Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
Ran by Martin (administrator) on MARTIN-PC (25-11-2017 17:55:12)
Running from C:\Users\bourd\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 10 Home 10240.17443 (X64) Language: Anglais (États-Unis)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(OSBASE) C:\Windows\System32\ddmgr.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Rene.E Laboratory) D:\Becca\x64\bcservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AsToastHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AsSysLevelUpSrc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AlertService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_SysMode.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
() C:\Program Files (x86)\ASUS\AEGIS II\Lighting\CheckCD_RomLighting.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
() C:\Program Files (x86)\ASUS\AEGIS II\Boost Launcher\BLMonitor.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe
(Spotify Ltd) C:\Users\bourd\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Image-Line) C:\Users\FL Studio 12\FL64.exe
(Spotify Ltd) C:\Users\bourd\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\bourd\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\bourd\AppData\Roaming\Spotify\Spotify.exe
(Flux Software LLC) C:\Users\bourd\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Spotify Ltd) C:\Users\bourd\AppData\Roaming\Spotify\Spotify.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe
() C:\Users\bourd\AppData\Roaming\ZHP\ZHPCleaner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8522480 2015-08-20] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [80896 2017-08-23] ()
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25624208 2017-11-10] (Google)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [f.lux] => C:\Users\bourd\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [Clavier+] => C:\Users\bourd\AppData\Local\Clavier+\Clavier.exe [125440 2016-08-13] (Guillaume Ryder (hxxp://utilfr42.free.fr))
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [Spotify] => C:\Users\bourd\AppData\Roaming\Spotify\Spotify.exe [21076080 2017-11-25] (Spotify Ltd)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [uTorrent] => C:\Users\bourd\AppData\Roaming\uTorrent\uTorrent.exe [1985984 2017-10-23] (BitTorrent Inc.)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [Spotify Web Helper] => C:\Users\bourd\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-25] (Spotify Ltd)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\MountPoints2: {37670b62-5580-11e6-9c85-80a589350416} - "I:\setup.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3819439d-41b6-44e7-946d-f2823c54993a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99e23535-6bf3-4ebf-84fa-b02c00c7df8f}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_17_43¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztB0AyDzzzytAyDtDyEtCyByC0EtB0BtN0D0Tzu0StBtCtByBtN1L2XzutAtFtAyDtFtAtFyDyDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyByB0D0AyB0FzzyBtGtDtC0B0FtG0F0A0EtDtGyBtD0FtBtGyB0E0EtAyDzyyE0EyE0CyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FyDyEzzzztByEtGzyyE0ByCtGyEtAtA0BtGzztAzztCtG0FzzyD0B0F0B0AyDyC0DyB0D2QtN0A0LzuyE%26cr%3D331543272%26a%3Dwbf_fremkfs_17_43%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_17_43¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztB0AyDzzzytAyDtDyEtCyByC0EtB0BtN0D0Tzu0StBtCtByBtN1L2XzutAtFtAyDtFtAtFyDyDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyByB0D0AyB0FzzyBtGtDtC0B0FtG0F0A0EtDtGyBtD0FtBtGyB0E0EtAyDzyyE0EyE0CyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FyDyEzzzztByEtGzyyE0ByCtGyEtAtA0BtGzztAzztCtG0FzzyD0B0F0B0AyDyC0DyB0D2QtN0A0LzuyE%26cr%3D331543272%26a%3Dwbf_fremkfs_17_43%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-1205478417-495659260-835610984-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_17_43¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztB0AyDzzzytAyDtDyEtCyByC0EtB0BtN0D0Tzu0StBtCtByBtN1L2XzutAtFtAyDtFtAtFyDyDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyByB0D0AyB0FzzyBtGtDtC0B0FtG0F0A0EtDtGyBtD0FtBtGyB0E0EtAyDzyyE0EyE0CyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FyDyEzzzztByEtGzyyE0ByCtGyEtAtA0BtGzztAzztCtG0FzzyD0B0F0B0AyDyC0DyB0D2QtN0A0LzuyE%26cr%3D331543272%26a%3Dwbf_fremkfs_17_43%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-1205478417-495659260-835610984-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ASUS15.msn.com/?pc=ASTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_14_wbf_fsvideosft_16_42¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuzztD0AyDzzzytAyDtDyEtCyByC0EtB0BtN0D0Tzu0StCzytBtDtN1L2XzutAtFtBzztFyDtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2SyBzyyEtB0DtCtA0DtGyByCyDzytGtAyCtAzytGtBzy0E0BtGtA0EzztCtBtC0EtAyEtDzz0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FyDyEzzzztByEtGzyyE0ByCtGyEtAtA0BtGzztAzztCtG0FzzyD0B0F0B0AyDyC0DyB0D2QtN0A0LzuyE%26cr%3D2112619507%26a%3Dhdr_s_17_14_wbf_fsvideosft_16_42%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_14_wbf_fsvideosft_16_42¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuzztD0AyDzzzytAyDtDyEtCyByC0EtB0BtN0D0Tzu0StCzytBtDtN1L2XzutAtFtBzztFyDtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2SyBzyyEtB0DtCtA0DtGyByCyDzytGtAyCtAzytGtBzy0E0BtGtA0EzztCtBtC0EtAyEtDzz0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FyDyEzzzztByEtGzyyE0ByCtGyEtAtA0BtGzztAzztCtG0FzzyD0B0F0B0AyDyC0DyB0D2QtN0A0LzuyE%26cr%3D2112619507%26a%3Dhdr_s_17_14_wbf_fsvideosft_16_42%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1205478417-495659260-835610984-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1205478417-495659260-835610984-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D102317-A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-11-09] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-10-21] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-11-09] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-09] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\bourd\AppData\Roaming\Mozilla\Firefox\Profiles\ir3mox86.default-1498846646911 [2017-11-25]
FF Homepage: Mozilla\Firefox\Profiles\ir3mox86.default-1498846646911 -> hxxp://www.bing.com/?pc=COSP&ptag=D102317-A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
FF NewTab: Mozilla\Firefox\Profiles\ir3mox86.default-1498846646911 -> hxxp://www.bing.com/?pc=COSP&ptag=D102317-A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-15] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-10-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1205478417-495659260-835610984-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\bourd\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1205478417-495659260-835610984-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-10-26] ()
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
CHR Extension: (Slides) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-25]
CHR Extension: (Check-Weather for Chrome) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfkjncelobloojfkbmendgmfgnfmbla [2017-11-25]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-11-10]
CHR Extension: (YouTube) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-25]
CHR Extension: (Adblock Plus) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-29]
CHR Extension: (Social Blade) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2017-11-15]
CHR Extension: (Open in PDF Viewer) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehndikigeekodlnbohjndjjiikphickb [2017-10-18]
CHR Extension: (Sheets) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs hors connexion) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-25]
CHR Extension: (Emoji for Google Chrome™) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\immhpnclomdloikkpcefncmfgjbkojmh [2017-11-22]
CHR Extension: (Montrer la couleur du pixel) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkojbkpbbffiggegdjnkfkndffocgahl [2017-10-28]
CHR Extension: (Material Theme) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdnphgdednjnpcoeamekbogoblkdajep [2017-11-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-27]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-11-18]
CHR Extension: (Créateur Thème - Créer Custom Chrome Thèmes) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ognfcdaekjfmdjhcjaacfapijblalleg [2017-10-28]
CHR Extension: (Gmail) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-25]
CHR Extension: (Chrome Media Router) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-18]
CHR Profile: C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-11-25]
CHR Extension: (Slides) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-25]
CHR Extension: (Docs) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-25]
CHR Extension: (Google Drive) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-25]
CHR Extension: (YouTube) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-25]
CHR Extension: (Sheets) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-25]
CHR Extension: (Google Docs hors connexion) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-25]
CHR Extension: (Gmail) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-25]
CHR Extension: (Chrome Media Router) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-25]
CHR Profile: C:\Users\bourd\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ilnidodcffjfecahcfiihlhiohnaobic] -
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 Becca Service; D:\Becca\x64\bcservice.exe [72176 2016-02-26] (Rene.E Laboratory)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-07-11] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063656 2017-11-02] (Microsoft Corporation)
R2 ddmgr; C:\Windows\system32\ddmgr.exe [1659040 2016-01-06] (OSBASE)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-07-26] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-07-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-08] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-07-26] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-10-26] ()
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25704 2017-11-15] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-06-03] (Microsoft Corporation)
S2 DigitalWave.Update.Service; "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" [X]
S2 RichVideo64; "C:\Program Files\CyberLink\Shared files\RichVideo64.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R4 ddkmd; C:\Windows\system32\drivers\ddkmd.sys [254968 2016-01-06] (OSBASE) [File not signed]
R0 ddkmdldr; C:\Windows\System32\drivers\ddkmdldr.sys [16888 2016-01-06] (OSBASE) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-12-27] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-07-29] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-07-29] (Disc Soft Ltd)
S3 ElcMouLFlt; C:\Windows\System32\drivers\ElcMouLFlt.sys [28648 2015-12-26] (ELECOM)
S3 ElcMouUFlt; C:\Windows\System32\drivers\ElcMouUFlt.sys [27624 2015-12-26] (ELECOM)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R1 MpKslfa433d1a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FBCCAB36-519E-40AE-9921-22E4312C4269}\MpKslfa433d1a.sys [58120 2017-11-25] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-03-28] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [600832 2015-12-26] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [6804480 2017-06-16] (Realtek Semiconductor Corporation )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-12-27] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [165504 2016-12-27] (Samsung Electronics Co., Ltd.)
S3 sthid; C:\Windows\System32\drivers\sthid.sys [20776 2012-10-19] (Splashtop Inc.)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2015-12-26] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [133064 2016-05-28] (BigNox Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2016-06-15] (SplitmediaLabs Limited)
S3 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
S3 BstkDrv; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [X]
S3 CV2K1; \SystemRoot\system32\DRIVERS\cv2k1.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-25 17:55 - 2017-11-25 17:56 - 000029574 _____ C:\Users\bourd\Desktop\FRST.txt
2017-11-25 17:51 - 2017-11-25 17:51 - 000002327 _____ C:\Users\bourd\Desktop\ZHPCleaner.txt
2017-11-25 17:50 - 2017-11-25 17:50 - 000016148 _____ C:\Windows\system32\MARTIN-PC_Martin_HistoryPrediction.bin
2017-11-25 17:40 - 2017-11-25 17:44 - 000002349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-25 17:40 - 2017-11-25 17:44 - 000002337 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-25 17:30 - 2017-11-25 17:33 - 001129816 _____ (Google Inc.) C:\Users\bourd\Downloads\ChromeSetup.exe
2017-11-25 16:50 - 2017-11-25 16:52 - 000000000 ____D C:\FRST
2017-11-25 16:48 - 2017-11-25 16:50 - 002393088 _____ (Farbar) C:\Users\bourd\Desktop\FRST64.exe
2017-11-25 14:22 - 2017-11-25 14:22 - 000001745 _____ C:\Users\bourd\Desktop\FL Studio 12.lnk
2017-11-25 14:22 - 2017-11-25 14:22 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2017-11-25 14:22 - 2017-11-25 14:22 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2017-11-25 14:22 - 2017-11-25 14:22 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2017-11-25 14:21 - 2017-11-25 14:21 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Image-Line
2017-11-25 14:20 - 2017-11-25 14:21 - 000000000 ____D C:\Users\FL Studio 12\System
2017-11-25 14:18 - 2017-11-25 14:20 - 000000000 ____D C:\Users\FL Studio 12\Plugins
2017-11-25 14:18 - 2017-11-25 14:18 - 000000000 ____D C:\Users\FL Studio 12\Help
2017-11-25 14:16 - 2017-11-25 14:22 - 000000000 ____D C:\Users\FL Studio 12
2017-11-25 14:16 - 2017-11-25 14:18 - 000000000 ____D C:\Users\FL Studio 12\Data
2017-11-25 14:16 - 2017-11-25 14:16 - 000000000 ____D C:\Users\FL Studio 12\Artwork
2017-11-25 13:46 - 2017-11-25 13:46 - 000001799 _____ C:\Users\Public\Desktop\FL Studio 12 (64bit).lnk
2017-11-25 12:58 - 2017-11-25 12:58 - 000004585 _____ C:\Users\bourd\Desktop\FLRegKey.reg
2017-11-25 12:38 - 2017-11-25 17:51 - 000000000 ____D C:\Users\bourd\AppData\Roaming\ZHP
2017-11-25 12:38 - 2017-11-25 12:38 - 000000882 _____ C:\Users\bourd\Desktop\ZHPCleaner.lnk
2017-11-25 12:36 - 2017-11-25 12:38 - 000000000 ____D C:\Users\bourd\AppData\Local\ZHP
2017-11-25 11:19 - 2017-11-25 11:19 - 000000000 ____D C:\Windows.old
2017-11-24 20:41 - 2017-11-25 11:19 - 000000000 ____D C:\$WINDOWS.~BT
2017-11-18 21:04 - 2017-11-18 21:04 - 000000011 _____ C:\Users\bourd\Desktop\FDF.txt
2017-11-18 19:06 - 2017-11-18 19:10 - 008372881 _____ C:\Users\bourd\Downloads\Non confirmé 675654.crdownload
2017-11-18 18:23 - 2017-11-25 13:22 - 000000000 ____D C:\Users\bourd\System
2017-11-18 18:19 - 2017-11-25 13:22 - 000000000 ____D C:\Users\bourd\Plugins
2017-11-18 18:15 - 2017-11-25 13:21 - 000000000 ____D C:\Users\bourd\Data
2017-11-17 18:53 - 2017-10-23 11:26 - 001585848 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000685752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000620728 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000619192 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000386232 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000197304 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000143032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-17 18:53 - 2017-10-23 11:26 - 000041656 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-11-17 18:53 - 2017-10-23 10:28 - 002032472 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-17 18:53 - 2017-10-23 10:28 - 000488792 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-11-17 18:53 - 2017-10-23 10:28 - 000484184 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-11-17 18:53 - 2017-10-23 10:28 - 000250200 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-17 18:52 - 2017-11-17 18:52 - 000000000 ____D C:\Windows\UpdateAssistant
2017-11-15 14:19 - 2017-11-15 14:19 - 000000000 ____D C:\Users\Public\Documents\sun
2017-11-15 14:12 - 2017-11-15 14:12 - 000001209 _____ C:\Users\Public\Desktop\LibreOffice 5.3.lnk
2017-11-15 14:12 - 2017-11-15 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3
2017-11-15 14:10 - 2017-11-15 14:12 - 000000000 ____D C:\Program Files\LibreOffice 5
2017-11-11 14:34 - 2017-11-11 14:34 - 000000000 ____D C:\Users\bourd\Desktop\Cours de maths
2017-11-03 20:56 - 2017-11-03 20:56 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Antares
2017-11-03 20:56 - 2017-11-03 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antares Audio Technologies
2017-11-03 20:56 - 2017-11-03 20:56 - 000000000 ____D C:\Program Files (x86)\Antares Audio Technologies
2017-11-03 20:38 - 2017-11-03 20:54 - 020225045 _____ C:\Users\bourd\Downloads\Auto-Tune_Evo_TDM_v6.0.9.2.zip
2017-11-03 20:38 - 2017-11-03 20:38 - 000335509 _____ C:\Users\bourd\Downloads\Non confirmé 512769.crdownload
2017-11-03 14:27 - 2017-11-18 18:32 - 000000000 ____D C:\Users\bourd\Documents\Cubase Projects
2017-11-03 14:26 - 2017-11-03 14:26 - 000000000 ____D C:\Users\bourd\AppData\Roaming\VST3 Presets
2017-11-03 14:23 - 2009-12-19 11:18 - 002395648 _____ (AD © 2009) C:\Windows\SysWOW64\SYNSOEMU.DLL
2017-11-03 14:18 - 2017-11-03 14:18 - 000000000 ____D C:\ProgramData\VST3 Presets
2017-11-03 14:12 - 2017-11-03 14:12 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALionOne
2017-11-03 14:03 - 2017-11-03 14:03 - 000002138 _____ C:\Users\bourd\Desktop\Cubase 5.lnk
2017-11-03 14:02 - 2017-11-03 14:22 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5
2017-11-03 14:02 - 2017-11-03 14:03 - 000000000 ____D C:\Program Files (x86)\Steinberg
2017-11-03 13:53 - 2017-11-03 14:00 - 069288448 _____ C:\Users\bourd\Desktop\Cubase5.msi
2017-10-30 21:02 - 2017-10-30 21:03 - 000000083 _____ C:\Users\bourd\Desktop\Nouveau document texte.txt
2017-10-30 17:12 - 2017-10-31 18:50 - 000000000 ____D C:\Users\bourd\Documents\Cubase LE AI Elements Projects
2017-10-30 17:11 - 2017-10-30 20:50 - 000000000 ____D C:\Users\bourd\Documents\Steinberg
2017-10-30 17:10 - 2017-10-30 17:10 - 000000000 ____D C:\Users\bourd\Documents\VST3 Presets
2017-10-30 16:51 - 2017-11-03 14:07 - 000000000 ____D C:\ProgramData\Steinberg
2017-10-30 16:50 - 2017-11-03 14:26 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Steinberg
2017-10-30 16:50 - 2017-11-03 13:59 - 000000000 ____D C:\Program Files\Steinberg
2017-10-30 16:50 - 2017-10-30 16:50 - 000002892 _____ () C:\Windows\SysWOW64\audcon.sys
2017-10-30 16:50 - 2017-10-30 16:50 - 000000000 ____D C:\ProgramData\Syncrosoft
2017-10-30 16:49 - 2017-10-30 16:50 - 000000000 ____D C:\ProgramData\eLicenser
2017-10-30 16:49 - 2017-10-30 16:49 - 000000049 _____ C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2017-10-30 16:49 - 2017-10-30 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2017-10-30 16:49 - 2017-10-30 16:49 - 000000000 ____D C:\Program Files\eLicenser
2017-10-30 16:49 - 2017-10-30 16:49 - 000000000 ____D C:\Program Files (x86)\Syncrosoft
2017-10-30 16:49 - 2017-10-30 16:49 - 000000000 ____D C:\Program Files (x86)\eLicenser
2017-10-30 16:49 - 2012-12-07 16:48 - 001714176 _____ (Steinberg Media Technologies GmbH) C:\Windows\system32\SYNSOACC.dll
2017-10-30 16:49 - 2012-12-07 16:48 - 001277952 _____ (Steinberg Media Technologies GmbH) C:\Windows\SysWOW64\SYNSOACC.dll
2017-10-30 16:49 - 2011-12-14 20:21 - 000086016 _____ C:\Windows\SysWOW64\SYNSOPOS.exe
2017-10-30 16:44 - 2017-10-30 16:44 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Steinberg Installation Updater
2017-10-30 16:44 - 2017-10-30 16:44 - 000000000 ____D C:\Users\bourd\AppData\Local\Steinberg Installation Updater
2017-10-29 14:54 - 2017-10-29 14:54 - 000325596 _____ C:\Users\bourd\Downloads\TrapKicks7.zip
2017-10-28 20:15 - 2017-10-28 20:15 - 000000002 _____ C:\Windows\SysWOW64\stub.json
2017-10-28 19:41 - 2017-10-28 19:41 - 000000000 ____D C:\ProgramData\Audio Damage
2017-10-28 19:41 - 2017-10-28 19:41 - 000000000 ____D C:\Program Files\Common Files\VST3
2017-10-28 19:41 - 2017-10-28 19:41 - 000000000 ____D C:\Program Files\Common Files\Avid
2017-10-28 19:39 - 2017-10-28 19:40 - 014198940 _____ C:\Users\bourd\Downloads\ADF03_FuzzPlus3.zip
2017-10-28 18:22 - 2017-10-28 18:24 - 000000000 ____D C:\Users\bourd\Desktop\Photo
2017-10-28 18:20 - 2017-10-28 18:29 - 000000691 _____ C:\Users\bourd\Desktop\SON.lnk
2017-10-28 18:14 - 2017-10-28 18:14 - 000001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2017-10-28 18:14 - 2017-10-28 18:14 - 000000000 ____D C:\Users\bourd\AppData\Local\Audacity
2017-10-28 18:14 - 2017-10-28 18:14 - 000000000 ____D C:\Program Files (x86)\Audacity
2017-10-28 18:12 - 2017-10-28 18:13 - 026496761 _____ (Audacity Team ) C:\Users\bourd\Downloads\audacity-win-2-1-2.exe
2017-10-28 18:08 - 2017-10-28 18:08 - 000003262 _____ C:\Windows\System32\Tasks\{D8089FE8-720D-43D7-8E2F-692D5CCBA404}
2017-10-28 17:57 - 2017-10-28 17:57 - 000000000 ____D C:\Users\bourd\AppData\Local\FreemakeAudioConverter
2017-10-28 17:55 - 2017-10-28 17:55 - 000000000 ____D C:\Program Files (x86)\Freemake
2017-10-27 19:32 - 2017-10-27 19:33 - 000000000 ____D C:\Users\bourd\Desktop\TriSamples - 808 Trapstep Pack Vol 1
2017-10-26 15:36 - 2017-11-02 21:20 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2017-10-26 15:36 - 2017-10-26 15:36 - 000000000 ____D C:\Users\bourd\AppData\Local\PunkBuster
2017-10-26 15:36 - 2017-10-26 15:36 - 000000000 ____D C:\ProgramData\Orbit
2017-10-26 14:55 - 2017-10-26 17:27 - 000000000 ____D C:\Users\bourd\AppData\Local\Ubisoft Game Launcher
2017-10-26 14:54 - 2017-11-02 21:20 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-10-26 14:54 - 2017-11-02 17:45 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-10-26 14:54 - 2017-10-26 14:54 - 000076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2017-10-26 14:54 - 2017-10-26 14:54 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-10-26 13:15 - 2017-10-26 15:35 - 000000000 ____D C:\Users\bourd\Desktop\nasa
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-25 17:52 - 2016-01-25 18:27 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Spotify
2017-11-25 17:40 - 2016-03-05 18:08 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-25 17:23 - 2017-04-04 18:23 - 000000292 _____ C:\Windows\Tasks\{39EA17AB-E64D-0CDE-3AA7-6159B7396614}.job
2017-11-25 16:57 - 2016-10-21 10:57 - 000000294 _____ C:\Windows\Tasks\{4998CB50-3EBB-91B8-2BE3-737A464677B8}.job
2017-11-25 16:57 - 2016-02-29 18:12 - 000000000 ____D C:\Users\bourd\AppData\Roaming\uTorrent
2017-11-25 16:33 - 2015-07-10 12:04 - 000000000 ____D C:\Windows\AppReadiness
2017-11-25 16:32 - 2016-01-25 18:27 - 000000000 ____D C:\Users\bourd\AppData\Local\Spotify
2017-11-25 16:21 - 2015-10-22 21:07 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-25 16:21 - 2015-10-22 21:07 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-25 14:23 - 2015-07-10 13:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-25 14:23 - 2015-07-10 10:05 - 000786432 ___SH C:\Windows\system32\config\BBI
2017-11-25 14:22 - 2017-09-03 12:12 - 000000000 ____D C:\Program Files (x86)\Image-Line
2017-11-25 14:21 - 2017-09-03 12:20 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-11-25 14:21 - 2017-09-03 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-11-25 13:55 - 2015-12-27 10:15 - 000000000 ____D C:\Users\bourd\AppData\Local\CrashDumps
2017-11-25 13:48 - 2015-12-26 12:59 - 000000000 ____D C:\Users\bourd
2017-11-25 13:09 - 2016-11-10 20:34 - 000000000 ____D C:\Users\bourd\AppData\Local\Adobe
2017-11-25 13:07 - 2015-07-10 12:04 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-25 12:32 - 2015-07-10 12:02 - 000000000 ____D C:\Windows\INF
2017-11-25 12:29 - 2016-11-11 13:30 - 000000000 ____D C:\AdwCleaner
2017-11-25 12:17 - 2016-10-21 10:56 - 000000258 __RSH C:\ProgramData\ntuser.pol
2017-11-25 12:04 - 2017-07-01 10:41 - 000000814 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à jour de Windows 10.lnk
2017-11-25 12:04 - 2016-10-06 17:18 - 000000000 ____D C:\Windows10Upgrade
2017-11-25 11:19 - 2015-09-25 09:35 - 000000000 ____D C:\Windows\Panther
2017-11-24 22:25 - 2015-12-26 14:20 - 000004174 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F203A87A-0BD9-4B7C-B9D1-075DD49A53A6}
2017-11-24 22:02 - 2015-10-22 21:27 - 000001908 _____ C:\Windows\diagwrn.xml
2017-11-24 22:02 - 2015-10-22 21:27 - 000001908 _____ C:\Windows\diagerr.xml
2017-11-24 21:58 - 2015-07-10 10:05 - 000032768 ___SH C:\Windows\system32\config\ELAM
2017-11-24 21:31 - 2015-07-10 12:04 - 000000000 ____D C:\Windows\Registration
2017-11-24 20:41 - 2016-10-30 15:51 - 000000036 _____ C:\Windows\progress.ini
2017-11-24 20:37 - 2016-07-28 19:52 - 000000000 ___HD C:\$GetCurrent
2017-11-24 18:20 - 2016-10-21 10:57 - 000000000 ____D C:\ProgramData\{59C39CA0-D381-1666-5547-8824CF0503EA}
2017-11-22 19:05 - 2017-10-18 17:33 - 000000132 _____ C:\Users\bourd\AppData\Roaming\Adobe PNG Format CS5 Prefs
2017-11-22 18:45 - 2016-11-02 13:27 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Adobe
2017-11-21 18:18 - 2016-06-05 18:04 - 000000000 ____D C:\Users\bourd\AppData\Local\ElevatedDiagnostics
2017-11-20 21:32 - 2015-12-25 10:11 - 000545440 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-11-20 18:57 - 2016-10-22 11:45 - 000000382 _____ C:\Users\bourd\AppData\Roaming\WB.CFG
2017-11-18 11:53 - 2017-03-18 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-11-18 11:40 - 2015-07-10 12:04 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-18 11:38 - 2015-07-10 13:20 - 005662968 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-17 18:54 - 2015-07-10 11:55 - 000000000 ____D C:\Windows\CbsTemp
2017-11-17 18:52 - 2017-07-21 17:25 - 000000000 ____D C:\Program Files\rempl
2017-11-17 18:38 - 2015-07-10 12:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-17 18:36 - 2016-05-28 16:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-11-16 18:24 - 2016-03-05 18:08 - 000003416 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-16 18:24 - 2016-03-05 18:08 - 000003292 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-15 13:49 - 2015-12-26 16:32 - 000000000 ____D C:\Windows\system32\MRT
2017-11-15 13:42 - 2017-10-13 18:11 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-11-15 13:42 - 2015-12-26 16:32 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-11-15 13:38 - 2015-07-10 12:04 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-15 13:38 - 2015-07-10 12:04 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-11 16:47 - 2015-09-25 10:33 - 011731824 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-11 16:47 - 2015-07-20 14:10 - 000471650 _____ C:\Windows\system32\prfh0404.dat
2017-11-11 16:47 - 2015-07-20 14:10 - 000138564 _____ C:\Windows\system32\prfc0404.dat
2017-11-11 16:47 - 2015-07-20 14:04 - 000458604 _____ C:\Windows\system32\prfh0804.dat
2017-11-11 16:47 - 2015-07-20 14:04 - 000138564 _____ C:\Windows\system32\prfc0804.dat
2017-11-11 16:47 - 2015-07-20 13:58 - 000733028 _____ C:\Windows\system32\perfh01F.dat
2017-11-11 16:47 - 2015-07-20 13:58 - 000149020 _____ C:\Windows\system32\perfc01F.dat
2017-11-11 16:47 - 2015-07-20 13:52 - 000742942 _____ C:\Windows\system32\perfh01D.dat
2017-11-11 16:47 - 2015-07-20 13:52 - 000150086 _____ C:\Windows\system32\perfc01D.dat
2017-11-11 16:47 - 2015-07-20 13:47 - 000804864 _____ C:\Windows\system32\prfh0816.dat
2017-11-11 16:47 - 2015-07-20 13:47 - 000156658 _____ C:\Windows\system32\prfc0816.dat
2017-11-11 16:47 - 2015-07-20 13:41 - 000814106 _____ C:\Windows\system32\perfh013.dat
2017-11-11 16:47 - 2015-07-20 13:41 - 000158476 _____ C:\Windows\system32\perfc013.dat
2017-11-11 16:47 - 2015-07-20 13:36 - 000449730 _____ C:\Windows\system32\perfh014.dat
2017-11-11 16:47 - 2015-07-20 13:36 - 000077378 _____ C:\Windows\system32\perfc014.dat
2017-11-11 16:47 - 2015-07-20 13:30 - 000806906 _____ C:\Windows\system32\perfh010.dat
2017-11-11 16:47 - 2015-07-20 13:30 - 000150620 _____ C:\Windows\system32\perfc010.dat
2017-11-11 16:47 - 2015-07-20 13:25 - 000819034 _____ C:\Windows\system32\perfh00C.dat
2017-11-11 16:47 - 2015-07-20 13:25 - 000154248 _____ C:\Windows\system32\perfc00C.dat
2017-11-11 16:47 - 2015-07-20 13:20 - 000435336 _____ C:\Windows\system32\perfh00B.dat
2017-11-11 16:47 - 2015-07-20 13:20 - 000081914 _____ C:\Windows\system32\perfc00B.dat
2017-11-11 16:47 - 2015-07-20 13:15 - 000815178 _____ C:\Windows\system32\perfh00A.dat
2017-11-11 16:47 - 2015-07-20 13:15 - 000159716 _____ C:\Windows\system32\perfc00A.dat
2017-11-11 16:47 - 2015-07-20 13:06 - 000550762 _____ C:\Windows\system32\perfh008.dat
2017-11-11 16:47 - 2015-07-20 13:06 - 000089322 _____ C:\Windows\system32\perfc008.dat
2017-11-11 16:47 - 2015-07-20 13:01 - 000769978 _____ C:\Windows\system32\perfh007.dat
2017-11-11 16:47 - 2015-07-20 13:01 - 000154168 _____ C:\Windows\system32\perfc007.dat
2017-11-11 16:47 - 2015-07-20 12:56 - 000464638 _____ C:\Windows\system32\perfh006.dat
2017-11-11 16:47 - 2015-07-20 12:56 - 000079886 _____ C:\Windows\system32\perfc006.dat
2017-11-11 13:26 - 2016-02-27 18:33 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Audacity
2017-11-03 20:23 - 2017-04-04 18:23 - 000000000 ____D C:\Users\bourd\AppData\Local\39ea17abe64d0cde3aa76159b7396614
2017-11-01 14:22 - 2015-12-26 13:00 - 000000000 ____D C:\Users\bourd\AppData\Local\Packages
2017-10-31 20:01 - 2017-09-22 19:08 - 000000000 ____D C:\Users\bourd\Desktop\insta
2017-10-28 17:59 - 2016-02-14 14:57 - 000000000 ____D C:\ProgramData\Freemake
2017-10-28 17:57 - 2016-02-14 14:57 - 000000000 ____D C:\Users\bourd\Documents\Freemake
2017-10-28 17:55 - 2016-02-14 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2017-10-26 15:36 - 2016-01-21 16:06 - 000000000 ____D C:\Users\bourd\Documents\My Games
2017-10-26 14:34 - 2015-09-25 10:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
==================== Files in the root of some directories =======
2016-12-15 13:54 - 2016-12-15 13:54 - 011560256 _____ (Image-Line) C:\Users\bourd\FLEngine_x64.dll
2015-03-11 10:45 - 2015-03-11 10:45 - 000953656 _____ (iZotope, Inc.) C:\Users\FL Studio 12\AudioRestore.dll
2015-03-11 10:45 - 2015-03-11 10:45 - 000184632 _____ (DelphiZip) C:\Users\FL Studio 12\DelZip179.dll
2015-03-11 10:46 - 2015-03-11 10:46 - 000081208 _____ (maxim digital audio) C:\Users\FL Studio 12\ds2wav.dll
2015-03-11 10:46 - 2015-03-11 10:46 - 000044344 _____ () C:\Users\FL Studio 12\dsplib.dll
2015-03-11 10:45 - 2015-03-11 10:45 - 000380216 _____ (Image-Line) C:\Users\FL Studio 12\FL (compatible memory).exe
2015-03-11 10:45 - 2015-03-11 10:45 - 000380216 _____ (Image-Line) C:\Users\FL Studio 12\FL.exe
2015-03-11 10:45 - 2015-03-11 10:45 - 000380728 _____ (Image-Line) C:\Users\FL Studio 12\FL64.exe
2015-05-07 09:40 - 2015-05-07 09:40 - 006426904 _____ (Image-Line) C:\Users\FL Studio 12\FLEngine.dll
2015-05-07 09:38 - 2015-05-07 09:38 - 008961304 _____ (Image-Line) C:\Users\FL Studio 12\FLEngine_x64.dll
2015-03-11 10:46 - 2015-03-11 10:46 - 002481464 _____ (iZotope, Inc.) C:\Users\FL Studio 12\iZAudioRestore.dll
2015-04-26 19:31 - 2015-04-26 19:31 - 001278776 _____ (Image-Line) C:\Users\FL Studio 12\Speaker.dll
2015-04-26 19:31 - 2015-04-26 19:31 - 002025272 _____ (Image-Line) C:\Users\FL Studio 12\speaker_x64.dll
2015-03-11 10:46 - 2015-03-11 10:46 - 000101688 _____ () C:\Users\FL Studio 12\ss2wav.dll
2015-03-11 10:46 - 2015-03-11 10:46 - 000085304 _____ () C:\Users\FL Studio 12\ss2wav16.dll
2015-05-12 14:55 - 2015-05-12 14:55 - 003679968 _____ (Image-Line) C:\Users\FL Studio 12\uninstall.exe
2015-03-11 10:46 - 2015-03-11 10:46 - 000195896 _____ (Button Production / Zero-X) C:\Users\FL Studio 12\ZeroX_AS.dll
2017-10-01 10:32 - 2017-10-01 10:32 - 000000000 _____ () C:\Program Files (x86)\Apple Software Update
2017-10-01 10:32 - 2017-10-01 10:32 - 000000000 _____ () C:\Program Files (x86)\LibreOffice 5
2017-10-01 10:32 - 2017-10-01 10:32 - 000000000 _____ () C:\Program Files (x86)\RocketDock
2016-02-14 14:52 - 2016-02-14 14:52 - 000000000 _____ () C:\Program Files (x86)\VID_0079&PID_0006
2017-10-18 17:33 - 2017-11-22 19:05 - 000000132 _____ () C:\Users\bourd\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-11-11 12:03 - 2017-06-27 13:09 - 000000033 _____ () C:\Users\bourd\AppData\Roaming\AdobeWLCMCache.dat
2016-01-03 17:18 - 2016-02-28 19:34 - 000001115 _____ () C:\Users\bourd\AppData\Roaming\nativelog.txt
2016-08-30 19:23 - 2016-08-30 19:23 - 000000132 _____ () C:\Users\bourd\AppData\Roaming\Préférences Adobe GIF Format CC
2015-12-27 17:37 - 2016-10-20 14:58 - 000000132 _____ () C:\Users\bourd\AppData\Roaming\Préférences Adobe PNG Format CC
2017-07-03 19:04 - 2017-07-03 19:04 - 000000334 _____ () C:\Users\bourd\AppData\Roaming\vibranceGUI.log
2016-10-22 11:45 - 2017-11-20 18:57 - 000000382 _____ () C:\Users\bourd\AppData\Roaming\WB.CFG
2016-10-01 10:06 - 2016-10-01 10:06 - 000001456 _____ () C:\Users\bourd\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2017-10-24 14:36 - 2017-10-24 14:36 - 000003584 _____ () C:\Users\bourd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-15 16:00 - 2017-03-15 16:00 - 000000552 _____ () C:\Users\bourd\AppData\Local\TroubleshooterConfig.json
Files to move or delete:
====================
C:\Windows\Tasks\{39EA17AB-E64D-0CDE-3AA7-6159B7396614}.job
C:\Windows\Tasks\{4998CB50-3EBB-91B8-2BE3-737A464677B8}.job
Some files in TEMP:
====================
2017-11-24 18:50 - 2017-11-24 18:50 - 001535576 _____ ( ) C:\Users\bourd\AppData\Local\Temp\ICReinstall_FL Studio 12.5.1.5 Crack_VVm5KT_0616279717.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-22 18:02
==================== End of FRST.txt ============================
Ran by Martin (administrator) on MARTIN-PC (25-11-2017 17:55:12)
Running from C:\Users\bourd\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 10 Home 10240.17443 (X64) Language: Anglais (États-Unis)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(OSBASE) C:\Windows\System32\ddmgr.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Rene.E Laboratory) D:\Becca\x64\bcservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AsToastHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AsSysLevelUpSrc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AlertService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_SysMode.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
() C:\Program Files (x86)\ASUS\AEGIS II\Lighting\CheckCD_RomLighting.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
() C:\Program Files (x86)\ASUS\AEGIS II\Boost Launcher\BLMonitor.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe
(Spotify Ltd) C:\Users\bourd\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Image-Line) C:\Users\FL Studio 12\FL64.exe
(Spotify Ltd) C:\Users\bourd\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\bourd\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\bourd\AppData\Roaming\Spotify\Spotify.exe
(Flux Software LLC) C:\Users\bourd\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Spotify Ltd) C:\Users\bourd\AppData\Roaming\Spotify\Spotify.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe
() C:\Users\bourd\AppData\Roaming\ZHP\ZHPCleaner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8522480 2015-08-20] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [80896 2017-08-23] ()
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25624208 2017-11-10] (Google)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [f.lux] => C:\Users\bourd\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [Clavier+] => C:\Users\bourd\AppData\Local\Clavier+\Clavier.exe [125440 2016-08-13] (Guillaume Ryder (hxxp://utilfr42.free.fr))
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [Spotify] => C:\Users\bourd\AppData\Roaming\Spotify\Spotify.exe [21076080 2017-11-25] (Spotify Ltd)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [uTorrent] => C:\Users\bourd\AppData\Roaming\uTorrent\uTorrent.exe [1985984 2017-10-23] (BitTorrent Inc.)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\Run: [Spotify Web Helper] => C:\Users\bourd\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-25] (Spotify Ltd)
HKU\S-1-5-21-1205478417-495659260-835610984-1001\...\MountPoints2: {37670b62-5580-11e6-9c85-80a589350416} - "I:\setup.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3819439d-41b6-44e7-946d-f2823c54993a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99e23535-6bf3-4ebf-84fa-b02c00c7df8f}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_17_43¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztB0AyDzzzytAyDtDyEtCyByC0EtB0BtN0D0Tzu0StBtCtByBtN1L2XzutAtFtAyDtFtAtFyDyDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyByB0D0AyB0FzzyBtGtDtC0B0FtG0F0A0EtDtGyBtD0FtBtGyB0E0EtAyDzyyE0EyE0CyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FyDyEzzzztByEtGzyyE0ByCtGyEtAtA0BtGzztAzztCtG0FzzyD0B0F0B0AyDyC0DyB0D2QtN0A0LzuyE%26cr%3D331543272%26a%3Dwbf_fremkfs_17_43%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_17_43¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztB0AyDzzzytAyDtDyEtCyByC0EtB0BtN0D0Tzu0StBtCtByBtN1L2XzutAtFtAyDtFtAtFyDyDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyByB0D0AyB0FzzyBtGtDtC0B0FtG0F0A0EtDtGyBtD0FtBtGyB0E0EtAyDzyyE0EyE0CyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FyDyEzzzztByEtGzyyE0ByCtGyEtAtA0BtGzztAzztCtG0FzzyD0B0F0B0AyDyC0DyB0D2QtN0A0LzuyE%26cr%3D331543272%26a%3Dwbf_fremkfs_17_43%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-1205478417-495659260-835610984-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_17_43¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztB0AyDzzzytAyDtDyEtCyByC0EtB0BtN0D0Tzu0StBtCtByBtN1L2XzutAtFtAyDtFtAtFyDyDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyByB0D0AyB0FzzyBtGtDtC0B0FtG0F0A0EtDtGyBtD0FtBtGyB0E0EtAyDzyyE0EyE0CyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FyDyEzzzztByEtGzyyE0ByCtGyEtAtA0BtGzztAzztCtG0FzzyD0B0F0B0AyDyC0DyB0D2QtN0A0LzuyE%26cr%3D331543272%26a%3Dwbf_fremkfs_17_43%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-1205478417-495659260-835610984-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ASUS15.msn.com/?pc=ASTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_14_wbf_fsvideosft_16_42¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuzztD0AyDzzzytAyDtDyEtCyByC0EtB0BtN0D0Tzu0StCzytBtDtN1L2XzutAtFtBzztFyDtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2SyBzyyEtB0DtCtA0DtGyByCyDzytGtAyCtAzytGtBzy0E0BtGtA0EzztCtBtC0EtAyEtDzz0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FyDyEzzzztByEtGzyyE0ByCtGyEtAtA0BtGzztAzztCtG0FzzyD0B0F0B0AyDyC0DyB0D2QtN0A0LzuyE%26cr%3D2112619507%26a%3Dhdr_s_17_14_wbf_fsvideosft_16_42%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_14_wbf_fsvideosft_16_42¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuzztD0AyDzzzytAyDtDyEtCyByC0EtB0BtN0D0Tzu0StCzytBtDtN1L2XzutAtFtBzztFyDtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2SyBzyyEtB0DtCtA0DtGyByCyDzytGtAyCtAzytGtBzy0E0BtGtA0EzztCtBtC0EtAyEtDzz0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FyDyEzzzztByEtGzyyE0ByCtGyEtAtA0BtGzztAzztCtG0FzzyD0B0F0B0AyDyC0DyB0D2QtN0A0LzuyE%26cr%3D2112619507%26a%3Dhdr_s_17_14_wbf_fsvideosft_16_42%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1205478417-495659260-835610984-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1205478417-495659260-835610984-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D102317-A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-11-09] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-10-21] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-11-09] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-09] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\bourd\AppData\Roaming\Mozilla\Firefox\Profiles\ir3mox86.default-1498846646911 [2017-11-25]
FF Homepage: Mozilla\Firefox\Profiles\ir3mox86.default-1498846646911 -> hxxp://www.bing.com/?pc=COSP&ptag=D102317-A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
FF NewTab: Mozilla\Firefox\Profiles\ir3mox86.default-1498846646911 -> hxxp://www.bing.com/?pc=COSP&ptag=D102317-A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-15] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-10-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1205478417-495659260-835610984-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\bourd\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1205478417-495659260-835610984-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-10-26] ()
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
CHR Extension: (Slides) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-25]
CHR Extension: (Check-Weather for Chrome) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfkjncelobloojfkbmendgmfgnfmbla [2017-11-25]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-11-10]
CHR Extension: (YouTube) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-25]
CHR Extension: (Adblock Plus) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-29]
CHR Extension: (Social Blade) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2017-11-15]
CHR Extension: (Open in PDF Viewer) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehndikigeekodlnbohjndjjiikphickb [2017-10-18]
CHR Extension: (Sheets) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs hors connexion) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-25]
CHR Extension: (Emoji for Google Chrome™) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\immhpnclomdloikkpcefncmfgjbkojmh [2017-11-22]
CHR Extension: (Montrer la couleur du pixel) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkojbkpbbffiggegdjnkfkndffocgahl [2017-10-28]
CHR Extension: (Material Theme) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdnphgdednjnpcoeamekbogoblkdajep [2017-11-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-27]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-11-18]
CHR Extension: (Créateur Thème - Créer Custom Chrome Thèmes) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ognfcdaekjfmdjhcjaacfapijblalleg [2017-10-28]
CHR Extension: (Gmail) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-25]
CHR Extension: (Chrome Media Router) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-18]
CHR Profile: C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-11-25]
CHR Extension: (Slides) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-25]
CHR Extension: (Docs) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-25]
CHR Extension: (Google Drive) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-25]
CHR Extension: (YouTube) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-25]
CHR Extension: (Sheets) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-25]
CHR Extension: (Google Docs hors connexion) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-25]
CHR Extension: (Gmail) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-25]
CHR Extension: (Chrome Media Router) - C:\Users\bourd\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-25]
CHR Profile: C:\Users\bourd\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ilnidodcffjfecahcfiihlhiohnaobic] -
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 Becca Service; D:\Becca\x64\bcservice.exe [72176 2016-02-26] (Rene.E Laboratory)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-07-11] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063656 2017-11-02] (Microsoft Corporation)
R2 ddmgr; C:\Windows\system32\ddmgr.exe [1659040 2016-01-06] (OSBASE)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-07-26] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-07-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-08] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-07-26] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-10-26] ()
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25704 2017-11-15] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-06-03] (Microsoft Corporation)
S2 DigitalWave.Update.Service; "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" [X]
S2 RichVideo64; "C:\Program Files\CyberLink\Shared files\RichVideo64.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R4 ddkmd; C:\Windows\system32\drivers\ddkmd.sys [254968 2016-01-06] (OSBASE) [File not signed]
R0 ddkmdldr; C:\Windows\System32\drivers\ddkmdldr.sys [16888 2016-01-06] (OSBASE) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-12-27] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-07-29] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-07-29] (Disc Soft Ltd)
S3 ElcMouLFlt; C:\Windows\System32\drivers\ElcMouLFlt.sys [28648 2015-12-26] (ELECOM)
S3 ElcMouUFlt; C:\Windows\System32\drivers\ElcMouUFlt.sys [27624 2015-12-26] (ELECOM)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R1 MpKslfa433d1a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FBCCAB36-519E-40AE-9921-22E4312C4269}\MpKslfa433d1a.sys [58120 2017-11-25] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-03-28] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [600832 2015-12-26] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [6804480 2017-06-16] (Realtek Semiconductor Corporation )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-12-27] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [165504 2016-12-27] (Samsung Electronics Co., Ltd.)
S3 sthid; C:\Windows\System32\drivers\sthid.sys [20776 2012-10-19] (Splashtop Inc.)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2015-12-26] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [133064 2016-05-28] (BigNox Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2016-06-15] (SplitmediaLabs Limited)
S3 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
S3 BstkDrv; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [X]
S3 CV2K1; \SystemRoot\system32\DRIVERS\cv2k1.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-25 17:55 - 2017-11-25 17:56 - 000029574 _____ C:\Users\bourd\Desktop\FRST.txt
2017-11-25 17:51 - 2017-11-25 17:51 - 000002327 _____ C:\Users\bourd\Desktop\ZHPCleaner.txt
2017-11-25 17:50 - 2017-11-25 17:50 - 000016148 _____ C:\Windows\system32\MARTIN-PC_Martin_HistoryPrediction.bin
2017-11-25 17:40 - 2017-11-25 17:44 - 000002349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-25 17:40 - 2017-11-25 17:44 - 000002337 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-25 17:30 - 2017-11-25 17:33 - 001129816 _____ (Google Inc.) C:\Users\bourd\Downloads\ChromeSetup.exe
2017-11-25 16:50 - 2017-11-25 16:52 - 000000000 ____D C:\FRST
2017-11-25 16:48 - 2017-11-25 16:50 - 002393088 _____ (Farbar) C:\Users\bourd\Desktop\FRST64.exe
2017-11-25 14:22 - 2017-11-25 14:22 - 000001745 _____ C:\Users\bourd\Desktop\FL Studio 12.lnk
2017-11-25 14:22 - 2017-11-25 14:22 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2017-11-25 14:22 - 2017-11-25 14:22 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2017-11-25 14:22 - 2017-11-25 14:22 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2017-11-25 14:21 - 2017-11-25 14:21 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Image-Line
2017-11-25 14:20 - 2017-11-25 14:21 - 000000000 ____D C:\Users\FL Studio 12\System
2017-11-25 14:18 - 2017-11-25 14:20 - 000000000 ____D C:\Users\FL Studio 12\Plugins
2017-11-25 14:18 - 2017-11-25 14:18 - 000000000 ____D C:\Users\FL Studio 12\Help
2017-11-25 14:16 - 2017-11-25 14:22 - 000000000 ____D C:\Users\FL Studio 12
2017-11-25 14:16 - 2017-11-25 14:18 - 000000000 ____D C:\Users\FL Studio 12\Data
2017-11-25 14:16 - 2017-11-25 14:16 - 000000000 ____D C:\Users\FL Studio 12\Artwork
2017-11-25 13:46 - 2017-11-25 13:46 - 000001799 _____ C:\Users\Public\Desktop\FL Studio 12 (64bit).lnk
2017-11-25 12:58 - 2017-11-25 12:58 - 000004585 _____ C:\Users\bourd\Desktop\FLRegKey.reg
2017-11-25 12:38 - 2017-11-25 17:51 - 000000000 ____D C:\Users\bourd\AppData\Roaming\ZHP
2017-11-25 12:38 - 2017-11-25 12:38 - 000000882 _____ C:\Users\bourd\Desktop\ZHPCleaner.lnk
2017-11-25 12:36 - 2017-11-25 12:38 - 000000000 ____D C:\Users\bourd\AppData\Local\ZHP
2017-11-25 11:19 - 2017-11-25 11:19 - 000000000 ____D C:\Windows.old
2017-11-24 20:41 - 2017-11-25 11:19 - 000000000 ____D C:\$WINDOWS.~BT
2017-11-18 21:04 - 2017-11-18 21:04 - 000000011 _____ C:\Users\bourd\Desktop\FDF.txt
2017-11-18 19:06 - 2017-11-18 19:10 - 008372881 _____ C:\Users\bourd\Downloads\Non confirmé 675654.crdownload
2017-11-18 18:23 - 2017-11-25 13:22 - 000000000 ____D C:\Users\bourd\System
2017-11-18 18:19 - 2017-11-25 13:22 - 000000000 ____D C:\Users\bourd\Plugins
2017-11-18 18:15 - 2017-11-25 13:21 - 000000000 ____D C:\Users\bourd\Data
2017-11-17 18:53 - 2017-10-23 11:26 - 001585848 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000685752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000620728 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000619192 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000386232 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000197304 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-17 18:53 - 2017-10-23 11:26 - 000143032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-17 18:53 - 2017-10-23 11:26 - 000041656 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-11-17 18:53 - 2017-10-23 10:28 - 002032472 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-17 18:53 - 2017-10-23 10:28 - 000488792 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-11-17 18:53 - 2017-10-23 10:28 - 000484184 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-11-17 18:53 - 2017-10-23 10:28 - 000250200 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-17 18:52 - 2017-11-17 18:52 - 000000000 ____D C:\Windows\UpdateAssistant
2017-11-15 14:19 - 2017-11-15 14:19 - 000000000 ____D C:\Users\Public\Documents\sun
2017-11-15 14:12 - 2017-11-15 14:12 - 000001209 _____ C:\Users\Public\Desktop\LibreOffice 5.3.lnk
2017-11-15 14:12 - 2017-11-15 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3
2017-11-15 14:10 - 2017-11-15 14:12 - 000000000 ____D C:\Program Files\LibreOffice 5
2017-11-11 14:34 - 2017-11-11 14:34 - 000000000 ____D C:\Users\bourd\Desktop\Cours de maths
2017-11-03 20:56 - 2017-11-03 20:56 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Antares
2017-11-03 20:56 - 2017-11-03 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antares Audio Technologies
2017-11-03 20:56 - 2017-11-03 20:56 - 000000000 ____D C:\Program Files (x86)\Antares Audio Technologies
2017-11-03 20:38 - 2017-11-03 20:54 - 020225045 _____ C:\Users\bourd\Downloads\Auto-Tune_Evo_TDM_v6.0.9.2.zip
2017-11-03 20:38 - 2017-11-03 20:38 - 000335509 _____ C:\Users\bourd\Downloads\Non confirmé 512769.crdownload
2017-11-03 14:27 - 2017-11-18 18:32 - 000000000 ____D C:\Users\bourd\Documents\Cubase Projects
2017-11-03 14:26 - 2017-11-03 14:26 - 000000000 ____D C:\Users\bourd\AppData\Roaming\VST3 Presets
2017-11-03 14:23 - 2009-12-19 11:18 - 002395648 _____ (AD © 2009) C:\Windows\SysWOW64\SYNSOEMU.DLL
2017-11-03 14:18 - 2017-11-03 14:18 - 000000000 ____D C:\ProgramData\VST3 Presets
2017-11-03 14:12 - 2017-11-03 14:12 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALionOne
2017-11-03 14:03 - 2017-11-03 14:03 - 000002138 _____ C:\Users\bourd\Desktop\Cubase 5.lnk
2017-11-03 14:02 - 2017-11-03 14:22 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5
2017-11-03 14:02 - 2017-11-03 14:03 - 000000000 ____D C:\Program Files (x86)\Steinberg
2017-11-03 13:53 - 2017-11-03 14:00 - 069288448 _____ C:\Users\bourd\Desktop\Cubase5.msi
2017-10-30 21:02 - 2017-10-30 21:03 - 000000083 _____ C:\Users\bourd\Desktop\Nouveau document texte.txt
2017-10-30 17:12 - 2017-10-31 18:50 - 000000000 ____D C:\Users\bourd\Documents\Cubase LE AI Elements Projects
2017-10-30 17:11 - 2017-10-30 20:50 - 000000000 ____D C:\Users\bourd\Documents\Steinberg
2017-10-30 17:10 - 2017-10-30 17:10 - 000000000 ____D C:\Users\bourd\Documents\VST3 Presets
2017-10-30 16:51 - 2017-11-03 14:07 - 000000000 ____D C:\ProgramData\Steinberg
2017-10-30 16:50 - 2017-11-03 14:26 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Steinberg
2017-10-30 16:50 - 2017-11-03 13:59 - 000000000 ____D C:\Program Files\Steinberg
2017-10-30 16:50 - 2017-10-30 16:50 - 000002892 _____ () C:\Windows\SysWOW64\audcon.sys
2017-10-30 16:50 - 2017-10-30 16:50 - 000000000 ____D C:\ProgramData\Syncrosoft
2017-10-30 16:49 - 2017-10-30 16:50 - 000000000 ____D C:\ProgramData\eLicenser
2017-10-30 16:49 - 2017-10-30 16:49 - 000000049 _____ C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2017-10-30 16:49 - 2017-10-30 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2017-10-30 16:49 - 2017-10-30 16:49 - 000000000 ____D C:\Program Files\eLicenser
2017-10-30 16:49 - 2017-10-30 16:49 - 000000000 ____D C:\Program Files (x86)\Syncrosoft
2017-10-30 16:49 - 2017-10-30 16:49 - 000000000 ____D C:\Program Files (x86)\eLicenser
2017-10-30 16:49 - 2012-12-07 16:48 - 001714176 _____ (Steinberg Media Technologies GmbH) C:\Windows\system32\SYNSOACC.dll
2017-10-30 16:49 - 2012-12-07 16:48 - 001277952 _____ (Steinberg Media Technologies GmbH) C:\Windows\SysWOW64\SYNSOACC.dll
2017-10-30 16:49 - 2011-12-14 20:21 - 000086016 _____ C:\Windows\SysWOW64\SYNSOPOS.exe
2017-10-30 16:44 - 2017-10-30 16:44 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Steinberg Installation Updater
2017-10-30 16:44 - 2017-10-30 16:44 - 000000000 ____D C:\Users\bourd\AppData\Local\Steinberg Installation Updater
2017-10-29 14:54 - 2017-10-29 14:54 - 000325596 _____ C:\Users\bourd\Downloads\TrapKicks7.zip
2017-10-28 20:15 - 2017-10-28 20:15 - 000000002 _____ C:\Windows\SysWOW64\stub.json
2017-10-28 19:41 - 2017-10-28 19:41 - 000000000 ____D C:\ProgramData\Audio Damage
2017-10-28 19:41 - 2017-10-28 19:41 - 000000000 ____D C:\Program Files\Common Files\VST3
2017-10-28 19:41 - 2017-10-28 19:41 - 000000000 ____D C:\Program Files\Common Files\Avid
2017-10-28 19:39 - 2017-10-28 19:40 - 014198940 _____ C:\Users\bourd\Downloads\ADF03_FuzzPlus3.zip
2017-10-28 18:22 - 2017-10-28 18:24 - 000000000 ____D C:\Users\bourd\Desktop\Photo
2017-10-28 18:20 - 2017-10-28 18:29 - 000000691 _____ C:\Users\bourd\Desktop\SON.lnk
2017-10-28 18:14 - 2017-10-28 18:14 - 000001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2017-10-28 18:14 - 2017-10-28 18:14 - 000000000 ____D C:\Users\bourd\AppData\Local\Audacity
2017-10-28 18:14 - 2017-10-28 18:14 - 000000000 ____D C:\Program Files (x86)\Audacity
2017-10-28 18:12 - 2017-10-28 18:13 - 026496761 _____ (Audacity Team ) C:\Users\bourd\Downloads\audacity-win-2-1-2.exe
2017-10-28 18:08 - 2017-10-28 18:08 - 000003262 _____ C:\Windows\System32\Tasks\{D8089FE8-720D-43D7-8E2F-692D5CCBA404}
2017-10-28 17:57 - 2017-10-28 17:57 - 000000000 ____D C:\Users\bourd\AppData\Local\FreemakeAudioConverter
2017-10-28 17:55 - 2017-10-28 17:55 - 000000000 ____D C:\Program Files (x86)\Freemake
2017-10-27 19:32 - 2017-10-27 19:33 - 000000000 ____D C:\Users\bourd\Desktop\TriSamples - 808 Trapstep Pack Vol 1
2017-10-26 15:36 - 2017-11-02 21:20 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2017-10-26 15:36 - 2017-10-26 15:36 - 000000000 ____D C:\Users\bourd\AppData\Local\PunkBuster
2017-10-26 15:36 - 2017-10-26 15:36 - 000000000 ____D C:\ProgramData\Orbit
2017-10-26 14:55 - 2017-10-26 17:27 - 000000000 ____D C:\Users\bourd\AppData\Local\Ubisoft Game Launcher
2017-10-26 14:54 - 2017-11-02 21:20 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-10-26 14:54 - 2017-11-02 17:45 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-10-26 14:54 - 2017-10-26 14:54 - 000076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2017-10-26 14:54 - 2017-10-26 14:54 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-10-26 13:15 - 2017-10-26 15:35 - 000000000 ____D C:\Users\bourd\Desktop\nasa
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-25 17:52 - 2016-01-25 18:27 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Spotify
2017-11-25 17:40 - 2016-03-05 18:08 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-25 17:23 - 2017-04-04 18:23 - 000000292 _____ C:\Windows\Tasks\{39EA17AB-E64D-0CDE-3AA7-6159B7396614}.job
2017-11-25 16:57 - 2016-10-21 10:57 - 000000294 _____ C:\Windows\Tasks\{4998CB50-3EBB-91B8-2BE3-737A464677B8}.job
2017-11-25 16:57 - 2016-02-29 18:12 - 000000000 ____D C:\Users\bourd\AppData\Roaming\uTorrent
2017-11-25 16:33 - 2015-07-10 12:04 - 000000000 ____D C:\Windows\AppReadiness
2017-11-25 16:32 - 2016-01-25 18:27 - 000000000 ____D C:\Users\bourd\AppData\Local\Spotify
2017-11-25 16:21 - 2015-10-22 21:07 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-25 16:21 - 2015-10-22 21:07 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-25 14:23 - 2015-07-10 13:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-25 14:23 - 2015-07-10 10:05 - 000786432 ___SH C:\Windows\system32\config\BBI
2017-11-25 14:22 - 2017-09-03 12:12 - 000000000 ____D C:\Program Files (x86)\Image-Line
2017-11-25 14:21 - 2017-09-03 12:20 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-11-25 14:21 - 2017-09-03 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-11-25 13:55 - 2015-12-27 10:15 - 000000000 ____D C:\Users\bourd\AppData\Local\CrashDumps
2017-11-25 13:48 - 2015-12-26 12:59 - 000000000 ____D C:\Users\bourd
2017-11-25 13:09 - 2016-11-10 20:34 - 000000000 ____D C:\Users\bourd\AppData\Local\Adobe
2017-11-25 13:07 - 2015-07-10 12:04 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-25 12:32 - 2015-07-10 12:02 - 000000000 ____D C:\Windows\INF
2017-11-25 12:29 - 2016-11-11 13:30 - 000000000 ____D C:\AdwCleaner
2017-11-25 12:17 - 2016-10-21 10:56 - 000000258 __RSH C:\ProgramData\ntuser.pol
2017-11-25 12:04 - 2017-07-01 10:41 - 000000814 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à jour de Windows 10.lnk
2017-11-25 12:04 - 2016-10-06 17:18 - 000000000 ____D C:\Windows10Upgrade
2017-11-25 11:19 - 2015-09-25 09:35 - 000000000 ____D C:\Windows\Panther
2017-11-24 22:25 - 2015-12-26 14:20 - 000004174 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F203A87A-0BD9-4B7C-B9D1-075DD49A53A6}
2017-11-24 22:02 - 2015-10-22 21:27 - 000001908 _____ C:\Windows\diagwrn.xml
2017-11-24 22:02 - 2015-10-22 21:27 - 000001908 _____ C:\Windows\diagerr.xml
2017-11-24 21:58 - 2015-07-10 10:05 - 000032768 ___SH C:\Windows\system32\config\ELAM
2017-11-24 21:31 - 2015-07-10 12:04 - 000000000 ____D C:\Windows\Registration
2017-11-24 20:41 - 2016-10-30 15:51 - 000000036 _____ C:\Windows\progress.ini
2017-11-24 20:37 - 2016-07-28 19:52 - 000000000 ___HD C:\$GetCurrent
2017-11-24 18:20 - 2016-10-21 10:57 - 000000000 ____D C:\ProgramData\{59C39CA0-D381-1666-5547-8824CF0503EA}
2017-11-22 19:05 - 2017-10-18 17:33 - 000000132 _____ C:\Users\bourd\AppData\Roaming\Adobe PNG Format CS5 Prefs
2017-11-22 18:45 - 2016-11-02 13:27 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Adobe
2017-11-21 18:18 - 2016-06-05 18:04 - 000000000 ____D C:\Users\bourd\AppData\Local\ElevatedDiagnostics
2017-11-20 21:32 - 2015-12-25 10:11 - 000545440 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-11-20 18:57 - 2016-10-22 11:45 - 000000382 _____ C:\Users\bourd\AppData\Roaming\WB.CFG
2017-11-18 11:53 - 2017-03-18 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-11-18 11:40 - 2015-07-10 12:04 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-18 11:38 - 2015-07-10 13:20 - 005662968 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-17 18:54 - 2015-07-10 11:55 - 000000000 ____D C:\Windows\CbsTemp
2017-11-17 18:52 - 2017-07-21 17:25 - 000000000 ____D C:\Program Files\rempl
2017-11-17 18:38 - 2015-07-10 12:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-17 18:36 - 2016-05-28 16:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-11-16 18:24 - 2016-03-05 18:08 - 000003416 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-16 18:24 - 2016-03-05 18:08 - 000003292 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-15 13:49 - 2015-12-26 16:32 - 000000000 ____D C:\Windows\system32\MRT
2017-11-15 13:42 - 2017-10-13 18:11 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-11-15 13:42 - 2015-12-26 16:32 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-11-15 13:38 - 2015-07-10 12:04 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-15 13:38 - 2015-07-10 12:04 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-11 16:47 - 2015-09-25 10:33 - 011731824 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-11 16:47 - 2015-07-20 14:10 - 000471650 _____ C:\Windows\system32\prfh0404.dat
2017-11-11 16:47 - 2015-07-20 14:10 - 000138564 _____ C:\Windows\system32\prfc0404.dat
2017-11-11 16:47 - 2015-07-20 14:04 - 000458604 _____ C:\Windows\system32\prfh0804.dat
2017-11-11 16:47 - 2015-07-20 14:04 - 000138564 _____ C:\Windows\system32\prfc0804.dat
2017-11-11 16:47 - 2015-07-20 13:58 - 000733028 _____ C:\Windows\system32\perfh01F.dat
2017-11-11 16:47 - 2015-07-20 13:58 - 000149020 _____ C:\Windows\system32\perfc01F.dat
2017-11-11 16:47 - 2015-07-20 13:52 - 000742942 _____ C:\Windows\system32\perfh01D.dat
2017-11-11 16:47 - 2015-07-20 13:52 - 000150086 _____ C:\Windows\system32\perfc01D.dat
2017-11-11 16:47 - 2015-07-20 13:47 - 000804864 _____ C:\Windows\system32\prfh0816.dat
2017-11-11 16:47 - 2015-07-20 13:47 - 000156658 _____ C:\Windows\system32\prfc0816.dat
2017-11-11 16:47 - 2015-07-20 13:41 - 000814106 _____ C:\Windows\system32\perfh013.dat
2017-11-11 16:47 - 2015-07-20 13:41 - 000158476 _____ C:\Windows\system32\perfc013.dat
2017-11-11 16:47 - 2015-07-20 13:36 - 000449730 _____ C:\Windows\system32\perfh014.dat
2017-11-11 16:47 - 2015-07-20 13:36 - 000077378 _____ C:\Windows\system32\perfc014.dat
2017-11-11 16:47 - 2015-07-20 13:30 - 000806906 _____ C:\Windows\system32\perfh010.dat
2017-11-11 16:47 - 2015-07-20 13:30 - 000150620 _____ C:\Windows\system32\perfc010.dat
2017-11-11 16:47 - 2015-07-20 13:25 - 000819034 _____ C:\Windows\system32\perfh00C.dat
2017-11-11 16:47 - 2015-07-20 13:25 - 000154248 _____ C:\Windows\system32\perfc00C.dat
2017-11-11 16:47 - 2015-07-20 13:20 - 000435336 _____ C:\Windows\system32\perfh00B.dat
2017-11-11 16:47 - 2015-07-20 13:20 - 000081914 _____ C:\Windows\system32\perfc00B.dat
2017-11-11 16:47 - 2015-07-20 13:15 - 000815178 _____ C:\Windows\system32\perfh00A.dat
2017-11-11 16:47 - 2015-07-20 13:15 - 000159716 _____ C:\Windows\system32\perfc00A.dat
2017-11-11 16:47 - 2015-07-20 13:06 - 000550762 _____ C:\Windows\system32\perfh008.dat
2017-11-11 16:47 - 2015-07-20 13:06 - 000089322 _____ C:\Windows\system32\perfc008.dat
2017-11-11 16:47 - 2015-07-20 13:01 - 000769978 _____ C:\Windows\system32\perfh007.dat
2017-11-11 16:47 - 2015-07-20 13:01 - 000154168 _____ C:\Windows\system32\perfc007.dat
2017-11-11 16:47 - 2015-07-20 12:56 - 000464638 _____ C:\Windows\system32\perfh006.dat
2017-11-11 16:47 - 2015-07-20 12:56 - 000079886 _____ C:\Windows\system32\perfc006.dat
2017-11-11 13:26 - 2016-02-27 18:33 - 000000000 ____D C:\Users\bourd\AppData\Roaming\Audacity
2017-11-03 20:23 - 2017-04-04 18:23 - 000000000 ____D C:\Users\bourd\AppData\Local\39ea17abe64d0cde3aa76159b7396614
2017-11-01 14:22 - 2015-12-26 13:00 - 000000000 ____D C:\Users\bourd\AppData\Local\Packages
2017-10-31 20:01 - 2017-09-22 19:08 - 000000000 ____D C:\Users\bourd\Desktop\insta
2017-10-28 17:59 - 2016-02-14 14:57 - 000000000 ____D C:\ProgramData\Freemake
2017-10-28 17:57 - 2016-02-14 14:57 - 000000000 ____D C:\Users\bourd\Documents\Freemake
2017-10-28 17:55 - 2016-02-14 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2017-10-26 15:36 - 2016-01-21 16:06 - 000000000 ____D C:\Users\bourd\Documents\My Games
2017-10-26 14:34 - 2015-09-25 10:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
==================== Files in the root of some directories =======
2016-12-15 13:54 - 2016-12-15 13:54 - 011560256 _____ (Image-Line) C:\Users\bourd\FLEngine_x64.dll
2015-03-11 10:45 - 2015-03-11 10:45 - 000953656 _____ (iZotope, Inc.) C:\Users\FL Studio 12\AudioRestore.dll
2015-03-11 10:45 - 2015-03-11 10:45 - 000184632 _____ (DelphiZip) C:\Users\FL Studio 12\DelZip179.dll
2015-03-11 10:46 - 2015-03-11 10:46 - 000081208 _____ (maxim digital audio) C:\Users\FL Studio 12\ds2wav.dll
2015-03-11 10:46 - 2015-03-11 10:46 - 000044344 _____ () C:\Users\FL Studio 12\dsplib.dll
2015-03-11 10:45 - 2015-03-11 10:45 - 000380216 _____ (Image-Line) C:\Users\FL Studio 12\FL (compatible memory).exe
2015-03-11 10:45 - 2015-03-11 10:45 - 000380216 _____ (Image-Line) C:\Users\FL Studio 12\FL.exe
2015-03-11 10:45 - 2015-03-11 10:45 - 000380728 _____ (Image-Line) C:\Users\FL Studio 12\FL64.exe
2015-05-07 09:40 - 2015-05-07 09:40 - 006426904 _____ (Image-Line) C:\Users\FL Studio 12\FLEngine.dll
2015-05-07 09:38 - 2015-05-07 09:38 - 008961304 _____ (Image-Line) C:\Users\FL Studio 12\FLEngine_x64.dll
2015-03-11 10:46 - 2015-03-11 10:46 - 002481464 _____ (iZotope, Inc.) C:\Users\FL Studio 12\iZAudioRestore.dll
2015-04-26 19:31 - 2015-04-26 19:31 - 001278776 _____ (Image-Line) C:\Users\FL Studio 12\Speaker.dll
2015-04-26 19:31 - 2015-04-26 19:31 - 002025272 _____ (Image-Line) C:\Users\FL Studio 12\speaker_x64.dll
2015-03-11 10:46 - 2015-03-11 10:46 - 000101688 _____ () C:\Users\FL Studio 12\ss2wav.dll
2015-03-11 10:46 - 2015-03-11 10:46 - 000085304 _____ () C:\Users\FL Studio 12\ss2wav16.dll
2015-05-12 14:55 - 2015-05-12 14:55 - 003679968 _____ (Image-Line) C:\Users\FL Studio 12\uninstall.exe
2015-03-11 10:46 - 2015-03-11 10:46 - 000195896 _____ (Button Production / Zero-X) C:\Users\FL Studio 12\ZeroX_AS.dll
2017-10-01 10:32 - 2017-10-01 10:32 - 000000000 _____ () C:\Program Files (x86)\Apple Software Update
2017-10-01 10:32 - 2017-10-01 10:32 - 000000000 _____ () C:\Program Files (x86)\LibreOffice 5
2017-10-01 10:32 - 2017-10-01 10:32 - 000000000 _____ () C:\Program Files (x86)\RocketDock
2016-02-14 14:52 - 2016-02-14 14:52 - 000000000 _____ () C:\Program Files (x86)\VID_0079&PID_0006
2017-10-18 17:33 - 2017-11-22 19:05 - 000000132 _____ () C:\Users\bourd\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-11-11 12:03 - 2017-06-27 13:09 - 000000033 _____ () C:\Users\bourd\AppData\Roaming\AdobeWLCMCache.dat
2016-01-03 17:18 - 2016-02-28 19:34 - 000001115 _____ () C:\Users\bourd\AppData\Roaming\nativelog.txt
2016-08-30 19:23 - 2016-08-30 19:23 - 000000132 _____ () C:\Users\bourd\AppData\Roaming\Préférences Adobe GIF Format CC
2015-12-27 17:37 - 2016-10-20 14:58 - 000000132 _____ () C:\Users\bourd\AppData\Roaming\Préférences Adobe PNG Format CC
2017-07-03 19:04 - 2017-07-03 19:04 - 000000334 _____ () C:\Users\bourd\AppData\Roaming\vibranceGUI.log
2016-10-22 11:45 - 2017-11-20 18:57 - 000000382 _____ () C:\Users\bourd\AppData\Roaming\WB.CFG
2016-10-01 10:06 - 2016-10-01 10:06 - 000001456 _____ () C:\Users\bourd\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2017-10-24 14:36 - 2017-10-24 14:36 - 000003584 _____ () C:\Users\bourd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-15 16:00 - 2017-03-15 16:00 - 000000552 _____ () C:\Users\bourd\AppData\Local\TroubleshooterConfig.json
Files to move or delete:
====================
C:\Windows\Tasks\{39EA17AB-E64D-0CDE-3AA7-6159B7396614}.job
C:\Windows\Tasks\{4998CB50-3EBB-91B8-2BE3-737A464677B8}.job
Some files in TEMP:
====================
2017-11-24 18:50 - 2017-11-24 18:50 - 001535576 _____ ( ) C:\Users\bourd\AppData\Local\Temp\ICReinstall_FL Studio 12.5.1.5 Crack_VVm5KT_0616279717.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-22 18:02
==================== End of FRST.txt ============================