Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2017 Exécuté par anthony (administrateur) sur ANTHODIF (14-10-2017 07:15:45) Exécuté depuis C:\Users\anthony\Downloads Profils chargés: anthony (Profils disponibles: anthony) Platform: Windows 10 Home Version 1703 170317-1834 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation) C:\Windows\System32\DptfParticipantDisplayService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Gaijin Entertainment) C:\Users\anthony\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (Mega Limited) C:\Users\anthony\AppData\Local\MEGAsync\MEGAsync.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-15] (Intel Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-08-04] (ELAN Microelectronics Corp.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-05] (AVAST Software) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] () HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) HKLM\...\RunOnce: [ZHPCleaner_File1] => CMD /c DEL "C:\Users\anthony\AppData\Local\app" /F /Q HKLM\...\RunOnce: [ZHPCleaner] => C:\Users\anthony\AppData\Roaming\ZHP\ZHPCleaner.txt [1966 2017-10-14] () HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3518562360-2803998538-4168281344-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074336 2017-10-05] (Valve Corporation) HKU\S-1-5-21-3518562360-2803998538-4168281344-1001\...\Run: [uTorrent] => C:\Users\anthony\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-07-10] (BitTorrent Inc.) HKU\S-1-5-21-3518562360-2803998538-4168281344-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net) HKU\S-1-5-21-3518562360-2803998538-4168281344-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.) HKU\S-1-5-21-3518562360-2803998538-4168281344-1001\...\Run: [Gaijin.Net Agent] => C:\Users\anthony\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2115656 2017-10-07] (Gaijin Entertainment) HKU\S-1-5-21-3518562360-2803998538-4168281344-1001\...\Run: [Chromium] => "c:\users\anthony\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session HKU\S-1-5-21-3518562360-2803998538-4168281344-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd) HKU\S-1-5-21-3518562360-2803998538-4168281344-1001\...\MountPoints2: {2c6c4d96-72e8-11e7-82f5-382c4a5843c9} - "F:\LGAutoRun.exe" HKU\S-1-5-21-3518562360-2803998538-4168281344-1001\...\MountPoints2: {a5d9c769-53f1-11e7-82ee-382c4a5843c9} - "F:\autorun.exe" HKU\S-1-5-21-3518562360-2803998538-4168281344-1001\...\MountPoints2: {ddaa4084-7d47-11e7-82f5-382c4a5843c9} - "F:\autorun.exe" Startup: C:\Users\anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-08-02] ShortcutTarget: MEGAsync.lnk -> C:\Users\anthony\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) GroupPolicy: Restriction - Chrome <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{2f9e9c31-0342-47cf-a186-2ddae736bf67}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{eb9f7703-8419-4423-8210-773829b20f5d}: [DhcpNameServer] 212.27.40.241 212.27.40.240 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-3518562360-2803998538-4168281344-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3518562360-2803998538-4168281344-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-3518562360-2803998538-4168281344-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-3518562360-2803998538-4168281344-1001 -> {9970B816-CB99-4928-9962-1EFCCCB5AD53} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&intl=fr&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-10-05] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-05] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-24] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-24] (Oracle Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: 41A66E7E5EE1 FF ProfilePath: C:\Users\anthony\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 [non trouvé(e)] <==== ATTENTION FF ProfilePath: C:\Users\anthony\AppData\Roaming\Mozilla\Firefox\Profiles\lrmpcjsa.default [2016-03-05] FF Extension: (MEGA) - C:\Users\anthony\AppData\Roaming\Mozilla\Firefox\Profiles\lrmpcjsa.default\Extensions\firefox@mega.co.nz.xpi [2016-02-18] FF Extension: (Сайдекс-сканнер Цен) - C:\Users\anthony\AppData\Roaming\Mozilla\Firefox\Profiles\lrmpcjsa.default\Extensions\scanner@sidex.ru [2016-01-04] FF Extension: (Pas de nom) - C:\Users\anthony\AppData\Roaming\Mozilla\Firefox\Profiles\lrmpcjsa.default\extensions\deskCutv2@gmail.com [non trouvé(e)] FF Extension: (Pas de nom) - C:\Users\anthony\AppData\Roaming\Mozilla\Firefox\Profiles\lrmpcjsa.default\extensions\yahooprotected@gmail.com [non trouvé(e)] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] () FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-05] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-05] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-24] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-14] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin HKU\S-1-5-21-3518562360-2803998538-4168281344-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\anthony\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3518562360-2803998538-4168281344-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-07-20] () Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default CHR DefaultSearchKeyword: Default -> Yahoo CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Profile: C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default [2017-10-14] CHR Extension: (Avast Online Security) - C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-14] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-14] CHR Extension: (Chrome Media Router) - C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-14] CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [njpedbdniajflhgfoipnjkednnlkngbj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [Fichier non signé] R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-05] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-05] (AVAST Software) R2 DptfParticipantDisplayService; C:\WINDOWS\System32\DptfParticipantDisplayService.exe [141944 2014-09-15] (Intel Corporation) R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115656 2014-09-15] (Intel Corporation) R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [116680 2014-09-15] (Intel Corporation) R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148160 2014-09-15] (Intel Corporation) R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124904 2014-09-15] (Intel Corporation) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-08-14] (EasyAntiCheat Ltd) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-08-04] (ELAN Microelectronics Corp.) U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-15] (Hi-Rez Studios) [Fichier non signé] R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Fichier non signé] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-27] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation) S3 Origin Client Service; D:\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts) S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-07-01] () R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-09-17] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [Fichier non signé] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation) R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-05] (AVAST Software s.r.o.) R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-05] (AVAST Software s.r.o.) R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-05] (AVAST Software s.r.o.) R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-05] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-05] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-03] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-05] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-05] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-05] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1020536 2017-10-05] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-05] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-05] (AVAST Software) S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2015-07-03] (The OpenVPN Project) R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-05] (AVAST Software) S3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [70752 2014-09-15] (Intel Corporation) R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [145640 2014-09-15] (Intel Corporation) S3 DptfDevFan; C:\WINDOWS\System32\drivers\DptfDevFan.sys [50640 2014-09-15] (Intel Corporation) S3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [78504 2014-09-15] (Intel Corporation) R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [116752 2014-09-15] (Intel Corporation) S3 DptfDevPower; C:\WINDOWS\System32\drivers\DptfDevPower.sys [71808 2014-09-15] (Intel Corporation) R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [290256 2014-09-15] (Intel Corporation) R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [495320 2014-09-15] (Intel Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] () R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-10-13] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-10-14] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-10-14] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-10-14] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-10-14] (Malwarebytes) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation) S3 MWAC; C:\WINDOWS\system32\drivers\ [0 ] () <==== ATTENTION (zéro octet Fichier/Dossier) S3 MWAC; C:\WINDOWS\SysWOW64\drivers\ [0 ] () <==== ATTENTION (zéro octet Fichier/Dossier) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_15b1a77b889ed915\nvlddmkm.sys [15625336 2017-06-28] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-09-19] (NVIDIA Corporation) R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek ) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-10-14 07:15 - 2017-10-14 07:16 - 000024217 _____ C:\Users\anthony\Downloads\FRST.txt 2017-10-14 06:57 - 2017-10-14 06:57 - 000000000 ___HD C:\OneDriveTemp 2017-10-14 06:46 - 2017-10-14 06:46 - 000002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-10-14 06:46 - 2017-10-14 06:46 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-10-14 06:45 - 2017-10-14 06:51 - 000003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-10-14 06:45 - 2017-10-14 06:51 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-10-14 06:39 - 2017-10-14 07:12 - 000001966 _____ C:\Users\anthony\Desktop\ZHPCleaner.txt 2017-10-14 06:31 - 2017-10-14 06:31 - 002401792 _____ (Farbar) C:\Users\anthony\Downloads\FRST64.exe 2017-10-14 06:31 - 2017-10-14 06:31 - 000000000 ____D C:\Users\anthony\Downloads\FRST-OlderVersion 2017-10-14 06:27 - 2017-10-14 06:27 - 002947968 _____ C:\Users\anthony\Downloads\ZHPCleaner.exe 2017-10-14 06:25 - 2017-10-14 06:43 - 000000919 _____ C:\Users\anthony\Desktop\ZHPCleaner.lnk 2017-10-14 06:21 - 2017-10-14 06:21 - 000000000 ____D C:\ProgramData\SWCUTemp 2017-10-14 04:03 - 2017-10-14 04:03 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2017-10-13 23:11 - 2017-10-14 01:11 - 000000000 ____D C:\Users\anthony\AppData\Local\ZHP 2017-10-13 23:03 - 2017-10-14 07:15 - 000000000 ____D C:\FRST 2017-10-13 22:48 - 2017-10-14 01:11 - 000000000 ____D C:\AdwCleaner 2017-10-13 22:31 - 2017-10-14 06:53 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-10-13 22:31 - 2017-10-13 22:31 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\4AB12788.sys 2017-10-13 22:29 - 2017-10-13 22:29 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\269625CF.sys 2017-10-13 22:27 - 2017-10-14 06:53 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-10-13 22:27 - 2017-10-14 06:53 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-10-13 22:27 - 2017-10-14 06:53 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-10-13 22:27 - 2017-10-13 22:31 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-10-13 22:26 - 2017-10-14 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-10-13 22:26 - 2017-10-13 22:26 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-10-13 22:25 - 2017-10-13 22:25 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-10-13 22:25 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-10-13 22:19 - 2017-10-13 22:19 - 000000000 _____ C:\Users\anthony\AppData\Local\Save_.lock 2017-10-13 21:43 - 2017-10-13 21:43 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-10-13 20:50 - 2017-10-13 20:50 - 000000290 __RSH C:\ProgramData\ntuser.pol 2017-10-13 20:45 - 2017-10-14 01:11 - 000000000 ____D C:\Users\anthony\AppData\Roaming\IDM 2017-10-13 20:45 - 2017-10-13 21:28 - 000000000 ____D C:\Users\anthony\AppData\Roaming\DMCache 2017-10-13 20:45 - 2017-10-13 20:45 - 000000000 ____D C:\ProgramData\IDM 2017-10-13 20:29 - 2017-04-15 06:00 - 060589214 _____ C:\Users\anthony\Downloads\Malwarebytes Premium 3.0.6.1469 + Keygen [CT].rar 2017-10-13 20:24 - 2017-10-13 22:25 - 000000000 ____D C:\Program Files\Malwarebytes 2017-10-07 21:38 - 2017-10-07 21:38 - 000536520 _____ (Hola Networks Ltd.) C:\Users\anthony\Downloads\Hola-Setup.exe 2017-10-07 15:04 - 2017-10-07 15:04 - 000032910 _____ C:\Users\anthony\Downloads\[limetorrents.city]1.3D.Arena.of.Depravity.Coliseum.of.Lust.torrent 2017-10-07 15:01 - 2017-09-23 18:41 - 000000000 ____D C:\Users\anthony\Downloads\harry-potter-and-hermione-the-milf 2017-10-07 14:55 - 2017-10-07 14:57 - 007841919 _____ C:\Users\anthony\Downloads\harry-potter-and-hermione-the-milf.rar 2017-10-07 14:44 - 2017-10-07 14:44 - 000000000 ____D C:\Users\anthony\Documents\Usenet.nl 2017-10-07 10:54 - 2017-10-07 15:25 - 000000000 ____D C:\Users\anthony\AppData\LocalLow\uTorrent 2017-10-07 09:46 - 2017-10-14 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-10-07 09:46 - 2017-10-14 01:11 - 000000000 ____D C:\Program Files\CCleaner 2017-10-07 09:46 - 2017-10-13 20:13 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-10-07 09:46 - 2017-10-07 09:46 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-10-07 09:45 - 2017-10-07 09:45 - 009809688 _____ (Piriform Ltd) C:\Users\anthony\Downloads\ccsetup535.exe 2017-10-07 09:20 - 2017-10-07 09:46 - 000000000 ____D C:\Program Files\OpenVPN 2017-10-06 20:05 - 2017-10-06 20:05 - 000003800 _____ C:\WINDOWS\System32\Tasks\Yahoo! Powered rican 2017-10-05 18:29 - 2017-10-14 01:11 - 000000000 ____D C:\Users\anthony\AppData\Local\Eclipse 2017-10-05 18:27 - 2017-10-05 18:27 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2017-10-05 18:26 - 2017-10-14 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2017-10-05 18:25 - 2017-10-05 18:27 - 000000000 ____D C:\Program Files\Java 2017-10-05 18:24 - 2017-10-05 18:24 - 000000000 ____D C:\Users\anthony\AppData\LocalLow\Oracle 2017-10-05 18:19 - 2017-10-05 18:22 - 207382584 _____ (Oracle Corporation) C:\Users\anthony\Downloads\jdk-8u144-windows-x64.exe 2017-10-05 18:18 - 2017-10-05 18:18 - 048691144 _____ C:\Users\anthony\Downloads\eclipse-inst-win64.exe 2017-10-05 18:05 - 2017-10-07 11:15 - 000000000 ____D C:\Users\anthony\.p2 2017-10-05 18:05 - 2017-10-05 18:35 - 000000000 ____D C:\Users\anthony\.eclipse 2017-10-05 18:00 - 2017-10-05 18:00 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-09-24 10:56 - 2017-09-24 11:13 - 000000000 ____D C:\Users\anthony\Documents\Battlefield Heroes 2017-09-24 10:46 - 2017-10-01 15:27 - 000002579 _____ C:\Users\anthony\Desktop\Revive Heroes Launcher.lnk 2017-09-24 10:46 - 2017-10-01 15:27 - 000000000 ____D C:\Users\anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revive Network 2017-09-24 10:46 - 2017-09-24 10:46 - 000000000 ____D C:\Program Files (x86)\EA Games 2017-09-24 10:45 - 2017-09-24 10:45 - 003855864 _____ (Revive Network) C:\Users\anthony\Downloads\Setup.exe 2017-09-23 15:09 - 2017-09-23 15:09 - 001085239 _____ C:\Users\anthony\Downloads\Les-communautés-Emmaüs.pdf 2017-09-22 23:29 - 2017-09-22 23:29 - 000000000 ____D C:\ProgramData\{E6DD23BE-6C9F-A978-EA59-373A701BBCF4} 2017-09-22 23:28 - 2017-09-22 23:28 - 000000000 ____D C:\Users\anthony\AppData\Roaming\DAEMON Tools Lite 2017-09-22 23:27 - 2017-09-22 23:27 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2017-09-22 23:26 - 2017-09-22 23:26 - 000790488 _____ (Disc Soft Ltd.) C:\Users\anthony\Downloads\daemon-tools-lite_10-6-0_fr_10729.exe 2017-09-22 23:26 - 2017-09-22 23:26 - 000000000 ____D C:\ProgramData\DAEMON Tools Pro 2017-09-22 23:21 - 2017-09-22 23:23 - 032227824 _____ (Disc Soft Ltd) C:\Users\anthony\Downloads\DTPro820-0708.exe 2017-09-22 20:21 - 2017-09-22 20:22 - 031641600 _____ C:\Users\anthony\Downloads\EpicInstaller-6.3.0-fortnite-a3f4f7817dbb4a938bcd4962ef6b5fc9.msi 2017-09-22 20:17 - 2017-09-22 20:17 - 004792064 _____ (MY.COM B.V.) C:\Users\anthony\Downloads\RevelationOnlineLoader_be63e7721924533b7f985db3681d9086__en.exe 2017-09-19 18:47 - 2017-09-19 18:47 - 000016169 _____ C:\Users\anthony\Downloads\[katcr.co][1By Day] Finger Fucking Wonder - Solo Play Saves the Day - Anissa Kate [DC Comics].torrent 2017-09-19 18:44 - 2017-09-19 18:44 - 000661382 _____ C:\Users\anthony\Downloads\Non confirmé 25976.crdownload 2017-09-19 18:44 - 2017-09-19 18:44 - 000015683 _____ C:\Users\anthony\Downloads\Finger-Fucking-Wonder-Solo-Play-Saves-The-Day.torrent 2017-09-19 18:44 - 2017-09-19 18:44 - 000005400 _____ C:\Users\anthony\Downloads\anissa-kate_-_finger-fucking-wonder-solo-play-saves-the-day_53311d1_720_6500 mp4.torrent 2017-09-19 18:42 - 2017-09-19 18:43 - 000661472 _____ C:\Users\anthony\Downloads\anissakate_fingerfuckingwondersoloplaysavestheday.zip 2017-09-18 17:24 - 2017-09-18 17:25 - 000000000 ____D C:\Users\anthony\Desktop\EduPython 2017-09-17 11:47 - 2017-09-17 11:47 - 000000000 ___HD C:\$AV_ASW 2017-09-17 11:46 - 2017-09-17 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EduPython 2017-09-17 11:41 - 2017-09-17 11:41 - 000000000 ____D C:\EduPython 2017-09-16 11:17 - 2017-09-16 11:50 - 3104062184 _____ C:\Users\anthony\Downloads\AdaywithRileyReid.7z 2017-09-14 19:06 - 2017-09-14 20:22 - 000001751 _____ C:\Users\Public\Desktop\League of Legends.lnk 2017-09-14 19:06 - 2017-09-14 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2017-09-14 19:02 - 2017-09-14 19:03 - 031876824 _____ (Riot Games) C:\Users\anthony\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-10-14 07:13 - 2015-07-04 08:59 - 000000000 ____D C:\Users\anthony\AppData\Local\CrashDumps 2017-10-14 07:12 - 2016-03-05 10:21 - 000000000 ____D C:\Users\anthony\AppData\Roaming\ZHP 2017-10-14 06:57 - 2015-07-02 17:32 - 000000000 __RDO C:\Users\anthony\OneDrive 2017-10-14 06:55 - 2017-06-07 20:16 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-10-14 06:55 - 2015-07-02 17:24 - 000000000 __SHD C:\Users\anthony\IntelGraphicsProfiles 2017-10-14 06:54 - 2017-06-07 20:14 - 000000000 ____D C:\ProgramData\NVIDIA 2017-10-14 06:54 - 2016-09-17 16:00 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2017-10-14 06:53 - 2017-06-07 20:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-10-14 06:52 - 2017-03-18 13:40 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2017-10-14 06:51 - 2016-03-04 21:01 - 000000000 ____D C:\Users\anthony\AppData\Local\app 2017-10-14 06:46 - 2015-07-02 17:45 - 000000000 ____D C:\Users\anthony\AppData\Local\Google 2017-10-14 06:45 - 2015-09-07 18:18 - 000000000 ____D C:\Users\anthony\AppData\Roaming\Skype 2017-10-14 06:45 - 2015-07-02 17:45 - 000000000 ____D C:\Program Files (x86)\Google 2017-10-14 06:24 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-10-14 06:24 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-10-14 06:14 - 2017-06-07 20:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-10-14 04:03 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-10-14 04:03 - 2015-07-04 17:25 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-10-14 04:03 - 2015-07-04 17:25 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-10-14 01:11 - 2017-09-11 18:29 - 000000000 ____D C:\Users\anthony\.analyseSI 2017-10-14 01:11 - 2017-07-10 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-10-14 01:11 - 2017-06-07 20:17 - 000000000 ____D C:\Users\anthony 2017-10-14 01:11 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\PrintDialog 2017-10-14 01:11 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-10-14 01:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2017-10-14 01:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-10-14 01:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\DDFs 2017-10-14 01:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-10-14 01:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2017-10-14 01:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\L2Schemas 2017-10-14 01:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Globalization 2017-10-14 01:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\appcompat 2017-10-14 01:11 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-10-14 01:11 - 2015-12-28 18:46 - 000000000 ____D C:\Users\anthony\AppData\Roaming\vlc 2017-10-14 01:11 - 2015-09-05 10:01 - 000000000 ____D C:\Users\anthony\AppData\Local\Black_Tree_Gaming 2017-10-14 01:11 - 2015-08-14 13:53 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2017-10-14 01:11 - 2015-07-02 17:54 - 000000000 ____D C:\Program Files (x86)\Steam 2017-10-14 01:11 - 2015-07-02 17:25 - 000000000 ____D C:\Users\anthony\AppData\Local\ASUS 2017-10-14 01:11 - 2014-09-16 06:00 - 000000000 ____D C:\ProgramData\P4G 2017-10-14 01:11 - 2014-09-16 05:36 - 000000000 ____D C:\Program Files (x86)\Qualcomm Atheros 2017-10-14 01:11 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-10-14 00:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\registration 2017-10-14 00:20 - 2017-06-07 20:38 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A91021AA-E36E-4AAF-A818-0938FE5E7638} 2017-10-13 22:30 - 2017-08-05 22:37 - 000000000 ___RD C:\Users\anthony\Desktop\Doc 2017-10-13 22:15 - 2015-07-04 08:49 - 000000000 ____D C:\Users\anthony\AppData\Local\Ubisoft Game Launcher 2017-10-13 21:29 - 2017-06-07 20:37 - 002607410 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-10-13 21:29 - 2017-03-20 07:10 - 001178826 _____ C:\WINDOWS\system32\perfh00C.dat 2017-10-13 21:29 - 2017-03-20 07:10 - 000271658 _____ C:\WINDOWS\system32\perfc00C.dat 2017-10-13 21:17 - 2015-09-07 18:31 - 000000000 ____D C:\Users\anthony\AppData\Roaming\TS3Client 2017-10-13 21:02 - 2016-07-21 23:12 - 000000000 ____D C:\Users\anthony\AppData\Roaming\uTorrent 2017-10-13 21:00 - 2017-06-24 12:44 - 000000000 ____D C:\WINDOWS\Minidump 2017-10-13 20:12 - 2017-06-07 20:38 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2017-10-08 17:20 - 2017-06-07 20:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2017-10-07 11:04 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-10-07 09:49 - 2017-05-28 09:21 - 000000000 ___DC C:\WINDOWS\Panther 2017-10-07 09:49 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-10-07 08:51 - 2016-10-02 10:01 - 000000000 ____D C:\Users\anthony\AppData\Local\ElevatedDiagnostics 2017-10-06 20:05 - 2017-06-07 20:38 - 000002318 _____ C:\WINDOWS\System32\Tasks\{04CCCF0C-C9EF-4C13-A99E-8E51964B5473} 2017-10-06 20:04 - 2017-09-02 16:52 - 000002926 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher 2017-10-06 20:04 - 2017-07-18 15:07 - 000002920 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3518562360-2803998538-4168281344-1001 2017-10-06 20:04 - 2017-06-07 20:38 - 000003510 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-10-06 20:04 - 2017-06-07 20:38 - 000003458 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-10-06 20:04 - 2017-06-07 20:38 - 000003442 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1468270864 2017-10-06 20:04 - 2017-06-07 20:38 - 000003236 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-10-06 20:04 - 2017-06-07 20:38 - 000003044 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-10-06 20:04 - 2017-06-07 20:38 - 000003028 _____ C:\WINDOWS\System32\Tasks\Update Checker 2017-10-06 20:04 - 2017-06-07 20:38 - 000003028 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-10-06 20:04 - 2017-06-07 20:38 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-10-06 20:04 - 2017-06-07 20:38 - 000003010 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3 2017-10-06 20:04 - 2017-06-07 20:38 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3518562360-2803998538-4168281344-500 2017-10-06 20:04 - 2017-06-07 20:38 - 000002898 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-10-06 20:04 - 2017-06-07 20:38 - 000002890 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2017-10-06 20:04 - 2017-06-07 20:38 - 000002878 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2017-10-06 20:04 - 2017-06-07 20:38 - 000002846 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-10-06 20:04 - 2017-06-07 20:38 - 000002804 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-10-06 20:04 - 2017-06-07 20:38 - 000002572 _____ C:\WINDOWS\System32\Tasks\GridinSoft Anti-Malware 2017-10-06 20:04 - 2017-06-07 20:38 - 000002456 _____ C:\WINDOWS\System32\Tasks\Trojan Remover 2017-10-06 20:04 - 2017-06-07 20:38 - 000002332 _____ C:\WINDOWS\System32\Tasks\ASUS P4G 2017-10-06 20:04 - 2017-06-07 20:38 - 000002326 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ColorU 2017-10-06 20:04 - 2017-06-07 20:38 - 000002310 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON 2017-10-06 20:04 - 2017-06-07 20:38 - 000002248 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus 2017-10-06 20:04 - 2017-06-07 20:38 - 000002240 _____ C:\WINDOWS\System32\Tasks\RtHDVBg 2017-10-06 20:04 - 2017-06-07 20:38 - 000002234 _____ C:\WINDOWS\System32\Tasks\RTKCPL 2017-10-06 20:04 - 2017-06-07 20:38 - 000002234 _____ C:\WINDOWS\System32\Tasks\P4GIntlCtrl 2017-10-06 17:29 - 2015-07-02 17:26 - 000000074 _____ C:\Users\anthony\AppData\Roaming\sp_data.sys 2017-10-06 17:28 - 2017-09-03 15:10 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2017-10-05 18:01 - 2017-06-07 19:06 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2017-10-05 18:00 - 2015-07-03 13:02 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-10-05 18:00 - 2015-07-03 13:02 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-10-05 18:00 - 2015-07-03 13:02 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-10-05 18:00 - 2015-07-03 13:02 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-10-05 18:00 - 2015-07-03 13:02 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-10-05 18:00 - 2015-07-03 13:02 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-10-05 18:00 - 2015-07-03 13:02 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-10-05 18:00 - 2015-07-03 12:57 - 000000000 ____D C:\ProgramData\AVAST Software 2017-10-05 17:59 - 2017-02-10 18:42 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-10-05 17:59 - 2017-02-10 18:42 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-10-05 17:59 - 2017-02-10 18:42 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-10-05 17:59 - 2017-02-10 18:42 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-10-05 17:59 - 2015-07-03 13:02 - 001020536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-10-01 15:27 - 2015-12-31 10:13 - 000000000 ____D C:\Users\anthony\AppData\Local\SquirrelTemp 2017-09-30 21:45 - 2017-06-07 20:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-09-23 14:39 - 2015-07-10 11:38 - 000000000 ____D C:\ProgramData\Origin 2017-09-23 13:43 - 2015-07-10 11:40 - 000000000 ____D C:\Users\anthony\AppData\Roaming\Origin 2017-09-23 13:42 - 2015-11-10 18:05 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2017-09-23 13:42 - 2015-08-14 14:04 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr 2017-09-23 13:41 - 2015-11-10 18:05 - 000280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2017-09-22 20:26 - 2017-01-27 23:58 - 000000000 ____D C:\Users\anthony\AppData\Local\UnrealEngine 2017-09-22 18:32 - 2017-06-07 20:14 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-09-22 18:31 - 2016-09-02 19:15 - 000001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-09-22 18:30 - 2017-06-07 20:14 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-09-19 18:46 - 2015-08-04 12:24 - 000000000 ____D C:\Users\anthony\AppData\Local\Publishers 2017-09-19 09:23 - 2017-07-03 21:39 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-09-19 09:23 - 2017-06-25 09:13 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-09-19 09:23 - 2017-06-25 09:13 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-09-19 09:23 - 2016-09-02 19:15 - 001923008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-09-19 09:23 - 2016-09-02 19:15 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2017-09-19 09:23 - 2016-09-02 19:15 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-09-19 09:23 - 2016-09-02 19:15 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2017-09-19 09:23 - 2016-09-02 19:15 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-09-18 23:29 - 2017-02-04 12:05 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-09-18 17:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache 2017-09-17 13:42 - 2015-11-10 18:05 - 000076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe 2017-09-16 14:38 - 2015-08-08 13:55 - 000000000 ____D C:\Users\anthony\AppData\Local\Battle.net 2017-09-14 19:08 - 2016-06-11 20:06 - 000000000 ____D C:\Users\anthony\AppData\Roaming\Riot Games 2017-09-14 18:55 - 2015-08-04 12:27 - 000002459 _____ C:\Users\anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk ==================== Fichiers à la racine de certains dossiers ======= 2015-07-02 17:26 - 2017-10-06 17:29 - 000000074 _____ () C:\Users\anthony\AppData\Roaming\sp_data.sys 2017-10-13 22:19 - 2017-10-13 22:19 - 000000000 _____ () C:\Users\anthony\AppData\Local\Save_.lock 2017-06-07 20:16 - 2017-06-07 20:16 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2017-06-07 19:08 - 2017-06-07 19:08 - 000000016 _____ () C:\ProgramData\mntemp 2017-06-07 19:08 - 2017-06-07 19:08 - 000005112 _____ () C:\ProgramData\mudtcpaz.vzs 2014-05-15 17:58 - 2012-09-07 13:37 - 000000103 _____ () C:\ProgramData\SetStretch.VBS Certains fichiers dans TEMP: ==================== 2017-10-13 22:19 - 2017-09-14 18:08 - 068408664 _____ (Malwarebytes ) C:\Users\anthony\AppData\Local\Temp\mb3-setup-consumer-3.2.2.2029.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-10-14 01:48 ==================== Fin de FRST.txt ============================