Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21.01.2018
Exécuté par roland (administrateur) sur MEDION (24-01-2018 13:19:59)
Exécuté depuis F:\Users\roland\Desktop
Profils chargés: roland (Profils disponibles: roland)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Essential\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() F:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Digital Care Solutions) C:\Program Files\BDServices\BitDefenderCOM.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Bitdefender) C:\Program Files\Bitdefender Home Scanner\hvasrv.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() F:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(ANDREA VACONDIO) C:\ProgramData\ANDREA VACONDIO\PDFsam Manager\PDFsam Enhanced\PDFsam Manager.exe
() F:\Program Files\Everything\Everything.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe
(Garmin Ltd. or its subsidiaries) F:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Monotype Imaging Inc.) F:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe
(Plex, Inc.) F:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Essential\gziface.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Druide informatique inc.) C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe
(Druide informatique inc.) C:\Program Files (x86)\Druide\Antidote 7\Programmes64\AgentAntidote64.exe
(Bitdefender) C:\Program Files\Bitdefender Home Scanner\hvaag.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Everything] => F:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [agentantidote.exe] => C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe [947712 2013-06-14] (Druide informatique inc.)
HKLM-x32\...\Run: [agentantidote64.exe] => C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe [83968 2013-06-14] (Druide informatique inc.)
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3697776 2012-06-21] (brother)
HKLM-x32\...\Run: [CloneCDTray] => F:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2018-01-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [Eco] => C:\Program Files (x86)\KAR\KAREco.exe [7052440 2018-01-16] ()
HKU\S-1-5-21-1113307766-930362309-2852264658-1001\...\Run: [CDSlave] => F:\Applications_portables\CDSLAVE\CDSLAVE.EXE [158208 2006-10-28] (ADSoft)
HKU\S-1-5-21-1113307766-930362309-2852264658-1001\...\Run: [HP ENVY 5640 series (NET) #2] => C:\Program Files\HP\HP ENVY 5640 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1113307766-930362309-2852264658-1001\...\Run: [Free Download Manager] => F:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [9680384 2016-09-09] (FreeDownloadManager.org)
HKU\S-1-5-21-1113307766-930362309-2852264658-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-1113307766-930362309-2852264658-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41061856 2017-11-20] ()
HKU\S-1-5-21-1113307766-930362309-2852264658-1001\...\Run: [GarminExpressTrayApp] => F:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2018-01-10] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1113307766-930362309-2852264658-1001\...\Run: [SynchronossPC] => [X]
HKU\S-1-5-21-1113307766-930362309-2852264658-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664 2018-01-03] (Google Inc.)
HKU\S-1-5-21-1113307766-930362309-2852264658-1001\...\MountPoints2: {7b9f0c97-87e5-11e7-9cc7-cf814d3a0939} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1113307766-930362309-2852264658-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => F:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2018-01-10] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DUEAE Popup.lnk [2017-05-09]
ShortcutTarget: DUEAE Popup.lnk -> F:\Program Files (x86)\Diccionario de uso del español de América y España\pop.exe (ICDI)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{5ee53399-2410-4a08-a047-6c77744ee128}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{88fc3e73-48bf-4573-8b06-973c46ba771d}: [DhcpNameServer] 89.2.0.1 89.2.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1113307766-930362309-2852264658-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
SearchScopes: HKU\S-1-5-21-1113307766-930362309-2852264658-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-1113307766-930362309-2852264658-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-1113307766-930362309-2852264658-1001 -> {CBFF4199-2B76-4DA3-9B59-40F1273188EE} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Pas de nom -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-03] (Oracle Corporation)
BHO-x32: Pas de nom -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Pas de fichier

Edge:
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.4.0.0_neutral__c1wakc4j0nefm [2018-01-11]

FireFox:
========
FF ProfilePath: C:\Users\roland\AppData\Roaming\TomTom\HOME\Profiles\g6wcrx6a.default [2015-10-31]
FF Extension: (Pas de nom) - F:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\roland\AppData\Roaming\Mozilla\Firefox\Profiles\2zc2vpnp.default-1470829052815 [2018-01-23]
FF Extension: (IBM Security Rapport) - C:\Users\roland\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2017-08-10]
FF Extension: (Flash Video Downloader) - C:\Users\roland\AppData\Roaming\Mozilla\Firefox\Profiles\2zc2vpnp.default-1470829052815\Extensions\artur.dubovoy@gmail.com.xpi [2018-01-06]
FF Extension: (Video Downloader professional) - C:\Users\roland\AppData\Roaming\Mozilla\Firefox\Profiles\2zc2vpnp.default-1470829052815\Extensions\ffext_basicvideoext@startpage24.xpi [2018-01-05]
FF Extension: (AdBlock) - C:\Users\roland\AppData\Roaming\Mozilla\Firefox\Profiles\2zc2vpnp.default-1470829052815\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-01-06]
FF Extension: (KeePassHttp-Connector) - C:\Users\roland\AppData\Roaming\Mozilla\Firefox\Profiles\2zc2vpnp.default-1470829052815\Extensions\keepasshttp-connector@addons.brandt.tech.xpi [2018-01-08]
FF Extension: (TinEye Reverse Image Search) - C:\Users\roland\AppData\Roaming\Mozilla\Firefox\Profiles\2zc2vpnp.default-1470829052815\Extensions\tineye@ideeinc.com.xpi [2017-09-01]
FF Extension: (Bulk Media Downloader) - C:\Users\roland\AppData\Roaming\Mozilla\Firefox\Profiles\2zc2vpnp.default-1470829052815\Extensions\{72b2e02b-3a71-4895-886c-fd12ebe36ba3}.xpi [2018-01-05]
FF Extension: (Barre de Confiance CM-CIC) - C:\Users\roland\AppData\Roaming\Mozilla\Firefox\Profiles\2zc2vpnp.default-1470829052815\Extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF}.xpi [2018-01-06]
FF Extension: (View Source) - C:\Users\roland\AppData\Roaming\Mozilla\Firefox\Profiles\2zc2vpnp.default-1470829052815\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}.xpi [2017-11-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-22] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-03] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-22] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 3
CHR HomePage: Profile 3 -> hxxp://www.google.com/
CHR Profile: C:\Users\roland\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-01-10]
CHR Profile: C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-01-11]
CHR Extension: (Slides) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-19]
CHR Extension: (Docs) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-19]
CHR Extension: (Google Drive) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-13]
CHR Extension: (IBM Security Rapport) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-01-10]
CHR Extension: (YouTube) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-13]
CHR Extension: (Sheets) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-09-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-13]
CHR Extension: (Gmail) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-13]
CHR Extension: (Chrome Media Router) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-22]
CHR Profile: C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-01-24]
CHR Extension: (Slides) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-13]
CHR Extension: (YouTube) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-13]
CHR Extension: (Sheets) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Barre de Confiance CM-CIC) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ffjkhaeogkeelkioellpgcebmekedpag [2017-09-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-13]
CHR Extension: (AdBlock) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-13]
CHR Extension: (chromeIPass) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ompiailgknfdndiefoaoiligalphfdae [2017-09-13]
CHR Extension: (Gmail) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-13]
CHR Extension: (Chrome Media Router) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-09]
CHR Profile: C:\Users\roland\AppData\Local\Google\Chrome\User Data\System Profile [2018-01-10]
CHR Extension: (Quick Searcher) - C:\Users\roland\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-09-12]
CHR HKU\S-1-5-21-1113307766-930362309-2852264658-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1113307766-930362309-2852264658-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 17664cb2c0ff802368a8aa6cabddc412; C:\WINDOWS\17664cb2c0ff802368a8aa6cabddc412.dll [957952 2018-01-20] () [Fichier non signé]
S4 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-11-21] (Digital Care Solutions) [Fichier non signé]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-05] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2018-01-08] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-12-08] (Digital Wave Ltd.)
R2 DirMngr; F:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2015-03-17] () [Fichier non signé]
R2 Everything; F:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [Fichier non signé]
R2 Garmin Device Interaction Service; F:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1136656 2018-01-10] (Garmin Ltd. or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2016-01-29] (NVIDIA Corporation)
S3 GSService; C:\WINDOWS\SysWOW64\GSService.exe [444640 2014-07-28] ()
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Essential\gzserv.exe [79552 2017-12-10] (Bitdefender)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] ()
R2 hvasrv; C:\Program Files\Bitdefender Home Scanner\hvasrv.exe [562792 2017-11-22] (Bitdefender)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2016-01-29] (NVIDIA Corporation)
R2 PDFsam Manager; C:\ProgramData\ANDREA VACONDIO\PDFsam Manager\PDFsam Enhanced\PDFsam Manager.exe [1050224 2015-11-13] (ANDREA VACONDIO)
R2 PlexUpdateService; F:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2091496 2017-08-08] (Plex, Inc.)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1269824 2017-06-21] (Bitdefender)
S3 scan; C:\Program Files\BDServices\scan.dll [627688 2016-11-10] (Bitdefender)
R2 SkyFontsService; F:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe [60880 2017-06-26] (Monotype Imaging Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe [437392 2016-10-10] (Wondershare)
S2 Stereo Service; pas de ImagePath

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 1ee00d8fec8ec1a00666a46f149e2f86; C:\WINDOWS\system32\drivers\1ee00d8fec8ec1a00666a46f149e2f86.sys [97776 2018-01-20] ()
R1 37c94ae739eef7a401ad95b6c3921afe; C:\WINDOWS\system32\drivers\37c94ae739eef7a401ad95b6c3921afe.sys [97256 2018-01-09] ()
R1 50152603ed5007648a460c41dab3d1d5; C:\WINDOWS\system32\drivers\50152603ed5007648a460c41dab3d1d5.sys [97272 2018-01-03] ()
R1 8a61b2c61dd807906ca7759b5abe4424; C:\WINDOWS\system32\drivers\8a61b2c61dd807906ca7759b5abe4424.sys [97272 2018-01-08] ()
R3 A6100; C:\WINDOWS\System32\drivers\A6100.sys [5004560 2016-02-17] (Realtek Semiconductor Corporation )
S3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 b6a8f77c278ce0055f80a78d189a2355; C:\WINDOWS\system32\drivers\b6a8f77c278ce0055f80a78d189a2355.sys [101408 2017-12-08] ()
S1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Essential\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R2 BrPar; C:\WINDOWS\System32\drivers\BrPar64a.sys [30528 2006-11-06] (Brother Industries Ltd.)
R1 cce4cb2dceed2c4a453ea98ed1b1eb1f; C:\WINDOWS\system32\drivers\cce4cb2dceed2c4a453ea98ed1b1eb1f.sys [97272 2018-01-16] ()
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.)
R1 fbcc7b730c7bf844560f6768926e9700; C:\WINDOWS\system32\drivers\fbcc7b730c7bf844560f6768926e9700.sys [106520 2017-12-19] ()
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 kmloop; C:\WINDOWS\System32\drivers\loop.sys [16896 2017-09-29] (Microsoft Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81192 2017-06-12] (Insecure.Com LLC.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2016-01-29] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38032 2016-01-29] (NVIDIA Corporation)
S3 SndTAudio; C:\WINDOWS\system32\drivers\SndTAudio.sys [36064 2014-07-28] (Windows (R) Win 7 DDK provider)
U5 UnlockerDriver5; F:\UnlockerPortable\App\Unlocker64\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U3 idsvc; pas de ImagePath
U4 npcap_wifi; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-01-24 13:19 - 2018-01-24 13:19 - 000000000 ____D C:\FRST
2018-01-23 19:41 - 2018-01-23 19:41 - 000001192 _____ C:\Users\roland\AppData\Local\recently-used.xbel
2018-01-20 22:14 - 2018-01-20 22:14 - 000000022 _____ C:\WINDOWS\S.dirmngr
2018-01-20 22:08 - 2018-01-20 22:08 - 000034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-01-20 22:07 - 2018-01-20 21:52 - 000226448 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\handle64.exe
2018-01-20 20:58 - 2018-01-20 21:04 - 000000000 ____D C:\Users\roland\AppData\Roaming\WinRAR
2018-01-20 20:58 - 2018-01-20 21:03 - 000000000 ____D C:\Users\roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-01-20 20:58 - 2018-01-20 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-01-20 20:39 - 2018-01-20 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2018-01-20 10:59 - 2018-01-20 10:59 - 000906240 _____ C:\WINDOWS\e7d0a2b1b5c601fece22e9d7da466f25.exe
2018-01-20 10:59 - 2018-01-20 10:59 - 000097776 _____ C:\WINDOWS\system32\Drivers\1ee00d8fec8ec1a00666a46f149e2f86.sys
2018-01-20 10:59 - 2018-01-20 10:59 - 000037165 _____ C:\WINDOWS\uninstaller.dat
2018-01-17 20:26 - 2018-01-17 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-01-17 20:24 - 2018-01-20 20:32 - 000957952 _____ C:\WINDOWS\17664cb2c0ff802368a8aa6cabddc412.dll
2018-01-16 16:28 - 2018-01-16 16:28 - 000097272 _____ C:\WINDOWS\system32\Drivers\cce4cb2dceed2c4a453ea98ed1b1eb1f.sys
2018-01-16 06:34 - 2018-01-16 06:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KAR Energy Software
2018-01-16 06:34 - 2018-01-16 06:34 - 000000000 ____D C:\Program Files (x86)\KAR
2018-01-13 09:23 - 2018-01-13 09:24 - 000000000 ____D C:\Users\roland\AppData\Roaming\CDTPL
2018-01-13 09:23 - 2018-01-13 09:23 - 000000816 _____ C:\Users\Public\Desktop\Free EML File Viewer.lnk
2018-01-13 09:23 - 2018-01-13 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free EML File Viewer
2018-01-13 09:23 - 2018-01-13 09:23 - 000000000 ____D C:\ProgramData\CDTPL
2018-01-11 11:27 - 2018-01-11 11:27 - 000000000 ____D C:\Users\roland\AppData\Local\DBG
2018-01-10 10:45 - 2018-01-10 10:45 - 000000000 ____D C:\Users\roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SFR
2018-01-10 10:45 - 2018-01-10 10:45 - 000000000 ____D C:\Users\roland\AppData\Local\SFR
2018-01-09 17:51 - 2018-01-09 17:51 - 000097256 _____ C:\WINDOWS\system32\Drivers\37c94ae739eef7a401ad95b6c3921afe.sys
2018-01-08 22:15 - 2018-01-08 22:15 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-01-08 22:15 - 2018-01-08 22:15 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-01-08 22:15 - 2018-01-08 22:15 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-01-08 22:15 - 2018-01-08 22:15 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-01-08 22:14 - 2018-01-08 22:14 - 000001192 _____ C:\Users\roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeePassXC.lnk
2018-01-08 13:54 - 2018-01-08 13:54 - 000097272 _____ C:\WINDOWS\system32\Drivers\8a61b2c61dd807906ca7759b5abe4424.sys
2018-01-05 11:17 - 2018-01-24 13:03 - 000000000 ____D C:\Program Files\0c24e463d34d7012a3d797890a6011e9
2018-01-05 11:02 - 2018-01-05 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2018-01-05 11:02 - 2018-01-05 11:02 - 000117248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2018-01-05 10:10 - 2018-01-05 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4
2018-01-03 22:37 - 2018-01-03 22:37 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2018-01-03 22:36 - 2018-01-03 22:36 - 000069191 _____ C:\ProgramData\hva.1515015346.bdinstall.bin
2018-01-03 22:36 - 2018-01-03 22:36 - 000003384 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_6F2980EE6088481484E6D8285516CD07
2018-01-03 22:36 - 2018-01-03 22:36 - 000002071 _____ C:\Users\Public\Desktop\Bitdefender Home Scanner.lnk
2018-01-03 22:36 - 2018-01-03 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Home Scanner
2018-01-03 22:36 - 2018-01-03 22:36 - 000000000 ____D C:\ProgramData\Bitdefender Home Scanner
2018-01-03 22:35 - 2018-01-03 22:36 - 000000000 ____D C:\Program Files\Npcap
2018-01-03 22:35 - 2018-01-03 22:36 - 000000000 ____D C:\Program Files\Bitdefender Home Scanner
2018-01-03 22:35 - 2018-01-03 22:36 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-01-03 22:35 - 2018-01-03 22:35 - 000048605 _____ C:\ProgramData\agent.1515015333.bdinstall.bin
2018-01-03 22:35 - 2018-01-03 22:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap
2018-01-03 22:35 - 2018-01-03 22:35 - 000000000 ____D C:\WINDOWS\system32\Npcap
2018-01-03 22:35 - 2018-01-03 22:35 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2018-01-03 11:38 - 2018-01-03 11:38 - 000097272 _____ C:\WINDOWS\system32\Drivers\50152603ed5007648a460c41dab3d1d5.sys
2018-01-02 09:59 - 2018-01-02 09:59 - 000002081 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2017-12-26 11:32 - 2017-12-26 11:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-1113307766-930362309-2852264658-1001
2017-12-25 20:29 - 2017-12-25 20:33 - 000021840 ____T C:\WINDOWS\SysWOW64\SIntfNT.dll
2017-12-25 20:29 - 2017-12-25 20:33 - 000017212 ____T C:\WINDOWS\SysWOW64\SIntf32.dll
2017-12-25 20:29 - 2017-12-25 20:33 - 000012067 ____T C:\WINDOWS\SysWOW64\SIntf16.dll
2017-12-25 20:14 - 2017-12-25 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive
2017-12-25 20:13 - 1997-01-22 21:26 - 000565760 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP50.DLL
2017-12-25 20:03 - 2017-12-25 20:03 - 000000000 ____D C:\Users\roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\emme
2017-12-25 20:03 - 1999-07-29 16:06 - 000020900 _____ C:\WINDOWS\emme.wri
2017-12-25 20:03 - 1998-05-14 23:00 - 000073184 _____ C:\WINDOWS\SysWOW64\DAO2535.TLB
2017-12-25 20:03 - 1997-06-13 09:05 - 000057344 _____ C:\WINDOWS\SysWOW64\SMOOTHS.DLL
2017-12-25 20:03 - 1997-04-17 14:40 - 000254976 _____ C:\WINDOWS\SysWOW64\SMSEQ.DLL

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-01-24 13:02 - 2017-12-12 21:31 - 000004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{15A4D734-2B89-4A86-80DB-7FF635DB197E}
2018-01-24 13:02 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-24 12:59 - 2017-12-12 21:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-23 19:41 - 2015-04-07 22:29 - 000000000 ____D C:\Users\roland\AppData\Local\homebank
2018-01-23 09:08 - 2016-11-18 22:19 - 000000000 ____D C:\Users\roland\AppData\LocalLow\Mozilla
2018-01-21 14:55 - 2017-10-14 14:34 - 000000000 ____D C:\Users\roland\AppData\Roaming\Foxmail7
2018-01-20 22:19 - 2017-12-12 21:06 - 002809418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-20 22:19 - 2017-09-30 15:40 - 001289510 _____ C:\WINDOWS\system32\perfh00C.dat
2018-01-20 22:19 - 2017-09-30 15:40 - 000306220 _____ C:\WINDOWS\system32\perfc00C.dat
2018-01-20 22:15 - 2017-12-12 21:31 - 000003282 _____ C:\WINDOWS\System32\Tasks\0c24e463d34d7012a3d797890a6011e9
2018-01-20 22:14 - 2017-12-12 21:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-20 22:13 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-01-20 20:31 - 2015-09-18 22:39 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForroland.job
2018-01-20 05:03 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-19 19:19 - 2017-12-12 21:31 - 000003246 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForroland
2018-01-18 09:03 - 2016-03-04 10:11 - 000000000 ____D C:\ProgramData\firebird
2018-01-17 20:26 - 2015-12-05 15:15 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-01-15 20:38 - 2017-12-15 22:35 - 000003626 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2018-01-15 20:38 - 2017-02-07 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-01-15 20:38 - 2015-06-05 07:07 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-14 22:21 - 2017-12-16 23:50 - 000000000 ____D C:\Users\roland\AppData\Local\PlaceholderTileLogoFolder
2018-01-14 12:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-13 22:28 - 2017-12-12 21:11 - 000000000 ____D C:\Users\roland\AppData\Local\Packages
2018-01-11 21:04 - 2017-02-07 21:24 - 000000000 ____D C:\Users\roland\AppData\Roaming\GARMIN
2018-01-11 12:38 - 2017-12-12 21:11 - 000000000 ____D C:\Users\roland
2018-01-11 10:46 - 2016-01-23 23:29 - 000000000 ____D C:\ProgramData\prolexisws
2018-01-11 10:45 - 2017-12-12 21:31 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1113307766-930362309-2852264658-1001
2018-01-11 10:45 - 2015-08-07 20:35 - 000002446 _____ C:\Users\roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-10 21:01 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-09 22:50 - 2015-05-21 06:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeBank
2018-01-09 22:25 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-09 07:29 - 2017-09-15 11:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-09 07:25 - 2017-06-16 14:25 - 000000000 ____D C:\Users\roland\AppData\Roaming\KeeWeb
2018-01-09 07:24 - 2015-05-27 07:08 - 000000000 ____D C:\Program Files (x86)\Druide
2018-01-08 22:07 - 2015-04-08 08:22 - 000000000 ____D C:\Applications portables
2018-01-07 17:56 - 2015-04-08 13:21 - 000000000 ____D C:\Users\roland\AppData\Local\ElevatedDiagnostics
2018-01-06 22:49 - 2017-12-11 13:19 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-05 10:57 - 2016-11-18 21:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-05 10:57 - 2016-04-26 21:56 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-01-05 10:13 - 2017-12-12 21:04 - 000348600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-04 21:02 - 2015-04-07 22:37 - 000000000 ____D C:\Users\roland\AppData\Roaming\Mozilla
2017-12-31 13:59 - 2015-08-07 20:41 - 000000000 ____D C:\Users\roland\AppData\Local\Comms
2017-12-30 19:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-26 15:40 - 2015-04-07 18:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-26 15:27 - 2017-09-26 22:07 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-25 20:14 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help

==================== Fichiers à la racine de certains dossiers =======

2017-03-06 23:05 - 2017-03-06 23:05 - 000000003 _____ () C:\Users\roland\AppData\Roaming\.ptbt1
2016-03-30 22:02 - 2002-08-26 18:54 - 000327680 ____R () C:\Users\roland\AppData\Roaming\MafiaSetup.exe
2017-09-01 21:14 - 2017-09-01 21:14 - 000000173 _____ () C:\Users\roland\AppData\Roaming\r.cmd
2017-09-12 22:02 - 2017-11-27 08:00 - 000024576 _____ () C:\Users\roland\AppData\Local\amrfat.dll.3284.gzquar
2017-09-19 20:46 - 2017-09-19 20:46 - 000149609 _____ () C:\Users\roland\AppData\Local\ars.cache
2017-09-19 20:46 - 2017-09-19 20:46 - 000403731 _____ () C:\Users\roland\AppData\Local\census.cache
2017-12-22 23:04 - 2017-12-22 23:11 - 000000079 _____ () C:\Users\roland\AppData\Local\CrystalDiskMark30.ini
2015-06-21 07:15 - 2017-10-16 19:02 - 000007680 _____ () C:\Users\roland\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-19 20:21 - 2017-09-19 20:21 - 000000036 _____ () C:\Users\roland\AppData\Local\housecall.guid.cache
2018-01-23 19:41 - 2018-01-23 19:41 - 000001192 _____ () C:\Users\roland\AppData\Local\recently-used.xbel
2015-11-06 09:21 - 2015-11-06 09:21 - 000007679 _____ () C:\Users\roland\AppData\Local\Resmon.ResmonCfg
2016-11-17 15:09 - 2016-11-17 15:09 - 000000166 _____ () C:\Users\roland\AppData\Local\uts.ini

Certains fichiers dans TEMP:
====================
2018-01-20 22:02 - 2018-01-20 22:02 - 001510184 _____ (Sysinternals - www.sysinternals.com) C:\Users\roland\AppData\Local\Temp\procexp64.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2018-01-23 10:56

==================== Fin de FRST.txt ============================