Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 10-08-2019
Exécuté par Rocco (administrateur) sur ROCCO-PC (MSI MS-7996) (10-08-2019 19:56:02)
Exécuté depuis C:\Users\Rocco\Desktop
Profils chargés: Rocco (Profils disponibles: Rocco)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Discord Inc. -> Discord Inc.) C:\Users\Rocco\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Rocco\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Rocco\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Rocco\AppData\Local\Discord\app-0.0.305\Discord.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Accelerated Storage Manager -> Intel Corporation) C:\Program Files\Intel\Intel Accelerated Storage Manager\iasm.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Rapid Storage Technology enterprise -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology enterprise -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2018-08-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [289840 2018-08-30] (Intel(R) Rapid Storage Technology enterprise -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299520 2017-05-11] (Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1614688416-1402819682-2870659479-1000\...\Run: [Discord] => C:\Users\Rocco\AppData\Local\Discord\app-0.0.301\Discord.exe
HKU\S-1-5-21-1614688416-1402819682-2870659479-1000\...\Run: [GoogleChromeAutoLaunch_B9126BD5D3AC076B525DEE5C4AF27FEF] => "C:\Users\Rocco\AppData\Local\chromium\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-1614688416-1402819682-2870659479-1000\...\Run: [Chromium] => "c:\users\rocco\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-1614688416-1402819682-2870659479-1000\...\MountPoints2: {9cc48f3f-a830-11e8-9082-309c23870a4c} - G:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-10] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1614688416-1402819682-2870659479-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {11EAACBA-8275-407D-9C3F-1186E21F2ED8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-10] (Google Inc -> Google LLC)
Task: {476BA1C7-7728-4FF8-A704-4086ED530ECC} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {8942C046-BC98-43E7-88BB-6C966ACE0D10} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {961D02B7-64AA-43C8-B457-279368996F40} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFE76E4D-F95E-4875-B392-C4D5ECF95EC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-10] (Google Inc -> Google LLC)
Task: {D0AC7181-69D9-43C0-9F1B-9EAA008DC036} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [5626 2010-05-21] () [Fichier non signé]
Task: {D17DEE68-BDF5-4749-9DED-EBDF8002E5F2} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [5663 2010-05-21] () [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{E7654347-C232-47A0-819F-B624314E1D14}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{E7654347-C232-47A0-819F-B624314E1D14}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-10] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-10] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Profile: C:\Users\Rocco\AppData\Local\Google\Chrome\User Data\Default [2019-08-10]
CHR Extension: (uBlock Origin) - C:\Users\Rocco\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-07-26]
CHR Extension: (I don't care about cookies) - C:\Users\Rocco\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2019-07-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Rocco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-14]
CHR Extension: (Chrome Media Router) - C:\Users\Rocco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-08]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [483808 2018-08-14] (ICEpower a/s -> ICEpower a/s)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 IntelASMService; C:\Program Files\Intel\Intel Accelerated Storage Manager\iasm.exe [4217912 2018-08-30] (Intel(R) Accelerated Storage Manager -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2017-02-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [34416 2017-06-20] (Anvsoft Inc. -> AnvSoft Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R0 iaStorE; C:\Windows\System32\DRIVERS\iaStorE.sys [1050968 2018-08-30] (Intel Corporation -> Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [38744 2018-08-30] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [249000 2019-02-26] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [10368 2009-09-16] () [Fichier non signé]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-08-10 19:56 - 2019-08-10 19:56 - 000016802 _____ C:\Users\Rocco\Desktop\FRST.txt
2019-08-10 19:55 - 2019-08-10 19:56 - 000000000 ____D C:\FRST
2019-08-10 19:55 - 2019-08-10 19:55 - 002097664 _____ (Farbar) C:\Users\Rocco\Desktop\FRST64.exe
2019-08-10 18:24 - 2019-08-10 18:24 - 000003502 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-10 18:24 - 2019-08-10 18:24 - 000003374 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-10 18:24 - 2019-08-10 18:24 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-10 18:24 - 2019-08-10 18:24 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-10 18:13 - 2019-08-10 18:22 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-08-10 18:13 - 2019-08-10 18:22 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-08-10 18:13 - 2019-08-10 18:22 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-08-10 18:09 - 2019-08-10 18:22 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-08-10 18:09 - 2019-08-10 18:22 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-08-10 18:09 - 2019-08-10 18:09 - 000001903 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-10 18:09 - 2019-08-10 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-10 18:09 - 2019-08-10 18:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-10 18:09 - 2019-08-10 18:09 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-10 18:09 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-08-10 18:07 - 2019-08-10 18:07 - 000425304 _____ (Secure By Design Inc.) C:\Users\Rocco\Downloads\Ninite Malwarebytes Installer.exe
2019-08-10 18:07 - 2019-08-10 18:07 - 000425304 _____ (Secure By Design Inc.) C:\Users\Rocco\Downloads\Ninite Chrome Installer.exe
2019-08-09 18:24 - 2019-08-09 18:25 - 000001124 _____ C:\Users\Rocco\Desktop\GW2TacO.exe.lnk
2019-08-09 18:24 - 2019-08-09 18:24 - 000000000 ____D C:\Program Files (x86)\TacO ReActif FR Full
2019-08-07 19:49 - 2019-08-07 19:50 - 000000000 ____D C:\Users\Rocco\Downloads\TacO ReActif FR Full
2019-08-07 19:38 - 2019-08-07 19:39 - 032497305 _____ C:\Users\Rocco\Downloads\TacO ReActif FR Full.zip
2019-07-24 22:33 - 2019-07-24 22:33 - 000000000 ____D C:\Users\Rocco\AppData\Local\ElevatedDiagnostics
2019-07-18 21:46 - 2019-07-18 21:46 - 000631343 _____ C:\Users\Rocco\Downloads\Marquee a vie - Emelie Schepp.epub
2019-07-18 21:43 - 2019-07-18 21:43 - 000322405 _____ C:\Users\Rocco\Downloads\Harlan Coben - Double Piège - Ebook-Gratuit.co.epub
2019-07-18 21:35 - 2019-07-18 21:35 - 000000000 ____D C:\Users\Rocco\Downloads\ob_cac4ad_codex-d-alera-t01-02-epub
2019-07-18 21:31 - 2019-07-18 21:31 - 000542924 _____ C:\Users\Rocco\Downloads\Série Hier encore, 2 tomes - Julie de Lestrange.rar
2019-07-18 21:31 - 2019-07-18 21:31 - 000000000 ____D C:\Users\Rocco\Downloads\Série Hier encore, 2 tomes - Julie de Lestrange
2019-07-16 19:05 - 2019-07-16 19:05 - 000035140 _____ C:\Users\Rocco\Downloads\sfr-facture-0.pdf
==================== Un mois (modifiés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-08-10 18:50 - 2011-04-12 11:16 - 000711954 _____ C:\Windows\system32\perfh00C.dat
2019-08-10 18:50 - 2011-04-12 11:16 - 000142616 _____ C:\Windows\system32\perfc00C.dat
2019-08-10 18:50 - 2009-07-14 07:13 - 001582214 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-10 18:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-08-10 18:24 - 2018-08-14 20:15 - 000000000 ____D C:\Program Files (x86)\Google
2019-08-10 18:21 - 2019-05-30 09:27 - 000000000 ____D C:\Users\Rocco\AppData\Roaming\ZHP
2019-08-10 18:21 - 2009-07-14 06:45 - 000043520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-10 18:21 - 2009-07-14 06:45 - 000043520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-10 18:13 - 2018-08-14 20:49 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-10 18:13 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-10 18:12 - 2018-11-18 11:32 - 000000000 ____D C:\Users\Rocco\AppData\Roaming\Windows_Activator
2019-08-10 17:46 - 2018-08-14 23:16 - 000000000 ____D C:\Users\Rocco\AppData\Roaming\discord
2019-08-07 19:33 - 2009-07-14 07:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-08-03 20:57 - 2019-05-01 11:46 - 000000000 ____D C:\Program Files\MyDefrag v4.3.1
2019-08-03 13:36 - 2018-08-14 23:13 - 000000000 ____D C:\Program Files (x86)\Steam
2019-08-03 08:33 - 2019-06-03 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TacO ReActif
2019-07-19 21:39 - 2018-10-20 14:50 - 000000000 ____D C:\Users\Rocco\AppData\Roaming\vlc
2019-07-16 21:16 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-07-15 20:36 - 2019-01-04 07:56 - 000000000 ____D C:\Users\Rocco\AppData\Local\CrashDumps
==================== Fichiers à la racine de certains dossiers ================
2019-06-10 10:01 - 2019-06-10 10:01 - 003148672 _____ (Nicolas Coolman) C:\Users\Rocco\ZHPCleaner.exe
2018-09-04 17:58 - 2018-09-14 14:58 - 000000235 _____ () C:\Users\Rocco\AppData\Roaming\WB.CFG
2018-12-15 20:33 - 2018-12-15 20:33 - 000007631 _____ () C:\Users\Rocco\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2019-08-03 12:59
==================== Fin de FRST.txt ============================
Exécuté par Rocco (administrateur) sur ROCCO-PC (MSI MS-7996) (10-08-2019 19:56:02)
Exécuté depuis C:\Users\Rocco\Desktop
Profils chargés: Rocco (Profils disponibles: Rocco)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Discord Inc. -> Discord Inc.) C:\Users\Rocco\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Rocco\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Rocco\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Rocco\AppData\Local\Discord\app-0.0.305\Discord.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Accelerated Storage Manager -> Intel Corporation) C:\Program Files\Intel\Intel Accelerated Storage Manager\iasm.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Rapid Storage Technology enterprise -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology enterprise -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2018-08-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [289840 2018-08-30] (Intel(R) Rapid Storage Technology enterprise -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299520 2017-05-11] (Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1614688416-1402819682-2870659479-1000\...\Run: [Discord] => C:\Users\Rocco\AppData\Local\Discord\app-0.0.301\Discord.exe
HKU\S-1-5-21-1614688416-1402819682-2870659479-1000\...\Run: [GoogleChromeAutoLaunch_B9126BD5D3AC076B525DEE5C4AF27FEF] => "C:\Users\Rocco\AppData\Local\chromium\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-1614688416-1402819682-2870659479-1000\...\Run: [Chromium] => "c:\users\rocco\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-1614688416-1402819682-2870659479-1000\...\MountPoints2: {9cc48f3f-a830-11e8-9082-309c23870a4c} - G:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-10] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1614688416-1402819682-2870659479-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {11EAACBA-8275-407D-9C3F-1186E21F2ED8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-10] (Google Inc -> Google LLC)
Task: {476BA1C7-7728-4FF8-A704-4086ED530ECC} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {8942C046-BC98-43E7-88BB-6C966ACE0D10} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {961D02B7-64AA-43C8-B457-279368996F40} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFE76E4D-F95E-4875-B392-C4D5ECF95EC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-10] (Google Inc -> Google LLC)
Task: {D0AC7181-69D9-43C0-9F1B-9EAA008DC036} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [5626 2010-05-21] () [Fichier non signé]
Task: {D17DEE68-BDF5-4749-9DED-EBDF8002E5F2} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [5663 2010-05-21] () [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{E7654347-C232-47A0-819F-B624314E1D14}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{E7654347-C232-47A0-819F-B624314E1D14}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-10] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-10] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Profile: C:\Users\Rocco\AppData\Local\Google\Chrome\User Data\Default [2019-08-10]
CHR Extension: (uBlock Origin) - C:\Users\Rocco\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-07-26]
CHR Extension: (I don't care about cookies) - C:\Users\Rocco\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2019-07-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Rocco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-14]
CHR Extension: (Chrome Media Router) - C:\Users\Rocco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-08]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [483808 2018-08-14] (ICEpower a/s -> ICEpower a/s)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 IntelASMService; C:\Program Files\Intel\Intel Accelerated Storage Manager\iasm.exe [4217912 2018-08-30] (Intel(R) Accelerated Storage Manager -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2017-02-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [34416 2017-06-20] (Anvsoft Inc. -> AnvSoft Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R0 iaStorE; C:\Windows\System32\DRIVERS\iaStorE.sys [1050968 2018-08-30] (Intel Corporation -> Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [38744 2018-08-30] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [249000 2019-02-26] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [10368 2009-09-16] () [Fichier non signé]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-08-10 19:56 - 2019-08-10 19:56 - 000016802 _____ C:\Users\Rocco\Desktop\FRST.txt
2019-08-10 19:55 - 2019-08-10 19:56 - 000000000 ____D C:\FRST
2019-08-10 19:55 - 2019-08-10 19:55 - 002097664 _____ (Farbar) C:\Users\Rocco\Desktop\FRST64.exe
2019-08-10 18:24 - 2019-08-10 18:24 - 000003502 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-10 18:24 - 2019-08-10 18:24 - 000003374 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-10 18:24 - 2019-08-10 18:24 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-10 18:24 - 2019-08-10 18:24 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-10 18:13 - 2019-08-10 18:22 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-08-10 18:13 - 2019-08-10 18:22 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-08-10 18:13 - 2019-08-10 18:22 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-08-10 18:09 - 2019-08-10 18:22 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-08-10 18:09 - 2019-08-10 18:22 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-08-10 18:09 - 2019-08-10 18:09 - 000001903 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-10 18:09 - 2019-08-10 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-10 18:09 - 2019-08-10 18:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-10 18:09 - 2019-08-10 18:09 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-10 18:09 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-08-10 18:07 - 2019-08-10 18:07 - 000425304 _____ (Secure By Design Inc.) C:\Users\Rocco\Downloads\Ninite Malwarebytes Installer.exe
2019-08-10 18:07 - 2019-08-10 18:07 - 000425304 _____ (Secure By Design Inc.) C:\Users\Rocco\Downloads\Ninite Chrome Installer.exe
2019-08-09 18:24 - 2019-08-09 18:25 - 000001124 _____ C:\Users\Rocco\Desktop\GW2TacO.exe.lnk
2019-08-09 18:24 - 2019-08-09 18:24 - 000000000 ____D C:\Program Files (x86)\TacO ReActif FR Full
2019-08-07 19:49 - 2019-08-07 19:50 - 000000000 ____D C:\Users\Rocco\Downloads\TacO ReActif FR Full
2019-08-07 19:38 - 2019-08-07 19:39 - 032497305 _____ C:\Users\Rocco\Downloads\TacO ReActif FR Full.zip
2019-07-24 22:33 - 2019-07-24 22:33 - 000000000 ____D C:\Users\Rocco\AppData\Local\ElevatedDiagnostics
2019-07-18 21:46 - 2019-07-18 21:46 - 000631343 _____ C:\Users\Rocco\Downloads\Marquee a vie - Emelie Schepp.epub
2019-07-18 21:43 - 2019-07-18 21:43 - 000322405 _____ C:\Users\Rocco\Downloads\Harlan Coben - Double Piège - Ebook-Gratuit.co.epub
2019-07-18 21:35 - 2019-07-18 21:35 - 000000000 ____D C:\Users\Rocco\Downloads\ob_cac4ad_codex-d-alera-t01-02-epub
2019-07-18 21:31 - 2019-07-18 21:31 - 000542924 _____ C:\Users\Rocco\Downloads\Série Hier encore, 2 tomes - Julie de Lestrange.rar
2019-07-18 21:31 - 2019-07-18 21:31 - 000000000 ____D C:\Users\Rocco\Downloads\Série Hier encore, 2 tomes - Julie de Lestrange
2019-07-16 19:05 - 2019-07-16 19:05 - 000035140 _____ C:\Users\Rocco\Downloads\sfr-facture-0.pdf
==================== Un mois (modifiés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-08-10 18:50 - 2011-04-12 11:16 - 000711954 _____ C:\Windows\system32\perfh00C.dat
2019-08-10 18:50 - 2011-04-12 11:16 - 000142616 _____ C:\Windows\system32\perfc00C.dat
2019-08-10 18:50 - 2009-07-14 07:13 - 001582214 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-10 18:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-08-10 18:24 - 2018-08-14 20:15 - 000000000 ____D C:\Program Files (x86)\Google
2019-08-10 18:21 - 2019-05-30 09:27 - 000000000 ____D C:\Users\Rocco\AppData\Roaming\ZHP
2019-08-10 18:21 - 2009-07-14 06:45 - 000043520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-10 18:21 - 2009-07-14 06:45 - 000043520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-10 18:13 - 2018-08-14 20:49 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-10 18:13 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-10 18:12 - 2018-11-18 11:32 - 000000000 ____D C:\Users\Rocco\AppData\Roaming\Windows_Activator
2019-08-10 17:46 - 2018-08-14 23:16 - 000000000 ____D C:\Users\Rocco\AppData\Roaming\discord
2019-08-07 19:33 - 2009-07-14 07:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-08-03 20:57 - 2019-05-01 11:46 - 000000000 ____D C:\Program Files\MyDefrag v4.3.1
2019-08-03 13:36 - 2018-08-14 23:13 - 000000000 ____D C:\Program Files (x86)\Steam
2019-08-03 08:33 - 2019-06-03 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TacO ReActif
2019-07-19 21:39 - 2018-10-20 14:50 - 000000000 ____D C:\Users\Rocco\AppData\Roaming\vlc
2019-07-16 21:16 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-07-15 20:36 - 2019-01-04 07:56 - 000000000 ____D C:\Users\Rocco\AppData\Local\CrashDumps
==================== Fichiers à la racine de certains dossiers ================
2019-06-10 10:01 - 2019-06-10 10:01 - 003148672 _____ (Nicolas Coolman) C:\Users\Rocco\ZHPCleaner.exe
2018-09-04 17:58 - 2018-09-14 14:58 - 000000235 _____ () C:\Users\Rocco\AppData\Roaming\WB.CFG
2018-12-15 20:33 - 2018-12-15 20:33 - 000007631 _____ () C:\Users\Rocco\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2019-08-03 12:59
==================== Fin de FRST.txt ============================