Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05.2019 01 Exécuté par Mr_GT (administrateur) sur DESKTOP-RUT1CQG (16-05-2019 00:14:58) Exécuté depuis C:\Users\Mr_GT\Desktop Profils chargés: Mr_GT & postgres (Profils disponibles: Mr_GT & postgres) Platform: Windows 10 Pro Version 1803 17134.706 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe () [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> ) C:\Program Files\Common Files\ATI Technologies\DSEManager.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atiesrxx.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6700\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) D:\Jeux\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) D:\Jeux\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) D:\Jeux\Battle.net\Battle.net.exe (Discord Inc. -> Discord Inc.) C:\Users\Mr_GT\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\Mr_GT\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\Mr_GT\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\Mr_GT\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\Mr_GT\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\Mr_GT\AppData\Local\Discord\app-0.0.305\Discord.exe (Electronic Arts, Inc. -> ) D:\Jeux\Origin\QtWebEngineProcess.exe (Electronic Arts, Inc. -> ) D:\Jeux\Origin\QtWebEngineProcess.exe (Electronic Arts, Inc. -> Electronic Arts) D:\Jeux\Origin\Origin.exe (Electronic Arts, Inc. -> Electronic Arts) D:\Jeux\Origin\OriginWebHelperService.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Mr_GT\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Corporation) [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\internet explorer\ielowutil.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmcompute.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmms.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.580_none_ead976921d8220dc\TiWorker.exe (PostgreSQL Global Development Group) [Fichier non signé] C:\postgreSQL\bin\pg_ctl.exe (PostgreSQL Global Development Group) [Fichier non signé] C:\postgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [Fichier non signé] C:\postgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [Fichier non signé] C:\postgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [Fichier non signé] C:\postgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [Fichier non signé] C:\postgreSQL\bin\postgres.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (TeamViewer GmbH -> TeamViewer GmbH) D:\Logiciels\TeamViewer\TeamViewer_Service.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) D:\Jeux\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Jeux\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Jeux\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Jeux\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Jeux\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Jeux\Steam\Steam.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2018-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-02-26] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3351771493-749409139-3151566472-1001\...\Run: [Discord] => C:\Users\Mr_GT\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3351771493-749409139-3151566472-1001\...\Run: [HoldemManager.Server] => C:\Users\Mr_GT\AppData\Roaming\Max Value Software\Holdem Manager\3.0\HoldemManager.Server.lnk [533 2018-03-04] () [Fichier non signé] HKU\S-1-5-21-3351771493-749409139-3151566472-1001\...\Run: [Steam] => D:\Jeux\Steam\steam.exe [3152160 2019-04-30] (Valve -> Valve Corporation) HKU\S-1-5-21-3351771493-749409139-3151566472-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646696 2019-04-25] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3351771493-749409139-3151566472-1001\...\Run: [Battle.net] => D:\Jeux\Battle.net\Battle.net.exe [1098728 2019-05-06] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) HKU\S-1-5-21-3351771493-749409139-3151566472-1001\...\Run: [EADM] => D:\Jeux\Origin\Origin.exe [3114256 2019-04-22] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-3351771493-749409139-3151566472-1001\...\MountPoints2: {11ce41f0-e0e4-11e7-a902-704d7b2cee38} - "G:\setup.exe" HKU\S-1-5-21-3351771493-749409139-3151566472-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Fichier non signé] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-03] (Google LLC -> Google Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Button Manager.lnk [2017-12-19] ShortcutTarget: HP Button Manager.lnk -> D:\Logiciels\HP Webcam\HP Webcam HD 2300 Software\BM.exe (Pas de fichier) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2017-12-14] ShortcutTarget: ROCCAT Swarm Monitor.lnk -> D:\Logiciels\Roccat Suora\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (Pas de fichier) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0B0AC2AC-A6E8-4B8C-BC75-98281425C152} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [462288 2018-11-15] (Bitdefender SRL -> Bitdefender) Task: {100EA919-9BE9-413A-A17A-80E98E4F7552} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {17E31FC2-F87C-4E6F-82CB-A34B88C469B7} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe Task: {2758EE25-B867-42F2-A845-41FD12E55C1B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe Task: {28D0AB7A-EB0A-4271-A66A-1B58A097B5F8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-05] (AVAST Software s.r.o. -> AVAST Software) Task: {547A376A-71B1-4471-A609-85B1D3800849} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2017-12-14] (Google Inc -> Google Inc.) Task: {5CC25D6B-71CA-4272-8ED3-E94F8380B8AD} - System32\Tasks\ROCCAT DEVICE SERVICE => D:\Logiciels\Roccat Suora\ROCCAT Swarm\ROCCAT_dev_service.exe Task: {6AF28147-E9A7-4E2C-BCE0-D47DB35B2A21} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {6F864C85-C1EB-48D6-9A5A-08230E3CA277} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {882A052F-0BEE-45AE-A37F-A446FC6753C9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-03-19] (Advanced Micro Devices, Inc.) [Fichier non signé] Task: {8C8D0A53-399E-4119-94CC-C35888775CDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2017-12-14] (Google Inc -> Google Inc.) Task: {9510ECE9-DDAD-4D0A-82EC-8E77C6910B81} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2018-05-02] () [Fichier non signé] Task: {956BDCC2-6773-4BA3-8CA3-2F229732250F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-03-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {98F0A7B3-AB0A-49E3-932F-574FD2322798} - System32\Tasks\CCleanerSkipUAC => D:\Logiciels\Ccleaner\CCleaner.exe Task: {FD94A456-B27A-4492-8FAF-BF0DA6A85F31} - System32\Tasks\CCleaner Update => D:\Logiciels\Ccleaner\CCUpdate.exe Task: {FEF504F6-A478-4B18-A492-9DBD57E35F4F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-03-19] (Advanced Micro Devices, Inc.) [Fichier non signé] (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{36c782bc-b08a-4b7d-81b2-0c7d35f22b2e}: [DhcpNameServer] 89.2.0.1 89.2.0.2 Internet Explorer: ================== HKU\S-1-5-21-3351771493-749409139-3151566472-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__190412__yaie SearchScopes: HKU\S-1-5-21-3351771493-749409139-3151566472-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-13] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2016-03-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: y355bifu.default FF ProfilePath: C:\Users\Mr_GT\AppData\Roaming\Mozilla\Firefox\Profiles\y355bifu.default [2019-04-25] FF Extension: (Avast Online Security) - C:\Users\Mr_GT\AppData\Roaming\Mozilla\Firefox\Profiles\y355bifu.default\Extensions\wrc@avast.com.xpi [2018-06-29] FF Extension: (Flash and Video Download) - C:\Users\Mr_GT\AppData\Roaming\Mozilla\Firefox\Profiles\y355bifu.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-05-18] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-12-14] [Legacy] FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\Logiciels\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-03-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> D:\Logiciels\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> D:\Logiciels\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-02-26] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR Session Restore: Default -> est activé. CHR Profile: C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default [2019-05-16] CHR Extension: (Slides) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-14] CHR Extension: (Docs) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-14] CHR Extension: (Google Drive) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-14] CHR Extension: (MEGA) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2019-05-09] CHR Extension: (YouTube) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-14] CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-20] CHR Extension: (Pushbullet) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2019-02-28] CHR Extension: (Tampermonkey) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-05-14] CHR Extension: (Adobe Acrobat) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-16] CHR Extension: (Sheets) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-14] CHR Extension: (Google Docs hors connexion) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23] CHR Extension: (AdBlock) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-02] CHR Extension: (Avast Online Security) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29] CHR Extension: (Video Downloader professional) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpaglkhbmbmhlnpnehlffkgaaapoicnk [2019-03-29] CHR Extension: (Linkclump) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2019-04-20] CHR Extension: (Video DownloadHelper) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-08-23] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05] CHR Extension: (Gmail) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25] CHR Extension: (Chrome Media Router) - C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-03] CHR Profile: C:\Users\Mr_GT\AppData\Local\Google\Chrome\User Data\System Profile [2019-04-25] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atiesrxx.exe [509048 2019-03-20] (Advanced Micro Devices, Inc. -> AMD) R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2195280 2019-04-22] (Bitdefender SRL -> Bitdefender) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-03-26] (BattlEye Innovations e.K. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-06-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 HgClientService; C:\WINDOWS\system32\hgclientservice.dll [141824 2018-04-12] (Microsoft Windows -> Microsoft Corporation) R3 hns; C:\WINDOWS\System32\HostNetSvc.dll [1741312 2019-02-16] (Microsoft Windows -> Microsoft Corporation) R3 nvagent; C:\WINDOWS\System32\NvAgent.dll [31232 2018-04-12] (Microsoft Windows -> Microsoft Corporation) S3 Origin Client Service; D:\Jeux\Origin\OriginClientService.exe [2303792 2019-04-22] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; D:\Jeux\Origin\OriginWebHelperService.exe [3175216 2019-04-22] (Electronic Arts, Inc. -> Electronic Arts) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1293936 2018-11-15] (Bitdefender SRL -> Bitdefender) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; D:\Logiciels\TeamViewer\TeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH) R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [246688 2019-04-22] (Bitdefender SRL -> Bitdefender) R3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [3014144 2018-12-08] (Microsoft Windows -> Microsoft Corporation) R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [341136 2019-04-22] (Bitdefender SRL -> Bitdefender) R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [246688 2019-04-22] (Bitdefender SRL -> Bitdefender) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-10] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-01-10] (Microsoft Corporation -> Microsoft Corporation) R2 postgresql-8.4; "c:\postgreSQL\bin\pg_ctl.exe" runservice -N "postgresql-8.4" -D "c:/postgreSQL/data" -w [X] <==== ATTENTION ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [66888 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atikmdag.sys [52884592 2019-03-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0340461.inf_amd64_2d68f98a8fb13eb0\B340443\atikmpag.sys [590968 2019-03-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103240 2019-03-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> ) R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1534688 2019-04-22] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [395728 2019-05-06] (Bitdefender SRL -> Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-04-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-12-14] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-12-14] (Disc Soft Ltd -> Disc Soft Ltd) R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [298488 2019-04-26] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [374632 2018-11-19] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [188384 2019-04-26] (Bitdefender SRL -> BitDefender LLC) R3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [26624 2018-04-12] (Microsoft Windows -> Microsoft Corporation) R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S4 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e7b3660b4830c245\nvlddmkm.sys [20424640 2018-12-17] (NVIDIA Corporation -> NVIDIA Corporation) S3 pcip; C:\WINDOWS\System32\drivers\pcip.sys [47616 2018-04-12] (Microsoft Windows -> Microsoft Corporation) S3 ramparser; C:\WINDOWS\System32\drivers\ramparser.sys [31744 2018-04-12] (Microsoft Windows -> Microsoft Corporation) R1 RsProxy; C:\Windows\system32\drivers\RsProxy.sys [15976 2017-12-19] (Realtek Semiconductor Corp -> ) R3 Synth3dVsp; C:\WINDOWS\System32\drivers\synth3dvsp.sys [103936 2018-04-12] (Microsoft Windows -> Microsoft Corporation) R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [610640 2019-01-14] (Bitdefender SRL -> Bitdefender) S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation) R1 VfpExt; C:\WINDOWS\System32\drivers\vfpext.sys [1248256 2018-11-07] (Microsoft Windows -> Microsoft Corporation) R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [36768 2018-04-12] (Microsoft Windows -> Microsoft Corporation) R3 VMSNPXYMP; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [36768 2018-04-12] (Microsoft Windows -> Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-01-10] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-10] (Microsoft Windows -> Microsoft Corporation) S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare Technology Co.,Ltd -> Wondershare) S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X] S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation) NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation) NETSVC: HgClientService -> C:\Windows\system32\hgclientservice.dll (Microsoft Corporation) ==================== Un mois (créés) ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-05-16 00:14 - 2019-05-16 00:17 - 000034582 _____ C:\Users\Mr_GT\Desktop\FRST.txt 2019-05-16 00:11 - 2019-05-16 00:11 - 000003112 _____ C:\WINDOWS\System32\Tasks\AMDLinkUpdate 2019-05-16 00:11 - 2019-05-16 00:11 - 000000000 ___HD C:\OneDriveTemp 2019-05-14 16:58 - 2019-05-14 16:58 - 000000000 ____D C:\AdwCleaner 2019-05-14 16:56 - 2019-05-16 00:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC 2019-05-14 16:55 - 2019-05-14 16:55 - 000000000 ____D C:\Users\Mr_GT\AppData\LocalLow\AMD 2019-05-14 16:32 - 2019-05-14 16:32 - 000000877 _____ C:\Users\Mr_GT\Desktop\ZHPCleaner.lnk 2019-05-12 16:04 - 2019-05-16 00:14 - 002434560 _____ (Farbar) C:\Users\Mr_GT\Desktop\FRST64.exe 2019-05-12 16:04 - 2019-05-16 00:14 - 000000000 ____D C:\FRST 2019-05-12 15:54 - 2019-05-14 17:09 - 000000000 ____D C:\Users\Mr_GT\AppData\Roaming\ZHP 2019-05-12 15:54 - 2019-05-14 16:32 - 000000000 ____D C:\Users\Mr_GT\AppData\Local\ZHP 2019-05-12 15:54 - 2019-05-14 16:23 - 000000865 _____ C:\Users\Mr_GT\Desktop\ZHPDiag.lnk 2019-05-12 15:33 - 2019-05-12 15:33 - 002155158 _____ C:\Users\Mr_GT\Desktop\Feuille de soin IRM.pdf 2019-05-10 20:24 - 2019-05-10 20:24 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3351771493-749409139-3151566472-1001 2019-05-10 20:24 - 2019-05-10 20:24 - 000002401 _____ C:\Users\Mr_GT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-05-07 12:42 - 2019-05-07 12:42 - 000000000 ____H C:\Users\Mr_GT\Desktop\~WRL0005.tmp 2019-05-06 20:44 - 2019-05-06 20:44 - 000395728 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys 2019-05-03 12:32 - 2019-05-03 12:32 - 000001387 _____ C:\Users\Public\Desktop\Skype.lnk 2019-04-30 18:00 - 2019-04-30 18:00 - 000496693 _____ C:\Users\Mr_GT\Desktop\facture ostéo.pdf 2019-04-30 15:11 - 2019-04-30 15:11 - 001215355 _____ C:\Users\Mr_GT\Desktop\copie arret de travail.pdf 2019-04-26 14:39 - 2019-04-26 14:39 - 000298488 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys 2019-04-26 14:39 - 2019-04-26 14:39 - 000188384 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys 2019-04-22 13:32 - 2019-04-22 13:32 - 001534688 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys 2019-04-22 13:32 - 2019-04-22 13:32 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys 2019-04-19 00:38 - 2019-02-13 07:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll ==================== Un mois (modifiés) ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-05-16 00:16 - 2019-03-12 02:10 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free 2019-05-16 00:15 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-05-16 00:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-05-16 00:15 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-05-16 00:14 - 2018-10-23 01:26 - 000004176 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A16C129F-8F0E-47B4-A61D-784367458F40} 2019-05-16 00:12 - 2018-03-13 22:06 - 000000000 ____D C:\ProgramData\Origin 2019-05-16 00:12 - 2017-12-14 22:08 - 000000000 ____D C:\Users\Mr_GT\AppData\Local\Battle.net 2019-05-16 00:11 - 2018-05-17 15:05 - 000003588 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-05-16 00:11 - 2018-05-17 15:05 - 000003464 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2019-05-16 00:11 - 2017-12-14 17:56 - 000000000 ____D C:\Users\Mr_GT\AppData\Local\CrashDumps 2019-05-16 00:11 - 2017-12-14 17:22 - 000000000 ___RD C:\Users\Mr_GT\OneDrive 2019-05-15 02:04 - 2018-05-17 14:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-05-15 02:04 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-05-14 17:56 - 2018-07-06 08:55 - 000000000 ____D C:\Users\Mr_GT\AppData\Local\D3DSCache 2019-05-14 17:48 - 2019-04-07 17:40 - 000021581 _____ C:\Users\Mr_GT\Desktop\Compta-2-1-Enregistré-automatiquement.xlsx 2019-05-14 17:05 - 2018-05-17 15:08 - 001766594 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-05-14 17:05 - 2018-04-12 18:19 - 000789954 _____ C:\WINDOWS\system32\perfh00C.dat 2019-05-14 17:05 - 2018-04-12 18:19 - 000149486 _____ C:\WINDOWS\system32\perfc00C.dat 2019-05-14 17:05 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF 2019-05-14 16:59 - 2018-05-17 15:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-05-14 16:59 - 2018-01-16 01:55 - 000000446 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2019-05-14 16:58 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-05-14 16:56 - 2018-04-11 23:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2019-05-12 16:59 - 2017-12-14 22:23 - 000000000 ____D C:\Users\Mr_GT\AppData\Roaming\uTorrent 2019-05-12 16:57 - 2017-12-17 22:53 - 000000000 ____D C:\Users\Mr_GT\AppData\Roaming\vlc 2019-05-11 22:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-05-11 22:03 - 2019-01-23 02:59 - 000000000 ____D C:\Users\Mr_GT\AppData\Roaming\Origin 2019-05-11 16:01 - 2019-01-26 17:38 - 000000000 ____D C:\Program Files (x86)\Origin Games 2019-05-10 15:19 - 2018-01-07 00:50 - 000000000 ____D C:\Users\Mr_GT\AppData\Roaming\discord 2019-05-08 12:07 - 2018-05-11 09:49 - 000000000 ____D C:\Users\Mr_GT\Desktop\Ventes 2019-05-07 20:21 - 2017-12-14 17:15 - 000000000 ____D C:\Users\Mr_GT\AppData\Roaming\Adobe 2019-05-07 20:20 - 2017-12-14 17:16 - 000000000 ____D C:\Users\Mr_GT\AppData\Local\Adobe 2019-05-03 12:35 - 2019-03-07 16:55 - 000000694 _____ C:\Users\Public\Desktop\Battlefield™ V.lnk 2019-05-03 12:32 - 2019-03-07 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-05-03 00:36 - 2017-12-14 17:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-05-03 00:36 - 2017-12-14 17:22 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-05-01 21:03 - 2018-01-16 01:50 - 000000000 ____D C:\Users\Mr_GT\AppData\Local\Packages 2019-04-25 22:45 - 2018-01-21 21:19 - 000000000 ____D C:\Users\Mr_GT\AppData\Roaming\TeamViewer 2019-04-25 22:45 - 2017-12-15 19:12 - 000000000 ____D C:\Users\Mr_GT\AppData\Roaming\MPC-HC 2019-04-23 20:12 - 2017-12-14 22:08 - 000000000 ____D C:\Users\Mr_GT\AppData\Local\Blizzard Entertainment 2019-04-23 20:12 - 2017-12-14 22:06 - 000000000 ____D C:\Users\Mr_GT\AppData\Local\Blizzard 2019-04-22 19:46 - 2017-12-23 22:19 - 000000000 ____D C:\Users\Mr_GT\AppData\Roaming\TS3Client 2019-04-17 23:11 - 2018-08-28 00:06 - 000000000 ____D C:\Users\Mr_GT\AppData\Local\ElevatedDiagnostics ==================== Fichiers à la racine de certains dossiers ======= 2018-03-04 03:28 - 2018-03-04 03:28 - 000003384 _____ () C:\Users\Mr_GT\AppData\Roaming\Microsoft\83b968be-efe4-4a91-894a-ec489147e1aa 2019-03-05 14:23 - 2019-03-05 14:23 - 000000000 ____H () C:\Users\Mr_GT\AppData\Local\BITCD3F.tmp 2019-03-05 14:23 - 2019-03-05 14:23 - 000000000 _____ () C:\Users\Mr_GT\AppData\Local\{3DF96896-912A-4CDC-9DF4-4BE9A8A28414} ==================== SigCheck =============================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ============================