Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2018
Ran by Clèm (administrator) on GLADOS (20-02-2018 18:59:40)
Running from C:\Users\Clèm\Downloads
Loaded Profiles: Clèm (Available Profiles: Clèm)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Anglais (États-Unis)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Chrome\Application\chrome.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avid Technology, Inc.) C:\Program Files (x86)\Avid\Pro Tools\MMERefresh.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(MPC-HC Team) C:\Program Files\MPC-HC\mpc-hc64.exe
(BitTorrent Inc.) C:\Users\Clèm\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Clèm\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(BitTorrent Inc.) C:\Users\Clèm\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DigidesignMMERefresh] => C:\Program Files (x86)\Avid\Pro Tools\MMERefresh.exe [81920 2017-12-27] (Avid Technology, Inc.)
HKU\S-1-5-21-239696758-366342502-2593669379-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-239696758-366342502-2593669379-1000\...\MountPoints2: {8187d3a1-ce19-11e7-ad31-4ccc6acc87b4} - H:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-11-20]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\Users\Clèm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSIAfterburner - Raccourci.lnk [2018-01-01]
ShortcutTarget: MSIAfterburner - Raccourci.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Startup: C:\Users\Clèm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-12-19]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\Clèm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RTSS - Raccourci.lnk [2018-01-01]
ShortcutTarget: RTSS - Raccourci.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2118BB22-EE23-48D0-B0CC-BAF5047E0072}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2017-11-20] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-08-23] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2017-11-20] (AO Kaspersky Lab)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2017-11-20] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2017-11-20] (AO Kaspersky Lab)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-12-12]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-08-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-04] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default [2018-02-20]
CHR Extension: (Docs) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-20]
CHR Extension: (Google Drive) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-20]
CHR Extension: (YouTube) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-20]
CHR Extension: (Adblock Plus) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-20]
CHR Extension: (Kaspersky Protection) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2017-11-20]
CHR Extension: (Text) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmfbcljfglbokpmkimbfghdkjmjhdgbg [2017-11-20]
CHR Extension: (Office Online) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2018-02-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-20]
CHR Extension: (Gmail) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-20]
CHR Extension: (Chrome Media Router) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-20]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 DigiRefresh; C:\Program Files (x86)\Avid\Pro Tools\MMERefresh.exe [81920 2017-12-27] (Avid Technology, Inc.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2016-12-05] (Rivet Networks)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [426416 2017-11-20] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [138872 2016-05-05] (Rivet Networks, LLC.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-11-20] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-11-20] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [21496 2016-01-14] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] () [File not signed]
R3 KillerEth; C:\Windows\System32\DRIVERS\e2xw7x64.sys [134296 2016-02-12] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-12] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [119496 2018-02-19] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [206040 2017-11-20] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [350944 2017-11-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1072840 2018-02-19] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57024 2018-02-19] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [57568 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50672 2017-04-18] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81904 2017-04-18] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [140000 2017-12-12] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199392 2017-12-12] (AO Kaspersky Lab)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-12-23] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-02-20] (Malwarebytes)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2018-01-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2018-01-04] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-04] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-10-31] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
S3 MBAMWebProtection; system32\DRIVERS\mwac.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-20 18:59 - 2018-02-20 19:00 - 000021415 _____ C:\Users\Clèm\Downloads\FRST.txt
2018-02-20 18:59 - 2018-02-20 18:59 - 000000000 ____D C:\FRST
2018-02-20 18:58 - 2018-02-20 18:58 - 002403328 _____ (Farbar) C:\Users\Clèm\Downloads\FRST64.exe
2018-02-20 17:20 - 2018-02-20 17:20 - 000000000 ____D C:\Users\Clèm\Downloads\Final.Fantasy.XII.The.Zodiac.Age-Mephisto
2018-02-20 17:20 - 2018-02-20 17:20 - 000000000 ____D C:\Users\Clèm\AppData\LocalLow\uTorrent
2018-02-20 16:10 - 2018-02-20 16:10 - 000000000 ____D C:\Users\Clèm\Desktop\Rapports
2018-02-20 15:36 - 2018-02-20 15:56 - 000000000 ____D C:\AdwCleaner
2018-02-20 15:33 - 2018-02-20 15:36 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\ZHP
2018-02-20 15:33 - 2018-02-20 15:33 - 000000000 ____D C:\Users\Clèm\AppData\Local\ZHP
2018-02-20 15:10 - 2018-02-20 15:10 - 000000000 _____ C:\Windows\BcdLog.txt
2018-02-20 15:08 - 2018-02-20 15:08 - 000001908 _____ C:\Windows\diagwrn.xml
2018-02-20 15:08 - 2018-02-20 15:08 - 000001908 _____ C:\Windows\diagerr.xml
2018-02-20 14:55 - 2018-02-20 14:58 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-02-20 14:49 - 2018-02-20 14:49 - 000034411 _____ C:\Users\Clèm\Downloads\Final.Fantasy.XII.The.Zodiac.Age-Mephisto.torrent
2018-02-20 14:26 - 2018-02-20 14:26 - 000000001 _____ C:\Users\Clèm\AppData\Local\llftool.4.40.agreement
2018-02-20 14:26 - 2018-02-20 14:26 - 000000000 ____D C:\Program Files (x86)\HDDGURU LLF Tool
2018-02-20 13:17 - 2018-02-20 13:17 - 000000000 ____D C:\Program Files (x86)\DDR - Memory Card Recovery(Demo)
2018-02-20 12:48 - 2018-02-20 12:48 - 822968223 _____ C:\Windows\MEMORY.DMP
2018-02-20 12:48 - 2018-02-20 12:48 - 000419328 _____ C:\Windows\Minidump\022018-21824-01.dmp
2018-02-18 21:36 - 2018-02-19 18:22 - 000000000 ____D C:\Users\Clèm\AppData\Local\NVIDIA
2018-02-18 21:01 - 2018-02-19 18:22 - 000000000 ____D C:\Users\Clèm\AppData\Local\NVIDIA Corporation
2018-02-18 21:00 - 2018-02-18 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-18 21:00 - 2018-01-04 02:39 - 002404800 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2018-02-18 21:00 - 2018-01-04 02:39 - 002070976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-02-18 21:00 - 2018-01-04 02:39 - 001309120 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-02-18 20:59 - 2018-02-20 15:58 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-18 20:59 - 2018-02-18 21:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-18 20:59 - 2018-02-18 20:59 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-02-18 20:59 - 2018-02-18 20:59 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-18 20:59 - 2018-01-04 02:39 - 000532792 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-02-18 20:59 - 2018-01-04 02:39 - 000437648 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-02-18 20:59 - 2018-01-04 02:39 - 000186304 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2018-02-18 20:59 - 2018-01-04 02:39 - 000152512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2018-02-18 20:59 - 2018-01-04 02:39 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-02-18 20:59 - 2018-01-04 02:39 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-02-18 20:59 - 2018-01-04 01:01 - 000137528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-02-18 20:59 - 2018-01-04 00:50 - 005951336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 002588232 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 001768480 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 000631880 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 000450352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 000123704 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 000081992 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-02-18 20:59 - 2017-12-24 20:07 - 007928821 _____ C:\Windows\system32\nvcoproc.bin
2018-02-18 20:59 - 2017-11-02 21:15 - 000928568 _____ C:\Windows\system32\vulkan-1.dll
2018-02-18 20:59 - 2017-11-02 21:15 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-02-18 20:59 - 2017-11-02 21:15 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-02-18 20:59 - 2017-11-02 21:14 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe
2018-02-18 20:58 - 2018-02-19 18:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-18 20:58 - 2018-01-04 02:39 - 040269624 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 035278136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 035179080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 027856456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 022573984 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 019796008 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 019677112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 018730328 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 017303112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-02-18 20:58 - 2018-01-04 02:39 - 016450056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 015408072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 013430632 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 012842984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 011015584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 010900248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 004375648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 003902448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 003874728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 003432944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001975184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439065.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001682288 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001674544 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439065.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001134952 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001125688 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001054512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000988144 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000939504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000885680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000616240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000528312 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000506672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000492048 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000447424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000226760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-02-18 20:58 - 2018-01-04 02:39 - 000171896 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000154208 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000149736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000132072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-02-18 20:58 - 2018-01-04 02:39 - 000050624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-02-18 20:58 - 2018-01-04 02:39 - 000045600 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000045386 _____ C:\Windows\system32\nvinfo.pb
2018-02-18 20:58 - 2018-01-04 02:39 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-02-18 20:58 - 2018-01-04 02:39 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-02-18 20:57 - 2018-02-18 21:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-18 20:56 - 2018-02-18 20:56 - 000000000 ____D C:\NVIDIA
2018-02-18 20:48 - 2018-02-18 20:50 - 000227868 _____ C:\Windows\ntbtlog.txt
2018-02-18 20:32 - 2018-02-20 15:10 - 000000028 _____ C:\Windows\OutLog.txt
2018-02-18 13:52 - 2018-02-18 16:26 - 000000000 ____D C:\Users\Clèm\Desktop\Windows 7 Ultimate with SP1 X64 Untouched Incl USB DVD Tool
2018-02-18 13:51 - 2018-02-20 15:22 - 000000000 ____D C:\Users\Clèm\Desktop\Windows KMS Activator Ultimate 2018 4.0
2018-02-18 13:31 - 2018-02-18 13:31 - 000000000 ____D C:\Users\Clèm\AppData\Local\HellbladeGame
2018-02-17 14:54 - 2018-02-17 14:54 - 000000000 ____D C:\Users\Clèm\AppData\LocalLow\MercuryStudio
2018-02-14 16:48 - 2018-02-14 16:48 - 000000000 ____D C:\Users\Clèm\AppData\Local\MercurySteam
2018-02-13 17:03 - 2018-02-13 17:03 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\Castlevania - Lords of Shadow
2018-02-13 16:36 - 2018-02-13 17:07 - 000000000 ____D C:\Users\Clèm\Desktop\Chopin - Vol.2 (2014)
2018-02-13 13:29 - 2018-02-20 15:55 - 000000000 ____D C:\Program Files\WhoCrashed
2018-02-13 13:29 - 2018-02-13 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2018-02-11 21:30 - 2018-02-11 21:30 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\MMFApplications
2018-02-10 14:10 - 2018-02-10 14:10 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-02-07 21:49 - 2018-02-07 21:49 - 013935988 _____ C:\Users\Clèm\Downloads\xvideos.com_a8148799ce025b12a592f9d5a629308b.mp4
2018-02-04 20:24 - 2018-02-04 20:24 - 000000000 ____D C:\Users\Clèm\AppData\Local\Oblivion
2018-02-04 20:00 - 2018-02-04 20:00 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\Cuphead
2018-02-04 13:04 - 2018-02-04 13:04 - 000000000 ____D C:\Users\Clèm\Documents\Crystal Disk
2018-02-03 22:13 - 2018-02-03 22:13 - 000000000 ____D C:\Users\Clèm\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2018-02-03 22:10 - 2018-02-17 17:03 - 000000000 ____D C:\Users\Clèm\Documents\OCCT
2018-02-03 21:26 - 2018-02-03 21:26 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
2018-02-03 21:26 - 2018-02-03 21:26 - 000000000 ____D C:\Program Files (x86)\OCCTPT
2018-02-03 13:52 - 2018-02-03 13:52 - 000000000 __SHD C:\found.000
2018-01-31 23:44 - 2018-01-31 23:44 - 000003452 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-GLaDOS-Clèm
2018-01-31 22:47 - 2018-01-31 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2018-01-25 14:27 - 2018-01-25 14:27 - 000000000 ____D C:\Users\Clèm\Documents\Jumpdrive
2018-01-22 21:05 - 2018-01-23 22:00 - 000000000 ____D C:\Users\Clèm\Downloads\Le point G et l'éjaculation feminine
2018-01-22 19:43 - 2018-01-22 19:43 - 000000000 ____D C:\ProgramData\boost_interprocess
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-20 19:00 - 2017-11-20 15:50 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\uTorrent
2018-02-20 18:58 - 2017-11-20 16:02 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-02-20 16:06 - 2009-07-14 05:45 - 000030000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-20 16:06 - 2009-07-14 05:45 - 000030000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-20 15:59 - 2017-12-21 19:52 - 000000000 ___RD C:\Users\Clèm\Creative Cloud Files
2018-02-20 15:58 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-20 15:13 - 2018-01-01 23:16 - 000003016 _____ C:\Windows\System32\Tasks\MSIAfterburner
2018-02-20 15:05 - 2017-12-04 00:04 - 000737374 _____ C:\Windows\system32\perfh00A.dat
2018-02-20 15:05 - 2017-12-04 00:04 - 000158456 _____ C:\Windows\system32\perfc00A.dat
2018-02-20 15:05 - 2017-12-03 23:54 - 000384262 _____ C:\Windows\system32\perfh00D.dat
2018-02-20 15:05 - 2017-12-03 23:54 - 000084740 _____ C:\Windows\system32\perfc00D.dat
2018-02-20 15:05 - 2017-12-03 23:36 - 000731964 _____ C:\Windows\system32\perfh010.dat
2018-02-20 15:05 - 2017-12-03 23:36 - 000146828 _____ C:\Windows\system32\perfc010.dat
2018-02-20 15:05 - 2017-12-03 23:27 - 000470932 _____ C:\Windows\system32\perfh001.dat
2018-02-20 15:05 - 2017-12-03 23:27 - 000094754 _____ C:\Windows\system32\perfc001.dat
2018-02-20 15:05 - 2017-12-03 23:10 - 000689126 _____ C:\Windows\system32\perfh007.dat
2018-02-20 15:05 - 2017-12-03 23:10 - 000149098 _____ C:\Windows\system32\perfc007.dat
2018-02-20 15:05 - 2017-11-20 19:57 - 000745764 _____ C:\Windows\system32\perfh00C.dat
2018-02-20 15:05 - 2017-11-20 19:57 - 000149688 _____ C:\Windows\system32\perfc00C.dat
2018-02-20 15:05 - 2009-07-14 06:13 - 005312316 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-20 15:05 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-02-20 12:57 - 2017-11-19 20:52 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\DAEMON Tools Lite
2018-02-20 12:48 - 2018-01-15 23:14 - 000000000 ____D C:\Windows\Minidump
2018-02-19 20:09 - 2015-10-07 15:41 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-19 18:27 - 2017-11-20 16:01 - 001072840 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2018-02-19 18:27 - 2016-12-27 07:56 - 000119496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupflt.sys
2018-02-19 18:27 - 2016-10-11 14:14 - 000057024 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2018-02-18 21:33 - 2017-12-24 13:56 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-02-18 21:02 - 2017-12-02 12:25 - 000000000 ____D C:\Users\Clèm\ansel
2018-02-18 21:00 - 2017-11-20 15:17 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 21:00 - 2017-11-20 15:17 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-09-02 10:07 - 000000000 ____D C:\Temp
2018-02-18 20:59 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help
2018-02-18 13:31 - 2017-11-28 22:47 - 000000000 ____D C:\Users\Clèm\AppData\Local\UnrealEngine
2018-02-17 22:52 - 2009-07-14 06:08 - 000032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-02-17 15:02 - 2017-12-06 14:16 - 000000000 ____D C:\Users\Clèm\AppData\Local\SKIDROW
2018-02-16 01:56 - 2017-11-20 17:26 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-16 01:56 - 2017-11-20 17:25 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-13 18:03 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-02-10 14:16 - 2017-11-01 19:47 - 000000000 ____D C:\Users\Clèm\Documents\KIS 2018 + ACTIVATION
2018-02-08 22:21 - 2017-12-04 19:16 - 000000132 _____ C:\Users\Clèm\AppData\Roaming\Adobe PNG Format CS5 Prefs
2018-02-07 20:17 - 2016-01-18 16:37 - 000000000 ____D C:\Users\Clèm\Documents\Utilitaires
2018-02-06 19:13 - 2017-12-24 13:56 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2018-02-06 00:48 - 2017-11-19 21:01 - 000124128 _____ C:\Users\Clèm\AppData\Local\GDIPFONTCACHEV1.DAT
2018-02-06 00:46 - 2009-07-14 05:45 - 000539240 _____ C:\Windows\system32\FNTCACHE.DAT
2018-02-05 23:24 - 2017-12-29 22:34 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\MPC-HC
2018-02-05 22:43 - 2017-11-20 17:25 - 000000000 ____D C:\Users\Clèm\AppData\Local\CrashDumps
2018-02-04 20:24 - 2017-12-01 00:10 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2018-02-04 20:24 - 2017-11-19 20:45 - 000000000 ____D C:\Users\Clèm\AppData\Local\VirtualStore
2018-02-04 20:24 - 2016-01-18 16:38 - 000000000 ____D C:\Users\Clèm\Documents\My Games
2018-02-04 05:05 - 2017-11-20 16:39 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-02-03 22:10 - 2017-12-24 13:58 - 000003020 _____ C:\Windows\System32\Tasks\RTSS
2018-01-31 23:02 - 2017-11-28 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
==================== Files in the root of some directories =======
2017-12-04 19:16 - 2018-02-08 22:21 - 000000132 _____ () C:\Users\Clèm\AppData\Roaming\Adobe PNG Format CS5 Prefs
2017-12-26 22:20 - 2017-12-27 10:03 - 000011926 _____ () C:\Users\Clèm\AppData\Roaming\Avid_CCS_Service_Stop.log
2017-11-20 15:26 - 2017-11-20 15:26 - 000000000 _____ () C:\Users\Clèm\AppData\Local\Driver_LOM_8161Present.flag
2018-02-20 14:26 - 2018-02-20 14:26 - 000000001 _____ () C:\Users\Clèm\AppData\Local\llftool.4.40.agreement
2017-12-28 18:37 - 2017-12-28 18:37 - 000007621 _____ () C:\Users\Clèm\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2011-05-31 16:21 - 2011-05-31 16:21 - 000401408 _____ (Kingston Technology Inc) C:\Users\Clèm\AppData\Local\Temp\Kingston Format Utility.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-17 14:30
==================== End of FRST.txt ============================
Ran by Clèm (administrator) on GLADOS (20-02-2018 18:59:40)
Running from C:\Users\Clèm\Downloads
Loaded Profiles: Clèm (Available Profiles: Clèm)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Anglais (États-Unis)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Chrome\Application\chrome.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avid Technology, Inc.) C:\Program Files (x86)\Avid\Pro Tools\MMERefresh.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(MPC-HC Team) C:\Program Files\MPC-HC\mpc-hc64.exe
(BitTorrent Inc.) C:\Users\Clèm\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Clèm\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(BitTorrent Inc.) C:\Users\Clèm\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DigidesignMMERefresh] => C:\Program Files (x86)\Avid\Pro Tools\MMERefresh.exe [81920 2017-12-27] (Avid Technology, Inc.)
HKU\S-1-5-21-239696758-366342502-2593669379-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-239696758-366342502-2593669379-1000\...\MountPoints2: {8187d3a1-ce19-11e7-ad31-4ccc6acc87b4} - H:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-11-20]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\Users\Clèm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSIAfterburner - Raccourci.lnk [2018-01-01]
ShortcutTarget: MSIAfterburner - Raccourci.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Startup: C:\Users\Clèm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-12-19]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\Clèm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RTSS - Raccourci.lnk [2018-01-01]
ShortcutTarget: RTSS - Raccourci.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2118BB22-EE23-48D0-B0CC-BAF5047E0072}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2017-11-20] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-08-23] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2017-11-20] (AO Kaspersky Lab)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2017-11-20] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2017-11-20] (AO Kaspersky Lab)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-12-12]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-08-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-04] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default [2018-02-20]
CHR Extension: (Docs) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-20]
CHR Extension: (Google Drive) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-20]
CHR Extension: (YouTube) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-20]
CHR Extension: (Adblock Plus) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-20]
CHR Extension: (Kaspersky Protection) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2017-11-20]
CHR Extension: (Text) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmfbcljfglbokpmkimbfghdkjmjhdgbg [2017-11-20]
CHR Extension: (Office Online) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2018-02-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-20]
CHR Extension: (Gmail) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-20]
CHR Extension: (Chrome Media Router) - C:\Users\Clèm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-20]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 DigiRefresh; C:\Program Files (x86)\Avid\Pro Tools\MMERefresh.exe [81920 2017-12-27] (Avid Technology, Inc.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2016-12-05] (Rivet Networks)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [426416 2017-11-20] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [138872 2016-05-05] (Rivet Networks, LLC.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-11-20] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-11-20] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [21496 2016-01-14] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] () [File not signed]
R3 KillerEth; C:\Windows\System32\DRIVERS\e2xw7x64.sys [134296 2016-02-12] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-12] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [119496 2018-02-19] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [206040 2017-11-20] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [350944 2017-11-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1072840 2018-02-19] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57024 2018-02-19] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [57568 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50672 2017-04-18] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81904 2017-04-18] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [140000 2017-12-12] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199392 2017-12-12] (AO Kaspersky Lab)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-12-23] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-02-20] (Malwarebytes)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2018-01-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2018-01-04] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-04] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-10-31] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
S3 MBAMWebProtection; system32\DRIVERS\mwac.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-20 18:59 - 2018-02-20 19:00 - 000021415 _____ C:\Users\Clèm\Downloads\FRST.txt
2018-02-20 18:59 - 2018-02-20 18:59 - 000000000 ____D C:\FRST
2018-02-20 18:58 - 2018-02-20 18:58 - 002403328 _____ (Farbar) C:\Users\Clèm\Downloads\FRST64.exe
2018-02-20 17:20 - 2018-02-20 17:20 - 000000000 ____D C:\Users\Clèm\Downloads\Final.Fantasy.XII.The.Zodiac.Age-Mephisto
2018-02-20 17:20 - 2018-02-20 17:20 - 000000000 ____D C:\Users\Clèm\AppData\LocalLow\uTorrent
2018-02-20 16:10 - 2018-02-20 16:10 - 000000000 ____D C:\Users\Clèm\Desktop\Rapports
2018-02-20 15:36 - 2018-02-20 15:56 - 000000000 ____D C:\AdwCleaner
2018-02-20 15:33 - 2018-02-20 15:36 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\ZHP
2018-02-20 15:33 - 2018-02-20 15:33 - 000000000 ____D C:\Users\Clèm\AppData\Local\ZHP
2018-02-20 15:10 - 2018-02-20 15:10 - 000000000 _____ C:\Windows\BcdLog.txt
2018-02-20 15:08 - 2018-02-20 15:08 - 000001908 _____ C:\Windows\diagwrn.xml
2018-02-20 15:08 - 2018-02-20 15:08 - 000001908 _____ C:\Windows\diagerr.xml
2018-02-20 14:55 - 2018-02-20 14:58 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-02-20 14:49 - 2018-02-20 14:49 - 000034411 _____ C:\Users\Clèm\Downloads\Final.Fantasy.XII.The.Zodiac.Age-Mephisto.torrent
2018-02-20 14:26 - 2018-02-20 14:26 - 000000001 _____ C:\Users\Clèm\AppData\Local\llftool.4.40.agreement
2018-02-20 14:26 - 2018-02-20 14:26 - 000000000 ____D C:\Program Files (x86)\HDDGURU LLF Tool
2018-02-20 13:17 - 2018-02-20 13:17 - 000000000 ____D C:\Program Files (x86)\DDR - Memory Card Recovery(Demo)
2018-02-20 12:48 - 2018-02-20 12:48 - 822968223 _____ C:\Windows\MEMORY.DMP
2018-02-20 12:48 - 2018-02-20 12:48 - 000419328 _____ C:\Windows\Minidump\022018-21824-01.dmp
2018-02-18 21:36 - 2018-02-19 18:22 - 000000000 ____D C:\Users\Clèm\AppData\Local\NVIDIA
2018-02-18 21:01 - 2018-02-19 18:22 - 000000000 ____D C:\Users\Clèm\AppData\Local\NVIDIA Corporation
2018-02-18 21:00 - 2018-02-18 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-18 21:00 - 2018-01-04 02:39 - 002404800 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2018-02-18 21:00 - 2018-01-04 02:39 - 002070976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-02-18 21:00 - 2018-01-04 02:39 - 001309120 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-02-18 20:59 - 2018-02-20 15:58 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-18 20:59 - 2018-02-18 21:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-18 20:59 - 2018-02-18 20:59 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-02-18 20:59 - 2018-02-18 20:59 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-18 20:59 - 2018-01-04 02:39 - 000532792 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-02-18 20:59 - 2018-01-04 02:39 - 000437648 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-02-18 20:59 - 2018-01-04 02:39 - 000186304 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2018-02-18 20:59 - 2018-01-04 02:39 - 000152512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2018-02-18 20:59 - 2018-01-04 02:39 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-02-18 20:59 - 2018-01-04 02:39 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-02-18 20:59 - 2018-01-04 01:01 - 000137528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-02-18 20:59 - 2018-01-04 00:50 - 005951336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 002588232 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 001768480 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 000631880 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 000450352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 000123704 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-02-18 20:59 - 2018-01-04 00:50 - 000081992 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-02-18 20:59 - 2017-12-24 20:07 - 007928821 _____ C:\Windows\system32\nvcoproc.bin
2018-02-18 20:59 - 2017-11-02 21:15 - 000928568 _____ C:\Windows\system32\vulkan-1.dll
2018-02-18 20:59 - 2017-11-02 21:15 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-02-18 20:59 - 2017-11-02 21:15 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-02-18 20:59 - 2017-11-02 21:14 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe
2018-02-18 20:58 - 2018-02-19 18:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-18 20:58 - 2018-01-04 02:39 - 040269624 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 035278136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 035179080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 027856456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 022573984 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 019796008 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 019677112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 018730328 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 017303112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-02-18 20:58 - 2018-01-04 02:39 - 016450056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 015408072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 013430632 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 012842984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 011015584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 010900248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 004375648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 003902448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 003874728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 003432944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001975184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439065.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001682288 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001674544 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439065.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001134952 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001125688 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 001054512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000988144 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000939504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000885680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000616240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000528312 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000506672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000492048 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000447424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000226760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-02-18 20:58 - 2018-01-04 02:39 - 000171896 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000154208 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000149736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000132072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-02-18 20:58 - 2018-01-04 02:39 - 000050624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-02-18 20:58 - 2018-01-04 02:39 - 000045600 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-02-18 20:58 - 2018-01-04 02:39 - 000045386 _____ C:\Windows\system32\nvinfo.pb
2018-02-18 20:58 - 2018-01-04 02:39 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-02-18 20:58 - 2018-01-04 02:39 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-02-18 20:57 - 2018-02-18 21:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-18 20:56 - 2018-02-18 20:56 - 000000000 ____D C:\NVIDIA
2018-02-18 20:48 - 2018-02-18 20:50 - 000227868 _____ C:\Windows\ntbtlog.txt
2018-02-18 20:32 - 2018-02-20 15:10 - 000000028 _____ C:\Windows\OutLog.txt
2018-02-18 13:52 - 2018-02-18 16:26 - 000000000 ____D C:\Users\Clèm\Desktop\Windows 7 Ultimate with SP1 X64 Untouched Incl USB DVD Tool
2018-02-18 13:51 - 2018-02-20 15:22 - 000000000 ____D C:\Users\Clèm\Desktop\Windows KMS Activator Ultimate 2018 4.0
2018-02-18 13:31 - 2018-02-18 13:31 - 000000000 ____D C:\Users\Clèm\AppData\Local\HellbladeGame
2018-02-17 14:54 - 2018-02-17 14:54 - 000000000 ____D C:\Users\Clèm\AppData\LocalLow\MercuryStudio
2018-02-14 16:48 - 2018-02-14 16:48 - 000000000 ____D C:\Users\Clèm\AppData\Local\MercurySteam
2018-02-13 17:03 - 2018-02-13 17:03 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\Castlevania - Lords of Shadow
2018-02-13 16:36 - 2018-02-13 17:07 - 000000000 ____D C:\Users\Clèm\Desktop\Chopin - Vol.2 (2014)
2018-02-13 13:29 - 2018-02-20 15:55 - 000000000 ____D C:\Program Files\WhoCrashed
2018-02-13 13:29 - 2018-02-13 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2018-02-11 21:30 - 2018-02-11 21:30 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\MMFApplications
2018-02-10 14:10 - 2018-02-10 14:10 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-02-07 21:49 - 2018-02-07 21:49 - 013935988 _____ C:\Users\Clèm\Downloads\xvideos.com_a8148799ce025b12a592f9d5a629308b.mp4
2018-02-04 20:24 - 2018-02-04 20:24 - 000000000 ____D C:\Users\Clèm\AppData\Local\Oblivion
2018-02-04 20:00 - 2018-02-04 20:00 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\Cuphead
2018-02-04 13:04 - 2018-02-04 13:04 - 000000000 ____D C:\Users\Clèm\Documents\Crystal Disk
2018-02-03 22:13 - 2018-02-03 22:13 - 000000000 ____D C:\Users\Clèm\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2018-02-03 22:10 - 2018-02-17 17:03 - 000000000 ____D C:\Users\Clèm\Documents\OCCT
2018-02-03 21:26 - 2018-02-03 21:26 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
2018-02-03 21:26 - 2018-02-03 21:26 - 000000000 ____D C:\Program Files (x86)\OCCTPT
2018-02-03 13:52 - 2018-02-03 13:52 - 000000000 __SHD C:\found.000
2018-01-31 23:44 - 2018-01-31 23:44 - 000003452 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-GLaDOS-Clèm
2018-01-31 22:47 - 2018-01-31 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2018-01-25 14:27 - 2018-01-25 14:27 - 000000000 ____D C:\Users\Clèm\Documents\Jumpdrive
2018-01-22 21:05 - 2018-01-23 22:00 - 000000000 ____D C:\Users\Clèm\Downloads\Le point G et l'éjaculation feminine
2018-01-22 19:43 - 2018-01-22 19:43 - 000000000 ____D C:\ProgramData\boost_interprocess
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-20 19:00 - 2017-11-20 15:50 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\uTorrent
2018-02-20 18:58 - 2017-11-20 16:02 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-02-20 16:06 - 2009-07-14 05:45 - 000030000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-20 16:06 - 2009-07-14 05:45 - 000030000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-20 15:59 - 2017-12-21 19:52 - 000000000 ___RD C:\Users\Clèm\Creative Cloud Files
2018-02-20 15:58 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-20 15:13 - 2018-01-01 23:16 - 000003016 _____ C:\Windows\System32\Tasks\MSIAfterburner
2018-02-20 15:05 - 2017-12-04 00:04 - 000737374 _____ C:\Windows\system32\perfh00A.dat
2018-02-20 15:05 - 2017-12-04 00:04 - 000158456 _____ C:\Windows\system32\perfc00A.dat
2018-02-20 15:05 - 2017-12-03 23:54 - 000384262 _____ C:\Windows\system32\perfh00D.dat
2018-02-20 15:05 - 2017-12-03 23:54 - 000084740 _____ C:\Windows\system32\perfc00D.dat
2018-02-20 15:05 - 2017-12-03 23:36 - 000731964 _____ C:\Windows\system32\perfh010.dat
2018-02-20 15:05 - 2017-12-03 23:36 - 000146828 _____ C:\Windows\system32\perfc010.dat
2018-02-20 15:05 - 2017-12-03 23:27 - 000470932 _____ C:\Windows\system32\perfh001.dat
2018-02-20 15:05 - 2017-12-03 23:27 - 000094754 _____ C:\Windows\system32\perfc001.dat
2018-02-20 15:05 - 2017-12-03 23:10 - 000689126 _____ C:\Windows\system32\perfh007.dat
2018-02-20 15:05 - 2017-12-03 23:10 - 000149098 _____ C:\Windows\system32\perfc007.dat
2018-02-20 15:05 - 2017-11-20 19:57 - 000745764 _____ C:\Windows\system32\perfh00C.dat
2018-02-20 15:05 - 2017-11-20 19:57 - 000149688 _____ C:\Windows\system32\perfc00C.dat
2018-02-20 15:05 - 2009-07-14 06:13 - 005312316 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-20 15:05 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-02-20 12:57 - 2017-11-19 20:52 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\DAEMON Tools Lite
2018-02-20 12:48 - 2018-01-15 23:14 - 000000000 ____D C:\Windows\Minidump
2018-02-19 20:09 - 2015-10-07 15:41 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-19 18:27 - 2017-11-20 16:01 - 001072840 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2018-02-19 18:27 - 2016-12-27 07:56 - 000119496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupflt.sys
2018-02-19 18:27 - 2016-10-11 14:14 - 000057024 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2018-02-18 21:33 - 2017-12-24 13:56 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-02-18 21:02 - 2017-12-02 12:25 - 000000000 ____D C:\Users\Clèm\ansel
2018-02-18 21:00 - 2017-11-20 15:17 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 21:00 - 2017-11-20 15:17 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-11-20 15:17 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 20:59 - 2017-09-02 10:07 - 000000000 ____D C:\Temp
2018-02-18 20:59 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help
2018-02-18 13:31 - 2017-11-28 22:47 - 000000000 ____D C:\Users\Clèm\AppData\Local\UnrealEngine
2018-02-17 22:52 - 2009-07-14 06:08 - 000032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-02-17 15:02 - 2017-12-06 14:16 - 000000000 ____D C:\Users\Clèm\AppData\Local\SKIDROW
2018-02-16 01:56 - 2017-11-20 17:26 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-16 01:56 - 2017-11-20 17:25 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-13 18:03 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-02-10 14:16 - 2017-11-01 19:47 - 000000000 ____D C:\Users\Clèm\Documents\KIS 2018 + ACTIVATION
2018-02-08 22:21 - 2017-12-04 19:16 - 000000132 _____ C:\Users\Clèm\AppData\Roaming\Adobe PNG Format CS5 Prefs
2018-02-07 20:17 - 2016-01-18 16:37 - 000000000 ____D C:\Users\Clèm\Documents\Utilitaires
2018-02-06 19:13 - 2017-12-24 13:56 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2018-02-06 00:48 - 2017-11-19 21:01 - 000124128 _____ C:\Users\Clèm\AppData\Local\GDIPFONTCACHEV1.DAT
2018-02-06 00:46 - 2009-07-14 05:45 - 000539240 _____ C:\Windows\system32\FNTCACHE.DAT
2018-02-05 23:24 - 2017-12-29 22:34 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\MPC-HC
2018-02-05 22:43 - 2017-11-20 17:25 - 000000000 ____D C:\Users\Clèm\AppData\Local\CrashDumps
2018-02-04 20:24 - 2017-12-01 00:10 - 000000000 ____D C:\Users\Clèm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2018-02-04 20:24 - 2017-11-19 20:45 - 000000000 ____D C:\Users\Clèm\AppData\Local\VirtualStore
2018-02-04 20:24 - 2016-01-18 16:38 - 000000000 ____D C:\Users\Clèm\Documents\My Games
2018-02-04 05:05 - 2017-11-20 16:39 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-02-03 22:10 - 2017-12-24 13:58 - 000003020 _____ C:\Windows\System32\Tasks\RTSS
2018-01-31 23:02 - 2017-11-28 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
==================== Files in the root of some directories =======
2017-12-04 19:16 - 2018-02-08 22:21 - 000000132 _____ () C:\Users\Clèm\AppData\Roaming\Adobe PNG Format CS5 Prefs
2017-12-26 22:20 - 2017-12-27 10:03 - 000011926 _____ () C:\Users\Clèm\AppData\Roaming\Avid_CCS_Service_Stop.log
2017-11-20 15:26 - 2017-11-20 15:26 - 000000000 _____ () C:\Users\Clèm\AppData\Local\Driver_LOM_8161Present.flag
2018-02-20 14:26 - 2018-02-20 14:26 - 000000001 _____ () C:\Users\Clèm\AppData\Local\llftool.4.40.agreement
2017-12-28 18:37 - 2017-12-28 18:37 - 000007621 _____ () C:\Users\Clèm\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2011-05-31 16:21 - 2011-05-31 16:21 - 000401408 _____ (Kingston Technology Inc) C:\Users\Clèm\AppData\Local\Temp\Kingston Format Utility.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-17 14:30
==================== End of FRST.txt ============================