Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017
Exécuté par Phong (administrateur) sur DESKTOP-V6GIC6J (11-09-2017 14:53:57)
Exécuté depuis C:\Users\garfi\Desktop
Profils chargés: Phong (Profils disponibles: Phong)
Platform: Windows 10 Home Version 1703 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Hi-Rez Studios) D:\HiRez\HiPatchService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Akamai Technologies, Inc.) C:\Users\garfi\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\garfi\AppData\Local\Akamai\netsession_win.exe
(MY.COM B.V.) C:\Users\garfi\AppData\Local\MyComGames\MyComGames.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Nexon America) D:\Nexon Launcher\nexon_runtime.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe
(Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe
(Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe
(Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-02] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15367120 2017-05-15] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2017-05-22] (MSI)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [Akamai NetSession Interface] => C:\Users\garfi\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [MyComGames] => C:\Users\garfi\AppData\Local\MyComGames\MyComGames.exe [5572304 2017-08-11] (MY.COM B.V.)
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [160824 2017-05-24] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [uTorrent] => C:\Users\garfi\AppData\Roaming\uTorrent\uTorrent.exe [2150336 2017-09-09] (BitTorrent Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-02-03]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nexon Launcher.lnk [2017-09-09]
ShortcutTarget: Nexon Launcher.lnk -> D:\Nexon Launcher\nexon_launcher.exe ()
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{26515b14-388c-4ea4-89dd-4b3bf0d4e40e}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{26515b14-388c-4ea4-89dd-4b3bf0d4e40e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{33c2f18a-7a28-11e7-8652-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{a4992d5e-9f93-46c9-a155-3cd83c1b9489}: [NameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3537187915-2253798678-3291736898-1001 -> DefaultScope {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-3537187915-2253798678-3291736898-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-02-03] (Google Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-03] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-02-03] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-03] (Google Inc.)
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3537187915-2253798678-3291736898-1001: @my.com/Games -> C:\Users\garfi\AppData\Local\MyComGames\NPMyComDetector.dll [2017-03-03] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-3537187915-2253798678-3291736898-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-07-28] ()
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default [2017-09-11]
CHR Extension: (Google Slides) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-03]
CHR Extension: (Google Docs) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-03]
CHR Extension: (Google Drive) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-03]
CHR Extension: (YouTube) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-03]
CHR Extension: (Google Sheets) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-03]
CHR Extension: (AdBlock) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-03]
CHR Extension: (Chrome Media Router) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
CHR Extension: (Always Weather) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcboldhlmhecoigccicmippjglnhhic [2017-09-09]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
S3 ALG; C:\WINDOWS\System32\alg.exe [92672 2017-03-18] (Microsoft Corporation)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387128 2017-05-24] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-05-24] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [406584 2017-05-24] (BlueStack Systems, Inc.)
R2 CDPUserSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 DevicesFlowUserSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 DevicesFlowUserSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-07-01] (EasyAntiCheat Ltd)
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [637440 2017-03-18] (Microsoft Corporation)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-02-17] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
R2 HiPatchService; D:\HiRez\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [Fichier non signé]
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 MessagingService_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 MessagingService_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2017-03-18] (Microsoft Corporation)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2206304 2017-01-06] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4172896 2016-12-14] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2102880 2017-02-15] (MSI)
S2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2331744 2017-02-15] (MSI)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [66048 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59392 2017-03-18] (Microsoft Corporation)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [611936 2017-02-10] (MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [80312 2017-05-18] (Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [111568 2017-04-05] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2285008 2017-05-11] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [174032 2017-04-28] (MSI)
R2 OneSyncSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-07-28] ()
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2017-03-18] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [58488 2017-08-05] (Microsoft Corporation)
R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [336320 2017-08-05] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-08-05] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [757760 2017-03-18] (Microsoft Corporation)
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [4574192 2017-03-18] (Microsoft Corporation)
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [43008 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_43cab; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [643072 2017-03-18] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\system32\vssvc.exe [1550848 2017-03-18] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-08-05] (Microsoft Corporation)
R2 WpnUserService_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [933376 2017-08-05] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [797184 2017-08-05] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-10-20] (Intel(R) Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-02-03] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-02-03] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks, LLC.)
S3 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2017-05-24] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-05-22] (Bluestack System Inc. )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-09-11] ()
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-09-11] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-09-11] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-11] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253856 2017-09-11] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-09-11] (Malwarebytes)
R1 MpKslf91c3665; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C4F3D6D5-14D5-4718-839A-298128E74AF0}\MpKslf91c3665.sys [44928 2017-09-11] (Microsoft Corporation)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MSI)
R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-05-18] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [14288 2017-03-15] (MSI)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-09-06] (Wellbia.com Co., Ltd.)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54352 2016-08-18] (Intel Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-07-12] (BigNox Corporation)
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-11 14:53 - 2017-09-11 14:54 - 000024936 _____ C:\Users\garfi\Desktop\FRST.txt
2017-09-11 14:53 - 2017-09-11 14:53 - 002396672 _____ (Farbar) C:\Users\garfi\Desktop\FRST64.exe
2017-09-11 14:53 - 2017-09-11 14:53 - 000000000 ____D C:\FRST
2017-09-11 14:50 - 2017-09-11 14:50 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-11 14:50 - 2017-09-11 14:50 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-11 14:49 - 2017-09-11 14:49 - 001549800 _____ ( ) C:\Users\garfi\Downloads\chrome_setup.exe
2017-09-11 14:49 - 2017-09-11 14:49 - 000929872 _____ (Google Inc.) C:\Users\garfi\Downloads\chrome_francais.exe
2017-09-11 14:35 - 2017-09-11 14:35 - 064025992 _____ (Malwarebytes ) C:\Users\garfi\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060 (1).exe
2017-09-11 14:24 - 2017-09-11 14:27 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-11 14:23 - 2017-09-11 14:39 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-11 14:23 - 2017-09-11 14:39 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-11 14:23 - 2017-09-11 14:39 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-11 14:23 - 2017-09-11 14:39 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-11 14:23 - 2017-09-11 14:26 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-11 14:23 - 2017-09-11 14:23 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-11 14:23 - 2017-09-11 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-11 14:23 - 2017-09-11 14:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-11 14:23 - 2017-09-11 14:23 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-11 14:21 - 2017-09-11 14:22 - 064025992 _____ (Malwarebytes ) C:\Users\garfi\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060.exe
2017-09-10 07:29 - 2017-09-10 07:29 - 000260864 _____ (Facebook) C:\Users\garfi\Downloads\FacebookGameroom.exe
2017-09-09 20:37 - 2017-09-09 20:37 - 000000000 ____D C:\ProgramData\NexonUS
2017-09-09 20:37 - 2017-09-09 20:37 - 000000000 ____D C:\ProgramData\Nexon
2017-09-09 20:36 - 2017-09-09 20:36 - 000000016 _____ C:\ProgramData\mntemp
2017-09-09 20:35 - 2017-09-09 20:38 - 000000000 ____D C:\Users\garfi\OneDrive\Documents\Vindictus
2017-09-09 20:12 - 2017-09-09 20:12 - 000001605 _____ C:\Users\garfi\Desktop\Vindictus.lnk
2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Python
2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Local\NexonLauncher
2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Local\Crashpad
2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Nexon
2017-09-09 20:06 - 2017-09-09 20:12 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
2017-09-09 20:06 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Roaming\NexonLauncher
2017-09-09 20:06 - 2017-09-09 20:06 - 011437984 _____ C:\Users\garfi\Downloads\NexonLauncherSetup.exe
2017-09-09 20:06 - 2017-09-09 20:06 - 000000813 _____ C:\Users\garfi\Desktop\Nexon Launcher.lnk
2017-09-09 16:07 - 2017-09-09 16:11 - 000000000 ____D C:\Users\garfi\OneDrive\Documents\PROPCCleaner
2017-09-09 16:07 - 2017-09-09 16:07 - 001611944 _____ (Secure Download Ltd. ) C:\Users\garfi\Desktop\Registry_Activation
2017-09-09 16:06 - 2017-09-09 16:06 - 001733104 _____ (BitTorrent Inc.) C:\Users\garfi\Downloads\uTorrent (1).exe
2017-09-09 16:04 - 2017-09-11 14:33 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.1 Final
2017-09-09 16:04 - 2017-09-09 16:04 - 000003562 _____ C:\WINDOWS\System32\Tasks\SVC Update
2017-09-09 15:53 - 2017-09-09 16:13 - 000000000 ____D C:\Users\garfi\AppData\Roaming\uTorrent
2017-09-09 15:53 - 2017-09-09 15:53 - 001733104 _____ (BitTorrent Inc.) C:\Users\garfi\Downloads\uTorrent.exe
2017-09-09 15:53 - 2017-09-09 15:53 - 000000896 _____ C:\Users\garfi\Desktop\µTorrent.lnk
2017-09-09 15:53 - 2017-09-09 15:53 - 000000876 _____ C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-09-08 17:06 - 2017-09-08 17:06 - 000180933 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170623 (1).pdf
2017-09-06 18:04 - 2017-09-06 18:04 - 000000075 _____ C:\Users\garfi\Desktop\7-49 À regarder plus tard.url
2017-09-05 15:58 - 2017-09-05 15:58 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-09-04 18:54 - 2017-09-04 18:54 - 000329566 _____ C:\Users\garfi\Desktop\watch.html
2017-08-29 17:26 - 2017-08-29 17:26 - 000069240 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170727.pdf
2017-08-29 17:22 - 2017-08-29 17:22 - 000068531 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170827.pdf
2017-08-29 15:21 - 2017-08-29 15:21 - 000180933 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170623.pdf
2017-08-29 15:21 - 2017-08-29 15:21 - 000180933 _____ C:\Users\garfi\Desktop\Bouyguestelecom_Facture_20170623.pdf
2017-08-29 15:20 - 2017-08-29 15:20 - 000183058 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170823 (1).pdf
2017-08-25 22:08 - 2017-08-25 22:08 - 000000000 ____D C:\Users\garfi\AppData\LocalLow\Unnyhog
2017-08-25 21:24 - 2017-08-25 21:24 - 000000222 _____ C:\Users\garfi\Desktop\UnnyWorld.url
2017-08-23 19:58 - 2017-08-23 19:58 - 000183058 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170823.pdf
2017-08-21 11:25 - 2017-08-21 11:25 - 000000222 _____ C:\Users\garfi\Desktop\S.K.I.L.L. - Special Force 2.url
2017-08-18 15:43 - 2017-08-18 15:43 - 000181033 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170723.pdf
2017-08-15 13:46 - 2017-08-15 13:46 - 000000000 ____D C:\Users\garfi\AppData\Roaming\EasyAntiCheat
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-11 14:50 - 2017-02-03 04:12 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-11 14:45 - 2017-08-05 22:56 - 002355274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-11 14:45 - 2017-03-20 07:10 - 001091714 _____ C:\WINDOWS\system32\perfh00C.dat
2017-09-11 14:45 - 2017-03-20 07:10 - 000235240 _____ C:\WINDOWS\system32\perfc00C.dat
2017-09-11 14:39 - 2017-08-05 22:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-11 14:39 - 2017-08-05 22:51 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-09-11 14:39 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-09-11 14:39 - 2017-03-03 10:59 - 000000000 ____D C:\Users\garfi\AppData\Local\MyComGames
2017-09-11 14:39 - 2017-02-05 19:34 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-11 14:34 - 2017-08-05 22:52 - 000000000 ____D C:\Users\garfi
2017-09-11 14:33 - 2017-03-03 10:18 - 000000000 ____D C:\Users\garfi\AppData\Local\cd04b59
2017-09-11 14:06 - 2017-08-05 22:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-11 08:07 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-10 21:59 - 2017-07-01 22:12 - 000779304 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-09-10 21:00 - 2017-02-03 04:42 - 000000000 ____D C:\Users\garfi\AppData\Local\ElevatedDiagnostics
2017-09-09 20:06 - 2016-06-28 12:13 - 000000001 _____ C:\END
2017-09-09 16:08 - 2017-02-03 04:25 - 000000000 ____D C:\Users\garfi\AppData\Local\{9367A53B-B7CF-C983-DA57-EC6BFE3F10F3}
2017-09-09 15:20 - 2017-02-03 04:25 - 000000290 __RSH C:\ProgramData\ntuser.pol
2017-09-09 07:27 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-09 04:10 - 2017-02-03 04:10 - 000000000 ___RD C:\Users\garfi\OneDrive
2017-09-09 03:20 - 2017-08-05 22:58 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3537187915-2253798678-3291736898-1001
2017-09-09 03:20 - 2017-02-03 04:10 - 000002411 _____ C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-08 16:08 - 2017-07-31 12:04 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Andy
2017-09-08 16:07 - 2017-07-31 12:07 - 000000000 ____D C:\Users\garfi\AppData\Roaming\VMware
2017-09-08 16:07 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-06 12:33 - 2017-02-07 10:58 - 000037344 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-09-05 13:14 - 2017-02-03 15:31 - 000000000 ____D C:\Users\garfi\AppData\Local\Blizzard Entertainment
2017-09-05 13:09 - 2017-02-03 15:31 - 000000000 ____D C:\Users\garfi\AppData\Local\Battle.net
2017-09-05 12:59 - 2017-02-03 15:31 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-09-02 20:59 - 2017-07-08 14:48 - 000000000 ____D C:\Users\garfi\AppData\Local\osu!
2017-08-30 23:46 - 2017-03-05 18:50 - 000000000 ____D C:\Users\garfi\AppData\Local\Warframe
2017-08-29 17:19 - 2017-02-21 17:18 - 000001361 _____ C:\Users\garfi\Desktop\Facture.txt
2017-08-26 13:33 - 2017-07-07 01:22 - 000000118 _____ C:\Users\garfi\Desktop\Compte.txt
2017-08-25 21:24 - 2017-02-05 20:13 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-08-24 18:22 - 2017-06-05 23:32 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2017-08-22 07:45 - 2017-02-03 04:43 - 000002115 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-08-22 07:45 - 2017-02-03 04:43 - 000002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-08-22 07:45 - 2017-02-03 04:43 - 000002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-08-22 07:45 - 2017-02-03 04:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-18 09:00 - 2017-02-03 05:42 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-12 18:10 - 2017-07-07 00:10 - 000012095 _____ C:\Users\garfi\AppData\Localtransition_12d464e8f184634e2f4fae5fa034aa5c.ini
==================== Fichiers à la racine de certains dossiers =======
2017-07-31 11:44 - 2017-07-31 13:12 - 000001686 _____ () C:\Users\garfi\AppData\Roaming\droid4xinstaller.log
2017-03-02 11:56 - 2017-03-03 12:20 - 000053179 _____ () C:\Users\garfi\AppData\Roaming\Uninstall.exe
2017-02-03 15:45 - 2017-02-03 15:45 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-09-09 20:36 - 2017-09-09 20:36 - 000000016 _____ () C:\ProgramData\mntemp
Certains fichiers dans TEMP:
====================
2017-08-21 11:51 - 2017-08-21 11:53 - 000000093 _____ () C:\Users\garfi\AppData\Local\Temp\5fabfb55008d588056e87337294c0cfa.dll
2017-08-29 22:04 - 2017-09-06 12:33 - 000000016 _____ () C:\Users\garfi\AppData\Local\Temp\7af3804daef5ff49304bd5528859e921.dll
2017-08-21 11:50 - 2017-08-21 13:23 - 000000000 _____ () C:\Users\garfi\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
2017-08-29 22:04 - 2017-09-06 12:34 - 000000000 _____ () C:\Users\garfi\AppData\Local\Temp\fb1d5c12ab65a33663c67a42c8bf47b2.dll
2017-09-08 16:06 - 2017-02-03 15:20 - 001342792 _____ (Andy OS, inc.) C:\Users\garfi\AppData\Local\Temp\RemoveTemp.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-09-04 23:52
==================== Fin de FRST.txt ============================
Exécuté par Phong (administrateur) sur DESKTOP-V6GIC6J (11-09-2017 14:53:57)
Exécuté depuis C:\Users\garfi\Desktop
Profils chargés: Phong (Profils disponibles: Phong)
Platform: Windows 10 Home Version 1703 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Hi-Rez Studios) D:\HiRez\HiPatchService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Akamai Technologies, Inc.) C:\Users\garfi\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\garfi\AppData\Local\Akamai\netsession_win.exe
(MY.COM B.V.) C:\Users\garfi\AppData\Local\MyComGames\MyComGames.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Nexon America) D:\Nexon Launcher\nexon_runtime.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe
(Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe
(Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe
(Nexon) D:\Nexon Launcher\bin\nexon_client\nexon_client.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-02] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15367120 2017-05-15] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2017-05-22] (MSI)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [Akamai NetSession Interface] => C:\Users\garfi\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [MyComGames] => C:\Users\garfi\AppData\Local\MyComGames\MyComGames.exe [5572304 2017-08-11] (MY.COM B.V.)
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [160824 2017-05-24] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\...\Run: [uTorrent] => C:\Users\garfi\AppData\Roaming\uTorrent\uTorrent.exe [2150336 2017-09-09] (BitTorrent Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-02-03]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nexon Launcher.lnk [2017-09-09]
ShortcutTarget: Nexon Launcher.lnk -> D:\Nexon Launcher\nexon_launcher.exe ()
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{26515b14-388c-4ea4-89dd-4b3bf0d4e40e}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{26515b14-388c-4ea4-89dd-4b3bf0d4e40e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{33c2f18a-7a28-11e7-8652-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{a4992d5e-9f93-46c9-a155-3cd83c1b9489}: [NameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3537187915-2253798678-3291736898-1001 -> DefaultScope {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-3537187915-2253798678-3291736898-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-02-03] (Google Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-03] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-02-03] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-03] (Google Inc.)
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3537187915-2253798678-3291736898-1001: @my.com/Games -> C:\Users\garfi\AppData\Local\MyComGames\NPMyComDetector.dll [2017-03-03] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-3537187915-2253798678-3291736898-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-07-28] ()
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default [2017-09-11]
CHR Extension: (Google Slides) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-03]
CHR Extension: (Google Docs) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-03]
CHR Extension: (Google Drive) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-03]
CHR Extension: (YouTube) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-03]
CHR Extension: (Google Sheets) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-03]
CHR Extension: (AdBlock) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-03]
CHR Extension: (Chrome Media Router) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
CHR Extension: (Always Weather) - C:\Users\garfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcboldhlmhecoigccicmippjglnhhic [2017-09-09]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3537187915-2253798678-3291736898-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
S3 ALG; C:\WINDOWS\System32\alg.exe [92672 2017-03-18] (Microsoft Corporation)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387128 2017-05-24] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-05-24] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [406584 2017-05-24] (BlueStack Systems, Inc.)
R2 CDPUserSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 DevicesFlowUserSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 DevicesFlowUserSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-07-01] (EasyAntiCheat Ltd)
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [637440 2017-03-18] (Microsoft Corporation)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-02-17] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
R2 HiPatchService; D:\HiRez\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [Fichier non signé]
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 MessagingService_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 MessagingService_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2017-03-18] (Microsoft Corporation)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2206304 2017-01-06] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4172896 2016-12-14] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2102880 2017-02-15] (MSI)
S2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2331744 2017-02-15] (MSI)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [66048 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59392 2017-03-18] (Microsoft Corporation)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [611936 2017-02-10] (MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [80312 2017-05-18] (Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [111568 2017-04-05] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2285008 2017-05-11] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [174032 2017-04-28] (MSI)
R2 OneSyncSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-07-28] ()
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2017-03-18] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [58488 2017-08-05] (Microsoft Corporation)
R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [336320 2017-08-05] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-08-05] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [757760 2017-03-18] (Microsoft Corporation)
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [4574192 2017-03-18] (Microsoft Corporation)
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [43008 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_43cab; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [643072 2017-03-18] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\system32\vssvc.exe [1550848 2017-03-18] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-08-05] (Microsoft Corporation)
R2 WpnUserService_43cab; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_43cab; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [933376 2017-08-05] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [797184 2017-08-05] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-10-20] (Intel(R) Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-02-03] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-02-03] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks, LLC.)
S3 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2017-05-24] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-05-22] (Bluestack System Inc. )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-09-11] ()
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-09-11] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-09-11] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-11] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253856 2017-09-11] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-09-11] (Malwarebytes)
R1 MpKslf91c3665; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C4F3D6D5-14D5-4718-839A-298128E74AF0}\MpKslf91c3665.sys [44928 2017-09-11] (Microsoft Corporation)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MSI)
R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-05-18] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [14288 2017-03-15] (MSI)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-09-06] (Wellbia.com Co., Ltd.)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54352 2016-08-18] (Intel Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-07-12] (BigNox Corporation)
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-11 14:53 - 2017-09-11 14:54 - 000024936 _____ C:\Users\garfi\Desktop\FRST.txt
2017-09-11 14:53 - 2017-09-11 14:53 - 002396672 _____ (Farbar) C:\Users\garfi\Desktop\FRST64.exe
2017-09-11 14:53 - 2017-09-11 14:53 - 000000000 ____D C:\FRST
2017-09-11 14:50 - 2017-09-11 14:50 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-11 14:50 - 2017-09-11 14:50 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-11 14:49 - 2017-09-11 14:49 - 001549800 _____ ( ) C:\Users\garfi\Downloads\chrome_setup.exe
2017-09-11 14:49 - 2017-09-11 14:49 - 000929872 _____ (Google Inc.) C:\Users\garfi\Downloads\chrome_francais.exe
2017-09-11 14:35 - 2017-09-11 14:35 - 064025992 _____ (Malwarebytes ) C:\Users\garfi\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060 (1).exe
2017-09-11 14:24 - 2017-09-11 14:27 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-11 14:23 - 2017-09-11 14:39 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-11 14:23 - 2017-09-11 14:39 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-11 14:23 - 2017-09-11 14:39 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-11 14:23 - 2017-09-11 14:39 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-11 14:23 - 2017-09-11 14:26 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-11 14:23 - 2017-09-11 14:23 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-11 14:23 - 2017-09-11 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-11 14:23 - 2017-09-11 14:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-11 14:23 - 2017-09-11 14:23 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-11 14:21 - 2017-09-11 14:22 - 064025992 _____ (Malwarebytes ) C:\Users\garfi\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060.exe
2017-09-10 07:29 - 2017-09-10 07:29 - 000260864 _____ (Facebook) C:\Users\garfi\Downloads\FacebookGameroom.exe
2017-09-09 20:37 - 2017-09-09 20:37 - 000000000 ____D C:\ProgramData\NexonUS
2017-09-09 20:37 - 2017-09-09 20:37 - 000000000 ____D C:\ProgramData\Nexon
2017-09-09 20:36 - 2017-09-09 20:36 - 000000016 _____ C:\ProgramData\mntemp
2017-09-09 20:35 - 2017-09-09 20:38 - 000000000 ____D C:\Users\garfi\OneDrive\Documents\Vindictus
2017-09-09 20:12 - 2017-09-09 20:12 - 000001605 _____ C:\Users\garfi\Desktop\Vindictus.lnk
2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Python
2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Local\NexonLauncher
2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Local\Crashpad
2017-09-09 20:07 - 2017-09-09 20:07 - 000000000 ____D C:\Nexon
2017-09-09 20:06 - 2017-09-09 20:12 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
2017-09-09 20:06 - 2017-09-09 20:07 - 000000000 ____D C:\Users\garfi\AppData\Roaming\NexonLauncher
2017-09-09 20:06 - 2017-09-09 20:06 - 011437984 _____ C:\Users\garfi\Downloads\NexonLauncherSetup.exe
2017-09-09 20:06 - 2017-09-09 20:06 - 000000813 _____ C:\Users\garfi\Desktop\Nexon Launcher.lnk
2017-09-09 16:07 - 2017-09-09 16:11 - 000000000 ____D C:\Users\garfi\OneDrive\Documents\PROPCCleaner
2017-09-09 16:07 - 2017-09-09 16:07 - 001611944 _____ (Secure Download Ltd. ) C:\Users\garfi\Desktop\Registry_Activation
2017-09-09 16:06 - 2017-09-09 16:06 - 001733104 _____ (BitTorrent Inc.) C:\Users\garfi\Downloads\uTorrent (1).exe
2017-09-09 16:04 - 2017-09-11 14:33 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.1 Final
2017-09-09 16:04 - 2017-09-09 16:04 - 000003562 _____ C:\WINDOWS\System32\Tasks\SVC Update
2017-09-09 15:53 - 2017-09-09 16:13 - 000000000 ____D C:\Users\garfi\AppData\Roaming\uTorrent
2017-09-09 15:53 - 2017-09-09 15:53 - 001733104 _____ (BitTorrent Inc.) C:\Users\garfi\Downloads\uTorrent.exe
2017-09-09 15:53 - 2017-09-09 15:53 - 000000896 _____ C:\Users\garfi\Desktop\µTorrent.lnk
2017-09-09 15:53 - 2017-09-09 15:53 - 000000876 _____ C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-09-08 17:06 - 2017-09-08 17:06 - 000180933 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170623 (1).pdf
2017-09-06 18:04 - 2017-09-06 18:04 - 000000075 _____ C:\Users\garfi\Desktop\7-49 À regarder plus tard.url
2017-09-05 15:58 - 2017-09-05 15:58 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-09-04 18:54 - 2017-09-04 18:54 - 000329566 _____ C:\Users\garfi\Desktop\watch.html
2017-08-29 17:26 - 2017-08-29 17:26 - 000069240 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170727.pdf
2017-08-29 17:22 - 2017-08-29 17:22 - 000068531 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170827.pdf
2017-08-29 15:21 - 2017-08-29 15:21 - 000180933 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170623.pdf
2017-08-29 15:21 - 2017-08-29 15:21 - 000180933 _____ C:\Users\garfi\Desktop\Bouyguestelecom_Facture_20170623.pdf
2017-08-29 15:20 - 2017-08-29 15:20 - 000183058 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170823 (1).pdf
2017-08-25 22:08 - 2017-08-25 22:08 - 000000000 ____D C:\Users\garfi\AppData\LocalLow\Unnyhog
2017-08-25 21:24 - 2017-08-25 21:24 - 000000222 _____ C:\Users\garfi\Desktop\UnnyWorld.url
2017-08-23 19:58 - 2017-08-23 19:58 - 000183058 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170823.pdf
2017-08-21 11:25 - 2017-08-21 11:25 - 000000222 _____ C:\Users\garfi\Desktop\S.K.I.L.L. - Special Force 2.url
2017-08-18 15:43 - 2017-08-18 15:43 - 000181033 _____ C:\Users\garfi\Downloads\Bouyguestelecom_Facture_20170723.pdf
2017-08-15 13:46 - 2017-08-15 13:46 - 000000000 ____D C:\Users\garfi\AppData\Roaming\EasyAntiCheat
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-11 14:50 - 2017-02-03 04:12 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-11 14:45 - 2017-08-05 22:56 - 002355274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-11 14:45 - 2017-03-20 07:10 - 001091714 _____ C:\WINDOWS\system32\perfh00C.dat
2017-09-11 14:45 - 2017-03-20 07:10 - 000235240 _____ C:\WINDOWS\system32\perfc00C.dat
2017-09-11 14:39 - 2017-08-05 22:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-11 14:39 - 2017-08-05 22:51 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-09-11 14:39 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-09-11 14:39 - 2017-03-03 10:59 - 000000000 ____D C:\Users\garfi\AppData\Local\MyComGames
2017-09-11 14:39 - 2017-02-05 19:34 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-11 14:34 - 2017-08-05 22:52 - 000000000 ____D C:\Users\garfi
2017-09-11 14:33 - 2017-03-03 10:18 - 000000000 ____D C:\Users\garfi\AppData\Local\cd04b59
2017-09-11 14:06 - 2017-08-05 22:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-11 08:07 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-10 21:59 - 2017-07-01 22:12 - 000779304 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-09-10 21:00 - 2017-02-03 04:42 - 000000000 ____D C:\Users\garfi\AppData\Local\ElevatedDiagnostics
2017-09-09 20:06 - 2016-06-28 12:13 - 000000001 _____ C:\END
2017-09-09 16:08 - 2017-02-03 04:25 - 000000000 ____D C:\Users\garfi\AppData\Local\{9367A53B-B7CF-C983-DA57-EC6BFE3F10F3}
2017-09-09 15:20 - 2017-02-03 04:25 - 000000290 __RSH C:\ProgramData\ntuser.pol
2017-09-09 07:27 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-09 04:10 - 2017-02-03 04:10 - 000000000 ___RD C:\Users\garfi\OneDrive
2017-09-09 03:20 - 2017-08-05 22:58 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3537187915-2253798678-3291736898-1001
2017-09-09 03:20 - 2017-02-03 04:10 - 000002411 _____ C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-08 16:08 - 2017-07-31 12:04 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Andy
2017-09-08 16:07 - 2017-07-31 12:07 - 000000000 ____D C:\Users\garfi\AppData\Roaming\VMware
2017-09-08 16:07 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-06 12:33 - 2017-02-07 10:58 - 000037344 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-09-05 13:14 - 2017-02-03 15:31 - 000000000 ____D C:\Users\garfi\AppData\Local\Blizzard Entertainment
2017-09-05 13:09 - 2017-02-03 15:31 - 000000000 ____D C:\Users\garfi\AppData\Local\Battle.net
2017-09-05 12:59 - 2017-02-03 15:31 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-09-02 20:59 - 2017-07-08 14:48 - 000000000 ____D C:\Users\garfi\AppData\Local\osu!
2017-08-30 23:46 - 2017-03-05 18:50 - 000000000 ____D C:\Users\garfi\AppData\Local\Warframe
2017-08-29 17:19 - 2017-02-21 17:18 - 000001361 _____ C:\Users\garfi\Desktop\Facture.txt
2017-08-26 13:33 - 2017-07-07 01:22 - 000000118 _____ C:\Users\garfi\Desktop\Compte.txt
2017-08-25 21:24 - 2017-02-05 20:13 - 000000000 ____D C:\Users\garfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-08-24 18:22 - 2017-06-05 23:32 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2017-08-22 07:45 - 2017-02-03 04:43 - 000002115 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-08-22 07:45 - 2017-02-03 04:43 - 000002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-08-22 07:45 - 2017-02-03 04:43 - 000002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-08-22 07:45 - 2017-02-03 04:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-18 09:00 - 2017-02-03 05:42 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-12 18:10 - 2017-07-07 00:10 - 000012095 _____ C:\Users\garfi\AppData\Localtransition_12d464e8f184634e2f4fae5fa034aa5c.ini
==================== Fichiers à la racine de certains dossiers =======
2017-07-31 11:44 - 2017-07-31 13:12 - 000001686 _____ () C:\Users\garfi\AppData\Roaming\droid4xinstaller.log
2017-03-02 11:56 - 2017-03-03 12:20 - 000053179 _____ () C:\Users\garfi\AppData\Roaming\Uninstall.exe
2017-02-03 15:45 - 2017-02-03 15:45 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-09-09 20:36 - 2017-09-09 20:36 - 000000016 _____ () C:\ProgramData\mntemp
Certains fichiers dans TEMP:
====================
2017-08-21 11:51 - 2017-08-21 11:53 - 000000093 _____ () C:\Users\garfi\AppData\Local\Temp\5fabfb55008d588056e87337294c0cfa.dll
2017-08-29 22:04 - 2017-09-06 12:33 - 000000016 _____ () C:\Users\garfi\AppData\Local\Temp\7af3804daef5ff49304bd5528859e921.dll
2017-08-21 11:50 - 2017-08-21 13:23 - 000000000 _____ () C:\Users\garfi\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
2017-08-29 22:04 - 2017-09-06 12:34 - 000000000 _____ () C:\Users\garfi\AppData\Local\Temp\fb1d5c12ab65a33663c67a42c8bf47b2.dll
2017-09-08 16:06 - 2017-02-03 15:20 - 001342792 _____ (Andy OS, inc.) C:\Users\garfi\AppData\Local\Temp\RemoveTemp.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-09-04 23:52
==================== Fin de FRST.txt ============================