FRST.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2017
Exécuté par CHAN Victor (administrateur) sur LAPTOP-0CLBGO1D (10-09-2017 16:20:10)
Exécuté depuis C:\Users\CHAN Victor\Downloads
Profils chargés: CHAN Victor (Profils disponibles: CHAN Victor)
Platform: Windows 10 Home Version 1703 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Orange\Orange Security Suite 10.1\avp.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Orange\Orange Security Suite 10.1\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\Spotify.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1472000 2016-11-22] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (HP Inc.)
HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-04-24] (Disc Soft Ltd)
HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\...\Run: [Spotify] => C:\Users\CHAN Victor\AppData\Roaming\Spotify\Spotify.exe [20449904 2017-09-04] (Spotify Ltd)
HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\...\Run: [Spotify Web Helper] => C:\Users\CHAN Victor\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-04] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-02-26]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico ()
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4c04e3e2-017b-4a98-a925-a0f0d36389d2}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-10-12] (HP Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-10-12] (HP Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\CHAN Victor\AppData\Roaming\Mozilla\Firefox\Profiles\ojsphd3b.default [2017-08-19]
FF Extension: (Adblock Plus) - C:\Users\CHAN Victor\AppData\Roaming\Mozilla\Firefox\Profiles\ojsphd3b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-08-19]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Orange\Orange Security Suite 10.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Orange\Orange Security Suite 10.1\FFExt\light_plugin_firefox\addon.xpi [2017-03-24]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR DefaultSearchURL: Default -> hxxp://search.searchvzc.com/s?remove=remove&query={searchTerms}
CHR Profile: C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default [2017-09-10]
CHR Extension: (Google Slides) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-11]
CHR Extension: (Google Docs) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-11]
CHR Extension: (Google Drive) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-11]
CHR Extension: (YouTube) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-11]
CHR Extension: (Adblock Plus) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-13]
CHR Extension: (Google Sheets) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-11]
CHR Extension: (Fou tournage) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbhccdddhenjmeamogpjhicnoffdood [2017-06-11]
CHR Extension: (Extension de sécurité pour votre application antivirus) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgleflkdamakpmckkidkcmnmdikbbmok [2017-06-12]
CHR Extension: (Google Hangouts) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-08-13]
CHR Extension: (Downloads) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-09-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-11]
CHR Extension: (Chrome Media Router) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-14]
CHR Extension: (Always Weather) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcboldhlmhecoigccicmippjglnhhic [2017-09-10]
CHR Profile: C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\System Profile [2017-06-11]
CHR HKLM\...\Chrome\Extension: [kgleflkdamakpmckkidkcmnmdikbbmok] - hxxps://chrome.google.com/webstore/detail/kgleflkdamakpmckkidkcmnmdikbbmok
CHR HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhmeggicckjohfhgocjieomdmmanmocd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kgleflkdamakpmckkidkcmnmdikbbmok] - hxxps://chrome.google.com/webstore/detail/kgleflkdamakpmckkidkcmnmdikbbmok

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AVP16.0.1; C:\Program Files (x86)\Orange\Orange Security Suite 10.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe [310240 2017-02-22] (Intel Corporation)
R2 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe [488928 2017-02-22] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-11] (Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-04-24] (Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2208888 2016-10-20] (Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [Fichier non signé]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe [350688 2017-02-22] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Orange\Orange Security Suite 10.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [318464 2016-11-22] (Realtek Semiconductor)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-12] (@ByELDI) [Fichier non signé]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [71232 2016-10-20] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66624 2016-10-20] (Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-06-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-06-24] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-10-20] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igdkmd64.sys [11036640 2017-02-22] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [186352 2017-06-12] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [244720 2017-06-12] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [186696 2017-09-10] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1001968 2017-06-12] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [51288 2017-03-24] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [87984 2017-03-24] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [116448 2017-03-24] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7932160 2017-01-24] (Intel Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [779232 2016-11-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [30368 2017-06-21] (HP)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 mfeaack01; \Device\mfeaack01.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-09-10 16:20 - 2017-09-10 16:20 - 000021996 _____ C:\Users\CHAN Victor\Downloads\FRST.txt
2017-09-10 16:19 - 2017-09-10 16:20 - 000000000 ____D C:\FRST
2017-09-10 16:19 - 2017-09-10 16:19 - 002396160 _____ (Farbar) C:\Users\CHAN Victor\Downloads\FRST64.exe
2017-09-10 16:00 - 2017-09-10 16:00 - 008182736 _____ (Malwarebytes) C:\Users\CHAN Victor\Downloads\adwcleaner_7.0.2.1.exe
2017-09-10 16:00 - 2017-09-10 16:00 - 008162248 _____ (Malwarebytes) C:\Users\CHAN Victor\Downloads\adwcleaner-7-0-0-0.exe
2017-09-10 15:40 - 2017-09-10 15:40 - 063416990 _____ C:\Users\CHAN Victor\Downloads\OOR BOL.rar
2017-09-10 15:39 - 2017-09-10 15:39 - 185627307 _____ C:\Users\CHAN Victor\Downloads\[arkaze] Batsu to Maru to Tsumi to.rar
2017-09-10 15:37 - 2017-09-10 15:46 - 122957873 _____ C:\Users\CHAN Victor\Downloads\_2010.06.02__bn_-_AtM__A__-_eimusics.com.rar
2017-09-10 15:33 - 2017-09-10 15:33 - 110069557 _____ C:\Users\CHAN Victor\Downloads\150617)__Alexandros__-_ALXD.zip
2017-09-08 12:50 - 2017-09-08 12:50 - 000037768 _____ C:\Users\CHAN Victor\Downloads\Ao no Exorcist - S02.torrent
2017-09-07 15:29 - 2017-09-07 15:29 - 000266213 _____ C:\Users\CHAN Victor\Downloads\Emploi étudiants SEFIAP.pdf
2017-09-07 15:28 - 2017-09-07 15:28 - 000091019 _____ C:\Users\CHAN Victor\Downloads\Emploi étudiant CIEL.pdf
2017-09-07 14:50 - 2017-09-07 14:50 - 000035747 _____ C:\Users\CHAN Victor\Downloads\Ao no Exorcist.torrent
2017-09-07 12:34 - 2017-09-07 12:34 - 000026057 _____ C:\Users\CHAN Victor\Downloads\Hataraku Maou-sama.torrent
2017-09-06 23:30 - 2017-09-06 23:30 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-09-05 19:49 - 2017-09-05 19:49 - 000005739 _____ C:\Users\CHAN Victor\Downloads\L_art_du_trading_Le_best_seller_du_trading_French_Chris83870.pdf.torrent
2017-09-03 22:22 - 2017-09-03 22:22 - 000269863 _____ C:\Users\CHAN Victor\Downloads\Renforcement mathématiques.pdf
2017-09-03 16:48 - 2017-09-03 16:48 - 000018648 _____ C:\Users\CHAN Victor\Downloads\Programme semaine d'intégration.pdf;filename-=utf-8''Programme semaine d'intégration (1).pdf
2017-09-02 19:52 - 2017-09-02 19:52 - 000017170 _____ C:\Users\CHAN Victor\Downloads\Kaichou.wa.maid-sama.saison.1.[HD].[VOSTFR].Pack.integrale.01a26.FIN.+.OAV.torrent
2017-09-02 16:46 - 2017-09-02 16:46 - 000045876 _____ C:\Users\CHAN Victor\Downloads\NHK Ni Youkoso.torrent
2017-09-02 16:25 - 2017-09-02 16:25 - 000611578 _____ C:\Users\CHAN Victor\Downloads\Zetsuen no Tempest.torrent
2017-08-31 17:39 - 2017-08-31 17:39 - 000037687 _____ C:\Users\CHAN Victor\Downloads\Usagi Drop (2).torrent
2017-08-31 17:38 - 2017-08-31 17:38 - 000037687 _____ C:\Users\CHAN Victor\Downloads\Usagi Drop (1).torrent
2017-08-31 17:37 - 2017-08-31 17:37 - 000037687 _____ C:\Users\CHAN Victor\Downloads\Usagi Drop.torrent
2017-08-31 15:18 - 2017-08-31 15:18 - 000018648 _____ C:\Users\CHAN Victor\Downloads\Programme semaine d'intégration.pdf
2017-08-31 11:38 - 2017-08-31 11:38 - 000051644 _____ C:\Users\CHAN Victor\Downloads\Convocation étudiants L1 _ mise à jour le 30 août 2017.pdf
2017-08-29 21:22 - 2017-08-29 21:22 - 000051582 _____ C:\Users\CHAN Victor\Downloads\Guilty.Crown.INTEGRALE.SUBFRENCH.720p.BluRay.x264-SiDERAL (1).torrent
2017-08-29 21:21 - 2017-08-29 21:21 - 000051582 _____ C:\Users\CHAN Victor\Downloads\Guilty.Crown.INTEGRALE.SUBFRENCH.720p.BluRay.x264-SiDERAL.torrent
2017-08-28 21:58 - 2017-08-28 21:58 - 000013084 _____ C:\Users\CHAN Victor\Downloads\Owarimonogatari vostfr S1 1080p.torrent
2017-08-28 21:24 - 2017-08-28 21:24 - 000068018 _____ C:\Users\CHAN Victor\Downloads\Monogatari Séries - 2013-2016 Full HD [ ByGirly ].torrent
2017-08-27 19:46 - 2017-08-27 19:46 - 000046640 _____ C:\Users\CHAN Victor\Downloads\Erased - Boku dake ga Inai Machi S01 - 2016 FRENCHSUB 1080p x265 - NoTag.torrent
2017-08-26 22:37 - 2017-08-26 22:37 - 000018648 _____ C:\Users\CHAN Victor\Downloads\Programme semaine d'intégration.pdf;filename-=utf-8''Programme semaine d'intégration.pdf
2017-08-26 22:19 - 2017-08-26 22:19 - 000149129 _____ C:\Users\CHAN Victor\Downloads\GTO.torrent
2017-08-25 15:56 - 2017-08-25 15:56 - 683845141 _____ C:\WINDOWS\MEMORY.DMP
2017-08-25 15:56 - 2017-08-25 15:56 - 000894724 _____ C:\WINDOWS\Minidump\082517-5046-01.dmp
2017-08-25 15:56 - 2017-08-25 15:56 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-19 01:15 - 2017-08-19 01:17 - 000000000 ____D C:\Users\CHAN Victor\AppData\LocalLow\Mozilla
2017-08-19 01:15 - 2017-08-19 01:15 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-19 01:15 - 2017-08-19 01:15 - 000001000 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-08-19 01:15 - 2017-08-19 01:15 - 000000000 ____D C:\Users\CHAN Victor\AppData\Roaming\Mozilla
2017-08-19 01:15 - 2017-08-19 01:15 - 000000000 ____D C:\Users\CHAN Victor\AppData\Local\Mozilla
2017-08-19 01:15 - 2017-08-19 01:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-19 01:15 - 2017-08-19 01:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-18 02:23 - 2017-08-18 02:23 - 000437344 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2017-08-18 02:23 - 2017-08-18 02:23 - 000350816 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo59.dll
2017-08-18 02:23 - 2017-08-18 02:23 - 000066136 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys
2017-08-18 02:23 - 2017-08-18 02:23 - 000055384 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2017-08-18 02:23 - 2017-08-18 02:23 - 000053848 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2017-08-14 16:44 - 2017-08-26 21:29 - 000000000 ____D C:\ProgramData\Skype
2017-08-14 16:44 - 2017-08-14 16:44 - 000000000 ____D C:\Users\CHAN Victor\Tracing

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-09-10 16:18 - 2017-06-24 13:25 - 000000000 ____D C:\Users\CHAN Victor\AppData\Roaming\Spotify
2017-09-10 16:17 - 2017-06-12 18:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-10 16:08 - 2017-06-11 18:05 - 000000000 ____D C:\Users\CHAN Victor\AppData\Local\Packages
2017-09-10 16:08 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-10 16:08 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-10 16:07 - 2017-06-11 18:45 - 002874588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-10 16:07 - 2017-03-20 07:10 - 001325090 _____ C:\WINDOWS\system32\perfh00C.dat
2017-09-10 16:07 - 2017-03-20 07:10 - 000313342 _____ C:\WINDOWS\system32\perfc00C.dat
2017-09-10 16:02 - 2017-06-12 00:03 - 000000000 ____D C:\AdwCleaner
2017-09-10 16:02 - 2017-06-11 18:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-10 16:02 - 2017-06-11 18:05 - 000000000 __SHD C:\Users\CHAN Victor\IntelGraphicsProfiles
2017-09-10 16:02 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-09-10 15:58 - 2017-06-24 11:18 - 000000290 __RSH C:\ProgramData\ntuser.pol
2017-09-10 14:55 - 2017-06-11 18:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-10 12:16 - 2017-06-11 21:42 - 000000000 ____D C:\Users\CHAN Victor\AppData\Roaming\vlc
2017-09-09 11:32 - 2017-07-27 07:13 - 000003390 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2543725777-4293404985-2249864547-1001
2017-09-09 11:32 - 2017-06-11 18:07 - 000002436 _____ C:\Users\CHAN Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-09 11:32 - 2017-06-11 18:07 - 000000000 ___RD C:\Users\CHAN Victor\OneDrive
2017-09-09 11:31 - 2017-06-24 13:25 - 000000000 ____D C:\Users\CHAN Victor\AppData\Local\Spotify
2017-09-09 11:30 - 2017-06-12 10:14 - 000000388 _____ C:\WINDOWS\Tasks\HPCeeScheduleForCHAN Victor.job
2017-09-09 01:31 - 2017-06-11 23:54 - 000000000 ____D C:\Users\CHAN Victor\AppData\Roaming\Azureus
2017-09-09 01:31 - 2017-06-11 18:45 - 000000000 ____D C:\Users\CHAN Victor
2017-09-06 23:30 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-05 21:44 - 2017-06-11 23:55 - 000000000 ____D C:\Users\CHAN Victor\Documents\Vuze Downloads
2017-09-04 18:55 - 2017-07-17 14:03 - 000003304 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForCHAN Victor
2017-08-30 19:25 - 2017-06-14 15:57 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-26 21:29 - 2017-06-11 18:07 - 000000000 ____D C:\Users\CHAN Victor\AppData\Roaming\Skype
2017-08-26 12:12 - 2017-06-11 19:06 - 000002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-26 12:12 - 2017-06-11 19:06 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-25 15:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-25 15:19 - 2017-07-17 13:53 - 000000000 ____D C:\Users\CHAN Victor\Documents\Pokémon
2017-08-24 01:13 - 2017-06-11 18:43 - 000473816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-18 02:23 - 2017-02-26 02:20 - 000055384 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2017-08-18 02:23 - 2016-09-10 08:56 - 001804688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2017-08-18 02:23 - 2016-09-10 08:56 - 000815712 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2017-08-18 02:23 - 2016-09-10 08:56 - 000716384 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2017-08-18 02:23 - 2016-09-10 08:56 - 000289376 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll

Certains fichiers dans TEMP:
====================
2017-06-12 18:13 - 2017-09-08 12:50 - 000079904 _____ () C:\Users\CHAN Victor\AppData\Local\Temp\i4jdel0.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-09-05 11:57

==================== Fin de FRST.txt ============================

Signaler le contenu de ce document