Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Exécuté par Adrien (administrateur) sur LAPTOP-01I5EG8F (10-06-2018 23:07:44)
Exécuté depuis C:\Users\Adrien\Desktop
Profils chargés: Adrien (Profils disponibles: defaultuser0 & Adrien)
Platform: Windows 10 Home Version 1607 14393.2189 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119411.inf_amd64_d6ea01ae53d6e8e1\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119411.inf_amd64_d6ea01ae53d6e8e1\IntelCpHDCPSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2018\Moldflow\bin\mitsijm.exe
(Nitro Software, Inc.) C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 5\creator\common\creator-ws.exe
(© pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119411.inf_amd64_d6ea01ae53d6e8e1\IntelCpHeciSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119411.inf_amd64_d6ea01ae53d6e8e1\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenter.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\HotkeyMonitor.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16779768 2016-12-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1478144 2016-12-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1478144 2016-12-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1478144 2016-12-23] (Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] ()
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2017-01-17] (Autodesk, Inc.)
HKLM\...\Run: [DisplayLinkUI] => C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe [2153608 2017-11-30] (DisplayLink Corp.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [709416 2018-03-10] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Adrien\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [uTorrent] => C:\Users\Adrien\AppData\Roaming\uTorrent\uTorrent.exe [1985984 2017-09-24] (BitTorrent Inc.)
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3201312 2018-06-09] (Valve Corporation)
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc.)
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe [375296 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\MountPoints2: {f7853aa8-c247-11e7-83e5-3c95094c28cc} - "F:\SETUP.EXE"
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{52bf54de-ccd0-489a-8b20-f5048ec6a5f0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cd677dbc-012e-4789-a516-c06c17bf2e52}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f4b17e6a-f145-4fb3-9723-32f25bde3e37}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3155280313-586542796-1692200818-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-12] (Oracle Corporation)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator\plugins\IEAddin\creator-ie-helper.dll [2017-11-29] (pdfforge GmbH)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-12] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2017-11-29] (pdfforge GmbH)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: q2ju0s8m.default
FF ProfilePath: C:\Users\Adrien\AppData\Roaming\Mozilla\Firefox\Profiles\q2ju0s8m.default [2018-06-10]
FF Extension: (MetaMask) - C:\Users\Adrien\AppData\Roaming\Mozilla\Firefox\Profiles\q2ju0s8m.default\Extensions\webextension@metamask.io.xpi [2018-03-07]
FF Extension: (Adblock Plus) - C:\Users\Adrien\AppData\Roaming\Mozilla\Firefox\Profiles\q2ju0s8m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-18]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\Adrien\AppData\Roaming\Mozilla\Firefox\Profiles\q2ju0s8m.default\features\{2a85f5a3-9cc4-4589-b6ba-a6993e3384b6}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-05-31] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-21] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1374072 2018-03-10] (Autodesk Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-04-17] ()
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (Lenovo)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163336 2016-09-19] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-17] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134872 2017-11-08] (ELAN Microelectronics Corp.)
R2 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (Lenovo(beijing) Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25312 2016-11-01] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [34528 2016-11-01] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-14] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-17] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-17] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-11-08] (Intel Corporation)
R2 mitsijm2018; C:\Program Files\Autodesk\Inventor 2018\Moldflow\bin\mitsijm.exe [967664 2016-09-26] (Autodesk, Inc.)
R2 NitroReaderDriverReadSpool5; C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe [327328 2016-08-02] (Nitro Software, Inc.)
R2 osrss; C:\Windows\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2832560 2017-11-29] (pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator\common\creator-ws.exe [874680 2017-11-29] (pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (© pdfforge GmbH.)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (Lenovo(beijing) Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-12-05] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-31] (Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 BHTPCRDR; C:\Windows\System32\drivers\bhtpcrdr.sys [173432 2016-08-11] (BayHubTech/O2Micro )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-11-13] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-11-13] (Disc Soft Ltd)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [32336 2016-11-24] (ELAN Microelectronic Corp.)
S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo(beijing) Limited)
R1 MpKsl9482d343; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7BECDAA5-CB63-4F45-9FAD-C8C7FD06699C}\MpKsl9482d343.sys [58120 2018-06-07] (Microsoft Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_a061a5d566db3269\nvlddmkm.sys [17038280 2018-03-16] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-09-16] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3146760 2016-09-13] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-05-31] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [313384 2018-05-31] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-31] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-06-10 23:07 - 2018-06-10 23:08 - 000022140 _____ C:\Users\Adrien\Desktop\FRST.txt
2018-06-10 23:07 - 2018-06-10 23:07 - 000000000 ____D C:\FRST
2018-06-10 23:06 - 2018-06-10 23:06 - 002413056 _____ (Farbar) C:\Users\Adrien\Desktop\FRST64.exe
2018-06-10 20:55 - 2018-06-10 20:56 - 000000000 ___HD C:\$WINDOWS.~BT
2018-06-10 20:55 - 2018-06-10 20:55 - 000000000 ____D C:\Windows.old
2018-06-10 20:34 - 2018-06-10 20:34 - 000355080 _____ C:\Users\Adrien\Desktop\ZHPDiag.txt
2018-06-10 20:18 - 2018-06-10 20:34 - 000000000 ____D C:\Users\Adrien\AppData\Roaming\ZHP
2018-06-10 20:18 - 2018-06-10 20:18 - 000000919 _____ C:\Users\Adrien\Desktop\ZHPDiag.lnk
2018-06-10 20:18 - 2018-06-10 20:18 - 000000000 ____D C:\Users\Adrien\AppData\Local\ZHP
2018-06-10 20:15 - 2018-06-10 20:17 - 003124608 _____ C:\Users\Adrien\Downloads\ZHPDiag3.exe
2018-06-09 20:05 - 2018-06-10 20:12 - 077309488 _____ (Malwarebytes ) C:\Users\Adrien\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5402.exe
2018-06-09 19:24 - 2018-06-09 19:24 - 000000000 ____D C:\Windows\UpdateAssistant
2018-06-06 12:28 - 2018-06-06 12:28 - 000268323 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud(5).pdf
2018-06-06 12:26 - 2018-06-06 12:26 - 000262184 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud(4).pdf
2018-06-06 12:23 - 2018-06-06 12:23 - 000263679 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud(3).pdf
2018-06-06 11:22 - 2018-06-06 11:22 - 000264041 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud(2).pdf
2018-06-06 10:08 - 2018-06-06 10:08 - 000234895 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud(1).pdf
2018-06-05 10:40 - 2018-06-05 10:40 - 000247963 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud.pdf
2018-06-05 10:38 - 2018-06-06 14:29 - 000000000 ____D C:\Users\Adrien\Documents\VEOO
2018-05-19 09:28 - 2018-05-19 09:28 - 000000000 ____D C:\Users\Adrien\AppData\Local\ElevatedDiagnostics
2018-05-18 16:36 - 2018-05-18 16:36 - 000099022 _____ C:\Users\Adrien\Downloads\ADRIEN BABOUD CV.pdf
2018-05-12 03:08 - 2018-05-12 03:08 - 000000000 ____D C:\Program Files (x86)\Gravity
2018-05-11 22:43 - 2018-05-11 23:10 - 2102421722 _____ (Gravity) C:\Users\Adrien\Downloads\setup.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-06-10 23:05 - 2016-07-29 19:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-06-10 20:58 - 2017-09-21 12:15 - 000000000 ____D C:\Users\Adrien\AppData\Local\ClassicShell
2018-06-10 20:56 - 2016-07-29 20:19 - 000000000 ____D C:\Windows\Panther
2018-06-10 20:40 - 2017-09-21 09:58 - 000000000 ____D C:\Users\Adrien\AppData\LocalLow\Mozilla
2018-06-10 20:19 - 2017-09-21 14:03 - 000000000 ____D C:\Users\Adrien\AppData\Roaming\Skype
2018-06-10 20:03 - 2017-04-13 19:21 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-10 19:57 - 2017-09-24 19:08 - 000000000 ____D C:\Program Files (x86)\Steam
2018-06-10 19:55 - 2017-09-21 15:41 - 000000000 __SHD C:\Users\Adrien\IntelGraphicsProfiles
2018-06-10 19:50 - 2016-07-29 19:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-10 07:39 - 2016-07-16 08:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-06-10 07:14 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\Registration
2018-06-10 07:13 - 2017-04-13 19:38 - 000017148 _____ C:\Windows\diagwrn.xml
2018-06-10 07:13 - 2017-04-13 19:38 - 000017148 _____ C:\Windows\diagerr.xml
2018-06-09 20:04 - 2017-09-21 09:58 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-09 20:04 - 2017-09-21 09:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-09 20:04 - 2017-09-21 09:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-09 20:04 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness
2018-06-09 20:03 - 2017-04-14 04:25 - 001020610 _____ C:\Windows\system32\perfh00C.dat
2018-06-09 20:03 - 2017-04-14 04:25 - 000230874 _____ C:\Windows\system32\perfc00C.dat
2018-06-09 20:03 - 2016-07-29 19:31 - 002438110 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-09 20:00 - 2017-09-21 15:40 - 000000000 ____D C:\Users\Adrien
2018-06-09 19:58 - 2018-03-06 17:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-06-09 19:09 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-07 15:53 - 2017-09-21 15:41 - 000000000 ____D C:\Users\Adrien\AppData\Local\Packages
2018-06-06 14:26 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF
2018-06-06 08:39 - 2016-07-16 08:04 - 000786432 _____ C:\Windows\system32\config\BBI
2018-06-05 10:47 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\NDF
2018-06-05 10:22 - 2016-07-16 13:36 - 000000000 ____D C:\Windows\CbsTemp
2018-06-04 00:05 - 2017-10-17 10:12 - 000000000 ____D C:\Users\Adrien\AppData\Roaming\vlc
2018-06-03 18:41 - 2017-09-21 12:10 - 000000000 ____D C:\Users\Adrien\AppData\Local\CrashDumps
2018-05-31 19:38 - 2018-02-22 16:35 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-05-31 14:10 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\LiveKernelReports
2018-05-25 22:26 - 2017-09-22 21:15 - 000000000 ____D C:\Program Files\rempl
2018-05-18 18:40 - 2018-04-14 17:35 - 000000000 ____D C:\Users\Adrien\Documents\CV
2018-05-17 06:10 - 2017-04-13 19:05 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-14 20:55 - 2017-09-21 15:41 - 000000000 ____D C:\Users\Adrien\AppData\Local\NVIDIA
2018-05-14 11:40 - 2017-09-21 12:20 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3155280313-586542796-1692200818-1001
2018-05-14 11:39 - 2017-09-21 15:44 - 000002463 _____ C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-14 11:39 - 2017-09-21 15:44 - 000000000 ___RD C:\Users\Adrien\OneDrive
==================== Fichiers à la racine de certains dossiers =======
2017-11-01 01:09 - 2018-03-26 20:27 - 000007590 _____ () C:\Users\Adrien\AppData\Local\Resmon.ResmonCfg
Certains fichiers dans TEMP:
====================
2017-09-21 11:49 - 2017-01-18 04:50 - 000066472 _____ (Autodesk, Inc.) C:\Users\Adrien\AppData\Local\Temp\AcDeltree.exe
2017-12-20 09:30 - 2017-12-20 10:15 - 003740764 _____ (Dynamo Revit ) C:\Users\Adrien\AppData\Local\Temp\DynamoInstall1.3.2.exe
2018-03-01 23:15 - 2018-03-01 23:20 - 000004096 _____ () C:\Users\Adrien\AppData\Local\Temp\iuyda023.dll
2018-02-27 23:02 - 2018-02-27 23:02 - 000004096 _____ () C:\Users\Adrien\AppData\Local\Temp\muordjpg.dll
2017-09-21 09:56 - 2017-09-21 09:56 - 042852456 _____ (SweetLabs,Inc.) C:\Users\Adrien\AppData\Local\Temp\octC7EF.tmp.exe
2018-05-30 11:04 - 2018-05-30 11:05 - 058834376 _____ (Skype Technologies S.A.) C:\Users\Adrien\AppData\Local\Temp\SkypeSetup.exe
2018-04-10 22:40 - 2018-04-10 22:40 - 000737280 ____N () C:\Users\Adrien\AppData\Local\Temp\sqlite-3.8.10.1-259429ff-0f10-410c-b8ef-4019c8fba4b3-sqlitejdbc.dll
2018-02-27 23:14 - 2018-02-27 23:14 - 000004096 _____ () C:\Users\Adrien\AppData\Local\Temp\urq5x2po.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
==================== BCD ================================
Gestionnaire de d�marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {9d67c686-20b8-11e7-9e30-806e6f6e6963}
{9d67c682-20b8-11e7-9e30-806e6f6e6963}
{9d67c680-20b8-11e7-9e30-806e6f6e6963}
{9d67c681-20b8-11e7-9e30-806e6f6e6963}
timeout 0
Gestionnaire de d�marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b1fc1a8d-20b9-11e7-9e30-c85b76febfb8}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Application logicielle (101fffff)
--------------------------------
identificateur {9d67c680-20b8-11e7-9e30-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {9d67c681-20b8-11e7-9e30-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {9d67c682-20b8-11e7-9e30-806e6f6e6963}
description EFI Network
Application logicielle (101fffff)
--------------------------------
identificateur {9d67c683-20b8-11e7-9e30-806e6f6e6963}
description EFI Network 0 for IPv4 (C8-5B-76-FE-BF-B8)
Application logicielle (101fffff)
--------------------------------
identificateur {9d67c684-20b8-11e7-9e30-806e6f6e6963}
description EFI Network 0 for IPv6 (C8-5B-76-FE-BF-B8)
Application logicielle (101fffff)
--------------------------------
identificateur {9d67c685-20b8-11e7-9e30-806e6f6e6963}
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
Application logicielle (101fffff)
--------------------------------
identificateur {9d67c686-20b8-11e7-9e30-806e6f6e6963}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
Chargeur de d�marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {bd4bc23e-2067-11e7-83d5-c85b76febfb8}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {b1fc1a8d-20b9-11e7-9e30-c85b76febfb8}
nx OptIn
bootmenupolicy Standard
Chargeur de d�marrage Windows
-----------------------------
identificateur {bd4bc23e-2067-11e7-83d5-c85b76febfb8}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{bd4bc23f-2067-11e7-83d5-c85b76febfb8}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{bd4bc23f-2067-11e7-83d5-c85b76febfb8}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {b1fc1a8d-20b9-11e7-9e30-c85b76febfb8}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {bd4bc23e-2067-11e7-83d5-c85b76febfb8}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m�moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m�moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Param�tres EMS
--------------
identificateur {emssettings}
bootems No
Param�tres du d�bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m�moire RAM
----------------------
identificateur {badmemory}
Param�tres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Param�tres du chargeur de d�marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Param�tres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Param�tres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk options
ramdisksdidevice boot
ramdisksdipath \boot\boot.sdi
Options de p�riph�rique
-----------------------
identificateur {bd4bc23f-2067-11e7-83d5-c85b76febfb8}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2018-06-03 16:05
==================== Fin de FRST.txt ============================