Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Exécuté par schan (administrateur) sur DESKTOP-2O0B470 (15-03-2017 18:28:12)
Exécuté depuis C:\Users\schan\Downloads
Profils chargés: schan (Profils disponibles: schan)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(IntelliBreeze Software AB) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(深圳微客百源科技有限公司) C:\Program Files\SUMLINK-G10\SUMLINK.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\WindowsApps\Facebook.Facebook_81.789.17803.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17012.10311.0_x64__8wekyb3d8bbwe\Music.UI.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830232 2016-03-08] (Conexant Systems, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-03] (AVAST Software)
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\Run: [GmailNotifierPro] => C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2881752 2016-02-15] (IntelliBreeze Software AB)
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\Run: [Spotify Web Helper] => C:\Users\schan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-25] (Spotify Ltd)
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\Run: [Spotify] => C:\Users\schan\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-02-25] (Spotify Ltd)
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\Run: [WahOO] => C:\Program Files (x86)\KowMedia\WahOO\WahOO.exe [5444416 2016-04-13] ()
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\MountPoints2: {6f8318a6-8a38-11e6-8926-806e6f6e6963} - "D:\/pourPC.exe"
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d580584f-20ca-4a87-b9c9-0764eb8b4c7e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e2a6d698-ee29-4e21-89a9-7913a74db25d}: [DhcpNameServer] 192.168.104.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-444115513-1170614783-1086148597-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-444115513-1170614783-1086148597-1001 -> hxxp://www.google.com
FireFox:
========
FF DefaultProfile: 5g49220y.default
FF ProfilePath: C:\Users\schan\AppData\Roaming\Mozilla\Firefox\Profiles\5g49220y.default [2017-03-15]
FF Extension: (MEGA) - C:\Users\schan\AppData\Roaming\Mozilla\Firefox\Profiles\5g49220y.default\Extensions\firefox@mega.co.nz.xpi [2017-03-09]
FF Extension: (Zimbra Mail Notifier) - C:\Users\schan\AppData\Roaming\Mozilla\Firefox\Profiles\5g49220y.default\Extensions\zimbra_mail_notifier@davidguehennec.com.xpi [2017-01-08]
FF ProfilePath: C:\Users\schan\AppData\Roaming\Firefox\Firefox\Profiles\5g49220y.default [2017-02-20]
FF Extension: (MEGA) - C:\Users\schan\AppData\Roaming\Firefox\Firefox\Profiles\5g49220y.default\Extensions\firefox@mega.co.nz.xpi [2017-02-19]
FF Extension: (Français Language Pack) - C:\Users\schan\AppData\Roaming\Firefox\Firefox\Profiles\5g49220y.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2017-02-20] [non signé]
FF Extension: (Zimbra Mail Notifier) - C:\Users\schan\AppData\Roaming\Firefox\Firefox\Profiles\5g49220y.default\Extensions\zimbra_mail_notifier@davidguehennec.com.xpi [2017-01-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-03]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-16]
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com/
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.trotux.com/search/?q={searchTerms}&z=128cb70a5a78ac50b1f06e9g4z6b9mco4wccdcaqct&from=isr&uid=HGSTXHTS721010A9E630_JR10004M3PE1PF3PE1PFX&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> trotux
CHR Profile: C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-08] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-12]
CHR Extension: (Google Docs) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-12]
CHR Extension: (Google Drive) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-12]
CHR Extension: (YouTube) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-12]
CHR Extension: (Google Sheets) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-14]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-12]
CHR Extension: (Gmail) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-12]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-03] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe [301536 2016-11-30] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe [480224 2016-11-30] (Intel Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-26] (EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-24] (Hi-Rez Studios) [Fichier non signé]
S3 HnGSteamService; C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [536872 2017-03-14] (Reto-Moto ApS)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe [341984 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-18] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.259.0\McCSPServiceHost.exe [1694152 2016-01-21] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-05-03] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [48128 2016-01-08] (ASUSTeK COMPUTER INC.)
R2 SAService; C:\Windows\system32\SAsrv.exe [427224 2015-04-17] (Conexant Systems, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [19192 2015-09-30] (Intel(R) Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-05-03] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [138744 2015-12-18] (ASUS Corporation)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-03] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-03-03] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-03] (AVAST Software)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55816 2015-08-17] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R1 gfdriver; C:\WINDOWS\System32\drivers\gfdriver.sys [51904 2015-01-14] (Titan ARC Corp.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igdkmd64.sys [11039712 2016-11-30] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-08] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7231248 2016-06-17] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_fba2180c780ad9c0\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-01-26] (Wellbia.com Co., Ltd.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-15 18:28 - 2017-03-15 18:29 - 00025085 _____ C:\Users\schan\Downloads\FRST.txt
2017-03-15 18:27 - 2017-03-15 18:28 - 00000000 ____D C:\FRST
2017-03-15 18:27 - 2017-03-15 18:27 - 02424832 _____ (Farbar) C:\Users\schan\Downloads\FRST64.exe
2017-03-09 15:39 - 2017-03-09 15:40 - 37848063 _____ C:\Users\schan\Downloads\Install-FdpF2016.exe
2017-03-08 16:59 - 2017-03-08 16:59 - 09261616 _____ (Piriform Ltd) C:\Users\schan\Downloads\ccsetup527.exe
2017-03-08 16:44 - 2017-03-08 16:44 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2017-03-08 16:39 - 2017-03-08 16:39 - 04031440 _____ C:\Users\schan\Downloads\adwcleaner_6.044.exe
2017-03-08 16:39 - 2017-03-08 16:39 - 00000388 _____ C:\WINDOWS\SysWOW64\data.bin
2017-03-08 16:39 - 2017-03-08 16:39 - 00000000 _____ C:\WINDOWS\SysWOW64\4
2017-03-08 16:39 - 2017-03-08 16:39 - 00000000 _____ C:\WINDOWS\SysWOW64\3
2017-03-08 16:38 - 2017-03-08 16:38 - 00000000 ____D C:\Program Files (x86)\amulell
2017-03-07 18:27 - 2017-03-07 20:22 - 00000000 ____D C:\Program Files (x86)\MK
2017-03-06 18:43 - 2017-03-06 18:43 - 00193702 _____ C:\Users\schan\Downloads\coloriage.pdf
2017-03-06 18:43 - 2017-03-06 18:43 - 00189371 _____ C:\Users\schan\Downloads\coloriage1.pdf
2017-03-05 22:25 - 2017-03-08 17:05 - 00000000 ____D C:\Program Files\KMSpico
2017-03-05 22:25 - 2017-03-05 22:25 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2017-03-05 22:25 - 2017-03-05 22:25 - 00003476 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2017-03-05 22:25 - 2017-03-05 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-03-05 22:25 - 2010-12-06 03:16 - 00090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2017-03-05 22:21 - 2017-03-05 22:22 - 06248164 _____ C:\Users\schan\Downloads\KMS.10.1.5.zip
2017-03-05 22:11 - 2017-03-05 22:11 - 00000000 ____D C:\ProgramData\KMSAuto
2017-03-05 22:09 - 2017-03-05 22:09 - 00000000 ___HD C:\$AV_ASW
2017-03-05 22:08 - 2014-05-25 01:36 - 00015360 _____ C:\WINDOWS\system32\SppExtComObjHook.dll
2017-03-05 22:06 - 2017-03-05 22:06 - 02913239 _____ C:\Users\schan\Downloads\ob_b027d8_kmsauto.rar
2017-03-03 19:03 - 2017-03-03 19:03 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-03 19:03 - 2017-03-03 18:57 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-03 19:03 - 2017-03-03 18:57 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-03 19:03 - 2017-03-03 18:57 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-03 19:03 - 2017-03-03 18:57 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-03 19:01 - 2017-03-03 19:01 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-28 17:14 - 2017-03-08 17:03 - 00000000 ____D C:\Users\schan\AppData\Local\CrashDumps
2017-02-27 21:35 - 2017-02-27 21:39 - 00000000 ____D C:\Users\schan\OneDrive\Documents\My Games
2017-02-27 21:35 - 2017-02-27 21:35 - 00000000 ____D C:\Users\schan\AppData\Local\HirezLauncherUI
2017-02-27 21:32 - 2017-03-08 16:55 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-02-27 21:32 - 2017-02-27 21:39 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2017-02-27 21:32 - 2017-02-27 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2017-02-27 19:02 - 2017-02-27 21:14 - 00000000 ____D C:\Users\schan\AppData\LocalLow\Heroes and Generals
2017-02-27 19:01 - 2017-02-27 19:01 - 00000000 ____D C:\Users\schan\AppData\Roaming\HeroesAndGeneralsDesktop
2017-02-26 23:25 - 2017-02-26 23:25 - 00296448 _____ (PortableAppZ.blogspot.com) C:\Users\schan\Downloads\Unlocker_Portable_1.9.2_32-64_Multilingual.exe
2017-02-26 23:18 - 2017-02-26 23:22 - 00000000 ____D C:\Program Files\Unlocker
2017-02-25 15:33 - 2017-02-25 17:21 - 00000000 ____D C:\ESD
2017-02-25 15:32 - 2017-02-25 15:32 - 00000000 ___HD C:\$Windows.~WS
2017-02-25 15:32 - 2017-02-25 15:32 - 00000000 ____D C:\$WINDOWS.~BT
2017-02-25 15:31 - 2017-02-25 15:31 - 18316400 _____ (Microsoft Corporation) C:\Users\schan\Downloads\MediaCreationTool.exe
2017-02-25 14:24 - 2017-02-25 15:33 - 00000000 ____D C:\Program Files (x86)\Top Password
2017-02-25 14:23 - 2017-02-25 14:23 - 03199656 _____ (Top Password Software, Inc. ) C:\Users\schan\Downloads\ISO2DiscSetup.exe
2017-02-24 16:16 - 2017-02-24 16:16 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-24 16:16 - 2017-02-10 00:13 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-24 16:16 - 2017-01-26 01:13 - 00103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-24 16:16 - 2017-01-26 01:12 - 00326656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-24 16:16 - 2017-01-26 01:09 - 00322560 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-24 16:16 - 2017-01-26 01:09 - 00118272 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-24 16:14 - 2017-02-10 03:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-02-24 16:14 - 2017-02-10 03:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-02-24 15:49 - 2016-06-15 02:12 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-02-24 15:48 - 2016-04-14 06:38 - 00113216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-02-24 15:48 - 2016-04-14 06:38 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-02-20 18:22 - 2017-02-20 18:22 - 00000000 ____D C:\Users\schan\AppData\LocalLow\Fishing Planet LLC
2017-02-20 14:49 - 2017-03-08 16:55 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-20 14:49 - 2017-03-08 16:28 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-20 14:49 - 2017-03-05 22:10 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-20 14:49 - 2017-03-03 20:42 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-20 14:49 - 2017-03-03 20:42 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-20 14:49 - 2017-02-20 20:58 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-20 14:49 - 2017-02-20 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-20 14:49 - 2017-02-20 14:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-20 14:49 - 2017-02-20 14:49 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-20 14:48 - 2017-02-20 14:48 - 00000000 ____D C:\Users\schan\AppData\Roaming\Firefox
2017-02-20 14:48 - 2017-02-20 14:48 - 00000000 ____D C:\Users\schan\AppData\Local\Firefox
2017-02-20 14:45 - 2017-02-20 14:48 - 55566792 _____ (Malwarebytes ) C:\Users\schan\Downloads\mb3-setup-35891.35891-3.0.6.1469.exe
2017-02-20 14:45 - 2017-02-20 14:45 - 00000000 ____D C:\ProgramData\Apple
2017-02-20 14:39 - 2017-02-20 14:39 - 00000000 ____D C:\Program Files\d6xr5dra
2017-02-17 09:06 - 2017-02-20 14:43 - 00000000 ____D C:\Program Files (x86)\d6xr5dra
2017-02-16 14:58 - 2017-03-08 16:43 - 00000000 ____D C:\AdwCleaner
2017-02-16 14:47 - 2017-02-16 14:48 - 01315075 _____ C:\Users\schan\Downloads\PlanetCoasterThrillseekerEdition-3DMrar.iso.part
2017-02-16 13:00 - 2017-02-16 13:00 - 00000000 ____D C:\Users\schan\AppData\Roaming\steam.transformice.com
2017-02-15 06:34 - 2017-02-15 06:34 - 03076294 _____ C:\WINDOWS\159b1eccca7e7d4e0a46bda5bbc567a7.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-15 18:18 - 2017-01-12 14:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-15 18:13 - 2017-01-07 18:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-15 18:11 - 2017-01-07 17:59 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-15 18:11 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-15 18:08 - 2017-01-08 14:51 - 00000000 ____D C:\Users\schan\AppData\Roaming\GmailNotifierPro
2017-03-15 18:00 - 2017-01-07 14:07 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-15 17:50 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 17:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-15 17:41 - 2017-01-12 15:32 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-03-15 17:41 - 2017-01-12 15:32 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-03-15 17:39 - 2017-01-07 14:44 - 00000000 ____D C:\Users\schan\AppData\LocalLow\Mozilla
2017-03-15 17:39 - 2017-01-07 13:49 - 00000166 _____ C:\Users\schan\AppData\Roaming\sp_data.sys
2017-03-15 17:38 - 2017-01-07 13:49 - 00000000 __SHD C:\Users\schan\IntelGraphicsProfiles
2017-03-13 22:37 - 2017-01-08 15:04 - 00000000 ____D C:\Users\schan\OneDrive\Documents\Maternelle MS 2016 - 2017
2017-03-13 18:52 - 2017-01-08 20:14 - 00000000 ____D C:\Users\schan\AppData\Local\Spotify
2017-03-13 18:10 - 2017-01-08 19:51 - 00000000 ____D C:\Users\schan\AppData\Roaming\Spotify
2017-03-11 10:50 - 2017-01-07 13:49 - 00000000 ____D C:\Users\schan\AppData\Local\Packages
2017-03-10 13:07 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-10 06:17 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 06:17 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-09 14:26 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-08 17:09 - 2017-01-07 14:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-08 16:54 - 2017-01-12 15:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-08 16:54 - 2016-10-04 14:55 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-08 16:54 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-07 21:57 - 2017-01-12 15:15 - 00000000 ____D C:\Users\schan
2017-03-07 21:36 - 2017-01-08 13:33 - 00540200 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-03-06 18:00 - 2017-01-07 14:04 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-05 23:21 - 2017-01-07 13:54 - 00000000 ___RD C:\Users\schan\OneDrive
2017-03-05 23:06 - 2017-01-07 13:54 - 00002409 _____ C:\Users\schan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-05 22:11 - 2017-01-08 10:58 - 00000000 ____D C:\Users\schan\AppData\Local\MSfree Inc
2017-03-03 21:18 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-03 21:16 - 2016-03-24 13:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-03 20:43 - 2017-01-12 15:32 - 00004048 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1483796554
2017-03-03 20:43 - 2017-01-07 14:42 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-03 20:43 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-03 19:01 - 2017-01-07 14:16 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-03 18:59 - 2017-01-07 14:42 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-03 18:59 - 2017-01-07 14:16 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-02-27 21:32 - 2016-10-04 15:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-26 23:10 - 2017-01-08 12:57 - 00000000 ____D C:\Users\schan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-26 22:32 - 2017-01-08 13:33 - 00409128 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-02-26 21:49 - 2017-01-12 14:59 - 00338784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-25 17:21 - 2017-01-12 14:57 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-25 09:12 - 2017-01-12 15:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-24 16:17 - 2017-01-12 15:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-24 16:16 - 2016-10-04 14:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-24 15:49 - 2017-01-07 13:49 - 00000000 ____D C:\Users\schan\AppData\Local\NVIDIA Corporation
2017-02-24 15:49 - 2017-01-07 13:49 - 00000000 ____D C:\Users\schan\AppData\Local\NVIDIA
2017-02-24 12:34 - 2017-01-08 19:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-21 21:34 - 2017-02-02 21:04 - 00000000 ____D C:\Users\schan\AppData\Local\PAYDAY 2
2017-02-21 18:39 - 2017-02-10 21:02 - 00000000 ____D C:\Users\schan\OneDrive\Documents\Witcher 2
2017-02-20 16:10 - 2017-01-18 20:24 - 00000000 ____D C:\Users\schan\AppData\Local\ElevatedDiagnostics
2017-02-20 15:17 - 2016-07-16 23:40 - 00757338 _____ C:\WINDOWS\system32\perfh00C.dat
2017-02-20 15:17 - 2016-07-16 23:40 - 00153006 _____ C:\WINDOWS\system32\perfc00C.dat
2017-02-20 15:17 - 2016-03-24 12:50 - 01935304 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-20 14:48 - 2017-01-07 14:43 - 00002070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-20 14:45 - 2017-01-12 22:28 - 00002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-16 15:02 - 2017-01-07 14:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Fichiers à la racine de certains dossiers =======
2017-01-07 13:49 - 2017-03-15 17:39 - 0000166 _____ () C:\Users\schan\AppData\Roaming\sp_data.sys
2017-01-19 13:19 - 2017-01-19 13:19 - 0000093 _____ () C:\Users\schan\AppData\Local\fusioncache.dat
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-03-11 10:57
==================== Fin de FRST.txt ============================
Exécuté par schan (administrateur) sur DESKTOP-2O0B470 (15-03-2017 18:28:12)
Exécuté depuis C:\Users\schan\Downloads
Profils chargés: schan (Profils disponibles: schan)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(IntelliBreeze Software AB) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(深圳微客百源科技有限公司) C:\Program Files\SUMLINK-G10\SUMLINK.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\WindowsApps\Facebook.Facebook_81.789.17803.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17012.10311.0_x64__8wekyb3d8bbwe\Music.UI.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830232 2016-03-08] (Conexant Systems, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-03] (AVAST Software)
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\Run: [GmailNotifierPro] => C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2881752 2016-02-15] (IntelliBreeze Software AB)
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\Run: [Spotify Web Helper] => C:\Users\schan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-25] (Spotify Ltd)
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\Run: [Spotify] => C:\Users\schan\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-02-25] (Spotify Ltd)
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\Run: [WahOO] => C:\Program Files (x86)\KowMedia\WahOO\WahOO.exe [5444416 2016-04-13] ()
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\...\MountPoints2: {6f8318a6-8a38-11e6-8926-806e6f6e6963} - "D:\/pourPC.exe"
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d580584f-20ca-4a87-b9c9-0764eb8b4c7e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e2a6d698-ee29-4e21-89a9-7913a74db25d}: [DhcpNameServer] 192.168.104.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-444115513-1170614783-1086148597-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-444115513-1170614783-1086148597-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-444115513-1170614783-1086148597-1001 -> hxxp://www.google.com
FireFox:
========
FF DefaultProfile: 5g49220y.default
FF ProfilePath: C:\Users\schan\AppData\Roaming\Mozilla\Firefox\Profiles\5g49220y.default [2017-03-15]
FF Extension: (MEGA) - C:\Users\schan\AppData\Roaming\Mozilla\Firefox\Profiles\5g49220y.default\Extensions\firefox@mega.co.nz.xpi [2017-03-09]
FF Extension: (Zimbra Mail Notifier) - C:\Users\schan\AppData\Roaming\Mozilla\Firefox\Profiles\5g49220y.default\Extensions\zimbra_mail_notifier@davidguehennec.com.xpi [2017-01-08]
FF ProfilePath: C:\Users\schan\AppData\Roaming\Firefox\Firefox\Profiles\5g49220y.default [2017-02-20]
FF Extension: (MEGA) - C:\Users\schan\AppData\Roaming\Firefox\Firefox\Profiles\5g49220y.default\Extensions\firefox@mega.co.nz.xpi [2017-02-19]
FF Extension: (Français Language Pack) - C:\Users\schan\AppData\Roaming\Firefox\Firefox\Profiles\5g49220y.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2017-02-20] [non signé]
FF Extension: (Zimbra Mail Notifier) - C:\Users\schan\AppData\Roaming\Firefox\Firefox\Profiles\5g49220y.default\Extensions\zimbra_mail_notifier@davidguehennec.com.xpi [2017-01-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-03]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-16]
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com/
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.trotux.com/search/?q={searchTerms}&z=128cb70a5a78ac50b1f06e9g4z6b9mco4wccdcaqct&from=isr&uid=HGSTXHTS721010A9E630_JR10004M3PE1PF3PE1PFX&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> trotux
CHR Profile: C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-08] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-12]
CHR Extension: (Google Docs) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-12]
CHR Extension: (Google Drive) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-12]
CHR Extension: (YouTube) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-12]
CHR Extension: (Google Sheets) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-14]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-12]
CHR Extension: (Gmail) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\schan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-12]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-03] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe [301536 2016-11-30] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe [480224 2016-11-30] (Intel Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-26] (EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-24] (Hi-Rez Studios) [Fichier non signé]
S3 HnGSteamService; C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [536872 2017-03-14] (Reto-Moto ApS)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe [341984 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-18] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.259.0\McCSPServiceHost.exe [1694152 2016-01-21] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-05-03] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [48128 2016-01-08] (ASUSTeK COMPUTER INC.)
R2 SAService; C:\Windows\system32\SAsrv.exe [427224 2015-04-17] (Conexant Systems, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [19192 2015-09-30] (Intel(R) Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-05-03] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [138744 2015-12-18] (ASUS Corporation)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-03] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-03-03] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-03] (AVAST Software)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55816 2015-08-17] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R1 gfdriver; C:\WINDOWS\System32\drivers\gfdriver.sys [51904 2015-01-14] (Titan ARC Corp.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igdkmd64.sys [11039712 2016-11-30] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-08] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7231248 2016-06-17] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_fba2180c780ad9c0\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-01-26] (Wellbia.com Co., Ltd.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-15 18:28 - 2017-03-15 18:29 - 00025085 _____ C:\Users\schan\Downloads\FRST.txt
2017-03-15 18:27 - 2017-03-15 18:28 - 00000000 ____D C:\FRST
2017-03-15 18:27 - 2017-03-15 18:27 - 02424832 _____ (Farbar) C:\Users\schan\Downloads\FRST64.exe
2017-03-09 15:39 - 2017-03-09 15:40 - 37848063 _____ C:\Users\schan\Downloads\Install-FdpF2016.exe
2017-03-08 16:59 - 2017-03-08 16:59 - 09261616 _____ (Piriform Ltd) C:\Users\schan\Downloads\ccsetup527.exe
2017-03-08 16:44 - 2017-03-08 16:44 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2017-03-08 16:39 - 2017-03-08 16:39 - 04031440 _____ C:\Users\schan\Downloads\adwcleaner_6.044.exe
2017-03-08 16:39 - 2017-03-08 16:39 - 00000388 _____ C:\WINDOWS\SysWOW64\data.bin
2017-03-08 16:39 - 2017-03-08 16:39 - 00000000 _____ C:\WINDOWS\SysWOW64\4
2017-03-08 16:39 - 2017-03-08 16:39 - 00000000 _____ C:\WINDOWS\SysWOW64\3
2017-03-08 16:38 - 2017-03-08 16:38 - 00000000 ____D C:\Program Files (x86)\amulell
2017-03-07 18:27 - 2017-03-07 20:22 - 00000000 ____D C:\Program Files (x86)\MK
2017-03-06 18:43 - 2017-03-06 18:43 - 00193702 _____ C:\Users\schan\Downloads\coloriage.pdf
2017-03-06 18:43 - 2017-03-06 18:43 - 00189371 _____ C:\Users\schan\Downloads\coloriage1.pdf
2017-03-05 22:25 - 2017-03-08 17:05 - 00000000 ____D C:\Program Files\KMSpico
2017-03-05 22:25 - 2017-03-05 22:25 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2017-03-05 22:25 - 2017-03-05 22:25 - 00003476 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2017-03-05 22:25 - 2017-03-05 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-03-05 22:25 - 2010-12-06 03:16 - 00090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2017-03-05 22:21 - 2017-03-05 22:22 - 06248164 _____ C:\Users\schan\Downloads\KMS.10.1.5.zip
2017-03-05 22:11 - 2017-03-05 22:11 - 00000000 ____D C:\ProgramData\KMSAuto
2017-03-05 22:09 - 2017-03-05 22:09 - 00000000 ___HD C:\$AV_ASW
2017-03-05 22:08 - 2014-05-25 01:36 - 00015360 _____ C:\WINDOWS\system32\SppExtComObjHook.dll
2017-03-05 22:06 - 2017-03-05 22:06 - 02913239 _____ C:\Users\schan\Downloads\ob_b027d8_kmsauto.rar
2017-03-03 19:03 - 2017-03-03 19:03 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-03 19:03 - 2017-03-03 18:57 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-03 19:03 - 2017-03-03 18:57 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-03 19:03 - 2017-03-03 18:57 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-03 19:03 - 2017-03-03 18:57 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-03 19:01 - 2017-03-03 19:01 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-28 17:14 - 2017-03-08 17:03 - 00000000 ____D C:\Users\schan\AppData\Local\CrashDumps
2017-02-27 21:35 - 2017-02-27 21:39 - 00000000 ____D C:\Users\schan\OneDrive\Documents\My Games
2017-02-27 21:35 - 2017-02-27 21:35 - 00000000 ____D C:\Users\schan\AppData\Local\HirezLauncherUI
2017-02-27 21:32 - 2017-03-08 16:55 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-02-27 21:32 - 2017-02-27 21:39 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2017-02-27 21:32 - 2017-02-27 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2017-02-27 19:02 - 2017-02-27 21:14 - 00000000 ____D C:\Users\schan\AppData\LocalLow\Heroes and Generals
2017-02-27 19:01 - 2017-02-27 19:01 - 00000000 ____D C:\Users\schan\AppData\Roaming\HeroesAndGeneralsDesktop
2017-02-26 23:25 - 2017-02-26 23:25 - 00296448 _____ (PortableAppZ.blogspot.com) C:\Users\schan\Downloads\Unlocker_Portable_1.9.2_32-64_Multilingual.exe
2017-02-26 23:18 - 2017-02-26 23:22 - 00000000 ____D C:\Program Files\Unlocker
2017-02-25 15:33 - 2017-02-25 17:21 - 00000000 ____D C:\ESD
2017-02-25 15:32 - 2017-02-25 15:32 - 00000000 ___HD C:\$Windows.~WS
2017-02-25 15:32 - 2017-02-25 15:32 - 00000000 ____D C:\$WINDOWS.~BT
2017-02-25 15:31 - 2017-02-25 15:31 - 18316400 _____ (Microsoft Corporation) C:\Users\schan\Downloads\MediaCreationTool.exe
2017-02-25 14:24 - 2017-02-25 15:33 - 00000000 ____D C:\Program Files (x86)\Top Password
2017-02-25 14:23 - 2017-02-25 14:23 - 03199656 _____ (Top Password Software, Inc. ) C:\Users\schan\Downloads\ISO2DiscSetup.exe
2017-02-24 16:16 - 2017-02-24 16:16 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-24 16:16 - 2017-02-10 00:13 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-24 16:16 - 2017-01-26 01:13 - 00103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-24 16:16 - 2017-01-26 01:12 - 00326656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-24 16:16 - 2017-01-26 01:09 - 00322560 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-24 16:16 - 2017-01-26 01:09 - 00118272 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-24 16:14 - 2017-02-10 03:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-24 16:14 - 2017-02-10 03:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-02-24 16:14 - 2017-02-10 03:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-02-24 15:49 - 2016-06-15 02:12 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-02-24 15:48 - 2016-04-14 06:38 - 00113216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-02-24 15:48 - 2016-04-14 06:38 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-02-20 18:22 - 2017-02-20 18:22 - 00000000 ____D C:\Users\schan\AppData\LocalLow\Fishing Planet LLC
2017-02-20 14:49 - 2017-03-08 16:55 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-20 14:49 - 2017-03-08 16:28 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-20 14:49 - 2017-03-05 22:10 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-20 14:49 - 2017-03-03 20:42 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-20 14:49 - 2017-03-03 20:42 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-20 14:49 - 2017-02-20 20:58 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-20 14:49 - 2017-02-20 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-20 14:49 - 2017-02-20 14:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-20 14:49 - 2017-02-20 14:49 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-20 14:48 - 2017-02-20 14:48 - 00000000 ____D C:\Users\schan\AppData\Roaming\Firefox
2017-02-20 14:48 - 2017-02-20 14:48 - 00000000 ____D C:\Users\schan\AppData\Local\Firefox
2017-02-20 14:45 - 2017-02-20 14:48 - 55566792 _____ (Malwarebytes ) C:\Users\schan\Downloads\mb3-setup-35891.35891-3.0.6.1469.exe
2017-02-20 14:45 - 2017-02-20 14:45 - 00000000 ____D C:\ProgramData\Apple
2017-02-20 14:39 - 2017-02-20 14:39 - 00000000 ____D C:\Program Files\d6xr5dra
2017-02-17 09:06 - 2017-02-20 14:43 - 00000000 ____D C:\Program Files (x86)\d6xr5dra
2017-02-16 14:58 - 2017-03-08 16:43 - 00000000 ____D C:\AdwCleaner
2017-02-16 14:47 - 2017-02-16 14:48 - 01315075 _____ C:\Users\schan\Downloads\PlanetCoasterThrillseekerEdition-3DMrar.iso.part
2017-02-16 13:00 - 2017-02-16 13:00 - 00000000 ____D C:\Users\schan\AppData\Roaming\steam.transformice.com
2017-02-15 06:34 - 2017-02-15 06:34 - 03076294 _____ C:\WINDOWS\159b1eccca7e7d4e0a46bda5bbc567a7.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-15 18:18 - 2017-01-12 14:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-15 18:13 - 2017-01-07 18:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-15 18:11 - 2017-01-07 17:59 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-15 18:11 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-15 18:08 - 2017-01-08 14:51 - 00000000 ____D C:\Users\schan\AppData\Roaming\GmailNotifierPro
2017-03-15 18:00 - 2017-01-07 14:07 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-15 17:50 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 17:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-15 17:41 - 2017-01-12 15:32 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-03-15 17:41 - 2017-01-12 15:32 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-03-15 17:39 - 2017-01-07 14:44 - 00000000 ____D C:\Users\schan\AppData\LocalLow\Mozilla
2017-03-15 17:39 - 2017-01-07 13:49 - 00000166 _____ C:\Users\schan\AppData\Roaming\sp_data.sys
2017-03-15 17:38 - 2017-01-07 13:49 - 00000000 __SHD C:\Users\schan\IntelGraphicsProfiles
2017-03-13 22:37 - 2017-01-08 15:04 - 00000000 ____D C:\Users\schan\OneDrive\Documents\Maternelle MS 2016 - 2017
2017-03-13 18:52 - 2017-01-08 20:14 - 00000000 ____D C:\Users\schan\AppData\Local\Spotify
2017-03-13 18:10 - 2017-01-08 19:51 - 00000000 ____D C:\Users\schan\AppData\Roaming\Spotify
2017-03-11 10:50 - 2017-01-07 13:49 - 00000000 ____D C:\Users\schan\AppData\Local\Packages
2017-03-10 13:07 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-10 06:17 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 06:17 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-09 14:26 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-08 17:09 - 2017-01-07 14:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-08 16:54 - 2017-01-12 15:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-08 16:54 - 2016-10-04 14:55 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-08 16:54 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-07 21:57 - 2017-01-12 15:15 - 00000000 ____D C:\Users\schan
2017-03-07 21:36 - 2017-01-08 13:33 - 00540200 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-03-06 18:00 - 2017-01-07 14:04 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-05 23:21 - 2017-01-07 13:54 - 00000000 ___RD C:\Users\schan\OneDrive
2017-03-05 23:06 - 2017-01-07 13:54 - 00002409 _____ C:\Users\schan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-05 22:11 - 2017-01-08 10:58 - 00000000 ____D C:\Users\schan\AppData\Local\MSfree Inc
2017-03-03 21:18 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-03 21:16 - 2016-03-24 13:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-03 20:43 - 2017-01-12 15:32 - 00004048 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1483796554
2017-03-03 20:43 - 2017-01-07 14:42 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-03 20:43 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-03 19:01 - 2017-01-07 14:16 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-03 19:01 - 2017-01-07 14:16 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-03 18:59 - 2017-01-07 14:42 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-03 18:59 - 2017-01-07 14:16 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-02-27 21:32 - 2016-10-04 15:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-26 23:10 - 2017-01-08 12:57 - 00000000 ____D C:\Users\schan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-26 22:32 - 2017-01-08 13:33 - 00409128 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-02-26 21:49 - 2017-01-12 14:59 - 00338784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-25 17:21 - 2017-01-12 14:57 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-25 09:12 - 2017-01-12 15:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-24 16:17 - 2017-01-12 15:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-24 16:16 - 2016-10-04 14:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-24 15:49 - 2017-01-07 13:49 - 00000000 ____D C:\Users\schan\AppData\Local\NVIDIA Corporation
2017-02-24 15:49 - 2017-01-07 13:49 - 00000000 ____D C:\Users\schan\AppData\Local\NVIDIA
2017-02-24 12:34 - 2017-01-08 19:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-21 21:34 - 2017-02-02 21:04 - 00000000 ____D C:\Users\schan\AppData\Local\PAYDAY 2
2017-02-21 18:39 - 2017-02-10 21:02 - 00000000 ____D C:\Users\schan\OneDrive\Documents\Witcher 2
2017-02-20 16:10 - 2017-01-18 20:24 - 00000000 ____D C:\Users\schan\AppData\Local\ElevatedDiagnostics
2017-02-20 15:17 - 2016-07-16 23:40 - 00757338 _____ C:\WINDOWS\system32\perfh00C.dat
2017-02-20 15:17 - 2016-07-16 23:40 - 00153006 _____ C:\WINDOWS\system32\perfc00C.dat
2017-02-20 15:17 - 2016-03-24 12:50 - 01935304 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-20 14:48 - 2017-01-07 14:43 - 00002070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-20 14:45 - 2017-01-12 22:28 - 00002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-16 15:02 - 2017-01-07 14:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Fichiers à la racine de certains dossiers =======
2017-01-07 13:49 - 2017-03-15 17:39 - 0000166 _____ () C:\Users\schan\AppData\Roaming\sp_data.sys
2017-01-19 13:19 - 2017-01-19 13:19 - 0000093 _____ () C:\Users\schan\AppData\Local\fusioncache.dat
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-03-11 10:57
==================== Fin de FRST.txt ============================