Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018 Exécuté par BETTY (administrateur) sur DESKTOP-IMN6HUG (07-02-2018 10:53:41) Exécuté depuis C:\Users\BETTY\Desktop Profils chargés: BETTY (Profils disponibles: BETTY) Platform: Windows 10 Home Version 1709 16299.192 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Edge) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.12711.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe () C:\Users\BETTY\Downloads\ZHPDiag3.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\downloader.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-11-01] (Realtek Semiconductor) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated) HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-06-21] (CyberLink Corp.) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.) HKU\S-1-5-21-1115328380-3178562529-362793469-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1104288 2015-09-24] (Adobe Systems Incorporated) HKU\S-1-5-21-1115328380-3178562529-362793469-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-13] (Piriform Ltd) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{076c2457-aec6-41ca-8341-fcfa32d6ec23}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{c466110b-7208-48ef-af4e-49d863f24f47}: [DhcpNameServer] 8.8.8.8 4.2.2.1 Tcpip\..\Interfaces\{ddc69522-d714-4094-b97d-5a19e71f60e1}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1115328380-3178562529-362793469-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00 BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2018-02-01] (Bitdefender) BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2018-02-01] (Bitdefender) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated) Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2018-02-01] (Bitdefender) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2018-02-01] (Bitdefender) FireFox: ======== FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff [2017-10-16] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-03-09] [Legacy] [non signé] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-12-01] [Legacy] [non signé] FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-21] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems) Chrome: ======= CHR NewTab: Default -> Not-active:"chrome-extension://pebplbnpogfdllkijjlabbjbbngdadjl/product.html", Not-active:"chrome-extension://cdjhndfbaogbefigkgoohcpjanfmnhhk/newtab/slim_newtabpage.html" CHR Profile: C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default [2018-02-07] CHR Extension: (Slides) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17] CHR Extension: (Docs) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17] CHR Extension: (Google Drive) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-28] CHR Extension: (YouTube) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-28] CHR Extension: (Coupon Unity) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdjhndfbaogbefigkgoohcpjanfmnhhk [2017-12-12] CHR Extension: (Sheets) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17] CHR Extension: (Bitdefender Wallet) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2017-05-02] CHR Extension: (Google Docs hors connexion) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-01] CHR Extension: (Kids on he world) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbgbehncnmkdgphpbagfcfomjpighmih [2018-01-21] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-01] CHR Extension: (ConvertDocsOnline) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pebplbnpogfdllkijjlabbjbbngdadjl [2018-02-07] CHR Extension: (Gmail) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-28] CHR Extension: (Chrome Media Router) - C:\Users\BETTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-07] CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2090152 2017-10-16] (Bitdefender) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [121560 2015-07-20] () R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-18] (Intel Corporation) R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-07-13] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-21] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [Fichier non signé] R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [326656 2016-11-01] (Realtek Semiconductor) R2 ServiceDevMgmt; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [103072 2017-12-04] (Bitdefender) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-17] (Synaptics Incorporated) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [118096 2018-02-01] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1170712 2018-02-01] (Bitdefender) R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1058784 2018-02-01] (BitDefender S.R.L. Bucharest, ROMANIA) R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1765336 2018-02-01] (BitDefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [133088 2017-07-27] (BitDefender LLC) R2 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [47376 2017-12-06] (© Bitdefender SRL) R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender) R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation) R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55816 2015-08-18] (Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-18] (Intel Corporation) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-11] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-11] (Disc Soft Ltd) R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-18] (Intel Corporation) R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [187688 2017-10-16] (BitDefender LLC) R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [5744568 2015-07-13] (Intel Corporation) R0 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [338744 2018-02-01] (Bitdefender) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek ) R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [723920 2017-07-20] (Realtek Semiconductor Corporation) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-21] (Realsil Semiconductor Corporation) R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6895984 2017-08-17] (Realtek Semiconductor Corporation ) S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-13] (Synaptics Incorporated) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-17] (Synaptics Incorporated) R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [439576 2017-10-16] (BitDefender S.R.L.) R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30368 2017-06-21] (HP) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-02-07 10:53 - 2018-02-07 10:56 - 000022221 _____ C:\Users\BETTY\Desktop\FRST.txt 2018-02-07 10:53 - 2018-02-07 10:53 - 000000000 ____D C:\FRST 2018-02-07 10:52 - 2018-02-07 10:52 - 002393088 _____ (Farbar) C:\Users\BETTY\Desktop\FRST64.exe 2018-02-07 10:43 - 2018-02-07 10:43 - 000000000 ____D C:\Users\BETTY\AppData\Roaming\Google 2018-02-07 09:56 - 2018-02-07 09:56 - 000139503 _____ C:\Users\BETTY\Desktop\ZHPDiag.txt 2018-02-07 09:44 - 2018-02-07 09:49 - 000000000 ____D C:\Users\BETTY\AppData\Roaming\ZHP 2018-02-07 09:44 - 2018-02-07 09:44 - 000000872 _____ C:\Users\BETTY\Desktop\ZHPDiag.lnk 2018-02-07 09:44 - 2018-02-07 09:44 - 000000000 ____D C:\Users\BETTY\AppData\Local\ZHP 2018-02-07 09:42 - 2018-02-07 09:42 - 002987904 _____ C:\Users\BETTY\Downloads\ZHPDiag3.exe 2018-02-07 09:14 - 2018-02-07 09:14 - 000000000 ____D C:\Users\BETTY\AppData\Temp 2018-02-06 06:40 - 2018-02-06 06:41 - 005082928 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-02-05 18:13 - 2018-02-05 18:15 - 000000000 ____D C:\Users\BETTY\Desktop\Photos massala Chrsitiane 2018-02-05 06:13 - 2018-02-05 06:13 - 000001728 _____ C:\Users\BETTY\Desktop\InDesign (2).lnk 2018-02-03 11:31 - 2016-06-17 17:11 - 016621372 _____ C:\Users\BETTY\Desktop\Bible essénienne.pdf 2018-02-02 05:34 - 2018-02-02 05:35 - 000002414 _____ C:\Users\BETTY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-01-22 12:49 - 2018-01-23 04:27 - 000000000 ____D C:\Users\BETTY\Desktop\ACCOMPAGNEMENT LUCE 2018-01-16 12:22 - 2018-01-16 12:22 - 000000752 _____ C:\Users\BETTY\Images - Raccourci.lnk ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-02-07 10:27 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-02-07 10:26 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-02-07 10:26 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-02-07 09:52 - 2017-10-08 18:13 - 000000000 ____D C:\Users\BETTY\Desktop\A classer 2018-02-07 09:24 - 2016-10-12 09:33 - 000000000 ____D C:\Users\BETTY\AppData\Local\CrashDumps 2018-02-07 08:06 - 2017-12-24 11:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-02-07 05:31 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-02-07 05:29 - 2016-08-12 13:25 - 000000000 ____D C:\Users\BETTY\Documents\YouCam 2018-02-07 05:17 - 2016-11-01 20:05 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2018-02-07 05:17 - 2016-08-12 13:24 - 000000000 __SHD C:\Users\BETTY\IntelGraphicsProfiles 2018-02-07 05:16 - 2017-12-24 12:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-02-06 21:56 - 2017-09-29 03:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-02-06 21:56 - 2016-09-02 13:04 - 000051888 _____ C:\bdlog.txt 2018-02-06 21:55 - 2017-02-09 10:49 - 000000000 ____D C:\Users\BETTY\AppData\Roaming\vlc 2018-02-06 21:15 - 2017-12-24 13:24 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-02-06 21:15 - 2016-08-28 13:51 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-02-06 15:36 - 2017-05-08 13:33 - 000000600 _____ C:\Users\BETTY\AppData\Local\PUTTY.RND 2018-02-06 15:36 - 2016-10-11 14:00 - 000000000 ____D C:\Users\BETTY\AppData\Roaming\FileZilla 2018-02-06 06:49 - 2017-12-24 11:54 - 002237102 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-02-06 06:49 - 2017-09-30 09:40 - 000996542 _____ C:\WINDOWS\system32\perfh00C.dat 2018-02-06 06:49 - 2017-09-30 09:40 - 000216812 _____ C:\WINDOWS\system32\perfc00C.dat 2018-02-05 21:49 - 2017-09-29 08:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2018-02-05 21:49 - 2017-09-29 08:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-02-04 21:10 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-02-04 15:29 - 2017-09-29 03:45 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2018-02-02 05:35 - 2017-12-24 12:27 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1115328380-3178562529-362793469-1001 2018-02-02 05:35 - 2016-08-12 13:30 - 000000000 ___RD C:\Users\BETTY\OneDrive 2018-02-01 18:10 - 2017-03-27 09:22 - 000338744 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys 2018-02-01 17:41 - 2017-10-16 19:29 - 001058784 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys 2018-02-01 17:38 - 2017-03-27 09:23 - 001765336 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys 2018-02-01 16:25 - 2016-11-11 12:02 - 000001456 _____ C:\Users\BETTY\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2018-02-01 16:14 - 2016-08-28 13:05 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2018-02-01 16:01 - 2017-12-24 12:27 - 000004212 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2018-01-28 04:04 - 2017-12-29 08:53 - 000000000 ____D C:\Users\BETTY\Desktop\photos morgane 2018-01-27 13:26 - 2017-12-29 08:22 - 000000000 ____D C:\Users\BETTY\Desktop\PHOTOS A TRIER 2018-01-25 05:37 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF 2018-01-16 12:22 - 2017-12-24 11:55 - 000000000 ____D C:\Users\BETTY 2018-01-09 23:42 - 2016-10-11 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2018-01-09 23:42 - 2016-10-11 13:59 - 000000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2018-01-09 13:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache 2018-01-09 13:38 - 2016-10-23 09:30 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-01-09 13:30 - 2017-12-18 21:43 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-01-09 13:30 - 2016-10-23 09:30 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======= 2017-02-09 11:18 - 2017-02-09 11:18 - 000000112 _____ () C:\Users\BETTY\AppData\Roaming\Préfs JP2K CS6 2017-12-04 12:19 - 2017-12-04 12:19 - 000000600 _____ () C:\Users\BETTY\AppData\Roaming\PUTTY.RND 2016-11-11 12:02 - 2018-02-01 16:25 - 000001456 _____ () C:\Users\BETTY\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2016-08-12 13:24 - 2018-02-07 05:18 - 002431493 _____ () C:\Users\BETTY\AppData\Local\BTServer.log 2017-05-08 13:33 - 2018-02-06 15:36 - 000000600 _____ () C:\Users\BETTY\AppData\Local\PUTTY.RND ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2018-02-06 14:51 ==================== Fin de FRST.txt ============================