Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2017 Exécuté par CHAN Victor (administrateur) sur LAPTOP-0CLBGO1D (10-09-2017 16:20:10) Exécuté depuis C:\Users\CHAN Victor\Downloads Profils chargés: CHAN Victor (Profils disponibles: CHAN Victor) Platform: Windows 10 Home Version 1703 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe (Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (AO Kaspersky Lab) C:\Program Files (x86)\Orange\Orange Security Suite 10.1\avp.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxEM.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AO Kaspersky Lab) C:\Program Files (x86)\Orange\Orange Security Suite 10.1\avpui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\CHAN Victor\AppData\Roaming\Spotify\Spotify.exe (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe (HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1472000 2016-11-22] (Realtek Semiconductor) HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.) HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP) HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (HP Inc.) HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-04-24] (Disc Soft Ltd) HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\...\Run: [Spotify] => C:\Users\CHAN Victor\AppData\Roaming\Spotify\Spotify.exe [20449904 2017-09-04] (Spotify Ltd) HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\...\Run: [Spotify Web Helper] => C:\Users\CHAN Victor\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-04] (Spotify Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-02-26] ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () GroupPolicy: Restriction - Chrome <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4c04e3e2-017b-4a98-a925-a0f0d36389d2}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-10-12] (HP Inc.) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-10-12] (HP Inc.) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\CHAN Victor\AppData\Roaming\Mozilla\Firefox\Profiles\ojsphd3b.default [2017-08-19] FF Extension: (Adblock Plus) - C:\Users\CHAN Victor\AppData\Roaming\Mozilla\Firefox\Profiles\ojsphd3b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-08-19] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Orange\Orange Security Suite 10.1\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Orange\Orange Security Suite 10.1\FFExt\light_plugin_firefox\addon.xpi [2017-03-24] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-11] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.fr/ CHR StartupUrls: Default -> "hxxps://www.google.fr/" CHR DefaultSearchURL: Default -> hxxp://search.searchvzc.com/s?remove=remove&query={searchTerms} CHR Profile: C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default [2017-09-10] CHR Extension: (Google Slides) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-11] CHR Extension: (Google Docs) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-11] CHR Extension: (Google Drive) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-11] CHR Extension: (YouTube) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-11] CHR Extension: (Adblock Plus) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-13] CHR Extension: (Google Sheets) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-11] CHR Extension: (Google Docs hors connexion) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-11] CHR Extension: (Fou tournage) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbhccdddhenjmeamogpjhicnoffdood [2017-06-11] CHR Extension: (Extension de sécurité pour votre application antivirus) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgleflkdamakpmckkidkcmnmdikbbmok [2017-06-12] CHR Extension: (Google Hangouts) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-08-13] CHR Extension: (Downloads) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-09-05] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23] CHR Extension: (Gmail) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-11] CHR Extension: (Chrome Media Router) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-14] CHR Extension: (Always Weather) - C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcboldhlmhecoigccicmippjglnhhic [2017-09-10] CHR Profile: C:\Users\CHAN Victor\AppData\Local\Google\Chrome\User Data\System Profile [2017-06-11] CHR HKLM\...\Chrome\Extension: [kgleflkdamakpmckkidkcmnmdikbbmok] - hxxps://chrome.google.com/webstore/detail/kgleflkdamakpmckkidkcmnmdikbbmok CHR HKU\S-1-5-21-2543725777-4293404985-2249864547-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhmeggicckjohfhgocjieomdmmanmocd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [kgleflkdamakpmckkidkcmnmdikbbmok] - hxxps://chrome.google.com/webstore/detail/kgleflkdamakpmckkidkcmnmdikbbmok ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AVP16.0.1; C:\Program Files (x86)\Orange\Orange Security Suite 10.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab) R3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe [310240 2017-02-22] (Intel Corporation) R2 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe [488928 2017-02-22] (Intel Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-11] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-11] (Dropbox, Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-04-24] (Disc Soft Ltd) R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2208888 2016-10-20] (Intel Corporation) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [Fichier non signé] R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe [350688 2017-02-22] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation) S3 klvssbrigde64; C:\Program Files (x86)\Orange\Orange Security Suite 10.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab) S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [318464 2016-11-22] (Realtek Semiconductor) R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-12] (@ByELDI) [Fichier non signé] R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [71232 2016-10-20] (Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66624 2016-10-20] (Intel Corporation) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-06-24] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-06-24] (Disc Soft Ltd) R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-10-20] (Intel Corporation) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation) R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igdkmd64.sys [11036640 2017-02-22] (Intel Corporation) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [186352 2017-06-12] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [244720 2017-06-12] (AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [186696 2017-09-10] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1001968 2017-06-12] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [51288 2017-03-24] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [87984 2017-03-24] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [116448 2017-03-24] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab) R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7932160 2017-01-24] (Intel Corporation) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [779232 2016-11-15] (Realsil Semiconductor Corporation) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated) S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [30368 2017-06-21] (HP) U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X] S3 mfeaack01; \Device\mfeaack01.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-09-10 16:20 - 2017-09-10 16:20 - 000021996 _____ C:\Users\CHAN Victor\Downloads\FRST.txt 2017-09-10 16:19 - 2017-09-10 16:20 - 000000000 ____D C:\FRST 2017-09-10 16:19 - 2017-09-10 16:19 - 002396160 _____ (Farbar) C:\Users\CHAN Victor\Downloads\FRST64.exe 2017-09-10 16:00 - 2017-09-10 16:00 - 008182736 _____ (Malwarebytes) C:\Users\CHAN Victor\Downloads\adwcleaner_7.0.2.1.exe 2017-09-10 16:00 - 2017-09-10 16:00 - 008162248 _____ (Malwarebytes) C:\Users\CHAN Victor\Downloads\adwcleaner-7-0-0-0.exe 2017-09-10 15:40 - 2017-09-10 15:40 - 063416990 _____ C:\Users\CHAN Victor\Downloads\OOR BOL.rar 2017-09-10 15:39 - 2017-09-10 15:39 - 185627307 _____ C:\Users\CHAN Victor\Downloads\[arkaze] Batsu to Maru to Tsumi to.rar 2017-09-10 15:37 - 2017-09-10 15:46 - 122957873 _____ C:\Users\CHAN Victor\Downloads\_2010.06.02__bn_-_AtM__A__-_eimusics.com.rar 2017-09-10 15:33 - 2017-09-10 15:33 - 110069557 _____ C:\Users\CHAN Victor\Downloads\150617)__Alexandros__-_ALXD.zip 2017-09-08 12:50 - 2017-09-08 12:50 - 000037768 _____ C:\Users\CHAN Victor\Downloads\Ao no Exorcist - S02.torrent 2017-09-07 15:29 - 2017-09-07 15:29 - 000266213 _____ C:\Users\CHAN Victor\Downloads\Emploi étudiants SEFIAP.pdf 2017-09-07 15:28 - 2017-09-07 15:28 - 000091019 _____ C:\Users\CHAN Victor\Downloads\Emploi étudiant CIEL.pdf 2017-09-07 14:50 - 2017-09-07 14:50 - 000035747 _____ C:\Users\CHAN Victor\Downloads\Ao no Exorcist.torrent 2017-09-07 12:34 - 2017-09-07 12:34 - 000026057 _____ C:\Users\CHAN Victor\Downloads\Hataraku Maou-sama.torrent 2017-09-06 23:30 - 2017-09-06 23:30 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2017-09-05 19:49 - 2017-09-05 19:49 - 000005739 _____ C:\Users\CHAN Victor\Downloads\L_art_du_trading_Le_best_seller_du_trading_French_Chris83870.pdf.torrent 2017-09-03 22:22 - 2017-09-03 22:22 - 000269863 _____ C:\Users\CHAN Victor\Downloads\Renforcement mathématiques.pdf 2017-09-03 16:48 - 2017-09-03 16:48 - 000018648 _____ C:\Users\CHAN Victor\Downloads\Programme semaine d'intégration.pdf;filename-=utf-8''Programme semaine d'intégration (1).pdf 2017-09-02 19:52 - 2017-09-02 19:52 - 000017170 _____ C:\Users\CHAN Victor\Downloads\Kaichou.wa.maid-sama.saison.1.[HD].[VOSTFR].Pack.integrale.01a26.FIN.+.OAV.torrent 2017-09-02 16:46 - 2017-09-02 16:46 - 000045876 _____ C:\Users\CHAN Victor\Downloads\NHK Ni Youkoso.torrent 2017-09-02 16:25 - 2017-09-02 16:25 - 000611578 _____ C:\Users\CHAN Victor\Downloads\Zetsuen no Tempest.torrent 2017-08-31 17:39 - 2017-08-31 17:39 - 000037687 _____ C:\Users\CHAN Victor\Downloads\Usagi Drop (2).torrent 2017-08-31 17:38 - 2017-08-31 17:38 - 000037687 _____ C:\Users\CHAN Victor\Downloads\Usagi Drop (1).torrent 2017-08-31 17:37 - 2017-08-31 17:37 - 000037687 _____ C:\Users\CHAN Victor\Downloads\Usagi Drop.torrent 2017-08-31 15:18 - 2017-08-31 15:18 - 000018648 _____ C:\Users\CHAN Victor\Downloads\Programme semaine d'intégration.pdf 2017-08-31 11:38 - 2017-08-31 11:38 - 000051644 _____ C:\Users\CHAN Victor\Downloads\Convocation étudiants L1 _ mise à jour le 30 août 2017.pdf 2017-08-29 21:22 - 2017-08-29 21:22 - 000051582 _____ C:\Users\CHAN Victor\Downloads\Guilty.Crown.INTEGRALE.SUBFRENCH.720p.BluRay.x264-SiDERAL (1).torrent 2017-08-29 21:21 - 2017-08-29 21:21 - 000051582 _____ C:\Users\CHAN Victor\Downloads\Guilty.Crown.INTEGRALE.SUBFRENCH.720p.BluRay.x264-SiDERAL.torrent 2017-08-28 21:58 - 2017-08-28 21:58 - 000013084 _____ C:\Users\CHAN Victor\Downloads\Owarimonogatari vostfr S1 1080p.torrent 2017-08-28 21:24 - 2017-08-28 21:24 - 000068018 _____ C:\Users\CHAN Victor\Downloads\Monogatari Séries - 2013-2016 Full HD [ ByGirly ].torrent 2017-08-27 19:46 - 2017-08-27 19:46 - 000046640 _____ C:\Users\CHAN Victor\Downloads\Erased - Boku dake ga Inai Machi S01 - 2016 FRENCHSUB 1080p x265 - NoTag.torrent 2017-08-26 22:37 - 2017-08-26 22:37 - 000018648 _____ C:\Users\CHAN Victor\Downloads\Programme semaine d'intégration.pdf;filename-=utf-8''Programme semaine d'intégration.pdf 2017-08-26 22:19 - 2017-08-26 22:19 - 000149129 _____ C:\Users\CHAN Victor\Downloads\GTO.torrent 2017-08-25 15:56 - 2017-08-25 15:56 - 683845141 _____ C:\WINDOWS\MEMORY.DMP 2017-08-25 15:56 - 2017-08-25 15:56 - 000894724 _____ C:\WINDOWS\Minidump\082517-5046-01.dmp 2017-08-25 15:56 - 2017-08-25 15:56 - 000000000 ____D C:\WINDOWS\Minidump 2017-08-19 01:15 - 2017-08-19 01:17 - 000000000 ____D C:\Users\CHAN Victor\AppData\LocalLow\Mozilla 2017-08-19 01:15 - 2017-08-19 01:15 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-08-19 01:15 - 2017-08-19 01:15 - 000001000 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-08-19 01:15 - 2017-08-19 01:15 - 000000000 ____D C:\Users\CHAN Victor\AppData\Roaming\Mozilla 2017-08-19 01:15 - 2017-08-19 01:15 - 000000000 ____D C:\Users\CHAN Victor\AppData\Local\Mozilla 2017-08-19 01:15 - 2017-08-19 01:15 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-08-19 01:15 - 2017-08-19 01:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-08-18 02:23 - 2017-08-18 02:23 - 000437344 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll 2017-08-18 02:23 - 2017-08-18 02:23 - 000350816 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo59.dll 2017-08-18 02:23 - 2017-08-18 02:23 - 000066136 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys 2017-08-18 02:23 - 2017-08-18 02:23 - 000055384 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys 2017-08-18 02:23 - 2017-08-18 02:23 - 000053848 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys 2017-08-14 16:44 - 2017-08-26 21:29 - 000000000 ____D C:\ProgramData\Skype 2017-08-14 16:44 - 2017-08-14 16:44 - 000000000 ____D C:\Users\CHAN Victor\Tracing ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-09-10 16:18 - 2017-06-24 13:25 - 000000000 ____D C:\Users\CHAN Victor\AppData\Roaming\Spotify 2017-09-10 16:17 - 2017-06-12 18:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2017-09-10 16:08 - 2017-06-11 18:05 - 000000000 ____D C:\Users\CHAN Victor\AppData\Local\Packages 2017-09-10 16:08 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-09-10 16:08 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-09-10 16:07 - 2017-06-11 18:45 - 002874588 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-09-10 16:07 - 2017-03-20 07:10 - 001325090 _____ C:\WINDOWS\system32\perfh00C.dat 2017-09-10 16:07 - 2017-03-20 07:10 - 000313342 _____ C:\WINDOWS\system32\perfc00C.dat 2017-09-10 16:02 - 2017-06-12 00:03 - 000000000 ____D C:\AdwCleaner 2017-09-10 16:02 - 2017-06-11 18:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-09-10 16:02 - 2017-06-11 18:05 - 000000000 __SHD C:\Users\CHAN Victor\IntelGraphicsProfiles 2017-09-10 16:02 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI 2017-09-10 15:58 - 2017-06-24 11:18 - 000000290 __RSH C:\ProgramData\ntuser.pol 2017-09-10 14:55 - 2017-06-11 18:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-09-10 12:16 - 2017-06-11 21:42 - 000000000 ____D C:\Users\CHAN Victor\AppData\Roaming\vlc 2017-09-09 11:32 - 2017-07-27 07:13 - 000003390 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2543725777-4293404985-2249864547-1001 2017-09-09 11:32 - 2017-06-11 18:07 - 000002436 _____ C:\Users\CHAN Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-09-09 11:32 - 2017-06-11 18:07 - 000000000 ___RD C:\Users\CHAN Victor\OneDrive 2017-09-09 11:31 - 2017-06-24 13:25 - 000000000 ____D C:\Users\CHAN Victor\AppData\Local\Spotify 2017-09-09 11:30 - 2017-06-12 10:14 - 000000388 _____ C:\WINDOWS\Tasks\HPCeeScheduleForCHAN Victor.job 2017-09-09 01:31 - 2017-06-11 23:54 - 000000000 ____D C:\Users\CHAN Victor\AppData\Roaming\Azureus 2017-09-09 01:31 - 2017-06-11 18:45 - 000000000 ____D C:\Users\CHAN Victor 2017-09-06 23:30 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-09-05 21:44 - 2017-06-11 23:55 - 000000000 ____D C:\Users\CHAN Victor\Documents\Vuze Downloads 2017-09-04 18:55 - 2017-07-17 14:03 - 000003304 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForCHAN Victor 2017-08-30 19:25 - 2017-06-14 15:57 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-08-26 21:29 - 2017-06-11 18:07 - 000000000 ____D C:\Users\CHAN Victor\AppData\Roaming\Skype 2017-08-26 12:12 - 2017-06-11 19:06 - 000002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-26 12:12 - 2017-06-11 19:06 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-08-25 15:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-08-25 15:19 - 2017-07-17 13:53 - 000000000 ____D C:\Users\CHAN Victor\Documents\Pokémon 2017-08-24 01:13 - 2017-06-11 18:43 - 000473816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-08-18 02:23 - 2017-02-26 02:20 - 000055384 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys 2017-08-18 02:23 - 2016-09-10 08:56 - 001804688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2017-08-18 02:23 - 2016-09-10 08:56 - 000815712 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll 2017-08-18 02:23 - 2016-09-10 08:56 - 000716384 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys 2017-08-18 02:23 - 2016-09-10 08:56 - 000289376 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll Certains fichiers dans TEMP: ==================== 2017-06-12 18:13 - 2017-09-08 12:50 - 000079904 _____ () C:\Users\CHAN Victor\AppData\Local\Temp\i4jdel0.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-09-05 11:57 ==================== Fin de FRST.txt ============================