [7489465] => C:\Users\Elodie\AppData\Roaming\td23c1iy5br\fkene4mtoqw.exe [692803 2018-01-13] ( ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\.uNmappltlpuNm.vbs [2018-01-11] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2014-03-28] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\D5000 Wireless Dock.lnk [2014-03-19] ShortcutTarget: D5000 Wireless Dock.lnk -> C:\Program Files (x86)\Dell Wireless\DW1601\D5000WirelessDock.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-07-18] ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Serveur réseau.lnk [2014-03-28] ShortcutTarget: Serveur réseau.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG) Startup: C:\Users\Elodie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2017-10-01] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Elodie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2016-07-08] ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) GroupPolicy: Restriction - Chrome <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241 Tcpip\..\Interfaces\{2C0A8244-178A-4A47-813E-EDD6DD83862E}: [DhcpNameServer] 212.27.40.240 212.27.40.241 Tcpip\..\Interfaces\{4E0E4A10-635E-4921-9C33-770F7004E526}: [NameServer] 52.18.92.32,8.8.8.8 Tcpip\..\Interfaces\{4E0E4A10-635E-4921-9C33-770F7004E526}: [DhcpNameServer] 212.27.40.240 212.27.40.241 Tcpip\..\Interfaces\{A1A3D802-13D3-4C7A-996F-71059A85CEC8}: [NameServer] 52.18.92.32,8.8.8.8 Tcpip\..\Interfaces\{B7712B6F-75EC-4F4F-94E1-6EE5E2FD8C0E}: [NameServer] 52.18.92.32,8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2152363354-3513739142-3557642019-1000 -> {628252F5-9327-4774-A83E-8A02ECB53EE4} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-12] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-12-21] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-12-21] (Microsoft Corporation) BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Elodie\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2018-01-02] (Dashlane, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-09-30] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-12-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-09-30] (Oracle Corporation) Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Elodie\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2018-01-02] (Dashlane, Inc.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-21] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-21] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-21] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-21] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: elodie.gueppebadajoz@icloud.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] () FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-13] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-13] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-09-30] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-09-30] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-12-21] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-12-21] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Elodie\AppData\Local\Google\Chrome\User Data\Default [2018-01-13] CHR Extension: (Gmail) - C:\Users\Elodie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-07] CHR Extension: (Chrome Media Router) - C:\Users\Elodie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-17] Opera: ======= OPR Extension: (Bloqueur de pub pour Youtube™) - C:\Users\Elodie\AppData\Roaming\Opera Software\Opera Stable\Extensions\fpaneejencmpllfhjmcgaochdekpbgac [2018-01-13] OPR Extension: (Lookup Pro) - C:\Users\Elodie\AppData\Roaming\Opera Software\Opera Stable\Extensions\ghdonojphkbfhdccpohfhckojkpfanlg [2018-01-13] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 12c40875ea7426999fde403cff66ef98; C:\Program Files\12c40875ea7426999fde403cff66ef98\6c334b61b9f1301a84e95af7672c6c96.exe [1070080 2018-01-12] () [Fichier non signé] <==== ATTENTION R2 ab12fc3dff72c60875bbebf681d2a852; C:\Windows\ab12fc3dff72c60875bbebf681d2a852.dll [2981888 2018-01-13] () [Fichier non signé] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 AtherosSvc; C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\Bluetooth Suite\adminservice.exe [314496 2013-10-22] (Windows (R) Win 7 DDK provider) [Fichier non signé] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761576 2018-01-02] (Microsoft Corporation) S3 DCDhcpService; C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\DirectConnect\DCDhcpService.exe [198272 2013-09-24] (Qualcomm Atheros Inc.) [Fichier non signé] R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9281840 2013-10-07] (DisplayLink Corp.) R2 HNService; C:\Users\Elodie\AppData\Local\AdService\AdService.dll [711168 2018-01-12] (HNService) [Fichier non signé] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [253528 2015-11-09] () R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S3 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-11-13] (Intel Corporation) R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7241728 2014-09-09] (LeapFrog Enterprises, Inc.) [Fichier non signé] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes) [Fichier non signé] R2 NVWMI; C:\Windows\system32\nvwmi64.exe [1290016 2013-11-01] (NVIDIA Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor) S3 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] () R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé] S3 updater; C:\Program Files (x86)\System Native\Main Services\updater.exe [571648 2018-01-11] (System Native) <==== ATTENTION R2 WBEService; C:\Program Files (x86)\Dell Wireless\DW1601\ConnectionManager.WBEService.exe [16896 2013-11-13] (Microsoft) [Fichier non signé] S2 WilocityMonitorService; C:\Program Files (x86)\Dell Wireless\DW1601\Monitor\Monitor.Service.exe [42496 2013-08-29] (Wilocity) [Fichier non signé] R2 WilocityUpdate; C:\Program Files (x86)\Dell Wireless\DW1601\UpdateService\WilocityUpdate.Service.exe [10240 2013-06-09] () [Fichier non signé] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-03-20] (Microsoft Corporation) R2 WPASupplicantService; C:\Program Files (x86)\Dell Wireless\DW1601\SupplicantService\wpasvc.exe [254464 2013-11-13] (Wilocity) [Fichier non signé] R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) R2 Dell.PowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{E36A2D5F-4BDF-4840-BB24-0FFA41F83D39} S2 qNpgOW9XGacs Updater; C:\Program Files (x86)\qNpgOW9XGacs Updater\qNpgOW9XGacs Updater.exe [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 11b9098346795e692ec1663f51d8cdbe; C:\Windows\system32\drivers\11b9098346795e692ec1663f51d8cdbe.sys [97248 2018-01-12] () R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-10-22] (Qualcomm Atheros) S3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-07-13] (Intel Corporation) R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-29] (Intel Corporation) S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten) R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2261464 2013-08-27] (Realtek Semiconductor Corp.) S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-11-13] (Intel Corporation) R1 NetUtils2016; C:\Windows\system32\drivers\NetUtils2016.sys [914920 2018-01-13] () <==== ATTENTION R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [185760 2013-05-07] (O2Micro ) S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] () R3 ST_Accel; C:\Windows\System32\DRIVERS\ST_Accel.sys [75976 2013-08-06] (STMicroelectronics) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-09-08] () R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [105160 2012-12-20] (WIBU-SYSTEMS AG) S3 WinMon; C:\Windows\System32\drivers\Winmon.sys [9352 2018-01-11] () [Fichier non signé] R0 wPCI; C:\Windows\System32\DRIVERS\wPci.sys [67224 2013-07-16] (Wilocity Ltd.) R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-01-13] (Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-01-13] (Zemana Ltd.) S1 wfcre; system32\drivers\wfcre.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-01-13 17:15 - 2018-01-13 17:15 - 000038898 _____ C:\Users\Elodie\Desktop\FRST.txt 2018-01-13 17:14 - 2018-01-13 17:14 - 002393088 _____ (Farbar) C:\Users\Elodie\Desktop\FRST64 (1).exe 2018-01-13 17:05 - 2018-01-13 17:05 - 000000000 ___RD C:\Users\Elodie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2018-01-13 16:14 - 2018-01-13 16:14 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\td23c1iy5br 2018-01-13 15:14 - 2018-01-13 17:05 - 000000312 _____ C:\Windows\Tasks\saKXaLnxQURzlMgex.job 2018-01-13 15:14 - 2018-01-13 17:05 - 000000290 _____ C:\Windows\Tasks\BcyoMZkjXMgFaPP.job 2018-01-13 15:14 - 2018-01-13 15:14 - 000003060 _____ C:\Windows\System32\Tasks\pnIxobGIUDXdNt 2018-01-13 15:14 - 2018-01-13 15:14 - 000002728 _____ C:\Windows\System32\Tasks\saKXaLnxQURzlMgex2 2018-01-13 15:14 - 2018-01-13 15:14 - 000002716 _____ C:\Windows\System32\Tasks\plaAVjRQXWCDePSecyr2 2018-01-13 15:14 - 2018-01-13 15:14 - 000002706 _____ C:\Windows\System32\Tasks\BcyoMZkjXMgFaPP2 2018-01-13 15:14 - 2018-01-13 15:14 - 000002586 _____ C:\Windows\System32\Tasks\saKXaLnxQURzlMgex 2018-01-13 15:14 - 2018-01-13 15:14 - 000002574 _____ C:\Windows\System32\Tasks\plaAVjRQXWCDePSecyr 2018-01-13 15:14 - 2018-01-13 15:14 - 000002564 _____ C:\Windows\System32\Tasks\BcyoMZkjXMgFaPP 2018-01-13 15:14 - 2018-01-13 15:14 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\nioudfg1yrz 2018-01-13 15:14 - 2018-01-13 15:14 - 000000000 ____D C:\Program Files (x86)\umkISPBbU 2018-01-13 15:14 - 2018-01-13 15:14 - 000000000 ____D C:\Program Files (x86)\TwPufLOWyrxU2 2018-01-13 15:14 - 2018-01-13 15:14 - 000000000 ____D C:\Program Files (x86)\RrHYXuUpocPTIXdsppR 2018-01-13 15:14 - 2018-01-13 15:14 - 000000000 ____D C:\Program Files (x86)\qTTaaczyWvUn 2018-01-13 15:14 - 2018-01-13 15:14 - 000000000 ____D C:\Program Files (x86)\GBeMZXQZBIE 2018-01-13 15:14 - 2018-01-13 15:14 - 000000000 ____D C:\Program Files (x86)\aohGTEheqdnWC 2018-01-13 14:49 - 2018-01-13 14:52 - 000205458 _____ C:\Users\Elodie\Desktop\ZHPDiag 2.txt 2018-01-13 14:42 - 2018-01-13 14:42 - 000000000 ____H C:\ProgramData\cm-lock 2018-01-13 14:24 - 2018-01-13 14:24 - 000000000 ____D C:\ProgramData\dbg 2018-01-13 14:12 - 2018-01-13 17:05 - 000016764 _____ C:\Windows\System32\Tasks\The Rigral Signathput demo 2018-01-13 14:07 - 2018-01-13 17:15 - 000169590 _____ C:\Windows\ZAM.krnl.trace 2018-01-13 14:07 - 2018-01-13 17:15 - 000063130 _____ C:\Windows\ZAM_Guard.krnl.trace 2018-01-13 14:07 - 2018-01-13 14:09 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2018-01-13 14:07 - 2018-01-13 14:07 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys 2018-01-13 14:07 - 2018-01-13 14:07 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys 2018-01-13 14:07 - 2018-01-13 14:07 - 000001154 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2018-01-13 14:07 - 2018-01-13 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2018-01-13 14:06 - 2018-01-13 14:19 - 000000000 ____D C:\Users\Elodie\AppData\Local\f916b34d6a104fd39407cbfc2e0fd5b0 2018-01-13 14:06 - 2018-01-13 14:19 - 000000000 ____D C:\ProgramData\7f25918246734e3f8b5e31de9d3715d6 2018-01-13 14:05 - 2018-01-13 14:05 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\gatvzzahmxj 2018-01-13 14:04 - 2018-01-13 14:04 - 006625600 _____ (Zemana Ltd. ) C:\Users\Elodie\Desktop\Zemana.AntiMalware.Setup.exe 2018-01-13 14:04 - 2018-01-13 14:04 - 000000000 ____D C:\Users\Elodie\AppData\Local\Zemana 2018-01-13 13:57 - 2018-01-13 14:19 - 000000000 ____D C:\ProgramData\31c008a61ba048598b80ec2ba647effa 2018-01-13 13:57 - 2018-01-13 13:57 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\qfw4rnvuuws 2018-01-13 13:57 - 2018-01-13 13:57 - 000000000 ____D C:\ProgramData\bb152874eae34d04b2e69e56ad8b3b26 2018-01-13 11:53 - 2018-01-13 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-01-13 11:52 - 2018-01-13 14:19 - 000000000 ____D C:\Users\Elodie\AppData\Local\09645fee9d6d4352a168823f07b11abd 2018-01-13 11:52 - 2018-01-13 11:52 - 000001037 _____ C:\Users\Public\Desktop\Enjoy_WiFi.lnk 2018-01-13 11:52 - 2018-01-13 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enjoy_WiFi 2018-01-13 11:52 - 2018-01-13 11:52 - 000000000 ____D C:\Program Files (x86)\Enjoy_WiFi 2018-01-13 11:52 - 2018-01-13 11:52 - 000000000 _____ C:\Windows\SysWOW64\__0299AD9B__C0000005.dmp 2018-01-13 11:51 - 2018-01-13 11:52 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\LookUpPro 2018-01-13 11:51 - 2018-01-13 11:51 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\0oftgt5rqop 2018-01-13 11:51 - 2018-01-13 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lookup Pro 2018-01-13 11:51 - 2018-01-13 11:51 - 000000000 ____D C:\Program Files\12c40875ea7426999fde403cff66ef98 2018-01-13 11:51 - 2018-01-13 11:51 - 000000000 ____D C:\Program Files (x86)\Lookup Pro 2018-01-13 11:38 - 2018-01-13 11:53 - 000001869 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-01-13 11:38 - 2017-08-21 07:20 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys 2018-01-13 11:29 - 2018-01-13 17:05 - 000003162 _____ C:\Windows\System32\Tasks\12c40875ea7426999fde403cff66ef98 2018-01-13 11:29 - 2018-01-13 14:19 - 000000000 ____D C:\Users\Elodie\AppData\Local\785ba2241b204165ae360ad4c182a44e 2018-01-13 11:29 - 2018-01-13 13:58 - 000000000 ____D C:\Windows\SysWOW64\SSL 2018-01-13 11:29 - 2018-01-13 11:29 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\4e63aa12c0fa4f278838bc05c7f16dc2 2018-01-13 11:28 - 2018-01-13 11:28 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\fe3n10pkypz 2018-01-13 09:53 - 2018-01-13 09:54 - 065942208 _____ (Malwarebytes ) C:\Users\Elodie\Desktop\malwarebytes-anti-malware_3-2-2-2029_fr_215092.exe 2018-01-13 09:48 - 2018-01-13 17:05 - 000016760 _____ C:\Windows\System32\Tasks\Excel 2003 Desert Utility 2018-01-13 09:48 - 2018-01-13 14:19 - 000000000 ____D C:\Users\Elodie\AppData\Local\763412f9c74b4923bef805d96062472f 2018-01-13 09:48 - 2018-01-13 14:19 - 000000000 ____D C:\ProgramData\60907f5151254c3b862e3605b0a38c2e 2018-01-13 09:48 - 2018-01-13 09:48 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\1a18709bbc0c469ba59620c6a876e639 2018-01-12 23:10 - 2018-01-13 11:28 - 003185577 ____H C:\Users\Elodie\AppData\Local\IconCache.db.backup 2018-01-12 22:59 - 2018-01-13 17:05 - 000000274 _____ C:\Windows\Tasks\System HealerStartUp.job 2018-01-12 22:59 - 2018-01-13 11:01 - 000000274 _____ C:\Windows\Tasks\System HealerPeriod.job 2018-01-12 22:59 - 2018-01-12 22:59 - 000002852 _____ C:\Windows\System32\Tasks\System HealerPeriod 2018-01-12 22:59 - 2018-01-12 22:59 - 000002550 _____ C:\Windows\System32\Tasks\System HealerStartUp 2018-01-12 22:55 - 2018-01-12 22:55 - 000003570 _____ C:\Windows\System32\Tasks\FastDataX Task 2018-01-12 22:55 - 2018-01-12 22:55 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\EpicNet Inc 2018-01-12 22:54 - 2018-01-13 17:05 - 000000300 _____ C:\Windows\Tasks\plaAVjRQXWCDePSecyr.job 2018-01-12 22:54 - 2018-01-13 14:20 - 000000000 ___HD C:\Windows\rss 2018-01-12 22:54 - 2018-01-13 11:00 - 000000278 _____ C:\Windows\Tasks\One System CarePeriod.job 2018-01-12 22:54 - 2018-01-12 22:54 - 000003570 _____ C:\Windows\System32\Tasks\SystemHealer Task 2018-01-12 22:54 - 2018-01-12 22:54 - 000003322 _____ C:\Windows\System32\Tasks\System Healer Monitor 2018-01-12 22:54 - 2018-01-12 22:54 - 000003314 _____ C:\Windows\System32\Tasks\System Healer Delayed 2018-01-12 22:54 - 2018-01-12 22:54 - 000002856 _____ C:\Windows\System32\Tasks\One System CarePeriod 2018-01-12 22:54 - 2018-01-12 22:54 - 000000000 ____D C:\Users\Elodie\AppData\Local\SystemHealer 2018-01-12 22:54 - 2018-01-12 22:54 - 000000000 ____D C:\Users\Elodie\AppData\Local\FastDataX 2018-01-12 22:49 - 2018-01-13 17:05 - 000624664 _____ C:\Windows\system32\NetUtils2016.dll 2018-01-12 22:49 - 2018-01-13 14:19 - 000000000 ____D C:\ProgramData\0cf514c8657f42bca0f80c08bf15db52 2018-01-12 22:49 - 2018-01-13 14:08 - 000914920 _____ C:\Windows\system32\Drivers\NetUtils2016.sys 2018-01-12 22:49 - 2018-01-12 22:49 - 000003570 _____ C:\Windows\System32\Tasks\OneSystemCare Task 2018-01-12 22:49 - 2018-01-12 22:49 - 000003326 _____ C:\Windows\System32\Tasks\One System Care Monitor 2018-01-12 22:49 - 2018-01-12 22:49 - 000003318 _____ C:\Windows\System32\Tasks\One System Care Delayed 2018-01-12 22:49 - 2018-01-12 22:49 - 000000000 ____D C:\Users\Elodie\AppData\Local\OneSystemCare 2018-01-12 22:49 - 2018-01-12 22:49 - 000000000 ____D C:\Users\Elodie\AppData\Local\AdService 2018-01-12 22:49 - 2018-01-12 22:49 - 000000000 ____D C:\ProgramData\49906382c55f4ce9ac0330d729037e3e 2018-01-12 22:17 - 2018-01-12 22:18 - 083316440 _____ (Malwarebytes ) C:\Users\Elodie\Desktop\mb3-setup-35891.35891-3.3.1.2183-1.0.262-1.0.3374 (1).exe 2018-01-12 22:09 - 2018-01-13 14:06 - 000930816 _____ C:\Users\Elodie\AppData\Local\po.db 2018-01-12 22:09 - 2018-01-12 22:53 - 000000000 ____D C:\Users\Public\Documents\XMUpdate 2018-01-12 22:08 - 2018-01-13 14:19 - 000000000 ____D C:\ProgramData\31566664868243ba82e32f9350a8c69d 2018-01-12 22:08 - 2018-01-12 22:08 - 000000000 ____D C:\ProgramData\2c0e6cb0d43c4c52ac20200e0b235ab0 2018-01-12 22:03 - 2018-01-12 22:03 - 000000000 ____D C:\ProgramData\MB3CoreBackup 2018-01-12 22:01 - 2018-01-13 11:53 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-01-12 22:01 - 2018-01-12 22:01 - 000000000 ____D C:\Program Files\Malwarebytes 2018-01-12 20:55 - 2018-01-12 20:59 - 000156845 _____ C:\Users\Elodie\Desktop\ZHPCleaner.txt 2018-01-12 20:42 - 2018-01-12 20:51 - 083316440 _____ (Malwarebytes ) C:\Users\Elodie\Desktop\mb3-setup-35891.35891-3.3.1.2183-1.0.262-1.0.3374.exe 2018-01-12 20:39 - 2018-01-12 20:39 - 008198432 _____ (Malwarebytes) C:\Users\Elodie\Desktop\adwcleaner_7.0.6.0.exe 2018-01-12 20:38 - 2018-01-12 20:38 - 000000795 _____ C:\Users\Elodie\Desktop\ZHPCleaner.lnk 2018-01-12 20:37 - 2018-01-12 20:37 - 003043200 _____ C:\Users\Elodie\Desktop\ZHPCleaner.exe 2018-01-12 14:22 - 2018-01-12 14:22 - 000729088 _____ C:\Windows\c4b79c5a3179d9b294747e382523dc0c.exe 2018-01-12 14:22 - 2018-01-12 14:22 - 000097248 _____ C:\Windows\system32\Drivers\11b9098346795e692ec1663f51d8cdbe.sys 2018-01-12 14:22 - 2018-01-12 14:22 - 000053577 _____ C:\Windows\uninstaller.dat 2018-01-12 11:22 - 2018-01-13 14:46 - 000205455 _____ C:\Users\Elodie\Desktop\ZHPDiag.txt 2018-01-12 11:21 - 2018-01-13 14:46 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\ZHP 2018-01-12 11:21 - 2018-01-12 20:38 - 000000000 ____D C:\Users\Elodie\AppData\Local\ZHP 2018-01-12 11:21 - 2018-01-12 11:21 - 000000785 _____ C:\Users\Elodie\Desktop\ZHPDiag.lnk 2018-01-12 11:20 - 2018-01-12 11:20 - 002962304 _____ C:\Users\Elodie\Desktop\ZHPDiag3.exe 2018-01-12 11:08 - 2018-01-13 14:54 - 001569142 _____ C:\Windows\ntbtlog.txt 2018-01-12 11:05 - 2018-01-12 11:05 - 000000000 ____D C:\Users\Elodie\AppData\Local\805be5553ca342d5a50c9e28cb8385f6 2018-01-12 10:54 - 2018-01-13 17:05 - 000000290 __RSH C:\Users\Elodie\ntuser.pol 2018-01-12 10:32 - 2018-01-13 16:20 - 000000000 ____D C:\Users\Elodie\AppData\Local\ed582e9ada0541159f0728899ee55230 2018-01-12 09:52 - 2018-01-13 11:51 - 000003438 _____ C:\Windows\System32\Tasks\LookUpPro 2018-01-12 09:52 - 2018-01-13 11:51 - 000003400 _____ C:\Windows\System32\Tasks\LookUpPro2 2018-01-12 09:51 - 2018-01-13 14:19 - 000000000 ____D C:\Users\Elodie\AppData\Local\50851fa99c8644ad8a1489c549f6229d 2018-01-12 09:12 - 2018-01-12 09:12 - 000000000 ___HT C:\Windows\wusa.lock 2018-01-12 09:12 - 2018-01-12 09:12 - 000000000 ____D C:\f457f60957d3951b6e8f89211b 2018-01-12 09:09 - 2018-01-13 17:15 - 000016708 _____ C:\Windows\System32\Tasks\Alibb Portable 2018-01-12 09:09 - 2018-01-12 09:54 - 000000000 ____D C:\Program Files (x86)\GBeMZXQZBIEduxyspurkx 2018-01-12 09:08 - 2018-01-13 16:20 - 000000000 ____D C:\Users\Elodie\AppData\Local\3caadc9257514e8bba0a18cc3c0bf85e 2018-01-12 09:08 - 2018-01-12 09:08 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\e5470bdaef2643dbbcdf57db1ecb336e 2018-01-11 21:29 - 2018-01-13 14:54 - 000016704 _____ C:\Windows\System32\Tasks\BrickDelice 2018-01-11 21:27 - 2018-01-11 21:27 - 000000000 ____D C:\Users\Elodie\AppData\Local\2fb5c71bcd9e4ec3836717cdd9c7c42e 2018-01-11 21:09 - 2018-01-13 14:19 - 000000000 ____D C:\Users\Elodie\AppData\Local\f74f37cfd5274173a4e15d33f61f45cd 2018-01-11 21:02 - 2018-01-11 21:02 - 000000000 _____ C:\Windows\SysWOW64\__02AAA20B__C0000005.dmp 2018-01-11 21:00 - 2018-01-11 21:00 - 000000000 ____D C:\ProgramData\System Native 2018-01-11 20:42 - 2018-01-13 16:20 - 000000000 ____D C:\Users\Elodie\AppData\Local\67b36589b67d42b59aa933abcf17652b 2018-01-11 20:42 - 2018-01-11 20:42 - 000000000 ____D C:\Users\Elodie\AppData\Local\dc542f40208c4593abb2d693e379c028 2018-01-11 20:37 - 2018-01-13 11:29 - 002981888 _____ C:\Windows\ab12fc3dff72c60875bbebf681d2a852.dll 2018-01-11 20:26 - 2018-01-13 16:20 - 000000000 ____D C:\Users\Elodie\AppData\Local\b429cb005119473e808327ee692f0a12 2018-01-11 20:26 - 2018-01-12 20:57 - 000000000 ____D C:\Disk 2018-01-11 20:26 - 2018-01-11 20:26 - 000000000 ____D C:\Windat 2018-01-11 20:26 - 2018-01-11 20:26 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\adf58af5c820471d902dd6fb2ca343d1 2018-01-11 20:24 - 2018-01-13 14:20 - 000000000 ____D C:\Windows\Minidump 2018-01-11 20:24 - 2018-01-11 20:24 - 1000607041 _____ C:\Windows\MEMORY.DMP 2018-01-11 20:24 - 2018-01-11 20:24 - 000296024 _____ C:\Windows\Minidump\011118-9313-01.dmp 2018-01-11 20:18 - 2018-01-11 20:18 - 000003580 _____ C:\Windows\System32\Tasks\{B298AAED-6676-4A13-8CE9-528A770D7C60} 2018-01-11 20:09 - 2018-01-11 20:08 - 000097280 _____ C:\Users\Elodie\Downloads\PASS verso - Copie.pub 2018-01-11 20:09 - 2018-01-11 20:08 - 000081920 _____ C:\Users\Elodie\Downloads\PASS RECTO - Copie.pub 2018-01-11 20:08 - 2018-01-11 20:08 - 000097280 _____ C:\Users\Elodie\Downloads\PASS verso.pub 2018-01-11 20:08 - 2018-01-11 20:08 - 000081920 _____ C:\Users\Elodie\Downloads\PASS RECTO.pub 2018-01-11 20:07 - 2018-01-12 09:51 - 000000000 _____ C:\Users\Elodie\AppData\LocalLow\rightsCheck_1.txt 2018-01-11 19:59 - 2018-01-13 14:06 - 000000103 _____ C:\Windows\SysWOW64\del.bat 2018-01-11 19:59 - 2018-01-11 19:59 - 000009352 _____ C:\Windows\system32\Drivers\Winmon.sys 2018-01-11 19:58 - 2018-01-13 14:19 - 000000000 ____D C:\Program Files\uNappltlpuNmTk2y 2018-01-11 19:58 - 2018-01-11 19:59 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe 2018-01-11 19:58 - 2018-01-11 19:59 - 000633296 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe 2018-01-11 19:57 - 2018-01-11 22:04 - 000003692 _____ C:\Windows\System32\Tasks\updater 2018-01-11 19:57 - 2018-01-11 22:04 - 000003492 _____ C:\Windows\System32\Tasks\Guard 2018-01-11 19:57 - 2018-01-11 19:57 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\Mozilla 2018-01-11 19:57 - 2018-01-11 19:57 - 000000000 ____D C:\Program Files (x86)\System Native 2018-01-11 19:56 - 2018-01-12 11:06 - 000014848 _____ C:\Users\Elodie\AppData\Local\oldsep.dll 2018-01-11 19:56 - 2018-01-12 11:06 - 000003072 _____ C:\Users\Elodie\AppData\Local\uninstallBR.exe 2018-01-11 19:56 - 2018-01-11 19:56 - 007563264 _____ C:\Users\Elodie\AppData\Local\agent.dat 2018-01-11 19:56 - 2018-01-11 19:56 - 001980498 _____ C:\Users\Elodie\AppData\Local\QuoteStock.tst 2018-01-11 19:56 - 2018-01-11 19:56 - 001895382 _____ C:\Users\Elodie\AppData\Local\K-String.bin 2018-01-11 19:56 - 2018-01-11 19:56 - 001815552 _____ (TODO: ) C:\Users\Elodie\AppData\Local\QuoteStock.exe 2018-01-11 19:56 - 2018-01-11 19:56 - 000278508 _____ C:\Users\Elodie\AppData\Local\Vaiaity.bin 2018-01-11 19:56 - 2018-01-11 19:56 - 000126464 _____ C:\Users\Elodie\AppData\Local\noah.dat 2018-01-11 19:56 - 2018-01-11 19:56 - 000070800 _____ C:\Users\Elodie\AppData\Local\Config.xml 2018-01-11 19:56 - 2018-01-11 19:56 - 000005568 _____ C:\Users\Elodie\AppData\Local\md.xml 2018-01-11 19:56 - 2018-01-11 19:56 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\System Native 2018-01-11 18:58 - 2018-01-13 14:19 - 000000000 ____D C:\Users\Elodie\AppData\Local\Optimizer 2018-01-11 18:57 - 2018-01-12 20:28 - 000000004 _____ C:\ProgramData\lock.dat 2018-01-11 18:57 - 2018-01-12 20:27 - 000000060 _____ C:\ProgramData\rwi.hhad 2018-01-11 18:56 - 2018-01-11 20:15 - 000000000 ____D C:\Program Files (x86)\foldershare 2018-01-11 18:56 - 2018-01-11 19:58 - 000000000 ____D C:\Users\Elodie\AppData\Local\8d04e40abcf7414f9d1b561e0fa3a36e 2018-01-11 18:56 - 2018-01-11 18:56 - 000003988 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_LB 2018-01-11 18:56 - 2018-01-11 18:56 - 000003988 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_DF 2018-01-11 18:56 - 2018-01-11 18:56 - 000003976 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_WQ 2018-01-11 18:56 - 2018-01-11 18:56 - 000003976 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_CT 2018-01-11 18:56 - 2018-01-11 18:56 - 000003968 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_HT 2018-01-11 18:56 - 2018-01-11 18:56 - 000001475 ___RS C:\Users\Elodie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Eхplоrеr.lnk 2018-01-11 18:56 - 2018-01-11 18:56 - 000001293 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nаvigаteur Оpera.lnk 2018-01-11 18:56 - 2018-01-11 18:56 - 000001263 ___RS C:\Users\Public\Desktop\Nаvigatеur Oрerа.lnk 2018-01-11 18:56 - 2018-01-11 18:56 - 000001177 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gоoglе Сhrome.lnk 2018-01-11 18:56 - 2018-01-11 18:56 - 000001147 ___RS C:\Users\Public\Desktop\Gооgle Сhrome.lnk 2018-01-11 18:56 - 2018-01-11 18:56 - 000000000 ____D C:\Windows\system32\sstmp 2018-01-11 18:56 - 2018-01-11 18:56 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\f928c15c44354fb1a41f70c44b8975d4 2018-01-11 18:56 - 2018-01-11 18:56 - 000000000 ____D C:\Program Files (x86)\tools 2018-01-11 18:53 - 2018-01-11 18:53 - 001727282 _____ C:\Users\Elodie\Downloads\Adobe_illustrator_CC_2017_With_Crack.zip 2018-01-11 18:45 - 2018-01-11 18:45 - 000000838 _____ C:\Users\Elodie\Desktop\data-recovery_setup_full935.exe.lnk 2018-01-11 18:44 - 2018-01-11 18:44 - 000986848 _____ C:\Users\Elodie\Desktop\data-recovery_setup_full935.exe 2018-01-11 18:43 - 2018-01-11 18:43 - 000000000 ____D C:\Users\Elodie\AppData\Local\Wondershare 2018-01-11 18:42 - 2018-01-13 11:48 - 000000000 ____D C:\Program Files (x86)\Wondershare 2018-01-11 18:42 - 2018-01-11 18:44 - 000000000 ____D C:\Users\Public\Documents\Wondershare 2018-01-11 18:42 - 2018-01-11 18:42 - 000986848 _____ C:\Users\Elodie\Downloads\data-recovery_setup_full935.exe 2018-01-11 15:44 - 2018-01-11 15:44 - 000097248 _____ C:\Windows\system32\Drivers\ca4cdda5d817ec4684cca252bf2b0a68.sys 2018-01-10 10:45 - 2018-01-10 10:45 - 000015737 _____ C:\Users\Elodie\Downloads\Fiche séquence type jeu en numération.odt 2018-01-10 10:44 - 2018-01-10 10:44 - 000543975 _____ C:\Users\Elodie\Downloads\Fiche de préparation séquence EPS Maths à compléter trame.odt 2018-01-10 10:43 - 2018-01-10 10:43 - 000705913 _____ C:\Users\Elodie\Downloads\TP EPS et Maths 19 octobre C1.odp 2018-01-07 13:32 - 2018-01-07 13:32 - 001864060 _____ C:\Users\Elodie\Downloads\Dobble 31 cartes Contes.pdf 2018-01-07 13:32 - 2018-01-07 13:32 - 001864060 _____ C:\Users\Elodie\Downloads\Dobble 31 cartes Contes (1).pdf 2018-01-07 13:31 - 2018-01-07 13:31 - 001933870 _____ C:\Users\Elodie\Downloads\Jeu des familles Les contes MS.pdf 2018-01-07 13:31 - 2018-01-07 13:31 - 001571121 _____ C:\Users\Elodie\Downloads\Jeux de loto Les contes.pdf 2018-01-07 13:31 - 2018-01-07 13:31 - 000925310 _____ C:\Users\Elodie\Downloads\Dobble contes 2 jeux de 13 cartes.pdf 2018-01-07 13:31 - 2018-01-07 13:31 - 000628095 _____ C:\Users\Elodie\Downloads\Jeux de l'oie Les contes.pdf 2018-01-07 13:30 - 2018-01-07 13:30 - 005279722 _____ C:\Users\Elodie\Downloads\Grandes cartes mur à mots Les contes.pdf 2018-01-07 13:30 - 2018-01-07 13:30 - 001035741 _____ C:\Users\Elodie\Downloads\Petites cartes à jouer Thème 3 MS_Les contes.pdf 2018-01-07 13:29 - 2018-01-07 13:29 - 000034473 _____ C:\Users\Elodie\Downloads\Arrière cartes Thème 3 MS_Les contes.pdf 2018-01-07 12:44 - 2018-01-07 12:44 - 003342620 _____ C:\Users\Elodie\Downloads\Guide pédagogique Thèmots 4 ans_Thème 3_Les contes (2).pdf 2018-01-07 12:42 - 2018-01-07 12:42 - 000888198 _____ C:\Users\Elodie\Downloads\Petites cartes Météo MS .pdf 2018-01-07 12:40 - 2018-01-07 12:40 - 001887990 _____ C:\Users\Elodie\Downloads\Guide pédagogique Apprentilangue MS_Thème 2_La météo.pdf 2018-01-07 11:53 - 2018-01-07 11:53 - 000005295 _____ C:\Users\Elodie\Downloads\ADECal (32).ics 2018-01-06 10:53 - 2018-01-06 10:54 - 000038516 _____ C:\Users\Elodie\Downloads\parcours_de_formation_en_eple_16-17_-_fiche.odt 2018-01-03 16:23 - 2018-01-03 16:23 - 041177408 _____ C:\Users\Elodie\Downloads\Verslesmaths_MS.pdf 2018-01-02 18:27 - 2018-01-05 19:16 - 000000000 ____D C:\Users\Elodie\AppData\Local\6EFFEDF0-1D44-4380-9419-809523FF7EA3.aplzod 2018-01-02 18:22 - 2018-01-13 17:05 - 000000000 ___RD C:\Users\Elodie\iCloudDrive 2018-01-02 18:22 - 2018-01-02 18:29 - 000000000 ____D C:\Users\Elodie\Documents\Fichiers Outlook 2018-01-02 18:22 - 2018-01-02 18:22 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud 2018-01-02 18:22 - 2018-01-02 18:22 - 000000000 ____D C:\Users\Elodie\AppData\Local\Apple Inc 2018-01-02 17:47 - 2018-01-02 17:47 - 000000000 ____D C:\Windows\System32\Tasks\Apple 2018-01-02 17:47 - 2018-01-02 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2018-01-02 17:47 - 2018-01-02 17:47 - 000000000 ____D C:\Program Files (x86)\Apple Software Update 2018-01-02 17:44 - 2018-01-02 17:46 - 155125560 _____ (Apple Inc.) C:\Users\Elodie\Downloads\iCloudSetup.exe 2017-12-24 14:17 - 2017-12-24 14:17 - 001538349 _____ C:\Users\Elodie\Downloads\3611508950_FRE_20171224_140244.PDF 2017-12-24 14:14 - 2017-12-24 14:14 - 000295704 _____ C:\Users\Elodie\Downloads\Scan0144 (1).pdf 2017-12-24 14:13 - 2017-12-24 14:13 - 000295704 _____ C:\Users\Elodie\Downloads\Scan0144.pdf 2017-12-22 14:37 - 2018-01-05 00:44 - 000001919 _____ C:\Users\Elodie\Desktop\Dashlane.lnk 2017-12-22 14:37 - 2018-01-05 00:44 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane 2017-12-22 14:37 - 2018-01-05 00:44 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\Dashlane 2017-12-22 14:37 - 2017-12-22 14:37 - 000000000 ____D C:\Users\Elodie\AppData\LocalLow\Dashlane 2017-12-22 14:37 - 2017-12-22 14:37 - 000000000 ____D C:\Users\Elodie\AppData\Local\Packages 2017-12-22 14:37 - 2017-12-22 14:37 - 000000000 ____D C:\Program Files (x86)\Dashlane 2017-12-22 14:34 - 2017-12-22 14:34 - 000808392 _____ (Dashlane Inc.) C:\Users\Elodie\Downloads\Dashlane__bchrome_0KTeA2OPefZaHXVpC.exe 2017-12-22 08:42 - 2017-12-22 08:42 - 000058849 _____ C:\Users\Elodie\Downloads\Demande d'autorisation d'absence.pdf 2017-12-17 20:45 - 2017-12-17 20:45 - 000639379 _____ C:\Users\Elodie\Downloads\coloriage_noelFR-ES (1).pdf 2017-12-17 20:44 - 2017-12-17 20:44 - 000639379 _____ C:\Users\Elodie\Downloads\coloriage_noelFR-ES.pdf 2017-12-17 15:17 - 2017-12-17 15:17 - 001067445 _____ C:\Users\Elodie\Downloads\Cartes boîte à écrire Zoo (3).pdf 2017-12-17 15:15 - 2017-12-17 15:15 - 000738383 _____ C:\Users\Elodie\Downloads\Dispositif Boîte à écrire (1).pdf 2017-12-17 15:14 - 2017-12-17 15:14 - 001067445 _____ C:\Users\Elodie\Downloads\Cartes boîte à écrire Zoo (2).pdf 2017-12-17 15:14 - 2017-12-17 15:14 - 001067445 _____ C:\Users\Elodie\Downloads\Cartes boîte à écrire Zoo (1).pdf 2017-12-17 15:13 - 2017-12-17 15:13 - 000034235 _____ C:\Users\Elodie\Downloads\plum.zip 2017-12-17 15:12 - 2017-12-17 15:12 - 001067445 _____ C:\Users\Elodie\Downloads\Cartes boîte à écrire Zoo.pdf 2017-12-17 13:13 - 2017-12-17 13:13 - 000320831 _____ C:\Users\Elodie\Downloads\MA_EP_en_PS_sauter (1).pdf 2017-12-17 12:56 - 2017-12-17 12:56 - 000320831 _____ C:\Users\Elodie\Downloads\MA_EP_en_PS_sauter.pdf 2017-12-16 16:40 - 2017-12-16 16:44 - 003714387 _____ C:\Users\Elodie\Downloads\Gmail (18).zip 2017-12-16 13:36 - 2017-12-16 13:36 - 000095141 _____ C:\Users\Elodie\Downloads\cursive_2.zip 2017-12-16 13:35 - 2017-12-16 13:35 - 000533755 _____ C:\Users\Elodie\Downloads\verchery (1).zip 2017-12-16 12:23 - 2017-12-16 12:23 - 000175330 _____ C:\Users\Elodie\Downloads\pictomoustache.zip 2017-12-16 11:56 - 2017-12-16 11:56 - 000012935 _____ C:\Users\Elodie\Downloads\récap A4 décembre.odt 2017-12-15 16:12 - 2017-12-15 16:12 - 000905981 _____ C:\Users\Elodie\Downloads\Test_evaluation_vocabulaire_MS La Cigale.pdf 2017-12-15 16:11 - 2017-12-15 16:11 - 002538294 _____ C:\Users\Elodie\Downloads\test compréhension MS La Cigale.pdf 2017-12-15 16:10 - 2017-12-15 16:10 - 000241293 _____ C:\Users\Elodie\Downloads\tableaux_maternelle_193538.pdf 2017-12-15 12:27 - 2017-11-17 05:23 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-12-15 12:27 - 2017-11-15 02:27 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-12-15 12:27 - 2017-11-15 01:36 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-12-15 12:27 - 2017-11-14 04:57 - 025731072 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-12-15 12:27 - 2017-11-14 04:43 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-12-15 12:27 - 2017-11-14 04:43 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-12-15 12:27 - 2017-11-14 04:32 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-12-15 12:27 - 2017-11-14 04:31 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-12-15 12:27 - 2017-11-14 04:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-12-15 12:27 - 2017-11-14 04:30 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-12-15 12:27 - 2017-11-14 04:30 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-12-15 12:27 - 2017-11-14 04:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-12-15 12:27 - 2017-11-14 04:25 - 005925888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-12-15 12:27 - 2017-11-14 04:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-12-15 12:27 - 2017-11-14 04:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-12-15 12:27 - 2017-11-14 04:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-12-15 12:27 - 2017-11-14 04:20 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-12-15 12:27 - 2017-11-14 04:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-12-15 12:27 - 2017-11-14 04:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-12-15 12:27 - 2017-11-14 04:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-12-15 12:27 - 2017-11-14 04:15 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-12-15 12:27 - 2017-11-14 04:12 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-12-15 12:27 - 2017-11-14 04:06 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2017-12-15 12:27 - 2017-11-14 04:06 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-12-15 12:27 - 2017-11-14 04:05 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-12-15 12:27 - 2017-11-14 04:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-12-15 12:27 - 2017-11-14 04:02 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-12-15 12:27 - 2017-11-14 04:00 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-12-15 12:27 - 2017-11-14 03:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-12-15 12:27 - 2017-11-14 03:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-12-15 12:27 - 2017-11-14 03:48 - 015267328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-12-15 12:27 - 2017-11-14 03:48 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-12-15 12:27 - 2017-11-14 03:48 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-12-15 12:27 - 2017-11-14 03:47 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-12-15 12:27 - 2017-11-14 03:46 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-12-15 12:27 - 2017-11-14 03:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-12-15 12:27 - 2017-11-14 03:27 - 001544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-12-15 12:27 - 2017-11-14 03:16 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-12-15 12:27 - 2017-11-14 02:37 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-12-15 12:27 - 2017-11-14 02:15 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-12-15 12:27 - 2017-11-14 02:15 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-12-15 12:27 - 2017-11-14 02:15 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-12-15 12:27 - 2017-11-14 02:10 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-12-15 12:27 - 2017-11-14 01:32 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-12-15 12:27 - 2017-11-14 01:31 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-12-15 12:27 - 2017-11-07 21:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-12-15 12:27 - 2017-11-07 21:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-12-15 12:27 - 2017-11-07 21:46 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-12-15 12:27 - 2017-11-07 21:46 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-12-15 12:27 - 2017-11-07 21:44 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-12-15 12:27 - 2017-11-07 21:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-12-15 12:27 - 2017-11-07 21:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-12-15 12:27 - 2017-11-07 21:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-12-15 12:27 - 2017-11-07 21:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-12-15 12:27 - 2017-11-07 21:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-12-15 12:27 - 2017-11-07 21:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-12-15 12:27 - 2017-11-07 21:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-12-15 12:27 - 2017-11-07 21:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-12-15 12:27 - 2017-11-07 21:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-12-15 12:27 - 2017-11-07 21:27 - 004509696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-12-15 12:27 - 2017-11-07 21:26 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-12-15 12:27 - 2017-11-07 21:24 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-12-15 12:27 - 2017-11-07 21:19 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-12-15 12:27 - 2017-11-07 21:18 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-12-15 12:27 - 2017-11-07 21:17 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-12-15 12:27 - 2017-11-07 21:17 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-12-15 12:27 - 2017-11-07 21:04 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-12-15 12:27 - 2017-11-07 21:01 - 001313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-12-15 12:27 - 2017-11-07 20:58 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-12-15 12:27 - 2017-11-07 17:31 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2017-12-15 12:27 - 2017-11-07 17:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2017-12-15 12:27 - 2017-11-04 16:31 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll 2017-12-15 12:27 - 2017-11-04 16:31 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2017-12-15 12:27 - 2017-11-04 16:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll 2017-12-15 12:27 - 2017-11-04 16:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll 2017-12-15 12:27 - 2017-11-02 17:55 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll 2017-12-15 12:27 - 2017-11-02 17:55 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll 2017-12-15 12:27 - 2017-11-02 17:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll 2017-12-15 12:27 - 2017-11-02 17:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll 2017-12-15 12:27 - 2017-11-02 16:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll 2017-12-15 12:27 - 2017-11-02 16:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll 2017-12-15 12:27 - 2017-11-02 16:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll 2017-12-15 12:27 - 2017-11-02 15:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll 2017-12-15 12:27 - 2017-10-17 00:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll 2017-12-15 12:27 - 2017-10-16 23:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll 2017-12-15 12:27 - 2017-10-12 01:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2017-12-15 12:04 - 2017-12-15 12:04 - 006430802 _____ C:\Users\Elodie\Downloads\Grandes cartes mur à mots Zoo (2).pdf 2017-12-15 10:48 - 2017-12-15 10:48 - 000558760 _____ C:\Users\Elodie\Downloads\Comptines +á classer.pdf 2017-12-15 10:47 - 2017-12-15 10:47 - 000020562 _____ C:\Users\Elodie\Downloads\Comptines +á classer.odt 2017-12-15 10:44 - 2017-12-15 10:44 - 000017547 _____ C:\Users\Elodie\Downloads\Pr+®sentation atelier 2 maths-2.odt ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-01-13 17:15 - 2015-09-29 09:31 - 000000000 ____D C:\FRST 2018-01-13 17:14 - 2009-07-14 05:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-01-13 17:14 - 2009-07-14 05:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-01-13 17:12 - 2014-03-19 23:03 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2018-01-13 17:11 - 2010-11-21 07:19 - 000748608 _____ C:\Windows\system32\perfh00C.dat 2018-01-13 17:11 - 2010-11-21 07:19 - 000150598 _____ C:\Windows\system32\perfc00C.dat 2018-01-13 17:11 - 2009-07-14 06:13 - 001671678 _____ C:\Windows\system32\PerfStringBackup.INI 2018-01-13 17:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2018-01-13 17:07 - 2016-09-23 20:41 - 000000000 ____D C:\Users\Elodie\AppData\Local\Spotify 2018-01-13 17:07 - 2015-09-30 08:39 - 000000000 ____D C:\Program Files (x86)\Opera 2018-01-13 17:06 - 2016-09-23 20:40 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\Spotify 2018-01-13 17:05 - 2014-09-28 19:40 - 000004624 __RSH C:\ProgramData\ntuser.pol 2018-01-13 17:05 - 2014-03-28 14:18 - 000000000 ____D C:\Users\Elodie 2018-01-13 17:05 - 2014-03-19 22:49 - 000000000 ____D C:\ProgramData\NVIDIA 2018-01-13 17:05 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-01-13 17:05 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Registration 2018-01-13 16:29 - 2014-11-09 22:21 - 000000000 ____D C:\Users\Elodie\AppData\Local\CrashDumps 2018-01-13 14:48 - 2015-09-30 08:39 - 000003874 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1443598746 2018-01-13 14:22 - 2014-03-20 01:38 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2018-01-13 14:22 - 2014-03-20 01:38 - 000270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2018-01-13 14:20 - 2016-05-30 11:51 - 000306401 ____N C:\Windows\Minidump\011318-5257-01.dmp 2018-01-13 14:19 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\SysLog Controller 2018-01-13 14:19 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Stamp Generator 2018-01-13 14:19 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\SMPReisPaint 2018-01-13 14:19 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Security Utilities 2018-01-13 14:19 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\JPEGS 2018-01-13 14:19 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Firefoal Ideal Tool 2018-01-13 14:19 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Final Fantasy VII 2018-01-13 14:19 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\ChangeBob 2018-01-13 14:19 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Alphabet Toolbar 2018-01-12 23:10 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\LiveKernelReports 2018-01-12 21:57 - 2015-06-30 13:43 - 000000000 ____D C:\Users\Elodie\AppData\LocalLow\Company 2018-01-12 21:57 - 2014-03-28 14:19 - 000002223 ____H C:\Users\Elodie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2018-01-12 21:50 - 2015-09-08 20:35 - 000000000 ____D C:\AdwCleaner 2018-01-12 20:28 - 2009-07-14 06:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2018-01-12 11:10 - 2014-10-11 11:25 - 000000000 ____D C:\Users\Elodie\AppData\Local\ElevatedDiagnostics 2018-01-12 09:20 - 2014-08-30 14:33 - 000000000 ____D C:\Program Files (x86)\Google 2018-01-12 09:12 - 2014-03-19 23:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-01-12 09:11 - 2014-03-19 23:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-01-11 20:26 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2018-01-11 20:24 - 2009-07-14 05:45 - 005051912 _____ C:\Windows\system32\FNTCACHE.DAT 2018-01-11 18:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Defender 2018-01-11 18:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Reference Assemblies 2018-01-11 18:44 - 2014-03-28 14:19 - 000133056 _____ C:\Users\Elodie\AppData\Local\GDIPFONTCACHEV1.DAT 2018-01-11 03:01 - 2014-11-09 13:49 - 000000000 ____D C:\Windows\system32\MRT 2018-01-11 03:00 - 2017-10-13 02:02 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2018-01-11 03:00 - 2014-11-09 13:49 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-01-10 09:52 - 2017-09-11 21:13 - 000003176 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2152363354-3513739142-3557642019-1000 2018-01-08 22:14 - 2017-10-31 18:01 - 000000000 ____D C:\Users\Elodie\Desktop\TO PRINT 2018-01-07 13:41 - 2017-11-29 08:39 - 000000000 ____D C:\Users\Elodie\Desktop\DIVERS ESPE 2018-01-06 10:05 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF 2018-01-05 18:22 - 2015-09-22 09:32 - 000000000 ____D C:\Users\Elodie\AppData\Local\Apple Computer 2018-01-04 09:11 - 2016-03-09 13:04 - 000000000 ____D C:\ProgramData\CanonIJPLM 2018-01-03 18:20 - 2014-03-29 21:17 - 000000000 ____D C:\Users\Elodie\AppData\Roaming\Apple Computer 2018-01-02 17:47 - 2015-09-22 09:32 - 000000000 ____D C:\Program Files\Common Files\Apple 2018-01-02 17:47 - 2014-03-28 20:30 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-12-28 11:28 - 2014-03-28 20:37 - 000000321 _____ C:\Users\Elodie\Documents\BIMx_Export_Log.txt 2017-12-28 11:28 - 2014-03-28 20:37 - 000000000 ____D C:\Users\Elodie\Graphisoft 2017-12-28 11:28 - 2014-03-28 20:37 - 000000000 ____D C:\Users\Elodie\Documents\BIMx 2017-12-16 03:43 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache 2017-12-16 03:17 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup 2017-12-16 03:17 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup ==================== Fichiers à la racine de certains dossiers ======= 2018-01-11 18:57 - 2018-01-12 20:28 - 000000004 _____ () C:\ProgramData\lock.dat 2015-02-01 15:30 - 2015-11-26 17:13 - 000000132 _____ () C:\Users\Elodie\AppData\Roaming\Préfs Filtre IllExportation Adobe CS5 2014-07-24 20:16 - 2016-05-03 14:48 - 000001456 _____ () C:\Users\Elodie\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs 2018-01-11 19:56 - 2018-01-11 19:56 - 007563264 _____ () C:\Users\Elodie\AppData\Local\agent.dat 2018-01-11 19:56 - 2018-01-11 19:56 - 000070800 _____ () C:\Users\Elodie\AppData\Local\Config.xml 2018-01-11 19:56 - 2018-01-11 19:56 - 001895382 _____ () C:\Users\Elodie\AppData\Local\K-String.bin 2018-01-11 19:56 - 2018-01-11 19:56 - 000005568 _____ () C:\Users\Elodie\AppData\Local\md.xml 2018-01-11 19:56 - 2018-01-11 19:56 - 000126464 _____ () C:\Users\Elodie\AppData\Local\noah.dat 2018-01-11 19:56 - 2018-01-12 11:06 - 000014848 _____ () C:\Users\Elodie\AppData\Local\oldsep.dll 2018-01-12 22:09 - 2018-01-13 14:06 - 000930816 _____ () C:\Users\Elodie\AppData\Local\po.db 2018-01-11 19:56 - 2018-01-11 19:56 - 001815552 _____ (TODO: ) C:\Users\Elodie\AppData\Local\QuoteStock.exe 2018-01-11 19:56 - 2018-01-11 19:56 - 001980498 _____ () C:\Users\Elodie\AppData\Local\QuoteStock.tst 2018-01-11 19:56 - 2018-01-12 11:06 - 000003072 _____ () C:\Users\Elodie\AppData\Local\uninstallBR.exe 2018-01-11 19:56 - 2018-01-11 19:56 - 000032038 _____ () C:\Users\Elodie\AppData\Local\uninstall_temp.ico 2018-01-11 19:56 - 2018-01-11 19:56 - 000278508 _____ () C:\Users\Elodie\AppData\Local\Vaiaity.bin Fichiers à déplacer ou supprimer: ==================== C:\Windows\TEMP\g3754.tmp.exe C:\Users\Elodie\AppData\Roaming\LookUpPro\python\pythonw.exe Certains fichiers dans TEMP: ==================== 2018-01-11 19:58 - 2018-01-11 19:58 - 001527488 _____ (Microsoft Corporation) C:\Users\Elodie\AppData\Local\Temp\dbghelp.dll 2015-09-08 21:29 - 2015-07-15 18:56 - 001311768 _____ (Microsoft Corporation) C:\Users\Elodie\AppData\Local\Temp\dllnt_dump.dll 2013-12-19 18:06 - 2013-12-19 18:06 - 000921512 _____ (Oracle Corporation) C:\Users\Elodie\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe 2015-06-12 23:21 - 2015-06-12 23:21 - 000563808 _____ (Oracle Corporation) C:\Users\Elodie\AppData\Local\Temp\jre-8u51-windows-au.exe 2015-03-23 16:58 - 2015-03-23 16:58 - 001207376 ____N (CANON INC.) C:\Users\Elodie\AppData\Local\Temp\MSETUP4.EXE 2015-09-01 20:21 - 2015-09-01 20:21 - 000008704 _____ (Microsoft Corporation) C:\Users\Elodie\AppData\Local\Temp\SpOrder.dll 2015-08-14 13:29 - 2015-07-29 21:08 - 000681097 _____ (SQLite Development Team) C:\Users\Elodie\AppData\Local\Temp\sqlite3.dll 2018-01-11 19:58 - 2018-01-11 19:58 - 000167616 _____ (Microsoft Corporation) C:\Users\Elodie\AppData\Local\Temp\symsrv.dll 2015-09-30 08:41 - 2015-09-30 08:41 - 000765968 _____ (Yahoo! Inc.) C:\Users\Elodie\AppData\Local\Temp\ytb.exe 2018-01-12 22:56 - 2018-01-12 23:10 - 055262260 _____ (Dropbox, Inc.) C:\Users\Elodie\AppData\Local\Temp\{17413D0D-2D26-4C85-A54A-171B06B91FFE}-DropboxClient_41.4.80.exe 2018-01-12 22:32 - 2018-01-12 22:35 - 026287442 _____ (Dropbox, Inc.) C:\Users\Elodie\AppData\Local\Temp\{6408EDAA-02DD-4D23-89CA-4CC037E4523A}-DropboxClient_41.4.80.exe Certains de taille zéro octet fichiers/dossiers: ========================== C:\Windows\SysWOW64\dlumd10.dll C:\Windows\SysWOW64\dlumd11.dll C:\Windows\SysWOW64\dlumd9.dll C:\Windows\System32\dlumd10.dll C:\Windows\System32\dlumd11.dll C:\Windows\System32\dlumd9.dll ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement nointegritychecks: ==> "IntegrityChecks" is disabled. <==== ATTENTION BCD (recoveryenabled=No -> recoveryenabled=Yes) <==== restauré(es) avec succès LastRegBack: 2018-01-13 10:56 ==================== Fin de FRST.txt ============================