Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2017
Exécuté par gaga8 (administrateur) sur DESKTOP-G5CGJNS (14-03-2017 17:55:00)
Exécuté depuis C:\Users\gaga8\Downloads
Profils chargés: gaga8 (Profils disponibles: gaga8)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
() C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel Corporation) C:\Windows\syswow64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
() C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) D:\$.RECYCLEBIN\svshost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397752 2016-03-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-4142293119-2510760471-2357867725-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-4142293119-2510760471-2357867725-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-4142293119-2510760471-2357867725-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1050632 2016-12-26] (ASUSTek Computer Inc)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-06-20]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
Startup: C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Astral.lnk [2017-03-14]
ShortcutTarget: Astral.lnk -> C:\go.exe (Pas de fichier)
Startup: C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Claire.lnk [2017-03-14]
ShortcutTarget: Claire.lnk -> C:\$.RECYCLEBIN\svshost.exe (Microsoft Corporation)
Startup: C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cleaner.lnk [2017-03-14]
ShortcutTarget: Cleaner.lnk -> D:\$.RECYCLEBIN\svshost.exe (Microsoft Corporation)
Startup: C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Help.lnk [2017-03-14]
ShortcutTarget: Help.lnk -> C:\$.RECYCLEBIN\svshost.exe (Microsoft Corporation)
Startup: C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Manual.lnk [2017-03-14]
ShortcutTarget: Manual.lnk -> D:\$.RECYCLEBIN\svshost.exe (Microsoft Corporation)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{335066e4-5052-4777-8929-94da1bfe3b1c}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-4142293119-2510760471-2357867725-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-03-11] (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2017-01-09] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-09] (Oracle Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-03-11] (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-09] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-09] (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-03-11] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-03-11] (Bitdefender)
FireFox:
========
FF DefaultProfile: m2fnsb1j.default
FF ProfilePath: C:\Users\gaga8\AppData\Roaming\Mozilla\Firefox\Profiles\m2fnsb1j.default [2017-03-14]
FF Homepage: Mozilla\Firefox\Profiles\m2fnsb1j.default -> hxxps://www.google.fr/?gws_rd=ssl
FF Extension: (Adblock Plus) - C:\Users\gaga8\AppData\Roaming\Mozilla\Firefox\Profiles\m2fnsb1j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-10]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-03-13]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2016-12-13] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-21] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.fr/?gfe_rd=cr&ei=ArNzWJj9Ls6s8weVi57gAw"
CHR Profile: C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default [2017-02-27]
CHR Extension: (Google Slides) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-09]
CHR Extension: (Google Docs) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-09]
CHR Extension: (Google Drive) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-09]
CHR Extension: (YouTube) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-09]
CHR Extension: (Google Sheets) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-09]
CHR Extension: (Gmail) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-09]
CHR Extension: (Chrome Media Router) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-09]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [Fichier non signé]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [125144 2016-02-15] (Realtek Semiconductor Corp.)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe [301536 2016-11-30] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe [480224 2016-11-30] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-07] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-07] (Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1392792 2015-11-09] (Intel Corporation)
R2 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164856 2016-03-24] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe [341984 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-04-05] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-03-24] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-03-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-03-24] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2017-01-09] ()
R2 ServiceDevMgmt; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [100448 2016-12-19] (Bitdefender)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-03-11] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1532736 2017-03-13] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [94712 2016-04-01] (ASUS Corporation)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-11-09] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-11-09] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-11-09] (Intel Corporation)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] () [Fichier non signé]
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
S3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185128 2015-06-16] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igdkmd64.sys [11039712 2016-11-30] (Intel Corporation)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-11] (Bitdefender)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-03-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [898296 2016-01-13] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [607488 2016-02-25] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-14 17:55 - 2017-03-14 17:55 - 00024507 _____ C:\Users\gaga8\Downloads\FRST.txt
2017-03-14 16:51 - 2017-03-14 16:52 - 00000746 _____ C:\Users\gaga8\Downloads\SystemLook.txt
2017-03-14 16:50 - 2017-03-14 16:51 - 00165376 _____ C:\Users\gaga8\Downloads\SystemLook_x64.exe
2017-03-14 16:19 - 2017-03-14 16:19 - 00005693 ___RH C:\farstone_pe.letter
2017-03-14 16:16 - 2017-03-14 16:16 - 00030147 _____ C:\Users\gaga8\Downloads\SFT.txt
2017-03-14 16:14 - 2017-03-14 16:15 - 01352704 _____ C:\Users\gaga8\Downloads\SFT.exe
2017-03-14 13:38 - 2017-03-14 13:38 - 00042232 _____ C:\ProgramData\dm.update.1489495067.bdinstall.bin
2017-03-14 10:24 - 2017-03-14 10:24 - 00001044 _____ C:\Users\gaga8\Downloads\Search.txt
2017-03-14 10:23 - 2017-03-14 10:23 - 00000443 _____ C:\Users\gaga8\Downloads\SearchReg.txt
2017-03-14 10:19 - 2017-03-14 10:19 - 00000000 ____D C:\Users\gaga8\Downloads\FRST-OlderVersion
2017-03-13 20:56 - 2017-03-14 11:26 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-03-13 20:56 - 2017-03-13 21:39 - 00000000 ____D C:\ProgramData\RogueKiller
2017-03-13 20:55 - 2017-03-13 20:56 - 26131528 _____ C:\Users\gaga8\Downloads\RogueKillerX64.exe
2017-03-13 20:11 - 2017-03-13 20:18 - 00000000 ____D C:\Users\gaga8\AppData\Roaming\ZHP
2017-03-13 20:11 - 2017-03-13 20:11 - 02749952 _____ C:\Users\gaga8\Downloads\ZHPCleaner.exe
2017-03-13 20:11 - 2017-03-13 20:11 - 00000877 _____ C:\Users\gaga8\Downloads\ZHPCleaner.lnk
2017-03-13 18:55 - 2017-03-13 18:56 - 00006509 _____ C:\Users\gaga8\Downloads\Fixlog.txt
2017-03-13 11:25 - 2017-03-14 17:55 - 00000000 ____D C:\FRST
2017-03-13 11:22 - 2017-03-14 10:19 - 02424832 _____ (Farbar) C:\Users\gaga8\Downloads\FRST64.exe
2017-03-12 08:05 - 2017-03-12 08:05 - 00000000 ____D C:\Users\gaga8\AppData\Temp
2017-03-07 11:24 - 2017-03-07 11:24 - 00000000 _RSHD C:\$.RECYCLEBIN
2017-03-07 11:20 - 2017-03-07 11:23 - 64867994 _____ C:\Users\gaga8\Desktop\document numérique.mp4
2017-03-02 21:08 - 2017-03-02 21:08 - 00000332 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䍬〸⸷浴p翾
2017-03-02 21:08 - 2017-03-02 21:08 - 00000328 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䍬㔳⸸浴p翾
2017-03-02 21:08 - 2017-03-02 21:08 - 00000326 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䍬〸⸸浴p翾
2017-03-02 21:07 - 2017-03-02 21:07 - 00000332 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸㥬㠹⸹浴p翾
2017-03-02 21:07 - 2017-03-02 21:07 - 00000326 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸㥬㤹⹁浴p翾
2017-03-02 21:06 - 2017-03-02 21:06 - 00000332 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸ㅬ䅆⹄浴p翾
2017-03-02 18:57 - 2017-03-02 18:57 - 00000336 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸㝬䑄⸶浴p翾
2017-03-02 18:57 - 2017-03-02 18:57 - 00000328 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸㝬ㄹ⸸浴p翾
2017-03-02 18:57 - 2017-03-02 18:57 - 00000326 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸㝬䕄⸷浴p翾
2017-03-02 18:55 - 2017-03-02 18:55 - 00000336 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䍬ぃ⸰浴p翾
2017-03-02 18:55 - 2017-03-02 18:55 - 00000332 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䉬㘸⹆浴p翾
2017-03-02 18:55 - 2017-03-02 18:55 - 00000322 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䍬㍃⸰浴p翾
2017-03-02 18:55 - 2017-03-02 18:55 - 00000000 ____D C:\ProgramData\bdch
2017-03-02 18:17 - 2017-03-08 15:14 - 00032242 _____ C:\Users\gaga8\Desktop\tdinfodoc.odt
2017-02-26 19:29 - 2017-02-26 19:29 - 00120544 _____ C:\Users\gaga8\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-23 13:43 - 2017-02-23 16:40 - 00000000 ____D C:\Users\gaga8\AppData\Roaming\TS3Client
2017-02-23 13:43 - 2017-02-23 13:43 - 00000000 ____D C:\Users\gaga8\AppData\Local\TeamSpeak 3
2017-02-23 13:43 - 2017-02-23 13:43 - 00000000 ____D C:\Users\gaga8\.TeamSpeak 3
2017-02-23 13:43 - 2017-02-23 13:43 - 00000000 ____D C:\Users\gaga8\.QtWebEngineProcess
2017-02-23 13:42 - 2017-02-23 13:42 - 00001286 _____ C:\Users\gaga8\Desktop\TeamSpeak 3 Client.lnk
2017-02-23 13:42 - 2017-02-23 13:42 - 00001244 _____ C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-02-23 13:42 - 2017-02-23 13:42 - 00000000 ____D C:\Users\gaga8\AppData\Local\TeamSpeak 3 Client
2017-02-23 13:39 - 2017-02-23 13:41 - 77765040 _____ (TeamSpeak Systems GmbH) C:\Users\gaga8\Downloads\TeamSpeak3-Client-win64-3.1.1.1.exe
2017-02-20 16:47 - 2017-02-20 16:47 - 00013876 _____ C:\Users\gaga8\Downloads\PAGE DE PRESENTATION DES MATCHS DU MATIN bis(1).xlsx
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-14 17:19 - 2017-01-15 12:48 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-03-14 16:36 - 2016-11-16 15:28 - 00000000 ____D C:\Users\gaga8\AppData\LocalLow\Mozilla
2017-03-14 16:30 - 2017-01-07 14:36 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-14 16:26 - 2017-01-07 15:36 - 00000000 ____D C:\Users\gaga8\AppData\Local\ASUS GIFTBOX
2017-03-14 16:23 - 2017-01-07 15:03 - 00000000 ____D C:\Users\gaga8
2017-03-14 16:22 - 2017-01-09 14:11 - 00000000 ____D C:\Users\gaga8\AppData\Roaming\Skype
2017-03-14 16:20 - 2016-09-03 10:44 - 00000000 __SHD C:\Users\gaga8\IntelGraphicsProfiles
2017-03-14 16:19 - 2017-01-07 14:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-14 16:18 - 2017-02-09 22:19 - 00003933 _____ C:\bdlog.txt
2017-03-14 16:18 - 2017-01-07 13:58 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-03-14 12:48 - 2017-01-15 14:51 - 00004178 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{168F5F6E-0466-4F63-84F0-81A3CEAAB653}
2017-03-14 12:00 - 2017-01-07 16:39 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-03-14 12:00 - 2017-01-07 16:39 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-03-14 07:28 - 2017-01-07 14:19 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-14 06:26 - 2017-01-07 14:19 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-13 21:34 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-03-13 17:59 - 2017-01-07 15:36 - 00000206 _____ C:\Users\gaga8\AppData\Roaming\sp_data.sys
2017-03-11 16:21 - 2017-01-15 14:42 - 00305120 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2017-03-11 16:05 - 2017-01-07 13:58 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-11 16:03 - 2017-01-09 16:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-11 16:03 - 2017-01-09 16:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-11 16:03 - 2017-01-07 14:35 - 00422744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-08 13:40 - 2017-01-28 21:45 - 00000000 ____D C:\Users\gaga8\AppData\Roaming\vlc
2017-03-07 18:57 - 2017-01-07 14:17 - 00000000 ____D C:\WINDOWS\INF
2017-03-03 19:35 - 2017-01-09 14:12 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-03 19:35 - 2017-01-07 15:38 - 00002413 _____ C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-03 19:35 - 2016-09-03 10:48 - 00000000 ___RD C:\Users\gaga8\OneDrive
2017-02-27 21:48 - 2016-09-05 15:35 - 00000000 ___RD C:\Users\gaga8\Desktop\Personnel
2017-02-27 21:11 - 2016-09-05 15:34 - 00000000 ___RD C:\Users\gaga8\Desktop\Football 2017
2017-02-27 09:19 - 2017-01-07 14:19 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-02-27 09:19 - 2017-01-07 14:19 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2017-02-23 16:48 - 2017-01-07 16:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 16:45 - 2017-01-07 16:28 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 13:42 - 2016-03-24 13:04 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-22 17:15 - 2017-01-07 14:05 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-18 17:52 - 2017-01-07 14:40 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
==================== Fichiers à la racine de certains dossiers =======
2017-01-07 15:36 - 2017-03-13 17:59 - 0000206 _____ () C:\Users\gaga8\AppData\Roaming\sp_data.sys
2017-03-14 13:38 - 2017-03-14 13:38 - 0042232 _____ () C:\ProgramData\dm.update.1489495067.bdinstall.bin
2017-01-07 14:42 - 2017-01-07 14:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-03-11 17:48
==================== Fin de FRST.txt ============================
Exécuté par gaga8 (administrateur) sur DESKTOP-G5CGJNS (14-03-2017 17:55:00)
Exécuté depuis C:\Users\gaga8\Downloads
Profils chargés: gaga8 (Profils disponibles: gaga8)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
() C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel Corporation) C:\Windows\syswow64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
() C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) D:\$.RECYCLEBIN\svshost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397752 2016-03-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-4142293119-2510760471-2357867725-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-4142293119-2510760471-2357867725-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-4142293119-2510760471-2357867725-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1050632 2016-12-26] (ASUSTek Computer Inc)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-06-20]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
Startup: C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Astral.lnk [2017-03-14]
ShortcutTarget: Astral.lnk -> C:\go.exe (Pas de fichier)
Startup: C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Claire.lnk [2017-03-14]
ShortcutTarget: Claire.lnk -> C:\$.RECYCLEBIN\svshost.exe (Microsoft Corporation)
Startup: C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cleaner.lnk [2017-03-14]
ShortcutTarget: Cleaner.lnk -> D:\$.RECYCLEBIN\svshost.exe (Microsoft Corporation)
Startup: C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Help.lnk [2017-03-14]
ShortcutTarget: Help.lnk -> C:\$.RECYCLEBIN\svshost.exe (Microsoft Corporation)
Startup: C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Manual.lnk [2017-03-14]
ShortcutTarget: Manual.lnk -> D:\$.RECYCLEBIN\svshost.exe (Microsoft Corporation)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{335066e4-5052-4777-8929-94da1bfe3b1c}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-4142293119-2510760471-2357867725-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-03-11] (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2017-01-09] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-09] (Oracle Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-03-11] (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-09] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-09] (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-03-11] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-03-11] (Bitdefender)
FireFox:
========
FF DefaultProfile: m2fnsb1j.default
FF ProfilePath: C:\Users\gaga8\AppData\Roaming\Mozilla\Firefox\Profiles\m2fnsb1j.default [2017-03-14]
FF Homepage: Mozilla\Firefox\Profiles\m2fnsb1j.default -> hxxps://www.google.fr/?gws_rd=ssl
FF Extension: (Adblock Plus) - C:\Users\gaga8\AppData\Roaming\Mozilla\Firefox\Profiles\m2fnsb1j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-10]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-03-13]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2016-12-13] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-21] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.fr/?gfe_rd=cr&ei=ArNzWJj9Ls6s8weVi57gAw"
CHR Profile: C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default [2017-02-27]
CHR Extension: (Google Slides) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-09]
CHR Extension: (Google Docs) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-09]
CHR Extension: (Google Drive) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-09]
CHR Extension: (YouTube) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-09]
CHR Extension: (Google Sheets) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-09]
CHR Extension: (Gmail) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-09]
CHR Extension: (Chrome Media Router) - C:\Users\gaga8\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-09]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [Fichier non signé]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [125144 2016-02-15] (Realtek Semiconductor Corp.)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe [301536 2016-11-30] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe [480224 2016-11-30] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-07] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-07] (Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1392792 2015-11-09] (Intel Corporation)
R2 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164856 2016-03-24] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe [341984 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-04-05] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-03-24] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-03-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-03-24] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2017-01-09] ()
R2 ServiceDevMgmt; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [100448 2016-12-19] (Bitdefender)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-03-11] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1532736 2017-03-13] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [94712 2016-04-01] (ASUS Corporation)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-11-09] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-11-09] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-11-09] (Intel Corporation)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] () [Fichier non signé]
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
S3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185128 2015-06-16] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igdkmd64.sys [11039712 2016-11-30] (Intel Corporation)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-11] (Bitdefender)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-03-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [898296 2016-01-13] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [607488 2016-02-25] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-14 17:55 - 2017-03-14 17:55 - 00024507 _____ C:\Users\gaga8\Downloads\FRST.txt
2017-03-14 16:51 - 2017-03-14 16:52 - 00000746 _____ C:\Users\gaga8\Downloads\SystemLook.txt
2017-03-14 16:50 - 2017-03-14 16:51 - 00165376 _____ C:\Users\gaga8\Downloads\SystemLook_x64.exe
2017-03-14 16:19 - 2017-03-14 16:19 - 00005693 ___RH C:\farstone_pe.letter
2017-03-14 16:16 - 2017-03-14 16:16 - 00030147 _____ C:\Users\gaga8\Downloads\SFT.txt
2017-03-14 16:14 - 2017-03-14 16:15 - 01352704 _____ C:\Users\gaga8\Downloads\SFT.exe
2017-03-14 13:38 - 2017-03-14 13:38 - 00042232 _____ C:\ProgramData\dm.update.1489495067.bdinstall.bin
2017-03-14 10:24 - 2017-03-14 10:24 - 00001044 _____ C:\Users\gaga8\Downloads\Search.txt
2017-03-14 10:23 - 2017-03-14 10:23 - 00000443 _____ C:\Users\gaga8\Downloads\SearchReg.txt
2017-03-14 10:19 - 2017-03-14 10:19 - 00000000 ____D C:\Users\gaga8\Downloads\FRST-OlderVersion
2017-03-13 20:56 - 2017-03-14 11:26 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-03-13 20:56 - 2017-03-13 21:39 - 00000000 ____D C:\ProgramData\RogueKiller
2017-03-13 20:55 - 2017-03-13 20:56 - 26131528 _____ C:\Users\gaga8\Downloads\RogueKillerX64.exe
2017-03-13 20:11 - 2017-03-13 20:18 - 00000000 ____D C:\Users\gaga8\AppData\Roaming\ZHP
2017-03-13 20:11 - 2017-03-13 20:11 - 02749952 _____ C:\Users\gaga8\Downloads\ZHPCleaner.exe
2017-03-13 20:11 - 2017-03-13 20:11 - 00000877 _____ C:\Users\gaga8\Downloads\ZHPCleaner.lnk
2017-03-13 18:55 - 2017-03-13 18:56 - 00006509 _____ C:\Users\gaga8\Downloads\Fixlog.txt
2017-03-13 11:25 - 2017-03-14 17:55 - 00000000 ____D C:\FRST
2017-03-13 11:22 - 2017-03-14 10:19 - 02424832 _____ (Farbar) C:\Users\gaga8\Downloads\FRST64.exe
2017-03-12 08:05 - 2017-03-12 08:05 - 00000000 ____D C:\Users\gaga8\AppData\Temp
2017-03-07 11:24 - 2017-03-07 11:24 - 00000000 _RSHD C:\$.RECYCLEBIN
2017-03-07 11:20 - 2017-03-07 11:23 - 64867994 _____ C:\Users\gaga8\Desktop\document numérique.mp4
2017-03-02 21:08 - 2017-03-02 21:08 - 00000332 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䍬〸⸷浴p翾
2017-03-02 21:08 - 2017-03-02 21:08 - 00000328 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䍬㔳⸸浴p翾
2017-03-02 21:08 - 2017-03-02 21:08 - 00000326 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䍬〸⸸浴p翾
2017-03-02 21:07 - 2017-03-02 21:07 - 00000332 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸㥬㠹⸹浴p翾
2017-03-02 21:07 - 2017-03-02 21:07 - 00000326 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸㥬㤹⹁浴p翾
2017-03-02 21:06 - 2017-03-02 21:06 - 00000332 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸ㅬ䅆⹄浴p翾
2017-03-02 18:57 - 2017-03-02 18:57 - 00000336 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸㝬䑄⸶浴p翾
2017-03-02 18:57 - 2017-03-02 18:57 - 00000328 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸㝬ㄹ⸸浴p翾
2017-03-02 18:57 - 2017-03-02 18:57 - 00000326 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸㝬䕄⸷浴p翾
2017-03-02 18:55 - 2017-03-02 18:55 - 00000336 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䍬ぃ⸰浴p翾
2017-03-02 18:55 - 2017-03-02 18:55 - 00000332 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䉬㘸⹆浴p翾
2017-03-02 18:55 - 2017-03-02 18:55 - 00000322 _____ C:\WINDOWS\system32\㩃坜义佄南呜䵅屐浸䍬㍃⸰浴p翾
2017-03-02 18:55 - 2017-03-02 18:55 - 00000000 ____D C:\ProgramData\bdch
2017-03-02 18:17 - 2017-03-08 15:14 - 00032242 _____ C:\Users\gaga8\Desktop\tdinfodoc.odt
2017-02-26 19:29 - 2017-02-26 19:29 - 00120544 _____ C:\Users\gaga8\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-23 13:43 - 2017-02-23 16:40 - 00000000 ____D C:\Users\gaga8\AppData\Roaming\TS3Client
2017-02-23 13:43 - 2017-02-23 13:43 - 00000000 ____D C:\Users\gaga8\AppData\Local\TeamSpeak 3
2017-02-23 13:43 - 2017-02-23 13:43 - 00000000 ____D C:\Users\gaga8\.TeamSpeak 3
2017-02-23 13:43 - 2017-02-23 13:43 - 00000000 ____D C:\Users\gaga8\.QtWebEngineProcess
2017-02-23 13:42 - 2017-02-23 13:42 - 00001286 _____ C:\Users\gaga8\Desktop\TeamSpeak 3 Client.lnk
2017-02-23 13:42 - 2017-02-23 13:42 - 00001244 _____ C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-02-23 13:42 - 2017-02-23 13:42 - 00000000 ____D C:\Users\gaga8\AppData\Local\TeamSpeak 3 Client
2017-02-23 13:39 - 2017-02-23 13:41 - 77765040 _____ (TeamSpeak Systems GmbH) C:\Users\gaga8\Downloads\TeamSpeak3-Client-win64-3.1.1.1.exe
2017-02-20 16:47 - 2017-02-20 16:47 - 00013876 _____ C:\Users\gaga8\Downloads\PAGE DE PRESENTATION DES MATCHS DU MATIN bis(1).xlsx
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-14 17:19 - 2017-01-15 12:48 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-03-14 16:36 - 2016-11-16 15:28 - 00000000 ____D C:\Users\gaga8\AppData\LocalLow\Mozilla
2017-03-14 16:30 - 2017-01-07 14:36 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-14 16:26 - 2017-01-07 15:36 - 00000000 ____D C:\Users\gaga8\AppData\Local\ASUS GIFTBOX
2017-03-14 16:23 - 2017-01-07 15:03 - 00000000 ____D C:\Users\gaga8
2017-03-14 16:22 - 2017-01-09 14:11 - 00000000 ____D C:\Users\gaga8\AppData\Roaming\Skype
2017-03-14 16:20 - 2016-09-03 10:44 - 00000000 __SHD C:\Users\gaga8\IntelGraphicsProfiles
2017-03-14 16:19 - 2017-01-07 14:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-14 16:18 - 2017-02-09 22:19 - 00003933 _____ C:\bdlog.txt
2017-03-14 16:18 - 2017-01-07 13:58 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-03-14 12:48 - 2017-01-15 14:51 - 00004178 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{168F5F6E-0466-4F63-84F0-81A3CEAAB653}
2017-03-14 12:00 - 2017-01-07 16:39 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-03-14 12:00 - 2017-01-07 16:39 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-03-14 07:28 - 2017-01-07 14:19 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-14 06:26 - 2017-01-07 14:19 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-13 21:34 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-03-13 17:59 - 2017-01-07 15:36 - 00000206 _____ C:\Users\gaga8\AppData\Roaming\sp_data.sys
2017-03-11 16:21 - 2017-01-15 14:42 - 00305120 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2017-03-11 16:05 - 2017-01-07 13:58 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-11 16:03 - 2017-01-09 16:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-11 16:03 - 2017-01-09 16:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-11 16:03 - 2017-01-07 14:35 - 00422744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-08 13:40 - 2017-01-28 21:45 - 00000000 ____D C:\Users\gaga8\AppData\Roaming\vlc
2017-03-07 18:57 - 2017-01-07 14:17 - 00000000 ____D C:\WINDOWS\INF
2017-03-03 19:35 - 2017-01-09 14:12 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-03 19:35 - 2017-01-07 15:38 - 00002413 _____ C:\Users\gaga8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-03 19:35 - 2016-09-03 10:48 - 00000000 ___RD C:\Users\gaga8\OneDrive
2017-02-27 21:48 - 2016-09-05 15:35 - 00000000 ___RD C:\Users\gaga8\Desktop\Personnel
2017-02-27 21:11 - 2016-09-05 15:34 - 00000000 ___RD C:\Users\gaga8\Desktop\Football 2017
2017-02-27 09:19 - 2017-01-07 14:19 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-02-27 09:19 - 2017-01-07 14:19 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2017-02-23 16:48 - 2017-01-07 16:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 16:45 - 2017-01-07 16:28 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 13:42 - 2016-03-24 13:04 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-22 17:15 - 2017-01-07 14:05 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-18 17:52 - 2017-01-07 14:40 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
==================== Fichiers à la racine de certains dossiers =======
2017-01-07 15:36 - 2017-03-13 17:59 - 0000206 _____ () C:\Users\gaga8\AppData\Roaming\sp_data.sys
2017-03-14 13:38 - 2017-03-14 13:38 - 0042232 _____ () C:\ProgramData\dm.update.1489495067.bdinstall.bin
2017-01-07 14:42 - 2017-01-07 14:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-03-11 17:48
==================== Fin de FRST.txt ============================