Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01 Exécuté par Adrien (administrateur) sur LAPTOP-01I5EG8F (10-06-2018 23:07:44) Exécuté depuis C:\Users\Adrien\Desktop Profils chargés: Adrien (Profils disponibles: defaultuser0 & Adrien) Platform: Windows 10 Home Version 1607 14393.2189 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119411.inf_amd64_d6ea01ae53d6e8e1\igfxCUIService.exe (Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119411.inf_amd64_d6ea01ae53d6e8e1\IntelCpHDCPSvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe (Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe (Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2018\Moldflow\bin\mitsijm.exe (Nitro Software, Inc.) C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (pdfforge GmbH) C:\Program Files\PDF Architect 5\creator\common\creator-ws.exe (© pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119411.inf_amd64_d6ea01ae53d6e8e1\IntelCpHeciSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Microsoft Corporation) C:\Windows\System32\Locator.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119411.inf_amd64_d6ea01ae53d6e8e1\igfxEM.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenter.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\HotkeyMonitor.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16779768 2016-12-23] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1478144 2016-12-23] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1478144 2016-12-23] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1478144 2016-12-23] (Realtek Semiconductor) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] () HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft) HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2017-01-17] (Autodesk, Inc.) HKLM\...\Run: [DisplayLinkUI] => C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe [2153608 2017-11-30] (DisplayLink Corp.) HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [709416 2018-03-10] (Autodesk, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation) HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Adrien\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.) HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.) HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [uTorrent] => C:\Users\Adrien\AppData\Roaming\uTorrent\uTorrent.exe [1985984 2017-09-24] (BitTorrent Inc.) HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3201312 2018-06-09] (Valve Corporation) HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc.) HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd) HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe [375296 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\Policies\Explorer: [] HKU\S-1-5-21-3155280313-586542796-1692200818-1001\...\MountPoints2: {f7853aa8-c247-11e7-83e5-3c95094c28cc} - "F:\SETUP.EXE" HKU\S-1-5-21-3155280313-586542796-1692200818-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{52bf54de-ccd0-489a-8b20-f5048ec6a5f0}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{cd677dbc-012e-4789-a516-c06c17bf2e52}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{f4b17e6a-f145-4fb3-9723-32f25bde3e37}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3155280313-586542796-1692200818-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-3155280313-586542796-1692200818-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-3155280313-586542796-1692200818-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-12] (Oracle Corporation) BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator\plugins\IEAddin\creator-ie-helper.dll [2017-11-29] (pdfforge GmbH) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-12] (Oracle Corporation) Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2017-11-29] (pdfforge GmbH) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: q2ju0s8m.default FF ProfilePath: C:\Users\Adrien\AppData\Roaming\Mozilla\Firefox\Profiles\q2ju0s8m.default [2018-06-10] FF Extension: (MetaMask) - C:\Users\Adrien\AppData\Roaming\Mozilla\Firefox\Profiles\q2ju0s8m.default\Extensions\webextension@metamask.io.xpi [2018-03-07] FF Extension: (Adblock Plus) - C:\Users\Adrien\AppData\Roaming\Mozilla\Firefox\Profiles\q2ju0s8m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-18] FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\Adrien\AppData\Roaming\Mozilla\Firefox\Profiles\q2ju0s8m.default\features\{2a85f5a3-9cc4-4589-b6ba-a6993e3384b6}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-05-31] [Legacy] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-12] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-12] (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-21] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-21] (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1374072 2018-03-10] (Autodesk Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-04-17] () S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (Lenovo) R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163336 2016-09-19] () S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-17] (EasyAntiCheat Ltd) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134872 2017-11-08] (ELAN Microelectronics Corp.) R2 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (Lenovo(beijing) Limited) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation) R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25312 2016-11-01] (Intel Corporation) S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [34528 2016-11-01] (Intel Corporation) S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-14] (Intel Corporation) R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-17] (Intel(R) Corporation) R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-17] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-11-08] (Intel Corporation) R2 mitsijm2018; C:\Program Files\Autodesk\Inventor 2018\Moldflow\bin\mitsijm.exe [967664 2016-09-26] (Autodesk, Inc.) R2 NitroReaderDriverReadSpool5; C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe [327328 2016-08-02] (Nitro Software, Inc.) R2 osrss; C:\Windows\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation) S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2832560 2017-11-29] (pdfforge GmbH) R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator\common\creator-ws.exe [874680 2017-11-29] (pdfforge GmbH) R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (© pdfforge GmbH.) R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (Lenovo(beijing) Limited) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-12-05] (TeamViewer GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-31] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-31] (Microsoft Corporation) R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 BHTPCRDR; C:\Windows\System32\drivers\bhtpcrdr.sys [173432 2016-08-11] (BayHubTech/O2Micro ) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-11-13] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-11-13] (Disc Soft Ltd) R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [32336 2016-11-24] (ELAN Microelectronic Corp.) S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo(beijing) Limited) R1 MpKsl9482d343; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7BECDAA5-CB63-4F45-9FAD-C8C7FD06699C}\MpKsl9482d343.sys [58120 2018-06-07] (Microsoft Corporation) R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_a061a5d566db3269\nvlddmkm.sys [17038280 2018-03-16] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-09-16] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek ) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3146760 2016-09-13] (Realtek Semiconductor Corp.) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-05-31] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [313384 2018-05-31] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-31] (Microsoft Corporation) R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-06-10 23:07 - 2018-06-10 23:08 - 000022140 _____ C:\Users\Adrien\Desktop\FRST.txt 2018-06-10 23:07 - 2018-06-10 23:07 - 000000000 ____D C:\FRST 2018-06-10 23:06 - 2018-06-10 23:06 - 002413056 _____ (Farbar) C:\Users\Adrien\Desktop\FRST64.exe 2018-06-10 20:55 - 2018-06-10 20:56 - 000000000 ___HD C:\$WINDOWS.~BT 2018-06-10 20:55 - 2018-06-10 20:55 - 000000000 ____D C:\Windows.old 2018-06-10 20:34 - 2018-06-10 20:34 - 000355080 _____ C:\Users\Adrien\Desktop\ZHPDiag.txt 2018-06-10 20:18 - 2018-06-10 20:34 - 000000000 ____D C:\Users\Adrien\AppData\Roaming\ZHP 2018-06-10 20:18 - 2018-06-10 20:18 - 000000919 _____ C:\Users\Adrien\Desktop\ZHPDiag.lnk 2018-06-10 20:18 - 2018-06-10 20:18 - 000000000 ____D C:\Users\Adrien\AppData\Local\ZHP 2018-06-10 20:15 - 2018-06-10 20:17 - 003124608 _____ C:\Users\Adrien\Downloads\ZHPDiag3.exe 2018-06-09 20:05 - 2018-06-10 20:12 - 077309488 _____ (Malwarebytes ) C:\Users\Adrien\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5402.exe 2018-06-09 19:24 - 2018-06-09 19:24 - 000000000 ____D C:\Windows\UpdateAssistant 2018-06-06 12:28 - 2018-06-06 12:28 - 000268323 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud(5).pdf 2018-06-06 12:26 - 2018-06-06 12:26 - 000262184 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud(4).pdf 2018-06-06 12:23 - 2018-06-06 12:23 - 000263679 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud(3).pdf 2018-06-06 11:22 - 2018-06-06 11:22 - 000264041 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud(2).pdf 2018-06-06 10:08 - 2018-06-06 10:08 - 000234895 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud(1).pdf 2018-06-05 10:40 - 2018-06-05 10:40 - 000247963 _____ C:\Users\Adrien\Downloads\Services Agreement_Veoo Ltd - Adrien Baboud.pdf 2018-06-05 10:38 - 2018-06-06 14:29 - 000000000 ____D C:\Users\Adrien\Documents\VEOO 2018-05-19 09:28 - 2018-05-19 09:28 - 000000000 ____D C:\Users\Adrien\AppData\Local\ElevatedDiagnostics 2018-05-18 16:36 - 2018-05-18 16:36 - 000099022 _____ C:\Users\Adrien\Downloads\ADRIEN BABOUD CV.pdf 2018-05-12 03:08 - 2018-05-12 03:08 - 000000000 ____D C:\Program Files (x86)\Gravity 2018-05-11 22:43 - 2018-05-11 23:10 - 2102421722 _____ (Gravity) C:\Users\Adrien\Downloads\setup.exe ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-06-10 23:05 - 2016-07-29 19:26 - 000000000 ____D C:\Windows\system32\SleepStudy 2018-06-10 20:58 - 2017-09-21 12:15 - 000000000 ____D C:\Users\Adrien\AppData\Local\ClassicShell 2018-06-10 20:56 - 2016-07-29 20:19 - 000000000 ____D C:\Windows\Panther 2018-06-10 20:40 - 2017-09-21 09:58 - 000000000 ____D C:\Users\Adrien\AppData\LocalLow\Mozilla 2018-06-10 20:19 - 2017-09-21 14:03 - 000000000 ____D C:\Users\Adrien\AppData\Roaming\Skype 2018-06-10 20:03 - 2017-04-13 19:21 - 000000000 ____D C:\ProgramData\NVIDIA 2018-06-10 19:57 - 2017-09-24 19:08 - 000000000 ____D C:\Program Files (x86)\Steam 2018-06-10 19:55 - 2017-09-21 15:41 - 000000000 __SHD C:\Users\Adrien\IntelGraphicsProfiles 2018-06-10 19:50 - 2016-07-29 19:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-06-10 07:39 - 2016-07-16 08:04 - 000032768 _____ C:\Windows\system32\config\ELAM 2018-06-10 07:14 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\Registration 2018-06-10 07:13 - 2017-04-13 19:38 - 000017148 _____ C:\Windows\diagwrn.xml 2018-06-10 07:13 - 2017-04-13 19:38 - 000017148 _____ C:\Windows\diagerr.xml 2018-06-09 20:04 - 2017-09-21 09:58 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-06-09 20:04 - 2017-09-21 09:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-06-09 20:04 - 2017-09-21 09:57 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-06-09 20:04 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness 2018-06-09 20:03 - 2017-04-14 04:25 - 001020610 _____ C:\Windows\system32\perfh00C.dat 2018-06-09 20:03 - 2017-04-14 04:25 - 000230874 _____ C:\Windows\system32\perfc00C.dat 2018-06-09 20:03 - 2016-07-29 19:31 - 002438110 _____ C:\Windows\system32\PerfStringBackup.INI 2018-06-09 20:00 - 2017-09-21 15:40 - 000000000 ____D C:\Users\Adrien 2018-06-09 19:58 - 2018-03-06 17:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2018-06-09 19:09 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps 2018-06-07 15:53 - 2017-09-21 15:41 - 000000000 ____D C:\Users\Adrien\AppData\Local\Packages 2018-06-06 14:26 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF 2018-06-06 08:39 - 2016-07-16 08:04 - 000786432 _____ C:\Windows\system32\config\BBI 2018-06-05 10:47 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\NDF 2018-06-05 10:22 - 2016-07-16 13:36 - 000000000 ____D C:\Windows\CbsTemp 2018-06-04 00:05 - 2017-10-17 10:12 - 000000000 ____D C:\Users\Adrien\AppData\Roaming\vlc 2018-06-03 18:41 - 2017-09-21 12:10 - 000000000 ____D C:\Users\Adrien\AppData\Local\CrashDumps 2018-05-31 19:38 - 2018-02-22 16:35 - 000000000 ____D C:\Windows\system32\Drivers\wd 2018-05-31 14:10 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\LiveKernelReports 2018-05-25 22:26 - 2017-09-22 21:15 - 000000000 ____D C:\Program Files\rempl 2018-05-18 18:40 - 2018-04-14 17:35 - 000000000 ____D C:\Users\Adrien\Documents\CV 2018-05-17 06:10 - 2017-04-13 19:05 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-05-14 20:55 - 2017-09-21 15:41 - 000000000 ____D C:\Users\Adrien\AppData\Local\NVIDIA 2018-05-14 11:40 - 2017-09-21 12:20 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3155280313-586542796-1692200818-1001 2018-05-14 11:39 - 2017-09-21 15:44 - 000002463 _____ C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-05-14 11:39 - 2017-09-21 15:44 - 000000000 ___RD C:\Users\Adrien\OneDrive ==================== Fichiers à la racine de certains dossiers ======= 2017-11-01 01:09 - 2018-03-26 20:27 - 000007590 _____ () C:\Users\Adrien\AppData\Local\Resmon.ResmonCfg Certains fichiers dans TEMP: ==================== 2017-09-21 11:49 - 2017-01-18 04:50 - 000066472 _____ (Autodesk, Inc.) C:\Users\Adrien\AppData\Local\Temp\AcDeltree.exe 2017-12-20 09:30 - 2017-12-20 10:15 - 003740764 _____ (Dynamo Revit ) C:\Users\Adrien\AppData\Local\Temp\DynamoInstall1.3.2.exe 2018-03-01 23:15 - 2018-03-01 23:20 - 000004096 _____ () C:\Users\Adrien\AppData\Local\Temp\iuyda023.dll 2018-02-27 23:02 - 2018-02-27 23:02 - 000004096 _____ () C:\Users\Adrien\AppData\Local\Temp\muordjpg.dll 2017-09-21 09:56 - 2017-09-21 09:56 - 042852456 _____ (SweetLabs,Inc.) C:\Users\Adrien\AppData\Local\Temp\octC7EF.tmp.exe 2018-05-30 11:04 - 2018-05-30 11:05 - 058834376 _____ (Skype Technologies S.A.) C:\Users\Adrien\AppData\Local\Temp\SkypeSetup.exe 2018-04-10 22:40 - 2018-04-10 22:40 - 000737280 ____N () C:\Users\Adrien\AppData\Local\Temp\sqlite-3.8.10.1-259429ff-0f10-410c-b8ef-4019c8fba4b3-sqlitejdbc.dll 2018-02-27 23:14 - 2018-02-27 23:14 - 000004096 _____ () C:\Users\Adrien\AppData\Local\Temp\urq5x2po.dll ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement ==================== BCD ================================ Gestionnaire de d�marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {9d67c686-20b8-11e7-9e30-806e6f6e6963} {9d67c682-20b8-11e7-9e30-806e6f6e6963} {9d67c680-20b8-11e7-9e30-806e6f6e6963} {9d67c681-20b8-11e7-9e30-806e6f6e6963} timeout 0 Gestionnaire de d�marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {b1fc1a8d-20b9-11e7-9e30-c85b76febfb8} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Application logicielle (101fffff) -------------------------------- identificateur {9d67c680-20b8-11e7-9e30-806e6f6e6963} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {9d67c681-20b8-11e7-9e30-806e6f6e6963} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {9d67c682-20b8-11e7-9e30-806e6f6e6963} description EFI Network Application logicielle (101fffff) -------------------------------- identificateur {9d67c683-20b8-11e7-9e30-806e6f6e6963} description EFI Network 0 for IPv4 (C8-5B-76-FE-BF-B8) Application logicielle (101fffff) -------------------------------- identificateur {9d67c684-20b8-11e7-9e30-806e6f6e6963} description EFI Network 0 for IPv6 (C8-5B-76-FE-BF-B8) Application logicielle (101fffff) -------------------------------- identificateur {9d67c685-20b8-11e7-9e30-806e6f6e6963} path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager Application logicielle (101fffff) -------------------------------- identificateur {9d67c686-20b8-11e7-9e30-806e6f6e6963} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager Chargeur de d�marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {bd4bc23e-2067-11e7-83d5-c85b76febfb8} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {b1fc1a8d-20b9-11e7-9e30-c85b76febfb8} nx OptIn bootmenupolicy Standard Chargeur de d�marrage Windows ----------------------------- identificateur {bd4bc23e-2067-11e7-83d5-c85b76febfb8} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{bd4bc23f-2067-11e7-83d5-c85b76febfb8} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{bd4bc23f-2067-11e7-83d5-c85b76febfb8} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre � partir de la mise en veille prolong�e ------------------------------------------------- identificateur {b1fc1a8d-20b9-11e7-9e30-c85b76febfb8} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {bd4bc23e-2067-11e7-83d5-c85b76febfb8} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m�moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m�moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Param�tres EMS -------------- identificateur {emssettings} bootems No Param�tres du d�bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m�moire RAM ---------------------- identificateur {badmemory} Param�tres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Param�tres du chargeur de d�marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Param�tres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Param�tres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options Ramdisk du programme d'installation ------------------------------------------- identificateur {ramdiskoptions} description Ramdisk options ramdisksdidevice boot ramdisksdipath \boot\boot.sdi Options de p�riph�rique ----------------------- identificateur {bd4bc23f-2067-11e7-83d5-c85b76febfb8} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2018-06-03 16:05 ==================== Fin de FRST.txt ============================