Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2017 Exécuté par Gaëla (administrateur) sur ORDI (14-01-2017 22:10:32) Exécuté depuis C:\Users\Gaëla\Desktop Profils chargés: Gaëla & (Profils disponibles: Gaëla & Administrateur) Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AMD) C:\Windows\System32\atiesrxx.exe (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe () C:\Windows\SysWOW64\UMonit64.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.) HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [256744 2016-07-24] (Trend Micro Inc.) HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266176 2016-07-24] (Trend Micro Inc.) HKLM\...\Run: [WLM] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe [53304 2016-07-24] (Trend Micro Inc.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes) HKLM-x32\...\Run: [StartCCC] => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212018877\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-147751014-2980168111-4115607111-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.) HKU\S-1-5-21-147751014-2980168111-4115607111-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd) HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.) HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd) HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2016-07-24] (Trend Micro Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{786fa292-7141-4410-8dde-972f235a92d5}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-147751014-2980168111-4115607111-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-147751014-2980168111-4115607111-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKU\S-1-5-21-147751014-2980168111-4115607111-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212024330\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB HKU\S-1-5-21-147751014-2980168111-4115607111-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212024330\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB SearchScopes: HKU\S-1-5-21-147751014-2980168111-4115607111-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-147751014-2980168111-4115607111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142017212021720 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation) BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.) BHO: Plug-in de filtre réseau Trend Micro -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.) BHO: Protection IE Trend Micro -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation) BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-26] (Oracle Corporation) BHO-x32: Plug-in de filtre réseau Trend Micro -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.) BHO-x32: Protection IE Trend Micro -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-26] (Oracle Corporation) Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.) Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Pas de fichier Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Pas de fichier Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.) Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.) Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.) Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.) Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.) Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.) Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2016-07-24] (Trend Micro Inc.) Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2016-07-24] (Trend Micro Inc.) FireFox: ======== FF DefaultProfile: danqt8uw.default FF ProfilePath: C:\Users\Gaëla\AppData\Roaming\Mozilla\Firefox\Profiles\danqt8uw.default [2017-01-14] FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension FF Extension: (Trend Micro BEP Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension [2016-12-31] FF HKLM\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension FF Extension: (Trend Micro Osprey Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2016-12-31] FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension FF HKLM-x32\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2016-11-12] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-23] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-23] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] () FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-26] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2015-08-08] () Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.fr/" CHR Profile: C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default [2017-01-14] CHR Extension: (Google Slides) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-12] CHR Extension: (Google Docs) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-12] CHR Extension: (Google Drive) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-12] CHR Extension: (YouTube) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-12] CHR Extension: (Recherche Google) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12] CHR Extension: (Google Sheets) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-12] CHR Extension: (Google Docs hors connexion) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Trend Micro Toolbar) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2016-11-12] CHR Extension: (Gmail) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-12] CHR Extension: (Chrome Media Router) - C:\Users\Gaëla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-27] CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-09-16] () R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-08-08] (WildTangent) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes) R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1145856 2016-07-24] (Trend Micro Inc.) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-08-06] (Advanced Micro Devices, Inc.) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101104 2015-08-06] (Advanced Micro Devices, Inc. ) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmdag.sys [26568856 2016-10-26] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmpag.sys [536592 2016-10-26] (Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.) R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [277240 2015-08-06] (Advanced Micro Devices, Inc. ) R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [224992 2013-11-01] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2016-03-28] (Advanced Micro Devices) S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-14] (Malwarebytes) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S3 QRDCIO; C:\WINDOWS\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated) R1 tmactmon; C:\WINDOWS\system32\DRIVERS\tmactmon.sys [142552 2016-08-07] (Trend Micro Inc.) R0 tmcomm; C:\WINDOWS\System32\DRIVERS\tmcomm.sys [435416 2016-08-07] (Trend Micro Inc.) R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [72504 2016-01-05] (Trend Micro Inc.) R3 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [143648 2016-06-21] (Trend Micro Inc.) S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [39056 2015-06-23] (Trend Micro Inc.) R1 tmevtmgr; C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys [117984 2016-08-07] (Trend Micro Inc.) R3 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [561952 2016-06-24] (Trend Micro Inc.) R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [111840 2016-09-30] (Trend Micro Inc.) R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [132888 2016-05-16] (Trend Micro Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-01-14 21:56 - 2017-01-14 22:00 - 02419200 _____ (Farbar) C:\Users\Gaëla\Desktop\FRST64.exe 2017-01-14 21:36 - 2017-01-14 21:36 - 00128493 _____ C:\Users\Gaëla\Desktop\ZHPDiag2.txt 2017-01-14 21:07 - 2017-01-14 21:07 - 00002388 _____ C:\Users\Gaëla\Desktop\ZHPFix[R1].txt 2017-01-14 21:06 - 2017-01-14 21:06 - 00002388 _____ C:\Users\Gaëla\Desktop\ZHPFixReport.txt 2017-01-14 21:01 - 2017-01-14 21:01 - 00004974 _____ C:\Users\Gaëla\Desktop\ScriptZHPFix.txt 2017-01-14 20:06 - 2017-01-14 20:06 - 00132638 _____ C:\Users\Gaëla\Desktop\ZHPDiag011417.txt 2017-01-14 19:31 - 2017-01-14 19:31 - 00010193 _____ C:\Users\Gaëla\Desktop\zoek-results.txt 2017-01-14 19:18 - 2017-01-14 18:50 - 00024064 _____ C:\WINDOWS\zoek-delete.exe 2017-01-14 18:50 - 2017-01-14 19:14 - 00000000 ____D C:\zoek_backup 2017-01-14 18:49 - 2017-01-14 18:50 - 01309184 _____ C:\Users\Gaëla\Downloads\zoek.exe 2017-01-14 18:35 - 2017-01-14 18:35 - 00000733 _____ C:\Users\Gaëla\Desktop\JRT011417.txt 2017-01-14 18:34 - 2017-01-14 18:34 - 00000733 _____ C:\Users\Gaëla\Desktop\JRT.txt 2017-01-14 18:30 - 2017-01-14 18:30 - 01663040 _____ (Malwarebytes) C:\Users\Gaëla\Downloads\JRT.exe 2017-01-14 18:25 - 2017-01-14 18:25 - 00004736 _____ C:\Users\Gaëla\Downloads\rapportroguekiller011417.txt 2017-01-14 17:23 - 2017-01-14 17:23 - 00002054 _____ C:\Users\Gaëla\Desktop\AdwCleaner[C0]011417.txt 2017-01-14 17:11 - 2017-01-14 17:11 - 00002617 _____ C:\Users\Gaëla\Desktop\ZHPCleaner011417.txt 2017-01-14 16:47 - 2017-01-14 16:47 - 00000000 ___HD C:\OneDriveTemp 2017-01-12 21:03 - 2017-01-14 21:19 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-12 21:03 - 2017-01-12 21:03 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-01-12 21:03 - 2017-01-12 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-01-12 21:02 - 2017-01-12 21:02 - 00000000 ____D C:\Program Files\Malwarebytes 2017-01-12 21:02 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-01-12 20:45 - 2017-01-12 20:51 - 00001289 _____ C:\Users\Gaëla\Desktop\MBAM.txt 2017-01-12 20:14 - 2016-12-30 13:18 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-01-12 20:06 - 2017-01-12 21:02 - 54199488 _____ (Malwarebytes ) C:\Users\Gaëla\Downloads\mb3-setup-consumer-3.0.5.1299 (1).exe 2017-01-12 19:52 - 2017-01-12 19:54 - 54199488 _____ (Malwarebytes ) C:\Users\Gaëla\Downloads\mb3-setup-consumer-3.0.5.1299.exe 2017-01-12 19:45 - 2017-01-12 19:45 - 00004420 _____ C:\Users\Gaëla\Desktop\rk_2557.tmp.txt 2017-01-12 19:44 - 2017-01-12 19:44 - 00004420 _____ C:\Users\Gaëla\Desktop\rk_C49E.tmp.txt 2017-01-11 20:54 - 2017-01-14 17:29 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2017-01-11 20:54 - 2017-01-11 21:06 - 00000000 ____D C:\ProgramData\RogueKiller 2017-01-11 20:52 - 2017-01-11 20:53 - 25924168 _____ C:\Users\Gaëla\Downloads\RogueKillerX64.exe 2017-01-11 20:48 - 2017-01-11 20:48 - 00002082 _____ C:\Users\Gaëla\Desktop\AdwCleaner[S7].txt 2017-01-11 20:38 - 2017-01-11 20:39 - 03988944 _____ C:\Users\Gaëla\Downloads\adwcleaner_6.042.exe 2017-01-11 20:32 - 2017-01-14 17:10 - 00002614 _____ C:\Users\Gaëla\Desktop\ZHPCleaner.txt 2017-01-11 19:31 - 2017-01-11 19:31 - 00068893 _____ C:\Users\Gaëla\Downloads\Shortcut.txt 2017-01-11 19:27 - 2017-01-11 19:31 - 00064133 _____ C:\Users\Gaëla\Downloads\Addition.txt 2017-01-11 19:26 - 2017-01-11 19:31 - 00160815 _____ C:\Users\Gaëla\Downloads\FRST.txt 2017-01-11 19:23 - 2017-01-14 22:08 - 00064720 _____ C:\Users\Gaëla\Desktop\Addition.txt 2017-01-11 19:19 - 2017-01-14 22:11 - 00024389 _____ C:\Users\Gaëla\Desktop\FRST.txt 2017-01-11 19:13 - 2017-01-14 22:10 - 00000000 ____D C:\FRST 2017-01-11 19:06 - 2017-01-11 19:06 - 00000802 _____ C:\Users\Gaëla\Desktop\WinChk.txt 2017-01-11 19:04 - 2017-01-11 19:05 - 00000802 _____ C:\WinChk.txt 2017-01-11 19:03 - 2017-01-11 19:04 - 00315000 _____ C:\Users\Gaëla\Downloads\winchk_2.0.exe 2017-01-11 17:18 - 2017-01-14 21:35 - 00128490 _____ C:\Users\Gaëla\Desktop\ZHPDiag.txt 2017-01-05 21:33 - 2017-01-05 21:33 - 00001922 _____ C:\Users\Public\Desktop\ZHPFix.lnk 2017-01-05 21:33 - 2017-01-05 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2017-01-05 21:33 - 2017-01-05 21:33 - 00000000 ____D C:\Program Files (x86)\ZHPFix 2017-01-05 21:32 - 2017-01-05 21:33 - 03521617 _____ (Nicolas Coolman ) C:\Users\Gaëla\Downloads\ZHPFix.exe 2017-01-05 21:24 - 2017-01-14 19:52 - 00000903 _____ C:\Users\Gaëla\Desktop\ZHPDiag.lnk 2017-01-05 21:23 - 2017-01-14 19:51 - 02631168 _____ C:\Users\Gaëla\Downloads\ZHPDiag3.exe 2017-01-05 20:09 - 2017-01-14 21:28 - 00000000 ____D C:\Users\Gaëla\AppData\Roaming\ZHP 2017-01-05 20:09 - 2017-01-14 16:50 - 00000913 _____ C:\Users\Gaëla\Desktop\ZHPCleaner.lnk 2017-01-05 20:09 - 2017-01-05 20:09 - 02661888 _____ C:\Users\Gaëla\Downloads\ZHPCleaner.exe 2017-01-05 19:24 - 2017-01-05 19:26 - 54199488 _____ (Malwarebytes ) C:\Users\Gaëla\Downloads\mb3-setup-35891.35891-3.0.5.1299.exe 2017-01-05 18:54 - 2017-01-05 18:54 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-01-05 18:53 - 2017-01-05 18:55 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-01-05 18:53 - 2017-01-05 18:54 - 00000000 ____D C:\Program Files\CCleaner 2017-01-05 18:53 - 2017-01-05 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-01-05 18:50 - 2017-01-05 18:53 - 08803648 _____ (Piriform Ltd) C:\Users\Gaëla\Downloads\ccsetup525.exe 2017-01-05 14:07 - 2017-01-14 17:19 - 00000000 ____D C:\AdwCleaner 2017-01-05 14:06 - 2017-01-05 14:07 - 03977168 _____ C:\Users\Gaëla\Downloads\adwcleaner_6.041.exe 2017-01-04 19:10 - 2017-01-04 19:10 - 00600658 _____ (driverlibs.com ) C:\Users\Gaëla\Downloads\DriverUpdateTools.exe 2016-12-30 16:27 - 2016-12-30 16:27 - 00000000 ____D C:\Users\Gaëla\AppData\Roaming\CareCenter 2016-12-30 16:27 - 2016-12-30 16:27 - 00000000 ____D C:\Users\Gaëla\AppData\Local\CareCenter 2016-12-30 12:04 - 2016-12-30 12:22 - 00000000 ____D C:\Users\Gaëla\Documents\MOBICLIC 2016-12-27 04:09 - 2017-01-14 21:10 - 00025819 ____H C:\Users\Gaëla\AppData\Local\IconCache.db 2016-12-27 01:12 - 2016-12-27 01:12 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-ORDI-Windows-10-Home-(64-bit).dat 2016-12-27 01:11 - 2016-12-27 01:11 - 00000000 ____D C:\RegBackup 2016-12-26 22:49 - 2016-12-27 03:41 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2016-12-26 21:40 - 2017-01-14 19:52 - 00000000 ____D C:\Users\Gaëla\AppData\LocalLow\Mozilla 2016-12-26 21:19 - 2016-12-26 22:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-12-26 19:25 - 2016-12-26 19:25 - 00000000 ____D C:\Program Files (x86)\Windows Resource Kits 2016-12-23 00:36 - 2016-12-23 00:36 - 00000000 ___HD C:\$SysReset 2016-12-22 23:29 - 2016-12-22 23:29 - 00011556 ____H C:\Users\Administrateur\AppData\Local\IconCache.db 2016-12-22 23:25 - 2016-12-22 23:25 - 00000000 ____D C:\Users\Administrateur\AppData\Local\ElevatedDiagnostics 2016-12-22 23:22 - 2016-12-22 23:22 - 00002472 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-22 23:22 - 2016-12-22 23:22 - 00000000 ___RD C:\Users\Administrateur\OneDrive 2016-12-22 23:21 - 2016-12-22 23:21 - 00001333 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gestionnaire audio HD.lnk 2016-12-22 23:21 - 2016-12-22 23:21 - 00001294 _____ C:\Users\Administrateur\Desktop\Trend Micro Internet Security.lnk 2016-12-22 23:21 - 2016-12-22 23:21 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security 2016-12-22 23:19 - 2016-12-22 23:19 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Publishers 2016-12-22 23:19 - 2016-12-22 23:19 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Comms 2016-12-22 23:18 - 2017-01-14 19:52 - 00524288 ____H C:\Users\Administrateur\NTUSER.DAT 2016-12-22 23:18 - 2017-01-14 19:13 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Google 2016-12-22 23:18 - 2016-12-26 21:27 - 00000000 ____D C:\Users\Administrateur 2016-12-22 23:18 - 2016-12-22 23:29 - 00524288 ___SH C:\Users\Administrateur\NTUSER.DAT{a4fa0dcd-8e0f-11e6-bd29-9199ffef194b}.TMContainer00000000000000000002.regtrans-ms 2016-12-22 23:18 - 2016-12-22 23:29 - 00524288 ___SH C:\Users\Administrateur\NTUSER.DAT{a4fa0dcd-8e0f-11e6-bd29-9199ffef194b}.TMContainer00000000000000000001.regtrans-ms 2016-12-22 23:18 - 2016-12-22 23:29 - 00065536 ___SH C:\Users\Administrateur\NTUSER.DAT{a4fa0dcd-8e0f-11e6-bd29-9199ffef194b}.TM.blf 2016-12-22 23:18 - 2016-12-22 23:29 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Packages 2016-12-22 23:18 - 2016-12-22 23:29 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Microsoft 2016-12-22 23:18 - 2016-12-22 23:29 - 00000000 ____D C:\Users\Administrateur\AppData\Local 2016-12-22 23:18 - 2016-12-22 23:27 - 00000000 ___SD C:\Users\Administrateur\AppData\Roaming\Microsoft 2016-12-22 23:18 - 2016-12-22 23:27 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Temp 2016-12-22 23:18 - 2016-12-22 23:22 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-12-22 23:18 - 2016-12-22 23:21 - 00000000 ___RD C:\Users\Administrateur\Desktop 2016-12-22 23:18 - 2016-12-22 23:21 - 00000000 ____D C:\Users\Administrateur\AppData\Local\AMD 2016-12-22 23:18 - 2016-12-22 23:20 - 00000000 ___RD C:\Users\Administrateur\Searches 2016-12-22 23:18 - 2016-12-22 23:18 - 00147456 ___SH C:\Users\Administrateur\ntuser.dat.LOG2 2016-12-22 23:18 - 2016-12-22 23:18 - 00049152 ___SH C:\Users\Administrateur\ntuser.dat.LOG1 2016-12-22 23:18 - 2016-12-22 23:18 - 00000402 ___SH C:\Users\Administrateur\Documents\desktop.ini 2016-12-22 23:18 - 2016-12-22 23:18 - 00000282 ___SH C:\Users\Administrateur\Downloads\desktop.ini 2016-12-22 23:18 - 2016-12-22 23:18 - 00000282 ___SH C:\Users\Administrateur\Desktop\desktop.ini 2016-12-22 23:18 - 2016-12-22 23:18 - 00000174 ___SH C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini 2016-12-22 23:18 - 2016-12-22 23:18 - 00000174 ___SH C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini 2016-12-22 23:18 - 2016-12-22 23:18 - 00000020 ___SH C:\Users\Administrateur\ntuser.ini 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Voisinage réseau 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Voisinage d'impression 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\SendTo 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Recent 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Modèles 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Mes documents 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Menu Démarrer 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Local Settings 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Documents\Mes vidéos 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Documents\Mes images 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Documents\Ma musique 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Cookies 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\Application Data 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Local\Temporary Internet Files 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Local\Historique 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 _SHDL C:\Users\Administrateur\AppData\Local\Application Data 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___SD C:\Users\Administrateur\AppData\LocalLow\Microsoft 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Videos 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Saved Games 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Pictures 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Music 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Links 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Favorites 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Downloads 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Documents 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\Contacts 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ___HD C:\Users\Administrateur\AppData 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\Adobe 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\LocalLow 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Local\TileDataLayer 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Local\OEM 2016-12-22 23:18 - 2016-12-22 23:18 - 00000000 ____D C:\Users\Administrateur\AppData\Local\ConnectedDevicesPlatform 2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\ATI 2016-12-22 23:18 - 2016-10-09 11:27 - 00000000 ____D C:\Users\Administrateur\AppData\Local\ATI 2016-12-22 23:18 - 2016-07-16 12:47 - 00000000 ___RD C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-12-22 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-12-22 21:58 - 2015-08-23 14:57 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20161222-215833.backup 2016-12-22 21:45 - 2016-12-22 21:45 - 00000000 ____D C:\Program Files\Common Files\AV 2016-12-22 20:22 - 2016-12-22 20:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2016-12-22 20:21 - 2016-12-26 21:21 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-12-22 20:21 - 2016-12-22 23:54 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-12-22 19:33 - 2017-01-12 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-12-22 19:32 - 2016-12-22 19:32 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Programs 2016-12-22 06:49 - 2016-12-22 06:49 - 00000017 _____ C:\Users\Gaëla\AppData\Local\resmon.resmoncfg 2016-12-22 06:40 - 2016-12-30 16:10 - 00000000 ____D C:\Users\Gaëla\AppData\Local\ElevatedDiagnostics 2016-12-21 20:29 - 2016-12-21 20:29 - 00524288 ___SH C:\Users\Gaëla\ntuser.dat{f11f8689-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000002.regtrans-ms 2016-12-21 20:29 - 2016-12-21 20:29 - 00524288 ___SH C:\Users\Gaëla\ntuser.dat{f11f8689-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000001.regtrans-ms 2016-12-21 20:29 - 2016-12-21 20:29 - 00065536 ___SH C:\Users\Gaëla\ntuser.dat{f11f8689-c7b2-11e6-82b5-2c600c2d3634}.TM.blf 2016-12-21 20:25 - 2017-01-14 21:20 - 00524288 ___SH C:\WINDOWS\system32\config\components{f11f85f8-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000002.regtrans-ms 2016-12-21 20:25 - 2017-01-14 21:20 - 00065536 ___SH C:\WINDOWS\system32\config\components{f11f85f8-c7b2-11e6-82b5-2c600c2d3634}.TM.blf 2016-12-21 20:25 - 2017-01-14 19:28 - 00524288 ___SH C:\WINDOWS\system32\config\components{f11f85f8-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000001.regtrans-ms 2016-12-21 20:24 - 2016-12-21 20:29 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{f11f85da-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000002.regtrans-ms 2016-12-21 20:24 - 2016-12-21 20:29 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{f11f85da-c7b2-11e6-82b5-2c600c2d3634}.TMContainer00000000000000000001.regtrans-ms 2016-12-21 20:24 - 2016-12-21 20:29 - 00065536 ___SH C:\WINDOWS\system32\config\drivers{f11f85da-c7b2-11e6-82b5-2c600c2d3634}.TM.blf 2016-12-18 17:08 - 2016-12-18 17:08 - 01048576 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.2.regtrans-ms 2016-12-18 17:08 - 2016-12-18 17:08 - 01048576 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.1.regtrans-ms 2016-12-18 17:08 - 2016-12-18 17:08 - 01048576 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.0.regtrans-ms 2016-12-18 17:08 - 2016-12-18 17:08 - 00065536 ___SH C:\Users\Gaëla\NTUSER.DAT{a4fa0dcc-8e0f-11e6-bd29-9199ffef194b}.TxR.blf ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-01-14 22:11 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-14 21:25 - 2015-05-03 10:28 - 00000000 __RDO C:\Users\Gaëla\OneDrive 2017-01-14 21:24 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-01-14 21:19 - 2014-12-06 11:38 - 04784038 _____ C:\WINDOWS\SysWOW64\rootpa.e2e 2017-01-14 21:18 - 2016-10-09 11:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-14 21:18 - 2016-10-09 11:04 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-01-14 21:18 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-01-14 19:26 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-14 19:13 - 2016-10-09 11:11 - 00000000 ____D C:\Users\Gaëla 2017-01-14 19:13 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-01-14 16:45 - 2016-10-09 11:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-01-13 19:12 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-01-12 18:54 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-01-12 18:50 - 2014-12-06 12:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-01-12 18:19 - 2015-05-02 06:42 - 00000000 ____D C:\Users\Gaëla\AppData\Local\CrashDumps 2017-01-11 20:35 - 2015-05-29 19:16 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-11 20:30 - 2015-05-29 19:16 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-11 19:24 - 2015-08-23 14:59 - 00407608 _____ (Trend Micro Inc.) C:\WINDOWS\RegBootClean64.exe 2017-01-11 19:24 - 2015-05-03 11:13 - 00000000 ____D C:\ProgramData\Trend Micro 2017-01-05 19:32 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-01-05 19:02 - 2016-10-09 12:00 - 00000000 ___DC C:\WINDOWS\Panther 2017-01-05 14:06 - 2015-06-14 18:51 - 00000000 ____D C:\Users\Gaëla\AppData\Roaming\Skype 2017-01-05 13:47 - 2015-04-29 18:02 - 00000000 ____D C:\Users\Gaëla\AppData\Local\clear.fi 2017-01-04 12:02 - 2015-05-03 18:05 - 00000000 ____D C:\Users\Gaëla\Documents\Personnel 2016-12-30 15:07 - 2016-04-11 19:50 - 00000000 ____D C:\Users\Gaëla\Documents\CyberLink 2016-12-30 15:07 - 2014-12-06 12:04 - 00000000 ____D C:\Users\Public\CyberLink 2016-12-30 12:04 - 2015-04-29 17:58 - 00000000 ___RD C:\Users\Gaëla\Documents 2016-12-30 11:07 - 2015-04-29 17:59 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Packages 2016-12-28 20:41 - 2014-12-06 11:53 - 00000000 ____D C:\ProgramData\CyberLink 2016-12-27 02:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\wbem 2016-12-27 01:45 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot 2016-12-27 01:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\config\TxR 2016-12-27 01:19 - 2015-06-21 17:20 - 00000000 ____D C:\Users\Gaëla\Documents\photo 2016-12-27 01:19 - 2015-06-17 15:05 - 00000000 ____D C:\Users\Gaëla\Documents\BEC 2016-12-27 01:19 - 2015-05-03 15:15 - 00000000 ____D C:\Users\Gaëla\Documents\Festival du livre 2016-12-27 01:19 - 2015-04-29 17:58 - 00000000 ___RD C:\Users\Gaëla\Pictures 2016-12-27 01:13 - 2016-07-16 07:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT 2016-12-26 23:50 - 2016-07-16 12:47 - 00000000 ___SD C:\ProgramData\Microsoft 2016-12-26 22:50 - 2016-06-20 18:57 - 00000298 ___SH C:\Users\Gaëla\Downloads\desktop.ini 2016-12-26 22:50 - 2015-04-29 18:00 - 00000282 ___SH C:\Users\Gaëla\Desktop\desktop.ini 2016-12-26 22:39 - 2016-07-16 07:04 - 00131072 _____ C:\WINDOWS\system32\config\sam 2016-12-26 22:25 - 2015-04-30 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-26 21:40 - 2015-08-23 08:40 - 00000000 ____D C:\ProgramData\Oracle 2016-12-26 21:40 - 2015-04-29 17:59 - 00000000 ____D C:\Users\Gaëla\AppData\LocalLow 2016-12-26 21:39 - 2015-08-23 08:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-12-26 21:39 - 2015-08-23 08:40 - 00000000 ____D C:\Program Files (x86)\Java 2016-12-26 21:38 - 2015-08-23 08:41 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-12-26 21:21 - 2015-04-30 17:36 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-12-26 21:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\Logs 2016-12-26 19:35 - 2015-11-12 19:19 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-26 19:35 - 2015-11-12 19:19 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-23 01:32 - 2016-10-09 11:52 - 00003988 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-12-23 01:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-12-23 01:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-22 23:18 - 2016-07-16 07:04 - 00000000 ___RD C:\Users 2016-12-22 23:18 - 2015-04-30 00:48 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-12-22 21:58 - 2013-08-22 14:25 - 00453742 ____R C:\WINDOWS\system32\Drivers\etc\hosts 2016-12-22 21:45 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files\Common Files 2016-12-22 21:39 - 2016-07-16 23:40 - 00710640 _____ C:\WINDOWS\system32\perfh00C.dat 2016-12-22 21:39 - 2016-07-16 23:40 - 00137202 _____ C:\WINDOWS\system32\perfc00C.dat 2016-12-22 21:39 - 2016-07-16 12:49 - 00789078 _____ C:\WINDOWS\system32\perfh009.dat 2016-12-22 21:39 - 2016-07-16 12:49 - 00190556 _____ C:\WINDOWS\system32\perfc009.dat 2016-12-22 21:39 - 2015-08-05 21:30 - 01825302 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-12-22 21:30 - 2016-07-16 12:47 - 00000000 ___RD C:\Users\Public 2016-12-22 21:30 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default\AppData\Local 2016-12-22 21:30 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default User\AppData\Local 2016-12-22 19:42 - 2016-10-09 11:52 - 00003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-22 19:42 - 2016-10-09 11:52 - 00003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-22 19:17 - 2015-08-24 08:49 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Diagnostics 2016-12-22 06:55 - 2016-10-09 11:11 - 00000000 ___SD C:\Users\Gaëla\AppData\Roaming\Microsoft 2016-12-22 06:41 - 2016-10-09 11:11 - 00000000 ____D C:\Users\Gaëla\AppData\Local\Microsoft 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\migration 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\fr-FR 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migration 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Drivers\UMDF 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Media Player 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Mail 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Media Player 2016-12-21 20:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Mail 2016-12-21 20:22 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-12-21 20:22 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ___RD C:\Program Files\Windows Defender 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SystemResources 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sru 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\setup 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\fr-FR 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\CodeIntegrity 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-12-21 20:21 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer 2016-12-21 20:21 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-12-21 20:21 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing 2016-12-21 20:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration 2016-12-21 20:00 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\assembly 2016-12-21 19:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\LogFiles 2016-12-15 06:37 - 2016-10-09 11:10 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{77d05f1f-4ba5-11e6-80c5-0026b956d466}.TMContainer00000000000000000001.regtrans-ms 2016-12-15 06:37 - 2016-10-09 11:10 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{77d05f1f-4ba5-11e6-80c5-0026b956d466}.TM.blf ==================== Fichiers à la racine de certains dossiers ======= 2015-05-03 11:13 - 2015-05-03 11:13 - 0000036 _____ () C:\Users\Gaëla\AppData\Local\housecall.guid.cache 2016-12-22 06:49 - 2016-12-22 06:49 - 0000017 _____ () C:\Users\Gaëla\AppData\Local\resmon.resmoncfg 2016-10-09 11:06 - 2016-10-09 11:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-01-14 18:44 ==================== Fin de FRST.txt ============================