Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2017 03
Exécuté par GONCALVES (administrateur) sur GONCALVES-PC (13-11-2017 23:13:05)
Exécuté depuis C:\Users\GONCALVES\Downloads
Profils chargés: GONCALVES (Profils disponibles: GONCALVES)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSATray.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\GONCALVES\ZHPDiag3.exe
(Farbar) C:\Users\GONCALVES\Downloads\FRST64 (2).exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-08] (AVAST Software)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-07-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-21] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [132856 2017-05-18] (Intel)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3448324392-2039681343-3366029513-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170176 2017-04-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2017-04-20] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6A40075C-F292-43C9-A193-0C4E7022C354}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3448324392-2039681343-3366029513-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-3448324392-2039681343-3366029513-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-17] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-10-08] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-10-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-08] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-10-17] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26] (Oracle Corporation)
Toolbar: HKLM - Pas de nom - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Pas de fichier
DPF: HKLM-x32 {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} hxxp://sdb3d.leroymerlin.fr/leroymerlin_sdb_planner/Core/Player/2020PlayerAX_WEB_Win32.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: ngoncalves@porcelanosa.fr
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-11-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-11-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Pas de fichier]
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-20] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-3448324392-2039681343-3366029513-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\GONCALVES\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.netvibes.com/dashboard/1?#BON_PLAN
CHR StartupUrls: Default -> "hxxp://www.netvibes.com/dashboard/1?#BON_PLAN"
CHR Profile: C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\Default [2017-11-13]
CHR Extension: (AdBlock) - C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Chrome Media Router) - C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-30]
CHR Profile: C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\Guest Profile [2014-09-26]
CHR Profile: C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-08]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-08] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-08] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2017-10-04] (Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [21240 2017-05-18] (Intel)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-04-04] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-04-20] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [157456 2017-03-07] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-04-04] (Intel® Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [321032 2017-10-08] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-10-08] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-10-08] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-10-08] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47008 2017-10-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147776 2017-10-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-10-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-10-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1029872 2017-10-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [587168 2017-10-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [201352 2017-10-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [363440 2017-10-08] (AVAST Software)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-01] ()
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2016-09-09] (Sony Mobile Communications)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2014-04-06] (Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193464 2017-11-11] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-13] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2017-11-13] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-11-13] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-11-13] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-28] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [59448 2017-04-20] (NVIDIA Corporation)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 桛榘宛ᗿꅠ定p렕骢蕛뻀꒠宊䔏觰퐵ꃨ譛ᅫ�骨{⯖謇ࡏ圛⬄诈ే숛╸ѿ즅ὴェ僿牒HdsKe; C:\Windows\system32\drivers\桛榘宛ᗿꅠ定p렕骢蕛뻀꒠宊䔏觰퐵ꃨ譛ᅫ�骨{⯖謇ࡏ圛⬄诈ే숛╸ѿ즅ὴェ僿牒HdsKe.sys [105136 2017-09-08] (AVAST Software) [Fichier non signé]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-13 23:02 - 2017-11-13 23:13 - 000022945 _____ C:\Users\GONCALVES\Downloads\FRST.txt
2017-11-13 23:00 - 2017-11-13 23:01 - 002392576 _____ (Farbar) C:\Users\GONCALVES\Downloads\FRST64 (2).exe
2017-11-13 22:50 - 2017-11-13 22:50 - 002932096 _____ C:\Users\GONCALVES\ZHPDiag3.exe
2017-11-13 21:49 - 2017-11-13 21:49 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-12 20:42 - 2017-11-12 20:43 - 000000000 ____D C:\KVRT_Data
2017-11-12 20:03 - 2017-11-12 20:36 - 131547432 _____ (Kaspersky Lab ZAO) C:\Users\GONCALVES\Desktop\KVRT.exe
2017-11-11 16:53 - 2017-11-11 16:53 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\{F87AFB37-D076-4FF5-A298-F9AC99D0C49C}
2017-11-11 00:00 - 2017-11-13 22:24 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-11-11 00:00 - 2017-11-13 21:14 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-11 00:00 - 2017-11-13 21:14 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-11-11 00:00 - 2017-11-13 21:14 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-11-11 00:00 - 2017-11-11 00:00 - 000193464 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-11-10 23:59 - 2017-11-10 23:59 - 000001833 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-10 23:59 - 2017-11-10 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-10 23:59 - 2017-11-10 23:59 - 000000000 ____D C:\ProgramData\MB2Migration
2017-11-10 23:59 - 2017-11-10 23:59 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-10 23:59 - 2017-11-01 08:54 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-11-10 21:49 - 2017-11-10 21:49 - 000000846 _____ C:\Users\GONCALVES\Desktop\ZHPCleaner.lnk
2017-11-10 21:47 - 2017-11-10 21:47 - 002967936 _____ C:\Users\GONCALVES\Downloads\ZHPCleaner.exe
2017-11-08 23:13 - 2017-11-08 23:15 - 000016784 _____ C:\Users\GONCALVES\Downloads\Fixlog.txt
2017-11-08 23:12 - 2017-11-08 23:12 - 002403328 _____ (Farbar) C:\Users\GONCALVES\Downloads\FRST64 (1).exe
2017-11-08 21:41 - 2017-11-08 21:41 - 000045792 _____ C:\Users\GONCALVES\Downloads\Shortcut.txt
2017-11-08 21:40 - 2017-11-13 23:05 - 000065028 _____ C:\Users\GONCALVES\Downloads\Addition.txt
2017-11-08 21:37 - 2017-11-08 21:37 - 002403328 _____ (Farbar) C:\Users\GONCALVES\Downloads\FRST64.exe
2017-11-08 21:26 - 2017-11-08 21:28 - 000002238 _____ C:\WinChk.txt
2017-11-08 21:26 - 2017-11-08 21:26 - 000315000 _____ C:\Users\GONCALVES\Downloads\winchk_2.0.exe
2017-11-08 21:21 - 2017-11-08 21:21 - 000468480 _____ () C:\Users\GONCALVES\Downloads\CKScanner (3).exe
2017-11-08 21:19 - 2017-11-08 21:20 - 000468480 _____ () C:\Users\GONCALVES\Downloads\CKScanner (2).exe
2017-11-08 21:08 - 2017-11-08 21:08 - 000468480 _____ () C:\Users\GONCALVES\Downloads\CKScanner (1).exe
2017-11-08 20:36 - 2017-11-08 20:36 - 000468480 _____ () C:\Users\GONCALVES\Downloads\CKScanner.exe
2017-11-08 20:21 - 2017-11-13 22:50 - 000000683 _____ C:\Users\GONCALVES\Desktop\ZHPDiag.lnk
2017-11-08 20:20 - 2017-11-08 20:20 - 002925440 _____ C:\Users\GONCALVES\Downloads\ZHPDiag3.exe
2017-11-03 13:49 - 2017-11-03 13:49 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\TempOfficeC2R6CC807D7-E621-4455-AF85-0C9B70C57611
2017-10-31 19:23 - 2017-11-03 13:47 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
2017-10-21 10:48 - 2017-10-21 10:48 - 000000000 ____D C:\ProgramData\wsr
2017-10-21 10:41 - 2017-10-21 10:41 - 000000000 ____D C:\Users\GONCALVES\Documents\Wondershare
2017-10-21 09:37 - 2017-10-21 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-10-21 09:36 - 2017-10-21 10:51 - 000000000 ____D C:\ProgramData\Wondershare
2017-10-21 09:36 - 2015-02-27 09:35 - 000000232 _____ C:\Windows\SysWOW64\dllhost.exe.config
2017-10-20 22:36 - 2017-10-21 07:05 - 000000000 ____D C:\Program Files\Recuva
2017-10-20 22:33 - 2017-10-20 22:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2017-10-20 22:30 - 2017-10-20 22:30 - 000000000 ____D C:\Users\GONCALVES\AppData\Roaming\Apowersoft
2017-10-20 22:30 - 2017-10-20 22:30 - 000000000 ____D C:\Program Files (x86)\Apowersoft
2017-10-20 22:20 - 2017-10-20 22:20 - 000000000 ____D C:\Program Files\Samsung
2017-10-20 22:20 - 2016-01-08 09:51 - 000708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2017-10-20 22:17 - 2017-10-20 22:17 - 000000000 ____D C:\ProgramData\Samsung
2017-10-20 21:56 - 2017-10-20 21:56 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\Aiseesoft Studio
2017-10-20 21:56 - 2017-03-17 00:52 - 000213088 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-13 23:13 - 2016-12-20 18:51 - 000000000 ____D C:\FRST
2017-11-13 23:03 - 2009-07-14 05:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-13 23:03 - 2009-07-14 05:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-13 22:55 - 2015-02-01 18:19 - 000000000 ____D C:\Users\GONCALVES\AppData\Roaming\ZHP
2017-11-13 22:50 - 2012-07-15 18:47 - 000000000 ____D C:\Users\GONCALVES
2017-11-13 22:47 - 2013-03-18 22:08 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-13 22:47 - 2013-03-18 22:08 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-13 22:47 - 2013-03-18 22:08 - 000004486 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-13 22:47 - 2013-03-18 22:08 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-13 22:47 - 2011-10-19 05:25 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-13 21:45 - 2012-04-03 23:46 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-13 21:11 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-13 20:28 - 2012-07-15 18:48 - 000045056 _____ C:\Windows\SysWOW64\acovcnt.exe
2017-11-12 19:36 - 2012-12-02 18:59 - 000003968 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{36FEE801-2F1A-4D54-A5E6-83EDD20CE3F7}
2017-11-12 19:33 - 2011-02-19 05:29 - 000763154 _____ C:\Windows\system32\perfh00C.dat
2017-11-12 19:33 - 2011-02-19 05:29 - 000155606 _____ C:\Windows\system32\perfc00C.dat
2017-11-12 19:33 - 2009-07-14 06:13 - 001711776 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-12 19:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-12 19:28 - 2016-06-11 18:24 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\CrashDumps
2017-11-10 23:59 - 2015-02-01 20:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-10 20:24 - 2017-06-12 19:11 - 000000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2017-11-08 23:19 - 2015-04-09 20:53 - 000000000 ____D C:\ProgramData\McAfee
2017-11-08 23:18 - 2012-04-03 23:55 - 000002562 _____ C:\Windows\system32\ServiceFilter.ini
2017-11-08 23:17 - 2017-04-21 20:25 - 000000000 ____D C:\Program Files\Common Files\McAfee
2017-11-08 23:16 - 2017-04-17 19:23 - 000000000 ____D C:\Program Files\Common Files\Intel
2017-11-08 23:15 - 2012-07-23 19:34 - 000000000 ____D C:\Users\GONCALVES\AppData\LocalLow\Temp
2017-11-08 23:14 - 2015-12-03 22:49 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-11-08 23:08 - 2012-04-03 23:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-11-08 21:08 - 2016-12-23 20:55 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2017-11-08 20:36 - 2012-07-16 19:58 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-08 20:24 - 2017-08-01 23:02 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\ZHP
2017-11-08 20:19 - 2013-11-28 21:31 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\Adobe
2017-11-08 20:17 - 2017-04-21 20:11 - 000004662 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-31 19:23 - 2015-04-19 14:16 - 000000788 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-10-31 19:23 - 2013-08-31 10:37 - 000000000 ____D C:\Program Files\CCleaner
2017-10-26 19:53 - 2013-09-19 20:05 - 000000000 ____D C:\ProgramData\Oracle
2017-10-26 19:51 - 2014-08-24 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-26 19:51 - 2014-08-24 13:00 - 000000000 ____D C:\Program Files (x86)\Java
2017-10-26 17:46 - 2015-11-24 22:46 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-10-26 17:39 - 2012-07-16 19:36 - 001029872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-10-22 12:11 - 2009-07-14 05:45 - 000435984 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-21 19:47 - 2015-02-01 19:13 - 000000000 ____D C:\AdwCleaner
2017-10-21 13:47 - 2016-05-05 16:42 - 000000000 ____D C:\Program Files\PDFCreator
2017-10-21 10:51 - 2016-02-21 13:03 - 000000000 ____D C:\Program Files (x86)\Wondershare
2017-10-21 09:37 - 2016-02-21 13:03 - 000000000 ____D C:\Users\GONCALVES\AppData\Roaming\Wondershare
2017-10-21 09:37 - 2012-07-15 18:48 - 000112352 _____ C:\Users\GONCALVES\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-17 17:12 - 2016-07-29 21:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-17 17:03 - 2012-07-23 19:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-16 20:05 - 2012-07-21 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-10-15 13:12 - 2017-03-02 23:38 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
==================== Fichiers à la racine de certains dossiers =======
2013-07-28 20:38 - 2014-10-27 23:39 - 000000770 _____ () C:\Users\GONCALVES\AppData\Roaming\Rim.Desktop.Exception.log
2013-07-28 20:37 - 2015-06-21 08:15 - 000004042 _____ () C:\Users\GONCALVES\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-07-28 20:38 - 2014-10-27 23:39 - 000000770 _____ () C:\Users\GONCALVES\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-02-21 13:11 - 2016-02-21 13:12 - 029511952 _____ (Sony Mobile Communications ) C:\Users\GONCALVES\AppData\Local\pcc.exe
2015-07-13 18:58 - 2015-07-13 18:58 - 000000000 _____ () C:\Users\GONCALVES\AppData\Local\{7FC01CC9-F835-4F74-9867-46C8E5E0A20F}
2016-12-24 11:58 - 2016-12-24 11:58 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2011-10-19 05:26 - 2010-10-06 17:45 - 000131984 _____ () C:\ProgramData\FullRemove.exe
Fichiers à déplacer ou supprimer:
====================
C:\Users\GONCALVES\ZHPDiag3.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-11-10 20:56
==================== Fin de FRST.txt ============================
Exécuté par GONCALVES (administrateur) sur GONCALVES-PC (13-11-2017 23:13:05)
Exécuté depuis C:\Users\GONCALVES\Downloads
Profils chargés: GONCALVES (Profils disponibles: GONCALVES)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSATray.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\GONCALVES\ZHPDiag3.exe
(Farbar) C:\Users\GONCALVES\Downloads\FRST64 (2).exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-08] (AVAST Software)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-07-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-21] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [132856 2017-05-18] (Intel)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3448324392-2039681343-3366029513-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170176 2017-04-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2017-04-20] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6A40075C-F292-43C9-A193-0C4E7022C354}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3448324392-2039681343-3366029513-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-3448324392-2039681343-3366029513-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-17] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-10-08] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-10-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-08] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-10-17] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26] (Oracle Corporation)
Toolbar: HKLM - Pas de nom - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Pas de fichier
DPF: HKLM-x32 {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} hxxp://sdb3d.leroymerlin.fr/leroymerlin_sdb_planner/Core/Player/2020PlayerAX_WEB_Win32.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: ngoncalves@porcelanosa.fr
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-11-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-11-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Pas de fichier]
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-20] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-3448324392-2039681343-3366029513-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\GONCALVES\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.netvibes.com/dashboard/1?#BON_PLAN
CHR StartupUrls: Default -> "hxxp://www.netvibes.com/dashboard/1?#BON_PLAN"
CHR Profile: C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\Default [2017-11-13]
CHR Extension: (AdBlock) - C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Chrome Media Router) - C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-30]
CHR Profile: C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\Guest Profile [2014-09-26]
CHR Profile: C:\Users\GONCALVES\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-08]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-08] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-08] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2017-10-04] (Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [21240 2017-05-18] (Intel)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-04-04] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-04-20] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [157456 2017-03-07] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-04-04] (Intel® Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [321032 2017-10-08] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-10-08] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-10-08] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-10-08] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47008 2017-10-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147776 2017-10-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-10-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-10-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1029872 2017-10-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [587168 2017-10-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [201352 2017-10-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [363440 2017-10-08] (AVAST Software)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-01] ()
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2016-09-09] (Sony Mobile Communications)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2014-04-06] (Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193464 2017-11-11] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-13] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2017-11-13] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-11-13] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-11-13] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-28] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [59448 2017-04-20] (NVIDIA Corporation)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 桛榘宛ᗿꅠ定p렕骢蕛뻀꒠宊䔏觰퐵ꃨ譛ᅫ�骨{⯖謇ࡏ圛⬄诈ే숛╸ѿ즅ὴェ僿牒HdsKe; C:\Windows\system32\drivers\桛榘宛ᗿꅠ定p렕骢蕛뻀꒠宊䔏觰퐵ꃨ譛ᅫ�骨{⯖謇ࡏ圛⬄诈ే숛╸ѿ즅ὴェ僿牒HdsKe.sys [105136 2017-09-08] (AVAST Software) [Fichier non signé]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-13 23:02 - 2017-11-13 23:13 - 000022945 _____ C:\Users\GONCALVES\Downloads\FRST.txt
2017-11-13 23:00 - 2017-11-13 23:01 - 002392576 _____ (Farbar) C:\Users\GONCALVES\Downloads\FRST64 (2).exe
2017-11-13 22:50 - 2017-11-13 22:50 - 002932096 _____ C:\Users\GONCALVES\ZHPDiag3.exe
2017-11-13 21:49 - 2017-11-13 21:49 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-12 20:42 - 2017-11-12 20:43 - 000000000 ____D C:\KVRT_Data
2017-11-12 20:03 - 2017-11-12 20:36 - 131547432 _____ (Kaspersky Lab ZAO) C:\Users\GONCALVES\Desktop\KVRT.exe
2017-11-11 16:53 - 2017-11-11 16:53 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\{F87AFB37-D076-4FF5-A298-F9AC99D0C49C}
2017-11-11 00:00 - 2017-11-13 22:24 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-11-11 00:00 - 2017-11-13 21:14 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-11 00:00 - 2017-11-13 21:14 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-11-11 00:00 - 2017-11-13 21:14 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-11-11 00:00 - 2017-11-11 00:00 - 000193464 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-11-10 23:59 - 2017-11-10 23:59 - 000001833 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-10 23:59 - 2017-11-10 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-10 23:59 - 2017-11-10 23:59 - 000000000 ____D C:\ProgramData\MB2Migration
2017-11-10 23:59 - 2017-11-10 23:59 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-10 23:59 - 2017-11-01 08:54 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-11-10 21:49 - 2017-11-10 21:49 - 000000846 _____ C:\Users\GONCALVES\Desktop\ZHPCleaner.lnk
2017-11-10 21:47 - 2017-11-10 21:47 - 002967936 _____ C:\Users\GONCALVES\Downloads\ZHPCleaner.exe
2017-11-08 23:13 - 2017-11-08 23:15 - 000016784 _____ C:\Users\GONCALVES\Downloads\Fixlog.txt
2017-11-08 23:12 - 2017-11-08 23:12 - 002403328 _____ (Farbar) C:\Users\GONCALVES\Downloads\FRST64 (1).exe
2017-11-08 21:41 - 2017-11-08 21:41 - 000045792 _____ C:\Users\GONCALVES\Downloads\Shortcut.txt
2017-11-08 21:40 - 2017-11-13 23:05 - 000065028 _____ C:\Users\GONCALVES\Downloads\Addition.txt
2017-11-08 21:37 - 2017-11-08 21:37 - 002403328 _____ (Farbar) C:\Users\GONCALVES\Downloads\FRST64.exe
2017-11-08 21:26 - 2017-11-08 21:28 - 000002238 _____ C:\WinChk.txt
2017-11-08 21:26 - 2017-11-08 21:26 - 000315000 _____ C:\Users\GONCALVES\Downloads\winchk_2.0.exe
2017-11-08 21:21 - 2017-11-08 21:21 - 000468480 _____ () C:\Users\GONCALVES\Downloads\CKScanner (3).exe
2017-11-08 21:19 - 2017-11-08 21:20 - 000468480 _____ () C:\Users\GONCALVES\Downloads\CKScanner (2).exe
2017-11-08 21:08 - 2017-11-08 21:08 - 000468480 _____ () C:\Users\GONCALVES\Downloads\CKScanner (1).exe
2017-11-08 20:36 - 2017-11-08 20:36 - 000468480 _____ () C:\Users\GONCALVES\Downloads\CKScanner.exe
2017-11-08 20:21 - 2017-11-13 22:50 - 000000683 _____ C:\Users\GONCALVES\Desktop\ZHPDiag.lnk
2017-11-08 20:20 - 2017-11-08 20:20 - 002925440 _____ C:\Users\GONCALVES\Downloads\ZHPDiag3.exe
2017-11-03 13:49 - 2017-11-03 13:49 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\TempOfficeC2R6CC807D7-E621-4455-AF85-0C9B70C57611
2017-10-31 19:23 - 2017-11-03 13:47 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
2017-10-21 10:48 - 2017-10-21 10:48 - 000000000 ____D C:\ProgramData\wsr
2017-10-21 10:41 - 2017-10-21 10:41 - 000000000 ____D C:\Users\GONCALVES\Documents\Wondershare
2017-10-21 09:37 - 2017-10-21 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-10-21 09:36 - 2017-10-21 10:51 - 000000000 ____D C:\ProgramData\Wondershare
2017-10-21 09:36 - 2015-02-27 09:35 - 000000232 _____ C:\Windows\SysWOW64\dllhost.exe.config
2017-10-20 22:36 - 2017-10-21 07:05 - 000000000 ____D C:\Program Files\Recuva
2017-10-20 22:33 - 2017-10-20 22:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2017-10-20 22:30 - 2017-10-20 22:30 - 000000000 ____D C:\Users\GONCALVES\AppData\Roaming\Apowersoft
2017-10-20 22:30 - 2017-10-20 22:30 - 000000000 ____D C:\Program Files (x86)\Apowersoft
2017-10-20 22:20 - 2017-10-20 22:20 - 000000000 ____D C:\Program Files\Samsung
2017-10-20 22:20 - 2016-01-08 09:51 - 000708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2017-10-20 22:17 - 2017-10-20 22:17 - 000000000 ____D C:\ProgramData\Samsung
2017-10-20 21:56 - 2017-10-20 21:56 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\Aiseesoft Studio
2017-10-20 21:56 - 2017-03-17 00:52 - 000213088 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-13 23:13 - 2016-12-20 18:51 - 000000000 ____D C:\FRST
2017-11-13 23:03 - 2009-07-14 05:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-13 23:03 - 2009-07-14 05:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-13 22:55 - 2015-02-01 18:19 - 000000000 ____D C:\Users\GONCALVES\AppData\Roaming\ZHP
2017-11-13 22:50 - 2012-07-15 18:47 - 000000000 ____D C:\Users\GONCALVES
2017-11-13 22:47 - 2013-03-18 22:08 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-13 22:47 - 2013-03-18 22:08 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-13 22:47 - 2013-03-18 22:08 - 000004486 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-13 22:47 - 2013-03-18 22:08 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-13 22:47 - 2011-10-19 05:25 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-13 21:45 - 2012-04-03 23:46 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-13 21:11 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-13 20:28 - 2012-07-15 18:48 - 000045056 _____ C:\Windows\SysWOW64\acovcnt.exe
2017-11-12 19:36 - 2012-12-02 18:59 - 000003968 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{36FEE801-2F1A-4D54-A5E6-83EDD20CE3F7}
2017-11-12 19:33 - 2011-02-19 05:29 - 000763154 _____ C:\Windows\system32\perfh00C.dat
2017-11-12 19:33 - 2011-02-19 05:29 - 000155606 _____ C:\Windows\system32\perfc00C.dat
2017-11-12 19:33 - 2009-07-14 06:13 - 001711776 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-12 19:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-12 19:28 - 2016-06-11 18:24 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\CrashDumps
2017-11-10 23:59 - 2015-02-01 20:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-10 20:24 - 2017-06-12 19:11 - 000000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2017-11-08 23:19 - 2015-04-09 20:53 - 000000000 ____D C:\ProgramData\McAfee
2017-11-08 23:18 - 2012-04-03 23:55 - 000002562 _____ C:\Windows\system32\ServiceFilter.ini
2017-11-08 23:17 - 2017-04-21 20:25 - 000000000 ____D C:\Program Files\Common Files\McAfee
2017-11-08 23:16 - 2017-04-17 19:23 - 000000000 ____D C:\Program Files\Common Files\Intel
2017-11-08 23:15 - 2012-07-23 19:34 - 000000000 ____D C:\Users\GONCALVES\AppData\LocalLow\Temp
2017-11-08 23:14 - 2015-12-03 22:49 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-11-08 23:08 - 2012-04-03 23:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-11-08 21:08 - 2016-12-23 20:55 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2017-11-08 20:36 - 2012-07-16 19:58 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-08 20:24 - 2017-08-01 23:02 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\ZHP
2017-11-08 20:19 - 2013-11-28 21:31 - 000000000 ____D C:\Users\GONCALVES\AppData\Local\Adobe
2017-11-08 20:17 - 2017-04-21 20:11 - 000004662 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-31 19:23 - 2015-04-19 14:16 - 000000788 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-10-31 19:23 - 2013-08-31 10:37 - 000000000 ____D C:\Program Files\CCleaner
2017-10-26 19:53 - 2013-09-19 20:05 - 000000000 ____D C:\ProgramData\Oracle
2017-10-26 19:51 - 2014-08-24 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-26 19:51 - 2014-08-24 13:00 - 000000000 ____D C:\Program Files (x86)\Java
2017-10-26 17:46 - 2015-11-24 22:46 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-10-26 17:39 - 2012-07-16 19:36 - 001029872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-10-22 12:11 - 2009-07-14 05:45 - 000435984 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-21 19:47 - 2015-02-01 19:13 - 000000000 ____D C:\AdwCleaner
2017-10-21 13:47 - 2016-05-05 16:42 - 000000000 ____D C:\Program Files\PDFCreator
2017-10-21 10:51 - 2016-02-21 13:03 - 000000000 ____D C:\Program Files (x86)\Wondershare
2017-10-21 09:37 - 2016-02-21 13:03 - 000000000 ____D C:\Users\GONCALVES\AppData\Roaming\Wondershare
2017-10-21 09:37 - 2012-07-15 18:48 - 000112352 _____ C:\Users\GONCALVES\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-17 17:12 - 2016-07-29 21:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-17 17:03 - 2012-07-23 19:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-16 20:05 - 2012-07-21 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-10-15 13:12 - 2017-03-02 23:38 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
==================== Fichiers à la racine de certains dossiers =======
2013-07-28 20:38 - 2014-10-27 23:39 - 000000770 _____ () C:\Users\GONCALVES\AppData\Roaming\Rim.Desktop.Exception.log
2013-07-28 20:37 - 2015-06-21 08:15 - 000004042 _____ () C:\Users\GONCALVES\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-07-28 20:38 - 2014-10-27 23:39 - 000000770 _____ () C:\Users\GONCALVES\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-02-21 13:11 - 2016-02-21 13:12 - 029511952 _____ (Sony Mobile Communications ) C:\Users\GONCALVES\AppData\Local\pcc.exe
2015-07-13 18:58 - 2015-07-13 18:58 - 000000000 _____ () C:\Users\GONCALVES\AppData\Local\{7FC01CC9-F835-4F74-9867-46C8E5E0A20F}
2016-12-24 11:58 - 2016-12-24 11:58 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2011-10-19 05:26 - 2010-10-06 17:45 - 000131984 _____ () C:\ProgramData\FullRemove.exe
Fichiers à déplacer ou supprimer:
====================
C:\Users\GONCALVES\ZHPDiag3.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-11-10 20:56
==================== Fin de FRST.txt ============================