Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017
Ran by jino (administrator) on DESKTOP-0UDS89G (11-09-2017 16:29:56)
Running from C:\Users\etien\Desktop
Loaded Profiles: jino & Spinarcade (Available Profiles: defaultuser0 & jino & Spinarcade & spinarcarde 2)
Platform: Windows 10 Pro Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Mad Catz Inc) C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mad Catz Inc) C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Flux Software LLC) C:\Users\etien\AppData\Local\FluxSoftware\Flux\flux.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-24] (Logitech Inc.)
HKLM\...\Run: [RAT6] => C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe [602112 2016-12-16] (Mad Catz Inc)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [f.lux] => C:\Users\etien\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-06] (Flux Software LLC)
HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [Discord] => C:\Users\etien\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [GoogleChromeAutoLaunch_4EAD62F6C3B1F672AAD4D3D76A11ED8C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1301848 2017-08-23] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2017-02-14]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2017-02-14]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-02-14]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Enregistrement du produit.lnk [2017-03-22]
ShortcutTarget: Logitech . Enregistrement du produit.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-04-01]
ShortcutTarget: Twitch.lnk -> C:\Users\etien\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0365d22f-f26d-4c3e-b785-2dc3c10275ac}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{1627b5cf-0e8d-4caf-94b2-88804fd1b678}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{91434800-1e43-4fe9-8614-e29d78a510fb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b722ced3-3f94-4cf8-bcec-de7b452c852f}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-20] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-20] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
FireFox:
========
FF DefaultProfile: ac5jf35o.default
FF ProfilePath: C:\Users\etien\AppData\Roaming\Mozilla\Firefox\Profiles\ac5jf35o.default [2017-09-11]
FF Extension: (uBlock Origin) - C:\Users\etien\AppData\Roaming\Mozilla\Firefox\Profiles\ac5jf35o.default\Extensions\uBlock0@raymondhill.net.xpi [2017-09-03]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-24]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-20] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> E:\vlc\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default [2017-09-11]
CHR Extension: (Google Docs) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-14]
CHR Extension: (Google Drive) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-14]
CHR Extension: (YouTube) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-14]
CHR Extension: (uBlock Origin) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-09-06]
CHR Extension: (Tampermonkey) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-05-16]
CHR Extension: (Kaspersky Protection) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-05-19]
CHR Extension: (EditThisCookie) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-02-14]
CHR Extension: (Bureau à distance Google Chrome) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-08-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-14]
CHR Extension: (Testapic - Test Utilisateur à distance) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikcpehlhkigdkffkkbimmaocmbpgfbbp [2017-06-29]
CHR Extension: (Google Hangouts) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2017-05-04]
CHR Extension: (Google Play Books) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2017-02-14]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
CHR Extension: (Always Weather) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcboldhlmhecoigccicmippjglnhhic [2017-09-11]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALG; C:\WINDOWS\System32\alg.exe [92672 2017-03-18] (Microsoft Corporation)
S4 AppVClient; C:\WINDOWS\system32\AppVClient.exe [846752 2017-07-07] (Microsoft Corporation)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-02-15] ()
R2 CDPUserSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe [71512 2017-07-31] (Google Inc.)
S3 DevicesFlowUserSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicesFlowUserSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicesFlowUserSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicesFlowUserSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [637440 2017-03-18] (Microsoft Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-01-24] (Logitech Inc.)
S3 MBAMService; E:\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MessagingService_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [66048 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59392 2017-03-18] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation)
R2 OneSyncSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts)
S3 PimIndexMaintenanceSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PimIndexMaintenanceSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 PimIndexMaintenanceSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2017-03-18] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [58488 2017-07-07] (Microsoft Corporation)
R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [336320 2017-07-07] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-19] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-05-20] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [757760 2017-03-18] (Microsoft Corporation)
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [4574192 2017-03-18] (Microsoft Corporation)
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation)
S4 UevAgentService; C:\WINDOWS\system32\AgentService.exe [1200640 2017-03-19] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [43008 2017-03-18] (Microsoft Corporation)
S3 UnistoreSvc_5685f; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 UnistoreSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 UnistoreSvc_f74cf; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 UserDataSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 UserDataSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 UserDataSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [643072 2017-03-18] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\system32\vssvc.exe [1550848 2017-03-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WpnUserService_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [933376 2017-06-03] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [797184 2017-06-03] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 cpuz140; C:\Users\etien\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [43840 2017-09-06] (CPUID) <==== ATTENTION
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197312 2017-07-24] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520152 2017-07-24] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [186696 2017-09-11] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1021624 2017-07-24] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-03-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-05-18] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-05-18] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-05-18] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-05-18] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-05-18] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-29] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199640 2017-07-24] (AO Kaspersky Lab)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [54552 2017-01-23] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-14] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_24ddebfb518b5a55\nvlddmkm.sys [15668664 2017-07-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-19] (NVIDIA Corporation)
S3 Said506F; C:\WINDOWS\System32\drivers\Said506F.sys [25920 2017-07-06] (Saitek)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-11 16:29 - 2017-09-11 16:30 - 000029366 _____ C:\Users\etien\Desktop\FRST.txt
2017-09-11 16:29 - 2017-09-11 16:29 - 002396672 _____ (Farbar) C:\Users\etien\Desktop\FRST64.exe
2017-09-11 16:29 - 2017-09-11 16:29 - 000000000 ____D C:\FRST
2017-09-11 16:07 - 2017-09-11 16:07 - 000003386 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3245822033-826601420-1181538639-1002
2017-09-11 16:03 - 2017-09-11 16:03 - 000000560 __RSH C:\ProgramData\ntuser.pol
2017-09-11 12:00 - 2017-09-11 12:00 - 000000577 _____ C:\Users\etien\Desktop\blender.lnk
2017-09-11 12:00 - 2017-09-11 12:00 - 000000000 ____D C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2017-09-11 12:00 - 2017-09-11 12:00 - 000000000 ____D C:\Users\etien\.thumbnails
2017-09-11 11:57 - 2017-09-11 11:59 - 090013988 _____ C:\Users\etien\Desktop\blender-2.78c-windows64.msi
2017-09-06 23:22 - 2017-09-06 23:22 - 000503454 _____ C:\Users\etien\Downloads\Squirtle_Keychain.zip
2017-09-06 23:21 - 2017-09-06 23:21 - 000513494 _____ C:\Users\etien\Downloads\Bulbasaur_Keychain.zip
2017-09-06 23:21 - 2017-09-06 23:21 - 000508537 _____ C:\Users\etien\Downloads\Charmander_Keychain.zip
2017-09-06 23:16 - 2017-09-06 23:16 - 004827575 _____ C:\Users\etien\Downloads\Untitled.zip
2017-09-06 16:31 - 2017-09-06 16:31 - 000395170 _____ C:\Users\etien\Desktop\Universal_Mobile_Phone_Stand_cum_Visiting_Card_Holder.zip
2017-09-05 08:57 - 2017-09-05 08:57 - 000061586 _____ C:\Users\etien\Downloads\JDR.zip
2017-09-02 21:31 - 2012-09-20 05:00 - 000390656 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMBL.DLL
2017-08-28 22:54 - 2017-07-31 13:29 - 1574909877 _____ C:\Users\etien\Desktop\Your.Name.2016.FANSUB.VOSTFR.1080p.BluRay.x264.ACOOL.Zone-Telechargement.Ws.mkv
2017-08-28 22:42 - 2017-08-28 22:42 - 030950664 _____ C:\Users\etien\Downloads\vlc-2.2.6-win32.exe
2017-08-26 01:45 - 2017-08-26 01:45 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-26 01:45 - 2017-08-26 01:45 - 000001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-08-17 23:09 - 2017-08-17 23:09 - 000070831 _____ C:\Users\etien\Downloads\ETIENNE_Pierre-Gabriel.cv.docx.pdf
2017-08-17 23:07 - 2017-08-17 23:07 - 000084005 _____ C:\Users\etien\Downloads\ETIENNE_Pierre-Gabriel.cv2017.docx.pdf
2017-08-16 22:51 - 2017-08-16 22:51 - 000000000 ____D C:\Users\etien\AppData\LocalLow\WeirdBeard
2017-08-14 22:06 - 2017-08-14 22:06 - 000001237 _____ C:\Users\Public\Desktop\3D Objects.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000001097 _____ C:\Users\Public\Desktop\MultiMaterial PostProcessor.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000933 _____ C:\Users\Public\Desktop\Prusa3D Slic3r MK2 Multi Material.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000929 _____ C:\Users\Public\Desktop\Prusa3D Slic3r MK2.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000905 _____ C:\Users\Public\Desktop\FirmwareUpdater.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000868 _____ C:\Users\Public\Desktop\ColorPrint.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000823 _____ C:\Users\Public\Desktop\Pronterface.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2017-08-14 22:06 - 2015-09-23 14:12 - 000000625 _____ C:\Users\etien\printrunconf.ini
2017-08-14 21:55 - 2017-08-14 22:01 - 246472224 _____ (Prusa Research s.r.o. ) C:\Users\etien\Downloads\prusa3d_win_1_8_0.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-11 16:23 - 2017-07-06 16:33 - 000003392 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-09-11 16:22 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-11 16:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-11 16:18 - 2017-03-01 20:32 - 000000000 ____D C:\Users\Spinarcade\AppData\Local\Packages
2017-09-11 16:13 - 2017-04-16 16:48 - 002253102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-11 16:10 - 2017-05-18 23:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-11 16:10 - 2017-04-16 16:41 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-11 16:09 - 2017-04-16 16:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-11 16:07 - 2017-04-16 16:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-11 16:07 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-09-11 16:07 - 2017-03-01 20:33 - 000002378 _____ C:\Users\Spinarcade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-11 16:07 - 2017-03-01 20:33 - 000000000 ___RD C:\Users\Spinarcade\OneDrive
2017-09-11 16:06 - 2017-02-14 12:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-11 16:05 - 2017-04-16 16:41 - 000000000 ____D C:\Users\etien
2017-09-11 16:05 - 2017-02-14 12:45 - 000000000 ___RD C:\Users\etien\OneDrive
2017-09-11 16:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-09-11 16:03 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-09-09 10:05 - 2017-07-27 08:42 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3245822033-826601420-1181538639-1001
2017-09-09 10:05 - 2017-02-14 12:45 - 000002363 _____ C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-07 12:22 - 2017-02-20 15:44 - 000000000 ____D C:\Users\etien\AppData\Roaming\.minecraft
2017-09-06 15:49 - 2017-02-14 14:58 - 000000000 ____D C:\Users\etien\AppData\Roaming\discord
2017-09-03 10:27 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-02 21:35 - 2017-02-14 12:44 - 000000000 ____D C:\Users\etien\AppData\Local\Packages
2017-08-29 23:15 - 2017-03-19 10:27 - 000000000 ____D C:\Program Files (x86)\Origin
2017-08-29 20:32 - 2017-02-17 01:21 - 000000000 ____D C:\Users\etien\AppData\Roaming\vlc
2017-08-29 16:08 - 2017-02-14 12:55 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-28 09:07 - 2017-07-01 02:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-28 09:07 - 2017-03-19 15:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-26 01:59 - 2017-03-19 15:54 - 000000000 ____D C:\Users\etien\AppData\LocalLow\Mozilla
2017-08-23 18:20 - 2017-02-14 12:51 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-14 22:08 - 2017-04-13 10:04 - 000000000 ____D C:\Users\etien\AppData\Roaming\NVIDIA
2017-08-14 22:07 - 2017-07-06 16:32 - 000000000 ____D C:\Program Files\DIFX
2017-08-12 02:59 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
Some files in TEMP:
====================
2017-07-20 22:36 - 2017-07-20 22:36 - 000739904 _____ (Oracle Corporation) C:\Users\etien\AppData\Local\Temp\jre-8u141-windows-au.exe
2017-06-01 19:46 - 2017-05-01 22:14 - 000869200 _____ (NVIDIA Corporation) C:\Users\etien\AppData\Local\Temp\nvSCPAPI64.dll
2017-08-07 00:34 - 2017-05-01 22:14 - 000367552 _____ (NVIDIA Corporation) C:\Users\etien\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-09-09 21:52
==================== End of FRST.txt ============================
Ran by jino (administrator) on DESKTOP-0UDS89G (11-09-2017 16:29:56)
Running from C:\Users\etien\Desktop
Loaded Profiles: jino & Spinarcade (Available Profiles: defaultuser0 & jino & Spinarcade & spinarcarde 2)
Platform: Windows 10 Pro Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Mad Catz Inc) C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mad Catz Inc) C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Flux Software LLC) C:\Users\etien\AppData\Local\FluxSoftware\Flux\flux.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-24] (Logitech Inc.)
HKLM\...\Run: [RAT6] => C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe [602112 2016-12-16] (Mad Catz Inc)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [f.lux] => C:\Users\etien\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-06] (Flux Software LLC)
HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [Discord] => C:\Users\etien\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [GoogleChromeAutoLaunch_4EAD62F6C3B1F672AAD4D3D76A11ED8C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1301848 2017-08-23] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2017-02-14]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2017-02-14]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-02-14]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Enregistrement du produit.lnk [2017-03-22]
ShortcutTarget: Logitech . Enregistrement du produit.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-04-01]
ShortcutTarget: Twitch.lnk -> C:\Users\etien\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0365d22f-f26d-4c3e-b785-2dc3c10275ac}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{1627b5cf-0e8d-4caf-94b2-88804fd1b678}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{91434800-1e43-4fe9-8614-e29d78a510fb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b722ced3-3f94-4cf8-bcec-de7b452c852f}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-20] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-20] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
FireFox:
========
FF DefaultProfile: ac5jf35o.default
FF ProfilePath: C:\Users\etien\AppData\Roaming\Mozilla\Firefox\Profiles\ac5jf35o.default [2017-09-11]
FF Extension: (uBlock Origin) - C:\Users\etien\AppData\Roaming\Mozilla\Firefox\Profiles\ac5jf35o.default\Extensions\uBlock0@raymondhill.net.xpi [2017-09-03]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-24]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-20] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> E:\vlc\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default [2017-09-11]
CHR Extension: (Google Docs) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-14]
CHR Extension: (Google Drive) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-14]
CHR Extension: (YouTube) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-14]
CHR Extension: (uBlock Origin) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-09-06]
CHR Extension: (Tampermonkey) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-05-16]
CHR Extension: (Kaspersky Protection) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-05-19]
CHR Extension: (EditThisCookie) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-02-14]
CHR Extension: (Bureau à distance Google Chrome) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-08-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-14]
CHR Extension: (Testapic - Test Utilisateur à distance) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikcpehlhkigdkffkkbimmaocmbpgfbbp [2017-06-29]
CHR Extension: (Google Hangouts) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2017-05-04]
CHR Extension: (Google Play Books) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2017-02-14]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
CHR Extension: (Always Weather) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcboldhlmhecoigccicmippjglnhhic [2017-09-11]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALG; C:\WINDOWS\System32\alg.exe [92672 2017-03-18] (Microsoft Corporation)
S4 AppVClient; C:\WINDOWS\system32\AppVClient.exe [846752 2017-07-07] (Microsoft Corporation)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-02-15] ()
R2 CDPUserSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe [71512 2017-07-31] (Google Inc.)
S3 DevicesFlowUserSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicesFlowUserSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicesFlowUserSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicesFlowUserSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [637440 2017-03-18] (Microsoft Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-01-24] (Logitech Inc.)
S3 MBAMService; E:\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MessagingService_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [66048 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59392 2017-03-18] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation)
R2 OneSyncSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts)
S3 PimIndexMaintenanceSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PimIndexMaintenanceSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 PimIndexMaintenanceSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2017-03-18] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [58488 2017-07-07] (Microsoft Corporation)
R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [336320 2017-07-07] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-19] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-05-20] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [757760 2017-03-18] (Microsoft Corporation)
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [4574192 2017-03-18] (Microsoft Corporation)
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation)
S4 UevAgentService; C:\WINDOWS\system32\AgentService.exe [1200640 2017-03-19] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [43008 2017-03-18] (Microsoft Corporation)
S3 UnistoreSvc_5685f; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 UnistoreSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 UnistoreSvc_f74cf; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 UserDataSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 UserDataSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 UserDataSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [643072 2017-03-18] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\system32\vssvc.exe [1550848 2017-03-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WpnUserService_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [933376 2017-06-03] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [797184 2017-06-03] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 cpuz140; C:\Users\etien\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [43840 2017-09-06] (CPUID) <==== ATTENTION
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197312 2017-07-24] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520152 2017-07-24] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [186696 2017-09-11] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1021624 2017-07-24] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-03-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-05-18] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-05-18] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-05-18] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-05-18] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-05-18] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-29] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199640 2017-07-24] (AO Kaspersky Lab)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [54552 2017-01-23] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-14] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_24ddebfb518b5a55\nvlddmkm.sys [15668664 2017-07-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-19] (NVIDIA Corporation)
S3 Said506F; C:\WINDOWS\System32\drivers\Said506F.sys [25920 2017-07-06] (Saitek)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-11 16:29 - 2017-09-11 16:30 - 000029366 _____ C:\Users\etien\Desktop\FRST.txt
2017-09-11 16:29 - 2017-09-11 16:29 - 002396672 _____ (Farbar) C:\Users\etien\Desktop\FRST64.exe
2017-09-11 16:29 - 2017-09-11 16:29 - 000000000 ____D C:\FRST
2017-09-11 16:07 - 2017-09-11 16:07 - 000003386 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3245822033-826601420-1181538639-1002
2017-09-11 16:03 - 2017-09-11 16:03 - 000000560 __RSH C:\ProgramData\ntuser.pol
2017-09-11 12:00 - 2017-09-11 12:00 - 000000577 _____ C:\Users\etien\Desktop\blender.lnk
2017-09-11 12:00 - 2017-09-11 12:00 - 000000000 ____D C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2017-09-11 12:00 - 2017-09-11 12:00 - 000000000 ____D C:\Users\etien\.thumbnails
2017-09-11 11:57 - 2017-09-11 11:59 - 090013988 _____ C:\Users\etien\Desktop\blender-2.78c-windows64.msi
2017-09-06 23:22 - 2017-09-06 23:22 - 000503454 _____ C:\Users\etien\Downloads\Squirtle_Keychain.zip
2017-09-06 23:21 - 2017-09-06 23:21 - 000513494 _____ C:\Users\etien\Downloads\Bulbasaur_Keychain.zip
2017-09-06 23:21 - 2017-09-06 23:21 - 000508537 _____ C:\Users\etien\Downloads\Charmander_Keychain.zip
2017-09-06 23:16 - 2017-09-06 23:16 - 004827575 _____ C:\Users\etien\Downloads\Untitled.zip
2017-09-06 16:31 - 2017-09-06 16:31 - 000395170 _____ C:\Users\etien\Desktop\Universal_Mobile_Phone_Stand_cum_Visiting_Card_Holder.zip
2017-09-05 08:57 - 2017-09-05 08:57 - 000061586 _____ C:\Users\etien\Downloads\JDR.zip
2017-09-02 21:31 - 2012-09-20 05:00 - 000390656 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMBL.DLL
2017-08-28 22:54 - 2017-07-31 13:29 - 1574909877 _____ C:\Users\etien\Desktop\Your.Name.2016.FANSUB.VOSTFR.1080p.BluRay.x264.ACOOL.Zone-Telechargement.Ws.mkv
2017-08-28 22:42 - 2017-08-28 22:42 - 030950664 _____ C:\Users\etien\Downloads\vlc-2.2.6-win32.exe
2017-08-26 01:45 - 2017-08-26 01:45 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-26 01:45 - 2017-08-26 01:45 - 000001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-08-17 23:09 - 2017-08-17 23:09 - 000070831 _____ C:\Users\etien\Downloads\ETIENNE_Pierre-Gabriel.cv.docx.pdf
2017-08-17 23:07 - 2017-08-17 23:07 - 000084005 _____ C:\Users\etien\Downloads\ETIENNE_Pierre-Gabriel.cv2017.docx.pdf
2017-08-16 22:51 - 2017-08-16 22:51 - 000000000 ____D C:\Users\etien\AppData\LocalLow\WeirdBeard
2017-08-14 22:06 - 2017-08-14 22:06 - 000001237 _____ C:\Users\Public\Desktop\3D Objects.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000001097 _____ C:\Users\Public\Desktop\MultiMaterial PostProcessor.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000933 _____ C:\Users\Public\Desktop\Prusa3D Slic3r MK2 Multi Material.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000929 _____ C:\Users\Public\Desktop\Prusa3D Slic3r MK2.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000905 _____ C:\Users\Public\Desktop\FirmwareUpdater.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000868 _____ C:\Users\Public\Desktop\ColorPrint.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000823 _____ C:\Users\Public\Desktop\Pronterface.lnk
2017-08-14 22:06 - 2017-08-14 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2017-08-14 22:06 - 2015-09-23 14:12 - 000000625 _____ C:\Users\etien\printrunconf.ini
2017-08-14 21:55 - 2017-08-14 22:01 - 246472224 _____ (Prusa Research s.r.o. ) C:\Users\etien\Downloads\prusa3d_win_1_8_0.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-11 16:23 - 2017-07-06 16:33 - 000003392 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-09-11 16:22 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-11 16:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-11 16:18 - 2017-03-01 20:32 - 000000000 ____D C:\Users\Spinarcade\AppData\Local\Packages
2017-09-11 16:13 - 2017-04-16 16:48 - 002253102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-11 16:10 - 2017-05-18 23:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-11 16:10 - 2017-04-16 16:41 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-11 16:09 - 2017-04-16 16:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-11 16:07 - 2017-04-16 16:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-11 16:07 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-09-11 16:07 - 2017-03-01 20:33 - 000002378 _____ C:\Users\Spinarcade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-11 16:07 - 2017-03-01 20:33 - 000000000 ___RD C:\Users\Spinarcade\OneDrive
2017-09-11 16:06 - 2017-02-14 12:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-11 16:05 - 2017-04-16 16:41 - 000000000 ____D C:\Users\etien
2017-09-11 16:05 - 2017-02-14 12:45 - 000000000 ___RD C:\Users\etien\OneDrive
2017-09-11 16:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-09-11 16:03 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-09-09 10:05 - 2017-07-27 08:42 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3245822033-826601420-1181538639-1001
2017-09-09 10:05 - 2017-02-14 12:45 - 000002363 _____ C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-07 12:22 - 2017-02-20 15:44 - 000000000 ____D C:\Users\etien\AppData\Roaming\.minecraft
2017-09-06 15:49 - 2017-02-14 14:58 - 000000000 ____D C:\Users\etien\AppData\Roaming\discord
2017-09-03 10:27 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-02 21:35 - 2017-02-14 12:44 - 000000000 ____D C:\Users\etien\AppData\Local\Packages
2017-08-29 23:15 - 2017-03-19 10:27 - 000000000 ____D C:\Program Files (x86)\Origin
2017-08-29 20:32 - 2017-02-17 01:21 - 000000000 ____D C:\Users\etien\AppData\Roaming\vlc
2017-08-29 16:08 - 2017-02-14 12:55 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-28 09:07 - 2017-07-01 02:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-28 09:07 - 2017-03-19 15:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-26 01:59 - 2017-03-19 15:54 - 000000000 ____D C:\Users\etien\AppData\LocalLow\Mozilla
2017-08-23 18:20 - 2017-02-14 12:51 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-14 22:08 - 2017-04-13 10:04 - 000000000 ____D C:\Users\etien\AppData\Roaming\NVIDIA
2017-08-14 22:07 - 2017-07-06 16:32 - 000000000 ____D C:\Program Files\DIFX
2017-08-12 02:59 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
Some files in TEMP:
====================
2017-07-20 22:36 - 2017-07-20 22:36 - 000739904 _____ (Oracle Corporation) C:\Users\etien\AppData\Local\Temp\jre-8u141-windows-au.exe
2017-06-01 19:46 - 2017-05-01 22:14 - 000869200 _____ (NVIDIA Corporation) C:\Users\etien\AppData\Local\Temp\nvSCPAPI64.dll
2017-08-07 00:34 - 2017-05-01 22:14 - 000367552 _____ (NVIDIA Corporation) C:\Users\etien\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-09-09 21:52
==================== End of FRST.txt ============================