Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2017 Exécuté par Julien Boulle (administrateur) sur JULIEN (17-09-2017 15:34:22) Exécuté depuis C:\Users\Julien Boulle\Desktop Profils chargés: Julien Boulle (Profils disponibles: Julien Boulle) Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe () C:\Program Files\Gramblr\gramblr.exe (Sierra) C:\Program Files (x86)\Pharaon et Cléopâtre - Gold Edition HD\Pharaoh.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [] => [X] HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-10-28] (Alienware) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-09] (AVAST Software) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation) HKLM-x32\...\Run: [Arc] => C:\Program Files (x86)\Arc\ArcLauncher.exe [414744 2017-07-28] (Perfect World Entertainment) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation) HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\Run: [f.lux] => C:\Users\Julien Boulle\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\Run: [uTorrent] => C:\Users\Julien Boulle\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-08-12] (BitTorrent Inc.) HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd) HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098944 2017-08-23] (Electronic Arts) HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\Run: [Discord] => C:\Users\Julien Boulle\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.) HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd) HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\Run: [ISM] => [X] HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\Run: [DellSystemDetect] => C:\Users\Julien Boulle\AppData\Local\Apps\2.0\0M1XBBH8.PMX\Q3M76N83.QG4\dell..tion_831211ca63b981c5_0008.0005_9a48d74816d64e41\DellSystemDetect.exe [313264 2017-08-13] (Dell) HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\MountPoints2: E - "E:\autorun\autorun.exe" HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\MountPoints2: {7b4f3582-63aa-11e6-825f-d4bed9fd6669} - "I:\setup.exe" HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\MountPoints2: {7b4f3ab7-63aa-11e6-825f-d4bed9fd6669} - "J:\setup.exe" HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\MountPoints2: {d0908bd1-ccea-11e6-826e-d4bed9fd6669} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\...\MountPoints2: {f8252299-58f1-11e6-825e-d4bed9fd6669} - "F:\Launcher_Setup.exe" HKU\S-1-5-18\...\Run: [] => [X] Startup: C:\Users\Julien Boulle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-08-21] ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Julien Boulle\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook) Startup: C:\Users\Julien Boulle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-08-18] ShortcutTarget: MEGAsync.lnk -> C:\Users\Julien Boulle\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) GroupPolicy: Restriction - Chrome <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{99E7FDE0-203E-4006-890C-CAA2821E5ED4}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4217912661-2564479441-2938323576-1001 -> DefaultScope {F226D527-C07E-4A29-9C96-D308F4C1D007} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-4217912661-2564479441-2938323576-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-4217912661-2564479441-2938323576-1001 -> {F226D527-C07E-4A29-9C96-D308F4C1D007} URL = hxxp://www.google.com/search?q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-21] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-09-09] (AVAST Software) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-21] (Oracle Corporation) BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2017-07-28] (Perfect World Entertainment Inc) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-09] (AVAST Software) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: 77gsks2d.default FF ProfilePath: C:\Users\Julien Boulle\AppData\Roaming\Mozilla\Firefox\Profiles\77gsks2d.default [2017-09-17] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\77gsks2d.default -> Yahoo! Powered FF SelectedSearchEngine: Mozilla\Firefox\Profiles\77gsks2d.default -> Yahoo! Powered FF Keyword.URL: Mozilla\Firefox\Profiles\77gsks2d.default -> user_pref("keyword.URL", true); FF Extension: (Firefox Hotfix) - C:\Users\Julien Boulle\AppData\Roaming\Mozilla\Firefox\Profiles\77gsks2d.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-10-12] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-11-12] [non signé] FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-21] (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=3.0.0-git -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-06-26] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2016-08-20] () FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2017-07-28] (Perfect World Entertainment Inc) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR HomePage: Default -> hxxp://www.google.fr/ CHR StartupUrls: Default -> "hxxp://www.google.fr/" CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms} CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms} CHR Profile: C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default [2017-09-17] CHR Extension: (Google Slides) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-08] CHR Extension: (Google Docs) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-08] CHR Extension: (Google Drive) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-08] CHR Extension: (YouTube) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-08] CHR Extension: (Adblock Plus) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-14] CHR Extension: (Avast Online Security (BETA)) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-08-10] CHR Extension: (Avast SafePrice) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-08-25] CHR Extension: (Google Sheets) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-08] CHR Extension: (Google Docs hors connexion) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-08] CHR Extension: (Avast Online Security) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-22] CHR Extension: (History Open) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\icfhggboopebcohpcffdgnbmodalpbic [2017-08-12] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23] CHR Extension: (Gmail) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-08] CHR Extension: (Chrome Media Router) - C:\Users\Julien Boulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-15] CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-4217912661-2564479441-2938323576-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [87064 2017-07-28] (Perfect World Entertainment Inc) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-09] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-09] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-07-25] () R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [383016 2017-08-05] (EasyAntiCheat Ltd) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [532544 2017-09-08] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-08-30] (GOG.com) R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [11810384 2017-09-14] () [Fichier non signé] R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.) U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [Fichier non signé] S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts) S3 PAExec; C:\Windows\PAExec.exe [189112 2017-07-21] (Power Admin LLC) R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc) S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] () [Fichier non signé] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-09-09] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-09-09] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-09-09] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-09-09] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-09-09] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-09-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-09-09] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-09-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-09-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-09-09] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-09-09] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-09-09] (AVAST Software) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-05] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-05] (Disc Soft Ltd) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-07-08] (REALiX(tm)) S1 ISODisk; C:\Windows\SysWow64\Drivers\ISODisk.sys [9600 2006-04-26] () [Fichier non signé] R3 mio; C:\Windows\System32\drivers\mio.sys [8192 2013-06-26] (Dell Inc.) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48064 2017-08-18] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-07-19] (NVIDIA Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation) S3 cpuz137; \??\C:\Program Files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys [X] S3 EverestDriver; \??\C:\Users\JULIEN~1\AppData\Local\Temp\EverestDriver.sys [X] <==== ATTENTION S3 GPU-Z; \??\C:\Users\JULIEN~1\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-09-17 15:34 - 2017-09-17 15:35 - 000023117 _____ C:\Users\Julien Boulle\Desktop\FRST.txt 2017-09-17 15:34 - 2017-09-17 15:34 - 002398720 _____ (Farbar) C:\Users\Julien Boulle\Desktop\FRST64.exe 2017-09-17 15:34 - 2017-09-17 15:34 - 000000000 ____D C:\FRST 2017-09-15 20:48 - 2017-09-15 20:48 - 000001415 _____ C:\Users\Public\Desktop\Pharaon et Cléopâtre - Gold Edition HD.lnk 2017-09-15 20:48 - 2017-09-15 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pharaon et Cléopâtre - Gold Edition HD 2017-09-15 20:47 - 2017-09-15 20:48 - 000000000 ____D C:\Program Files (x86)\Pharaon et Cléopâtre - Gold Edition HD 2017-09-15 20:46 - 2017-09-15 20:46 - 000790488 _____ (Disc Soft Ltd.) C:\Users\Julien Boulle\Desktop\daemon-tools-lite_10-6-0_fr_10729.exe 2017-09-15 20:12 - 2017-09-15 20:46 - 434685957 _____ C:\Users\Julien Boulle\Desktop\Pharaon et Cleopatre - Gold Edition HD-Zone-Telechargement.ws-.iso 2017-09-14 11:59 - 2017-09-14 13:11 - 000000000 ____D C:\Users\Julien Boulle\AbiSuite 2017-09-14 11:59 - 2017-09-14 11:59 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor 2017-09-14 11:59 - 2017-09-14 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor 2017-09-14 11:58 - 2017-09-14 11:59 - 000000000 ____D C:\Program Files (x86)\AbiWord 2017-09-14 11:57 - 2017-09-14 11:57 - 008335349 _____ (AbiSource Developers) C:\Users\Julien Boulle\Desktop\abiword-setup-2.8.6.exe 2017-09-14 11:56 - 2017-09-14 11:56 - 000379521 _____ C:\Users\Julien Boulle\Desktop\abiword_2.9.4.exe 2017-09-13 17:32 - 2017-09-13 17:32 - 000334476 _____ C:\Users\Julien Boulle\Downloads\libmp3lame-3.99.5x86.zip 2017-09-13 17:32 - 2012-03-02 00:18 - 000721408 _____ (hxxp://lame.sf.net) C:\Users\Julien Boulle\Downloads\libmp3lame.dll 2017-09-13 17:32 - 2012-03-02 00:18 - 000052514 _____ C:\Users\Julien Boulle\Downloads\libmp3lame.lib 2017-09-13 17:32 - 2012-03-02 00:18 - 000038248 _____ C:\Users\Julien Boulle\Downloads\libmp3lame.exp 2017-09-13 17:31 - 2017-09-13 17:31 - 000208896 _____ (www.mp3dev.org) C:\Users\Julien Boulle\Desktop\lame_enc.dll 2017-09-13 17:25 - 2017-09-13 17:33 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\Audacity 2017-09-13 17:25 - 2017-09-13 17:25 - 000001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2017-09-13 17:25 - 2017-09-13 17:25 - 000001023 _____ C:\Users\Public\Desktop\Audacity.lnk 2017-09-13 17:25 - 2017-09-13 17:25 - 000000000 ____D C:\Users\Julien Boulle\AppData\Local\Audacity 2017-09-13 17:25 - 2017-09-13 17:25 - 000000000 ____D C:\Program Files (x86)\Audacity 2017-09-13 17:23 - 2017-09-13 17:24 - 026496761 _____ (Audacity Team ) C:\Users\Julien Boulle\Desktop\audacity-win-2-1-2.exe 2017-09-10 12:45 - 2017-09-10 12:45 - 000000000 ____D C:\Users\Julien Boulle\Documents\SavedGames 2017-09-10 12:45 - 2017-09-10 12:45 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\Rogue Legacy 2017-09-10 12:44 - 2017-09-10 12:44 - 000001667 _____ C:\Users\Public\Desktop\Rogue Legacy.lnk 2017-09-10 12:44 - 2017-09-10 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rogue Legacy [GOG.com] 2017-09-10 12:44 - 2017-09-10 12:44 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA 2017-09-09 10:31 - 2017-09-09 10:31 - 000002289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-09-09 10:31 - 2017-09-09 10:31 - 000002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-09-09 10:05 - 2017-09-09 10:04 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-09-06 20:23 - 2017-09-06 20:23 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-09-06 20:19 - 2017-09-06 20:23 - 064025992 _____ (Malwarebytes ) C:\Users\Julien Boulle\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060.exe 2017-09-06 20:18 - 2017-09-06 20:18 - 000003258 _____ C:\Windows\System32\Tasks\{405A62BE-7D31-4B07-82FF-AE1A360ECB7A} 2017-09-06 12:51 - 2017-09-06 12:51 - 000000002 _____ C:\Windows\SysWOW64\stub.json 2017-09-06 11:56 - 2017-09-06 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COKTEL 2017-09-06 11:56 - 2017-09-06 11:56 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COKTEL 2017-09-06 11:55 - 2017-09-06 11:55 - 000000000 ____D C:\ProgramData\ByteFence 2017-09-06 11:55 - 2017-09-06 11:55 - 000000000 ____D C:\coktel 2017-09-06 11:48 - 2017-09-06 11:49 - 000000000 ____D C:\Users\Julien Boulle\AppData\Local\didesa 2017-09-06 11:48 - 2017-09-06 11:48 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\PowerISO 2017-09-06 11:47 - 2017-09-06 21:14 - 000000000 ____D C:\Program Files\ByteFence 2017-09-06 11:46 - 2017-09-06 11:47 - 003997000 _____ (Power Software Ltd) C:\Users\Julien Boulle\Downloads\PowerISO6-x64.exe 2017-09-06 10:57 - 2017-09-06 11:32 - 482215676 _____ C:\Users\Julien Boulle\Downloads\ADIBOU_INSTALLATION.daa 2017-09-05 22:54 - 2017-08-22 00:33 - 000135800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2017-09-05 22:52 - 2017-08-22 02:40 - 040240248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 035881592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 035314112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 028985976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 023132184 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 018849272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 015409088 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2017-09-05 22:52 - 2017-08-22 02:40 - 014687256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 013782904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 012225984 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 011692528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 010072768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 003802048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 003354560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 001988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438541.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 001597888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438541.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 001067456 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 001005176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000972920 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000924280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000895784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000690320 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000578056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000512672 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000429920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000171384 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000154208 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000149040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000132072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2017-09-05 22:52 - 2017-08-22 02:40 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2017-09-05 22:52 - 2017-08-22 02:40 - 000000669 _____ C:\Windows\system32\nv-vk64.json 2017-09-05 21:52 - 2017-09-05 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com] 2017-09-05 21:33 - 2017-08-18 06:37 - 000048064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2017-09-05 21:00 - 2017-09-05 21:00 - 000000000 ____D C:\Users\Julien Boulle\Desktop\The Witcher 3 Wild Hunt 2017-09-04 22:09 - 2017-09-04 22:09 - 000000000 ____D C:\Games 2017-09-04 22:05 - 2017-09-04 22:05 - 000029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2017-09-04 22:05 - 2017-09-04 22:05 - 000027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2017-09-04 21:55 - 2017-09-04 21:59 - 065444688 _____ (Microsoft Corporation) C:\Users\Julien Boulle\Downloads\NDP46-KB3045557-x86-x64-AllOS-ENU.exe 2017-09-04 21:54 - 2017-09-04 21:54 - 000000902 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk 2017-09-04 21:54 - 2017-09-04 21:54 - 000000000 ____D C:\Users\Julien Boulle\Documents\Nexus Mod Manager 2017-09-04 21:54 - 2017-09-04 21:54 - 000000000 ____D C:\Users\Julien Boulle\AppData\Local\Black_Tree_Gaming 2017-09-04 21:54 - 2017-09-04 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager 2017-09-04 21:54 - 2017-09-04 21:54 - 000000000 ____D C:\Program Files\Nexus Mod Manager 2017-09-04 21:53 - 2017-09-04 21:53 - 006441096 _____ (Black Tree Gaming ) C:\Users\Julien Boulle\Downloads\Nexus Mod Manager-0.63.14.exe 2017-09-03 14:06 - 2017-09-03 14:06 - 112144120 _____ (EA Digital Illusions CE AB) C:\Users\Julien Boulle\Downloads\bf1.exe 2017-09-03 10:14 - 2017-09-03 10:14 - 000000000 ____D C:\Users\Julien Boulle\Documents\Battlefield 1 2017-09-03 01:21 - 2017-09-05 18:34 - 000001190 _____ C:\Users\Public\Desktop\Battlefield 1.lnk 2017-09-03 01:21 - 2017-09-03 01:21 - 000000000 ___HD C:\Program Files\Common FilesEAInstaller 2017-09-03 01:21 - 2017-09-03 01:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1 2017-08-27 11:05 - 2017-09-17 15:35 - 000000000 ____D C:\ProgramData\Gramblr 2017-08-27 11:05 - 2017-09-14 11:41 - 000000000 ____D C:\Program Files\Gramblr 2017-08-27 11:05 - 2017-08-27 11:05 - 004047181 _____ C:\Users\Julien Boulle\Downloads\gramblr2_win64.zip 2017-08-27 11:05 - 2017-08-27 11:05 - 000000967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gramblr.lnk 2017-08-26 10:45 - 2017-08-26 10:46 - 000102400 _____ C:\Users\Julien Boulle\Desktop\JULIEN - Résumé Système.txt 2017-08-26 10:35 - 2017-08-26 10:35 - 000001122 _____ C:\Users\Julien Boulle\Desktop\EVEREST Home Edition.lnk 2017-08-26 10:35 - 2017-08-26 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys 2017-08-26 10:35 - 2017-08-26 10:35 - 000000000 ____D C:\Program Files (x86)\Lavalys 2017-08-26 10:34 - 2017-08-26 10:35 - 004179293 _____ (Lavalys, Inc. ) C:\Users\Julien Boulle\Downloads\everesthome220.exe 2017-08-25 20:45 - 2017-08-25 20:45 - 000000000 ____D C:\Users\Julien Boulle\myApp 2017-08-25 20:41 - 2017-08-25 20:43 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\npm-cache 2017-08-25 20:41 - 2017-08-25 20:41 - 000000000 ____D C:\Users\Julien Boulle\.config 2017-08-25 20:39 - 2017-08-25 20:43 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\npm 2017-08-25 20:38 - 2017-08-25 20:39 - 016257024 _____ C:\Users\Julien Boulle\Downloads\node-v8.4.0-x64.msi 2017-08-25 14:53 - 2017-08-25 14:53 - 000000000 ____D C:\Users\Julien Boulle\Documents\EA Games 2017-08-25 14:41 - 2017-08-25 14:41 - 000000000 ____D C:\Program Files (x86)\EA Games 2017-08-25 14:27 - 2017-08-25 14:27 - 000000000 ____D C:\Windows\SysWOW64\AGEIA 2017-08-25 14:27 - 2017-08-25 14:27 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies 2017-08-24 10:24 - 2017-08-24 10:24 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2017-08-24 10:24 - 2017-08-24 10:24 - 000002192 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2017-08-23 17:34 - 2017-08-22 02:40 - 018704744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2017-08-21 13:08 - 2017-08-21 13:08 - 000000000 ____D C:\Users\Julien Boulle\AppData\LocalLow\Lockwood Publishing Ltd 2017-08-21 13:06 - 2017-08-23 18:42 - 000000000 ____D C:\Users\Public\Facebook Games 2017-08-21 12:59 - 2017-08-21 12:59 - 000001186 _____ C:\Users\Julien Boulle\Desktop\Facebook Gameroom.lnk 2017-08-21 12:59 - 2017-08-21 12:59 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook 2017-08-21 12:59 - 2017-08-21 12:59 - 000000000 ____D C:\Users\Julien Boulle\AppData\Local\Facebook 2017-08-20 12:50 - 2017-08-20 12:50 - 000260864 _____ (Facebook) C:\Users\Julien Boulle\Downloads\FacebookGameroom.exe 2017-08-19 20:25 - 2017-08-19 20:25 - 000000000 ____D C:\Users\Julien Boulle\Documents\WB Games ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-09-17 12:40 - 2016-07-08 15:25 - 000003960 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D27524BA-8E01-4008-BCC2-E2A6F36A4458} 2017-09-17 12:25 - 2017-07-21 09:42 - 000000000 ____D C:\ProgramData\NVIDIA 2017-09-17 09:41 - 2017-06-05 18:06 - 000000000 ____D C:\Users\Julien Boulle\.junique 2017-09-16 23:48 - 2016-07-08 18:38 - 000003758 _____ C:\Windows\System32\Tasks\AutoKMS 2017-09-16 21:24 - 2016-09-04 13:32 - 000000000 ____D C:\ProgramData\Origin 2017-09-16 21:23 - 2016-09-04 13:40 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\Origin 2017-09-16 21:14 - 2016-07-08 18:45 - 000000000 ____D C:\Users\Julien Boulle\AppData\Local\Battle.net 2017-09-16 21:05 - 2016-07-08 18:46 - 000000000 ____D C:\Program Files (x86)\World of Warcraft 2017-09-16 21:04 - 2016-07-08 18:43 - 000000000 ____D C:\Program Files (x86)\Battle.net 2017-09-15 21:17 - 2016-07-08 15:23 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4217912661-2564479441-2938323576-1001 2017-09-15 20:46 - 2016-08-05 21:38 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\DAEMON Tools Lite 2017-09-15 20:30 - 2016-07-08 21:45 - 000000000 ____D C:\Program Files (x86)\Steam 2017-09-15 20:24 - 2017-05-20 14:18 - 000000000 ____D C:\Users\Julien Boulle\Documents\Maniaplanet 2017-09-15 20:24 - 2017-05-20 14:18 - 000000000 ____D C:\ProgramData\Maniaplanet 2017-09-15 18:49 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf 2017-09-14 11:59 - 2016-07-08 15:17 - 000000000 ____D C:\Users\Julien Boulle 2017-09-13 18:24 - 2017-08-06 09:22 - 000023974 _____ C:\Users\Julien Boulle\Downloads\Notepad2.ini 2017-09-12 20:12 - 2016-07-17 16:34 - 000000000 ____D C:\Users\Julien Boulle\AppData\Local\Ubisoft Game Launcher 2017-09-12 12:29 - 2017-07-30 15:04 - 000000000 ____D C:\Users\Julien Boulle\Documents\The Witcher 3 2017-09-10 12:44 - 2016-08-13 18:55 - 000000000 ____D C:\GOG Games 2017-09-09 10:31 - 2016-07-08 16:06 - 000000000 ____D C:\Program Files (x86)\Google 2017-09-09 10:27 - 2017-06-19 08:54 - 000000000 ____D C:\Users\Julien Boulle\AppData\Local\LogMeIn Hamachi 2017-09-09 10:26 - 2017-04-24 15:15 - 000003914 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1467986933 2017-09-09 10:26 - 2016-07-08 16:08 - 000001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-09-09 10:25 - 2016-08-20 14:18 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2017-09-09 10:24 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-09-09 10:22 - 2016-07-08 15:57 - 000000000 ____D C:\Program Files\Common Files\AV 2017-09-09 10:05 - 2017-03-16 14:24 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-09-09 10:05 - 2017-03-03 17:58 - 000000000 ____D C:\Users\Julien Boulle\AppData\Local\CrashDumps 2017-09-09 10:05 - 2017-01-30 12:41 - 000000000 ____D C:\Windows\Minidump 2017-09-09 10:05 - 2016-08-05 16:01 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\uTorrent 2017-09-09 10:04 - 2017-03-16 14:24 - 000343296 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-09-09 10:04 - 2017-03-16 14:24 - 000320528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-09-09 10:04 - 2017-03-16 14:24 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-09-09 10:04 - 2017-03-16 14:24 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-09-09 10:04 - 2016-07-08 16:06 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2017-09-09 10:04 - 2016-07-08 15:56 - 001016384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-09-09 10:04 - 2016-07-08 15:56 - 000590880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-09-09 10:04 - 2016-07-08 15:56 - 000361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-09-09 10:04 - 2016-07-08 15:56 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-09-09 10:04 - 2016-07-08 15:56 - 000147784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-09-09 10:04 - 2016-07-08 15:56 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-09-09 10:04 - 2016-07-08 15:56 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-09-09 10:04 - 2016-07-08 15:56 - 000047016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-09-08 18:46 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness 2017-09-08 13:39 - 2017-07-29 21:34 - 000000000 ____D C:\Program Files (x86)\GalaxyClient 2017-09-06 21:14 - 2016-08-18 14:03 - 000000000 ____D C:\Users\Julien Boulle\AppData\Local\MEGAsync 2017-09-06 21:14 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2017-09-06 20:52 - 2016-08-05 21:38 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2017-09-06 11:50 - 2017-07-21 09:42 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-09-06 11:04 - 2017-07-29 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2017-09-05 22:54 - 2017-08-10 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-09-05 22:54 - 2016-07-08 15:41 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-09-05 21:52 - 2016-07-08 15:34 - 000000000 ____D C:\ProgramData\Package Cache 2017-09-05 21:35 - 2017-08-10 18:45 - 000003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-09-05 21:35 - 2017-06-10 19:30 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-09-05 21:34 - 2017-08-10 18:44 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-09-05 21:34 - 2017-08-10 18:44 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-09-05 21:34 - 2017-08-10 18:44 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-09-05 21:34 - 2017-08-10 18:44 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-09-05 21:34 - 2017-08-10 18:44 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-09-05 21:34 - 2017-08-10 18:44 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-09-05 21:34 - 2017-07-21 09:40 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-09-04 22:23 - 2016-12-03 21:23 - 000000000 ____D C:\Users\Julien Boulle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2017-09-04 22:06 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp 2017-09-02 11:35 - 2016-09-04 13:42 - 000000000 ____D C:\Program Files (x86)\Origin Games 2017-09-02 11:29 - 2016-07-08 19:50 - 000000000 ____D C:\Program Files (x86)\Overwatch 2017-09-02 11:29 - 2016-07-08 18:42 - 000000000 ____D C:\Program Files (x86)\Heroes of the Storm 2017-09-02 07:39 - 2016-09-04 13:31 - 000000000 ____D C:\Program Files (x86)\Origin 2017-09-02 02:54 - 2016-07-17 20:58 - 000000000 ____D C:\Users\Julien Boulle\Documents\My Games 2017-08-31 13:12 - 2017-02-04 10:20 - 000000000 ____D C:\Users\Julien Boulle\Desktop\Games 2017-08-30 14:18 - 2017-04-11 14:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-08-28 11:04 - 2014-03-18 12:06 - 001824010 _____ C:\Windows\system32\PerfStringBackup.INI 2017-08-28 11:04 - 2014-03-18 11:26 - 000811108 _____ C:\Windows\system32\perfh00C.dat 2017-08-28 11:04 - 2014-03-18 11:26 - 000159206 _____ C:\Windows\system32\perfc00C.dat 2017-08-27 11:05 - 2017-06-29 17:34 - 011473488 _____ C:\Users\Julien Boulle\Desktop\gramblr.exe 2017-08-26 10:45 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\FxsTmp 2017-08-23 17:38 - 2017-08-10 18:48 - 000000000 ____D C:\Users\Julien Boulle\Documents\temp 2017-08-22 02:40 - 2017-08-15 09:12 - 000491720 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2017-08-22 02:40 - 2017-08-14 16:26 - 017807096 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2017-08-22 02:40 - 2017-08-14 16:26 - 004188872 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2017-08-22 02:40 - 2017-08-14 16:19 - 003692216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2017-08-22 02:40 - 2017-08-10 18:42 - 021405440 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2017-08-22 02:40 - 2017-07-21 09:41 - 000044190 _____ C:\Windows\system32\nvinfo.pb 2017-08-22 01:10 - 2017-08-14 16:28 - 006463424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2017-08-22 01:10 - 2017-08-14 16:28 - 002479224 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2017-08-22 01:10 - 2017-08-14 16:28 - 001762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2017-08-22 01:10 - 2017-08-14 16:28 - 000549312 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2017-08-22 01:10 - 2017-08-14 16:28 - 000392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2017-08-22 01:10 - 2017-08-14 16:28 - 000082040 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2017-08-22 01:10 - 2017-08-14 16:28 - 000069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2017-08-22 00:54 - 2017-08-15 09:14 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2017-08-19 09:10 - 2017-08-14 16:28 - 008142301 _____ C:\Windows\system32\nvcoproc.bin 2017-08-18 20:39 - 2017-07-29 10:36 - 000007601 _____ C:\Users\Julien Boulle\AppData\Local\Resmon.ResmonCfg 2017-08-18 06:37 - 2017-08-10 18:45 - 001923008 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2017-08-18 06:37 - 2017-08-10 18:45 - 001755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2017-08-18 06:37 - 2017-08-10 18:45 - 001505728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2017-08-18 06:37 - 2017-08-10 18:45 - 001317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2017-08-18 06:37 - 2017-08-10 18:45 - 000121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2017-08-18 06:36 - 2017-08-10 18:42 - 000179136 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2017-08-18 06:36 - 2017-08-10 18:42 - 000146368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll ==================== Fichiers à la racine de certains dossiers ======= 2017-07-05 15:45 - 2017-07-24 18:00 - 000000125 _____ () C:\Users\Julien Boulle\AppData\Roaming\D2Info0 2017-07-05 15:45 - 2017-07-24 18:46 - 000000008 _____ () C:\Users\Julien Boulle\AppData\Roaming\DofusAppId0_1 2017-07-06 01:06 - 2017-07-10 06:52 - 000000008 _____ () C:\Users\Julien Boulle\AppData\Roaming\DofusAppId0_2 2017-07-08 11:13 - 2017-07-09 00:21 - 000000008 _____ () C:\Users\Julien Boulle\AppData\Roaming\DofusAppId0_3 2017-07-29 10:36 - 2017-08-18 20:39 - 000007601 _____ () C:\Users\Julien Boulle\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-09-15 18:49 ==================== Fin de FRST.txt ============================