Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 02-08-2020 Exécuté par Clément (administrateur) sur ALLEZ-PC (MSI MS-7752) (03-08-2020 04:22:24) Exécuté depuis C:\Users\Clément\Desktop Profils chargés: Clément Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Creative Technology Ltd) [Fichier non signé] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe (TP-Link Technologies Co., Ltd) [Fichier non signé] C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Cm106Sound] => C:\Windows\Syswow64\cm106.dll [8151040 2009-10-20] (C-Media Corporation) [Fichier non signé] HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-1248366773-1233429331-2783768635-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1248366773-1233429331-2783768635-1000\...\Run: [WPSTool] => C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe [1891840 2018-01-30] (TP-Link Technologies Co., Ltd) [Fichier non signé] HKU\S-1-5-21-1248366773-1233429331-2783768635-1000\...\MountPoints2: {0b2fe4d1-ea2d-11e2-a181-001bfc690ccf} - J:\AutoRun.exe HKU\S-1-5-21-1248366773-1233429331-2783768635-1000\...\MountPoints2: {0b2fe4d6-ea2d-11e2-a181-001bfc690ccf} - J:\AutoRun.exe HKU\S-1-5-21-1248366773-1233429331-2783768635-1000\...\MountPoints2: {aa1862c7-9ce0-11e5-b031-001bfc690ccf} - K:\setup.exe HKU\S-1-5-21-1248366773-1233429331-2783768635-1000\...\MountPoints2: {d8827e86-3965-11e7-a34d-001bfc690ccf} - K:\AutoRun.exe HKU\S-1-5-21-1248366773-1233429331-2783768635-1000\...\MountPoints2: {eb60b970-10d0-11e4-8ade-001bfc690ccf} - J:\Startme.exe HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: c:\windows\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: c:\windows\system32\CNMN6PPM.DLL [359936 2012-03-28] (CANON INC.) [Fichier non signé] HKLM\...\Print\Monitors\MPE3 Port: c:\windows\system32\mpelocalmon.dll [26112 2018-05-14] (Copyright (c) Code Industry Ltd) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) GroupPolicy: Restriction ? <==== ATTENTION FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {021D550C-CF37-4148-BACC-E0993E74ACE3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_pepper.exe [1471032 2020-07-15] (Adobe Inc. -> Adobe) Task: {0B9CAE39-2B65-44A7-8F15-B8592D4693E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {205BB412-F2E8-4619-8359-CB0EF22D04C2} - System32\Tasks\SpeedFan\SpeedFan => C:\Program Files (x86)\SpeedFan\speedfan.exe [8166536 2016-06-29] (SOKNO S.R.L. -> ) Task: {25374A5C-E74C-45EF-9715-A316FB9A6CE8} - System32\Tasks\{8F05B717-996A-45CF-AAF0-0A1AC9891E85} => C:\Program Files (x86)\Mumble\mumble.exe Task: {302248E9-1AD1-47F7-BE16-086A74CAE513} - System32\Tasks\{35D25D8E-A05D-4ECC-BD7F-B6F0C48A03C5} => C:\Program Files (x86)\Mumble\mumble.exe Task: {36CD85FC-CA05-4C7F-8F13-17D17319796D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.) Task: {39161740-2B6F-4D6F-ABC5-EC7C3A3375FF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {3C15DD2A-D1A0-455C-BD26-2644A7170137} - System32\Tasks\Opera scheduled Autoupdate 1481831367 => C:\Program Files (x86)\Opera\launcher.exe [1326104 2020-07-27] (Opera Software AS -> Opera Software) Task: {4403B923-3B0B-4F1F-B445-D66BCFE8EE2A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {45392773-BE15-4A85-9C9B-D81733D56CD9} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy Task: {56E769B8-C423-4AC2-A7DD-6232CE72E59F} - System32\Tasks\{A8E0B689-C653-4220-9677-8C6469836AB6} => C:\Program Files (x86)\Mumble\mumble.exe Task: {5D1A3DB2-FC4A-47B5-9DBC-1E5A45F15044} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe Task: {627D128F-391E-4749-AD6F-BBD23475FFDC} - System32\Tasks\Opera scheduled assistant Autoupdate 1579868561 => C:\Program Files (x86)\Opera\launcher.exe [1326104 2020-07-27] (Opera Software AS -> Opera Software) Task: {77BDBF1A-BE51-43C3-AB6E-C68EC35A9500} - System32\Tasks\AdobeAAMUpdater-1.0-ALLEZ-PC-Clément => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {7CCA2781-212A-4AC5-A5F2-39199A061F87} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-14] (Adobe Inc. -> Adobe) Task: {8D20AB71-F784-4492-AF98-36D370C1A35E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe) Task: {AD134BCE-C332-4C36-A9DD-380AE9A367F0} - System32\Tasks\steamwebhelper_killer => TASKKILL [Argument = /F /IM steamwebhelper.exe /T] Task: {B89709BD-2524-42E5-A768-31331317843C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {B95BFB92-C62A-4C8B-8024-60B1CE5CEB26} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software) Task: {C77C8556-0A41-4167-8924-5DC60D39871B} - System32\Tasks\{48AF08DD-490D-4414-8D3F-70561BBF1AC0} => C:\Windows\system32\pcalua.exe -a "C:\Users\Clément\Les setup\RivaTuner setup.exe" -d "C:\Users\Clément\Les setup" Task: {D16984DF-58D6-4217-B97C-CD46CD746195} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {D36F1574-DE10-4140-A13D-C061EC7477BA} - System32\Tasks\{C62FC41A-F797-4BB3-A002-8125064FC548} => C:\Windows\system32\pcalua.exe -a K:\vcredist_x64.exe -d K:\ Task: {E456D242-FDA1-43CB-9F83-8FCE06FC8548} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {E5B1EC1E-9F8E-4A48-82A9-1341176C578C} - System32\Tasks\{E6B39D84-3B09-44D3-8045-109418635438} => C:\Program Files (x86)\Mumble\mumble.exe Task: {ECF13840-91C1-4D45-930F-B1F5FD0DF4FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {EF551389-2118-4B7A-9FB9-5EA96F4F7E4A} - System32\Tasks\{4C0BA853-676D-4F59-A82A-D09C56685B0D} => C:\Program Files (x86)\Mumble\mumble.exe (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4 Tcpip\..\Interfaces\{240D6450-1FDA-45CB-9E24-1F424CBEABBE}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{331451F4-E983-46A9-92DD-D43FA2ACBB33}: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{57EC6DF9-BD35-4924-9064-C2E1DE62DA2E}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{69FD336E-E86C-4060-8CB0-F779E5AB8D71}: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{ACA45C59-7F47-498B-A32C-0AB22A9454AF}: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{D248A4CD-7D72-4364-A178-771AC3486F14}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{E2E29DA4-6CCC-445F-ADCF-D039D0E93F24}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1248366773-1233429331-2783768635-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKU\S-1-5-21-1248366773-1233429331-2783768635-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-1248366773-1233429331-2783768635-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-1248366773-1233429331-2783768635-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-11] (Oracle America, Inc. -> Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-11] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: 4q74iciz.default-1441467007897-1504546026864 FF ProfilePath: C:\Users\Clément\AppData\Roaming\Mozilla\Firefox\Profiles\2omv9468.Test [2020-04-20] FF Homepage: Mozilla\Firefox\Profiles\2omv9468.Test -> hxxps://www.malwarebytes.org/restorebrowser/ FF SearchPlugin: C:\Users\Clément\AppData\Roaming\Mozilla\Firefox\Profiles\2omv9468.Test\searchplugins\bing-lavasoft-ff59.xml [2019-05-28] FF ProfilePath: C:\Users\Clément\AppData\Roaming\Mozilla\Firefox\Profiles\4q74iciz.default-1441467007897-1504546026864 [2020-08-03] FF NetworkProxy: Mozilla\Firefox\Profiles\4q74iciz.default-1441467007897-1504546026864 -> type", 0 FF Session Restore: Mozilla\Firefox\Profiles\4q74iciz.default-1441467007897-1504546026864 -> est activé. FF Notifications: Mozilla\Firefox\Profiles\4q74iciz.default-1441467007897-1504546026864 -> hxxps://daibusee.com; hxxps://www3a.bethanyharrell.pro; hxxps://www1p.sherwoodsutton.pro; hxxps://www2p.bethanyharrell.pro FF Extension: (uBlock Origin) - C:\Users\Clément\AppData\Roaming\Mozilla\Firefox\Profiles\4q74iciz.default-1441467007897-1504546026864\Extensions\uBlock0@raymondhill.net.xpi [2020-02-05] FF Extension: (Avast Online Security) - C:\Users\Clément\AppData\Roaming\Mozilla\Firefox\Profiles\4q74iciz.default-1441467007897-1504546026864\Extensions\wrc@avast.com.xpi [2020-06-18] FF Extension: (Dark theme for Firefox) - C:\Users\Clément\AppData\Roaming\Mozilla\Firefox\Profiles\4q74iciz.default-1441467007897-1504546026864\Extensions\{1afaee19-8dde-4b0e-8c84-f46ca0f02f06}.xpi [2019-09-14] FF Extension: (Unseen) - C:\Users\Clément\AppData\Roaming\Mozilla\Firefox\Profiles\4q74iciz.default-1441467007897-1504546026864\Extensions\{230ed5ec-936c-4ad1-b3d4-e2bb251bd1c3}.xpi [2017-10-09] FF Extension: (Boomerang for Gmail) - C:\Users\Clément\AppData\Roaming\Mozilla\Firefox\Profiles\4q74iciz.default-1441467007897-1504546026864\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2018-02-13] [UpdateUrl:hxxps://www.boomeranggmail.com/firefox/updates.json] FF Extension: (Greasemonkey) - C:\Users\Clément\AppData\Roaming\Mozilla\Firefox\Profiles\4q74iciz.default-1441467007897-1504546026864\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-03-16] FF SearchPlugin: C:\Users\Clément\AppData\Roaming\Mozilla\Firefox\Profiles\4q74iciz.default-1441467007897-1504546026864\searchplugins\bing-lavasoft-ff59.xml [2019-05-28] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2018-03-24] [] [non signé] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-11] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-11] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) [Fichier non signé] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> ) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-10-05] (Apple Inc. -> ) FF Plugin-x32: @cambridgesoft.com/Chem3D,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\Chem3D\npChem3DPlugin.dll [2010-08-05] (CambridgeSoft Corporation -> CambridgeSoft Corp.) FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\ChemDraw\npcdp32.dll [2010-08-05] (CambridgeSoft Corporation -> CambridgeSoft Corp.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Pas de fichier] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1248366773-1233429331-2783768635-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Clément\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-28] (Unity Technologies SF -> Unity Technologies ApS) Chrome: ======= CHR HKU\S-1-5-21-1248366773-1233429331-2783768635-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\Clément\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2020-08-03] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-27] (BattlEye Innovations e.K. -> ) S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2019-04-11] (Creative Labs) [Fichier non signé] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Fichier non signé] S4 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-10] (Malwarebytes Inc -> Malwarebytes) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [230176 2020-02-13] (Wondershare Technology Co.,Ltd -> Wondershare) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare) S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 a016bus; C:\Windows\system32\drivers\a016bus.sys [109096 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 a016mgmt; C:\Windows\system32\drivers\a016mgmt.sys [130600 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 a016obex; C:\Windows\system32\drivers\a016obex.sys [125480 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [120416 2017-03-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [31576 2020-04-24] (DEV47 APPS -> Dev47Apps) R3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [33112 2020-04-24] (DEV47 APPS -> Windows (R) Win 7 DDK provider) S3 dtlitescsibus; C:\Windows\system32\drivers\dtlitescsibus.sys [30264 2015-11-21] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\system32\drivers\dtliteusbbus.sys [47160 2015-11-21] (Disc Soft Ltd -> Disc Soft Ltd) S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Microsoft Windows -> Intel Corporation) S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2010-08-12] (Turtle Entertainment GmbH -> Turtle Entertainment GmbH) S3 gdrv; C:\Windows\gdrv.sys [26792 2018-04-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S3 ggsomc; C:\Windows\system32\drivers\ggsomc.sys [30424 2014-07-21] (Sony Mobile Communications AB -> Sony Mobile Communications) S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [50088 2017-02-08] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.) S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (ManyCam LLC -> Visicom Media Inc.) S3 netr7364; C:\Windows\System32\DRIVERS\netr7364.sys [626176 2009-05-24] (Ralink Technology, Corp.) [Fichier non signé] R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [41576 2016-02-19] (iolo technologies, LLC -> EldoS Corporation) R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [4628712 2017-12-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) S3 s0016bus; C:\Windows\system32\drivers\s0016bus.sys [115240 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016mgmt; C:\Windows\system32\drivers\s0016mgmt.sys [137256 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016obex; C:\Windows\system32\drivers\s0016obex.sys [136744 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016unic; C:\Windows\system32\drivers\s0016unic.sys [151592 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0017bus; C:\Windows\system32\drivers\s0017bus.sys [113704 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0017mgmt; C:\Windows\system32\drivers\s0017mgmt.sys [133160 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0017obex; C:\Windows\system32\drivers\s0017obex.sys [128552 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0017unic; C:\Windows\system32\drivers\s0017unic.sys [145960 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1018bus; C:\Windows\system32\drivers\s1018bus.sys [113704 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1018mgmt; C:\Windows\system32\drivers\s1018mgmt.sys [133160 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1018obex; C:\Windows\system32\drivers\s1018obex.sys [128552 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1018unic; C:\Windows\system32\drivers\s1018unic.sys [146472 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1029bus; C:\Windows\system32\drivers\s1029bus.sys [116264 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1029mgmt; C:\Windows\system32\drivers\s1029mgmt.sys [139304 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1029obex; C:\Windows\system32\drivers\s1029obex.sys [135208 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1029unic; C:\Windows\system32\drivers\s1029unic.sys [151592 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1039bus; C:\Windows\system32\drivers\s1039bus.sys [127600 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1039mgmt; C:\Windows\system32\drivers\s1039mgmt.sys [141424 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1039obex; C:\Windows\system32\drivers\s1039obex.sys [137328 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1039unic; C:\Windows\system32\drivers\s1039unic.sys [158320 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s916bus; C:\Windows\system32\drivers\s916bus.sys [108072 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s916mgmt; C:\Windows\system32\drivers\s916mgmt.sys [130088 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s916obex; C:\Windows\system32\drivers\s916obex.sys [124968 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 se3ebus; C:\Windows\system32\drivers\se3ebus.sys [107784 2007-04-10] (MCCI Corporation -> MCCI Corporation) S3 se3emgmt; C:\Windows\system32\drivers\se3emgmt.sys [126216 2007-04-10] (MCCI Corporation -> MCCI Corporation) S3 se3eobex; C:\Windows\system32\drivers\se3eobex.sys [123144 2007-04-10] (MCCI Corporation -> MCCI Corporation) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [393880 2018-02-04] (Disc Soft Ltd -> Duplex Secure Ltd.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [213088 2017-03-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [31232 2011-12-15] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-10-01] (Microsoft Windows Hardware Compatibility Publisher -> C-Media Electronics Inc) R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [35696 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider) S3 dbx; system32\DRIVERS\dbx.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S2 WinRing0_1_2_0; \??\C:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\WinRing0\WinRing0x64.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-08-03 04:22 - 2020-08-03 04:24 - 000034245 _____ C:\Users\Clément\Desktop\FRST.txt 2020-08-03 04:21 - 2020-08-03 04:23 - 000000000 ____D C:\FRST 2020-08-03 04:21 - 2020-08-03 04:21 - 002295808 _____ (Farbar) C:\Users\Clément\Desktop\FRST64.exe 2020-08-03 01:37 - 2020-08-03 01:38 - 000000000 ____D C:\Windows\LastGood 2020-08-03 01:36 - 2020-07-08 05:44 - 001682368 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2020-08-03 01:36 - 2020-07-08 05:44 - 000222112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2020-08-03 01:36 - 2020-07-08 05:44 - 000039824 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2020-08-03 01:36 - 2020-07-07 18:34 - 034741648 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll 2020-08-03 01:36 - 2020-07-07 18:34 - 007977192 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler64.dll 2020-08-03 01:36 - 2020-07-07 18:34 - 007090920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler32.dll 2020-08-03 01:36 - 2020-07-07 18:34 - 001780944 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2020-08-03 01:36 - 2020-07-07 18:34 - 001780944 _____ C:\Windows\system32\vulkaninfo.exe 2020-08-03 01:36 - 2020-07-07 18:34 - 001371344 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-08-03 01:36 - 2020-07-07 18:34 - 001371344 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2020-08-03 01:36 - 2020-07-07 18:34 - 001086672 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2020-08-03 01:36 - 2020-07-07 18:34 - 001086672 _____ C:\Windows\system32\vulkan-1.dll 2020-08-03 01:36 - 2020-07-07 18:34 - 000946384 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2020-08-03 01:36 - 2020-07-07 18:34 - 000946384 _____ C:\Windows\SysWOW64\vulkan-1.dll 2020-08-03 01:36 - 2020-07-07 18:34 - 000449256 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2020-08-03 01:36 - 2020-07-07 18:34 - 000346344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2020-08-03 01:36 - 2020-07-07 18:33 - 123286248 _____ (NVIDIA Corporation) C:\Windows\system32\nvoptix.dll 2020-08-03 01:36 - 2020-07-07 18:33 - 041648016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2020-08-03 01:36 - 2020-07-07 18:33 - 035518352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll 2020-08-03 01:36 - 2020-07-07 18:33 - 031032208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2020-08-03 01:36 - 2020-07-07 18:33 - 030256016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll 2020-08-03 01:36 - 2020-07-07 18:33 - 000166800 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2020-08-03 01:36 - 2020-07-07 18:33 - 000143592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 024188648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2020-08-03 01:36 - 2020-07-07 18:32 - 002075880 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 001722088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6445167.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 001568656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 001486224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 001482984 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6445167.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 001146256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 000669416 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 000555920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 000427408 _____ C:\Windows\system32\nvofapi64.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 000378256 _____ C:\Windows\SysWOW64\nvofapi.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 000182160 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2020-08-03 01:36 - 2020-07-07 18:32 - 000159120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2020-08-03 01:36 - 2020-07-07 18:31 - 040572312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler64.dll 2020-08-03 01:36 - 2020-07-07 18:31 - 035438832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler32.dll 2020-08-03 01:36 - 2020-07-07 18:31 - 020025744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2020-08-03 01:36 - 2020-07-07 18:31 - 017355504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2020-08-03 01:36 - 2020-07-07 18:31 - 006241680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2020-08-03 01:36 - 2020-07-07 18:31 - 005584784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2020-08-03 01:36 - 2020-07-07 18:31 - 000672152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll 2020-08-03 01:36 - 2020-07-07 18:28 - 038307672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2020-08-03 01:36 - 2020-07-07 18:28 - 020697672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2020-08-03 01:36 - 2020-07-06 01:07 - 000000671 _____ C:\Windows\SysWOW64\nv-vk32.json 2020-08-03 01:36 - 2020-07-06 01:07 - 000000671 _____ C:\Windows\system32\nv-vk64.json 2020-08-03 01:32 - 2020-08-03 01:33 - 492569816 _____ (NVIDIA Corporation) C:\Users\Clément\Downloads\451.67-desktop-win8-win7-64bit-international-whql.exe 2020-08-03 00:40 - 2020-08-03 00:51 - 000000000 ____D C:\Users\Clément\Documents\Trackmania2020 2020-08-03 00:29 - 2020-08-03 00:29 - 000000234 _____ C:\Users\Clément\Desktop\Trackmania.url 2020-08-02 23:07 - 2020-08-02 23:07 - 000000042 _____ C:\Windows\SysWOW64\guid.dat 2020-08-02 23:03 - 2020-08-02 23:03 - 000262144 _____ C:\Windows\Minidump\080220-31761-01.dmp 2020-08-02 16:17 - 2020-08-02 16:17 - 000000000 ____D C:\Users\Clément\Downloads\Revo Uninstaller Pro 4.3.1 + Crack 2020-08-02 16:17 - 2020-08-02 16:17 - 000000000 ____D C:\Users\Clément\AppData\Local\VS Revo Group 2020-08-02 16:17 - 2020-08-02 16:17 - 000000000 ____D C:\ProgramData\VS Revo Group 2020-08-02 16:17 - 2020-08-02 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2020-08-02 16:17 - 2020-08-02 16:17 - 000000000 ____D C:\Program Files\VS Revo Group 2020-08-02 16:17 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys 2020-07-28 23:29 - 2020-07-28 23:33 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-07-28 04:23 - 2020-07-28 04:23 - 005275022 _____ C:\Users\Clément\Downloads\La Bourse pour les Nuls.pdf 2020-07-28 04:23 - 2020-07-28 04:23 - 001277604 _____ C:\Users\Clément\Downloads\Epargnant 3.0 (French Edition).pdf 2020-07-25 15:36 - 2020-07-25 15:40 - 000000000 ____D C:\Windows\system32\Tasks\SpeedFan 2020-07-22 14:38 - 2020-07-22 14:38 - 000000000 ____D C:\Program Files (x86)\Mestrelab Research S.L 2020-07-22 14:32 - 2020-07-22 14:34 - 433646721 _____ C:\Users\Clément\Downloads\Mestrelab-Research-Mnova-14.1.1-Build-24571_ShareAppsCrack.com.rar 2020-07-14 22:16 - 2020-07-15 18:27 - 008774200 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2020-07-11 19:31 - 2020-07-11 19:31 - 000540502 _____ C:\Users\Clément\Documents\AdopteUnMec.com _ Le site de rencontre qui donne le pouvoir aux femmes_1.pdf ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-08-03 03:39 - 2018-04-13 23:18 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2020-08-03 03:00 - 2015-09-07 17:20 - 000007607 _____ C:\Users\Clément\AppData\Local\Resmon.ResmonCfg 2020-08-03 02:54 - 2020-07-02 18:36 - 000000000 ____D C:\Users\Clément\AppData\Local\Ubisoft Game Launcher 2020-08-03 02:00 - 2014-08-19 16:46 - 000000000 ____D C:\Users\Clément\AppData\Local\Adobe 2020-08-03 01:44 - 2017-09-13 15:21 - 000000000 ____D C:\Users\Clément\Documents\TrackMania 2020-08-03 01:39 - 2018-04-13 23:20 - 000000000 ____D C:\ProgramData\NVIDIA 2020-08-03 01:39 - 2018-04-13 23:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2020-08-03 01:39 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2020-08-03 01:38 - 2018-05-06 16:04 - 000000000 ____D C:\Users\Clément\AppData\Local\NVIDIA 2020-08-03 01:38 - 2015-06-15 01:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2020-08-03 01:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Help 2020-08-03 00:43 - 2011-07-22 14:28 - 000000000 ____D C:\Users\Clément 2020-08-03 00:28 - 2014-05-26 15:29 - 000000000 ____D C:\Program Files (x86)\Steam 2020-08-03 00:26 - 2011-09-12 00:44 - 000000000 ____D C:\Users\Clément\AppData\Roaming\vlc 2020-08-03 00:02 - 2016-12-09 19:08 - 000000000 ____D C:\Program Files\Defraggler 2020-08-02 23:47 - 2011-07-22 15:22 - 000000000 ___RD C:\Users\Clément\Logiciels 2020-08-02 23:36 - 2011-07-23 17:41 - 000000000 ____D C:\Users\Clément\AppData\Local\ElevatedDiagnostics 2020-08-02 23:35 - 2009-07-14 06:45 - 000020112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-08-02 23:35 - 2009-07-14 06:45 - 000020112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-08-02 23:31 - 2016-11-17 23:31 - 000000000 ____D C:\Users\Clément\AppData\LocalLow\Mozilla 2020-08-02 23:28 - 2018-03-09 22:03 - 000000000 ____D C:\Program Files (x86)\SpeedFan 2020-08-02 23:27 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-08-02 23:26 - 2020-03-25 03:35 - 000000153 _____ C:\config.ini 2020-08-02 23:26 - 2019-08-30 23:12 - 000005167 _____ C:\Users\Clément\Desktop\LE FICHIER DU PC.txt 2020-08-02 23:26 - 2019-04-12 21:27 - 000062212 _____ C:\Windows\system32\BMXStateBkp-{00000002-00000000-00000000-00001102-0000000B-00411102}.rfx 2020-08-02 23:26 - 2019-04-12 21:27 - 000062212 _____ C:\Windows\system32\BMXState-{00000002-00000000-00000000-00001102-0000000B-00411102}.rfx 2020-08-02 23:26 - 2019-04-12 21:27 - 000000820 _____ C:\Windows\system32\DVCState-{00000002-00000000-00000000-00001102-0000000B-00411102}.rfx 2020-08-02 23:26 - 2015-12-20 00:53 - 000000000 ____D C:\Users\Clément\AppData\Roaming\uTorrent 2020-08-02 23:09 - 2011-08-19 03:19 - 000000000 ____D C:\Windows\pss 2020-08-02 23:03 - 2020-07-02 21:04 - 788824015 _____ C:\Windows\MEMORY.DMP 2020-08-02 23:03 - 2011-08-14 21:30 - 000000000 ____D C:\Windows\Minidump 2020-08-02 16:42 - 2011-07-27 19:49 - 011296768 ___SH C:\Users\Clément\Thumbs.db 2020-08-02 16:21 - 2015-04-15 01:49 - 000000000 ____D C:\Users\Clément\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D16 Group 2020-08-02 02:11 - 2011-07-23 00:31 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-08-01 14:59 - 2016-12-15 21:48 - 000000000 ____D C:\Program Files (x86)\Opera 2020-07-31 14:29 - 2016-12-15 21:50 - 000003872 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1481831367 2020-07-31 04:10 - 2017-09-13 15:18 - 000000000 ____D C:\Users\Clément\Documents\ManiaPlanet 2020-07-31 03:45 - 2011-07-22 15:20 - 000000000 ___RD C:\Users\Clément\Desktop\Fichiers texte 2020-07-31 03:02 - 2011-11-09 23:17 - 000000000 ____D C:\ProgramData\ManiaPlanet 2020-07-30 04:31 - 2011-07-22 15:20 - 000595610 _____ C:\Users\Clément\Desktop\blocnot.txt 2020-07-30 04:11 - 2019-10-04 16:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2020-07-30 04:11 - 2019-10-04 16:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData 2020-07-29 14:32 - 2017-09-04 19:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-07-28 13:40 - 2020-01-24 14:22 - 000004050 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1579868561 2020-07-27 22:39 - 2009-07-14 17:24 - 000750446 _____ C:\Windows\system32\perfh00C.dat 2020-07-27 22:39 - 2009-07-14 17:24 - 000151204 _____ C:\Windows\system32\perfc00C.dat 2020-07-27 22:39 - 2009-07-14 07:13 - 001677690 _____ C:\Windows\system32\PerfStringBackup.INI 2020-07-26 00:07 - 2018-03-09 19:46 - 000000000 ____D C:\Users\Clément\AppData\Local\CrashDumps 2020-07-25 20:42 - 2017-07-08 02:28 - 000000000 ____D C:\Users\Clément\Desktop\Mountain of kek 2020-07-15 18:27 - 2017-03-11 15:56 - 000004484 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2020-07-15 18:27 - 2016-12-15 21:55 - 000004626 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-07-15 18:27 - 2012-05-01 17:36 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2020-07-15 18:27 - 2011-11-14 17:25 - 000000000 ____D C:\Windows\system32\Macromed 2020-07-15 18:27 - 2011-07-23 00:31 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2020-07-14 23:16 - 2018-03-13 18:16 - 000004638 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-07-09 21:04 - 2020-07-02 18:42 - 000000000 ____D C:\ProgramData\Trackmania 2020-07-07 18:34 - 2018-11-18 21:45 - 000503184 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2020-07-07 18:34 - 2018-11-18 21:45 - 000420240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2020-07-07 18:28 - 2018-11-18 21:45 - 043292136 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2020-07-07 18:28 - 2018-11-18 21:45 - 024845248 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2020-07-07 18:28 - 2018-11-18 21:45 - 005310872 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2020-07-07 18:28 - 2018-11-18 21:45 - 004626608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2020-07-07 18:20 - 2015-06-11 20:20 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-07-06 01:07 - 2018-11-18 21:45 - 000054543 _____ C:\Windows\system32\nvinfo.pb 2020-07-05 21:12 - 2018-11-18 21:47 - 005492712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2020-07-05 21:12 - 2018-11-18 21:47 - 002633528 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2020-07-05 21:12 - 2018-11-18 21:47 - 001760232 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2020-07-05 21:12 - 2018-11-18 21:47 - 000991032 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2020-07-05 21:12 - 2018-11-18 21:47 - 000195560 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2020-07-05 21:12 - 2018-11-18 21:47 - 000121144 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2020-07-05 21:12 - 2018-11-18 21:47 - 000084456 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2020-07-05 13:42 - 2020-03-29 20:45 - 000000000 ____D C:\Users\Clément\AppData\Roaming\Zoom ==================== Fichiers à la racine de certains dossiers ======== 2012-04-22 21:19 - 2012-07-03 16:41 - 000168864 _____ () C:\Program Files\Common Files\WireHelpSvc.exe 2012-03-14 22:21 - 2018-02-03 15:53 - 000011833 _____ () C:\Users\Clément\AppData\Roaming\PStrip.bak 2012-03-14 22:21 - 2018-02-03 01:47 - 000011716 _____ () C:\Users\Clément\AppData\Roaming\PStrip.bk! 2012-03-14 22:23 - 2018-02-03 01:16 - 000011841 _____ () C:\Users\Clément\AppData\Roaming\PStrip.bko 2012-03-14 21:42 - 2018-02-03 21:37 - 000011833 _____ () C:\Users\Clément\AppData\Roaming\PStrip.ini 2011-12-15 06:01 - 2011-12-15 06:01 - 000000008 _____ () C:\Users\Clément\AppData\Roaming\vptel802hgjkd3ri.dat 2019-11-11 20:04 - 2019-11-11 20:05 - 000001456 _____ () C:\Users\Clément\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2020-04-09 04:51 - 2020-04-09 04:51 - 000001485 _____ () C:\Users\Clément\AppData\Local\recently-used.xbel 2015-09-07 17:20 - 2020-08-03 03:00 - 000007607 _____ () C:\Users\Clément\AppData\Local\Resmon.ResmonCfg 2014-01-31 22:38 - 2014-01-29 21:11 - 000171299 _____ () C:\Users\Clément\AppData\Local\Tempskull.ico 2020-03-03 19:29 - 2020-03-03 19:29 - 000000000 _____ () C:\Users\Clément\AppData\Local\{1E16B9F4-8478-475E-A051-63D70284617A} ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2020-07-27 14:02 ==================== Fin de FRST.txt ========================