cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 07.02.2018 01
Exécuté par roial (administrateur) sur PC-JF (08-02-2018 14:36:59)
Exécuté depuis C:\Users\roial\Downloads
Profils chargés: roial (Profils disponibles: roial)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Wargaming.net) G:\World of Warship\WargamingGameUpdater.exe
(Gaijin Entertainment) C:\Users\roial\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Spotify Ltd) C:\Users\roial\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\roial\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\roial\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\roial\Downloads\FRST64(1).exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2016-01-20] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596664 2017-08-30] (Razer Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1838514857-3352204903-1559925929-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-1838514857-3352204903-1559925929-1001\...\Run: [World of Warships] => G:\World of Warship\WargamingGameUpdater.exe [3140384 2018-01-25] (Wargaming.net)
HKU\S-1-5-21-1838514857-3352204903-1559925929-1001\...\Run: [World of Tanks] => G:\World_of_Tanks\WargamingGameUpdater.exe [3139872 2018-01-05] (Wargaming.net)
HKU\S-1-5-21-1838514857-3352204903-1559925929-1001\...\Run: [Gaijin.Net Agent] => C:\Users\roial\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2116168 2018-01-22] (Gaijin Entertainment)
HKU\S-1-5-21-1838514857-3352204903-1559925929-1001\...\Run: [Spotify Web Helper] => C:\Users\roial\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-28] (Spotify Ltd)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a483b107-0e27-49c3-9a4c-3dc0050156fc}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: l3wyl3ea.default
FF ProfilePath: C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default [2018-02-08]
FF Homepage: Mozilla\Firefox\Profiles\l3wyl3ea.default -> about:newtab
FF Extension: (F.B. Purity - Cleans Up Facebook) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\fbp@fbpurity.com.xpi [2017-12-06] [Legacy]
FF Extension: (F.B Purity - Cleans up Facebook (WX)) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\fbpElectroWebExt@fbpurity.com.xpi [2018-01-20]
FF Extension: (Proxtube) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\ich@maltegoetz.de.xpi [2018-01-21]
FF Extension: (YouTube mp3) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\info@youtube-mp3.org.xpi [2017-12-06] [Legacy]
FF Extension: (TinEye Reverse Image Search) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\tineye@ideeinc.com.xpi [2017-12-06]
FF Extension: (Adblock Plus) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default [2018-02-07]
CHR Extension: (Slides) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-06]
CHR Extension: (Docs) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-06]
CHR Extension: (Google Drive) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-06]
CHR Extension: (YouTube) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-06]
CHR Extension: (Adobe Acrobat) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-14]
CHR Extension: (Sheets) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-06]
CHR Extension: (Gmail) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-06]
CHR Extension: (Chrome Media Router) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-27]
CHR Profile: C:\Users\roial\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7002120 2017-12-29] ()
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-11-16] (EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2154816 2018-01-20] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3024712 2018-01-20] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2017-12-06] ()
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [435328 2017-10-10] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [916096 2017-10-17] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 CORK70; C:\WINDOWS\system32\drivers\CORK70.sys [25600 2012-10-31] ( )
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-12-05] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [46392 2015-12-05] (Disc Soft Ltd)
R0 iaStorB; C:\WINDOWS\System32\drivers\iaStorB.sys [582128 2014-05-07] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-09-29] (Qualcomm Atheros, Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-02-08] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f936d37e592b25aa\nvlddmkm.sys [16936048 2017-10-28] (NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [26560 2017-11-16] (Windows (R) Win 7 DDK provider)
S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [92344 2018-02-08] (Sysinternals - www.sysinternals.com)
S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [50896 2015-10-26] (Razer Inc)
S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [42192 2015-10-26] (Razer Inc)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-10-26] (Razer Inc)
S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29904 2015-10-26] (Razer Inc)
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36560 2015-10-26] (Razer Inc)
S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [44752 2015-10-26] (Razer Inc)
R3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [47312 2015-10-26] (Razer Inc)
S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [50904 2015-10-26] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer, Inc.)
S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [42712 2015-10-26] (Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-10-26] (Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (QUALCOMM Incorporated)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [124872 2016-05-28] (BigNox Corporation)
S3 VUSB3HUB; C:\WINDOWS\System32\drivers\ViaHub3.sys [227840 2014-10-31] (VIA Technologies, Inc.)
S3 VUSBSTOR; C:\WINDOWS\System32\Drivers\vusbstor.sys [86064 2013-01-18] (VIA Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation)
S3 WIMMount; G:\Windows Kits 10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [35736 2017-09-28] (Microsoft Corporation)
S3 WofAdk; G:\Windows Kits 10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [224664 2017-09-28] (Microsoft Corporation)
S3 xhcdrv; C:\WINDOWS\System32\drivers\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-02-08 14:36 - 2018-02-08 14:36 - 002402304 _____ (Farbar) C:\Users\roial\Downloads\FRST64(1).exe
2018-02-08 12:29 - 2018-02-08 12:29 - 000092344 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON23.SYS
2018-02-08 03:26 - 2018-02-08 03:35 - 000000000 ____D C:\Users\roial\AppData\Local\Windows Performance Analyzer
2018-02-08 03:26 - 2018-02-08 03:26 - 000000000 ____D C:\Users\roial\Documents\WPA Files
2018-02-08 03:25 - 2018-02-08 03:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-08 03:20 - 2018-02-08 03:26 - 000000000 ____D C:\Users\roial\Documents\WPR Files
2018-02-08 03:19 - 2018-02-08 03:19 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2018-02-08 03:16 - 2018-02-08 03:16 - 000000000 ____D C:\Program Files (x86)\Fake Product
2018-02-08 03:15 - 2018-02-08 03:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2018-02-08 02:31 - 2018-02-08 02:31 - 001747504 _____ (Microsoft Corporation) C:\Users\roial\Downloads\adksetup.exe
2018-02-04 16:38 - 2018-02-04 16:47 - 000000000 ____D C:\Users\roial\Desktop\Custruimu l'Avvene com
2018-01-31 16:05 - 2018-01-31 16:05 - 000008641 _____ C:\Users\roial\AppData\Local\recently-used.xbel
2018-01-28 14:06 - 2018-01-28 14:06 - 000000000 ____D C:\Users\roial\AppData\Roaming\Wargaming.net
2018-01-27 23:11 - 2018-01-27 23:12 - 089991899 _____ C:\Users\roial\Downloads\Marches du Royaume de France (edit_ Kori dit l'Amérique, Janvier 2017).zip
2018-01-27 22:30 - 2018-01-27 22:30 - 000000000 ____D C:\Users\roial\AppData\Local\NVIDIA Corporation
2018-01-27 22:09 - 2018-01-27 22:09 - 000000000 ____D C:\Users\roial\AppData\Local\Gaijin
2018-01-27 22:09 - 2018-01-27 22:09 - 000000000 ____D C:\ProgramData\Gaijin
2018-01-27 12:41 - 2018-01-27 12:41 - 000000000 ____D C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2018-01-27 12:39 - 2018-01-27 12:40 - 004773984 _____ (Wargaming.net ) C:\Users\roial\Downloads\WoT_internet_install_eu.exe
2018-01-26 13:22 - 2018-01-26 13:22 - 000000000 ____D C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
2018-01-26 13:20 - 2018-01-26 13:20 - 006030864 _____ (Wargaming.net ) C:\Users\roial\Downloads\WoWS_internet_install_eu.exe
2018-01-24 00:42 - 2018-01-24 00:42 - 000000000 ____D C:\Users\roial\AppData\Local\The Witcher 2
2018-01-21 03:21 - 2018-01-28 15:36 - 000000000 ____D C:\Users\roial\AppData\Roaming\Spotify
2018-01-21 03:20 - 2018-01-28 15:52 - 000000000 ____D C:\Users\roial\AppData\Local\Spotify
2018-01-20 16:56 - 2018-01-20 16:56 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-01-19 22:54 - 2018-01-31 16:05 - 000000000 ____D C:\Users\roial\AppData\Local\gtk-2.0
2018-01-19 22:52 - 2018-01-19 22:52 - 000000000 ____D C:\Users\roial\AppData\Local\gegl-0.2
2018-01-19 22:52 - 2018-01-19 22:52 - 000000000 ____D C:\Users\roial\AppData\Local\fontconfig
2018-01-19 22:50 - 2018-01-26 14:02 - 000000000 ____D C:\Users\roial\Desktop\Royal Corsican Rangers
2018-01-19 22:50 - 2018-01-19 22:50 - 000000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2018-01-19 22:50 - 2018-01-19 22:50 - 000000000 ____D C:\Program Files\GIMP 2
2018-01-19 22:14 - 2018-01-19 22:15 - 089579672 _____ (The GIMP Team ) C:\Users\roial\Downloads\gimp-2.8.22-setup.exe
2018-01-18 19:06 - 2018-02-08 03:24 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-17 18:03 - 2018-01-17 19:23 - 000000000 ____D C:\Users\roial\AppData\Local\Arma 3
2018-01-17 18:03 - 2018-01-17 18:03 - 000000000 ____D C:\ProgramData\Bohemia Interactive
2018-01-17 01:35 - 2018-01-22 23:26 - 000000000 ____D C:\Users\roial\Desktop\Chasseurs Britannique
2018-01-17 01:22 - 2018-01-17 01:23 - 000637860 _____ C:\Users\roial\Downloads\téléchargement.htm
2018-01-16 13:47 - 2018-01-16 13:47 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2018-01-16 13:47 - 2018-01-16 13:47 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2018-01-15 18:22 - 2018-01-15 18:22 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2018-01-15 13:59 - 2018-01-17 22:17 - 000000000 ____D C:\Users\roial\Desktop\CV DOSSIER CTC
2018-01-15 13:09 - 2018-01-15 13:10 - 000000000 ____D C:\Users\roial\AppData\Local\MSfree Inc
2018-01-15 13:08 - 2018-01-15 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-01-15 13:08 - 2018-01-15 13:08 - 000000000 ____D C:\Program Files\7-Zip
2018-01-15 12:48 - 2018-01-15 12:48 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-01-15 12:48 - 2018-01-15 12:48 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2018-01-15 12:48 - 2018-01-15 12:48 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2018-01-15 12:48 - 2018-01-15 12:48 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2018-01-15 12:48 - 2018-01-15 12:48 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2018-01-15 12:48 - 2018-01-15 12:48 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2018-01-15 12:48 - 2018-01-15 12:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016
2018-01-15 12:47 - 2018-01-15 12:47 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-01-15 12:47 - 2018-01-15 12:47 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2018-01-15 12:47 - 2018-01-15 12:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-01-15 12:47 - 2018-01-15 12:47 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2018-01-15 12:46 - 2018-01-15 12:47 - 000000000 ____D C:\Program Files\Microsoft Office
2018-01-15 12:46 - 2018-01-15 12:46 - 000000000 ____D C:\WINDOWS\SHELLNEW
2018-01-15 12:46 - 2018-01-15 12:46 - 000000000 ____D C:\Users\roial\AppData\Local\Microsoft Help
2018-01-15 12:46 - 2018-01-15 12:46 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2018-01-15 12:46 - 2018-01-15 12:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-01-15 12:46 - 2018-01-15 12:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2018-01-12 17:10 - 2018-01-12 17:10 - 000000000 ____D C:\Users\roial\AppData\Local\CrashRpt
2018-01-10 23:16 - 2018-01-10 23:16 - 000066921 _____ C:\Users\roial\Downloads\Dami0N - Dying Light (Steam 2222112).CT
2018-01-10 18:36 - 2018-01-10 18:36 - 000085024 _____ C:\Users\roial\Downloads\Borderlands 1 CT v1.1.1.CT
2018-01-10 13:58 - 2018-01-10 13:58 - 000004446 _____ C:\Users\roial\Downloads\Borderlands.CT
2018-01-10 13:52 - 2018-01-10 13:52 - 000049105 _____ C:\Users\roial\Downloads\SteamAchievementManager-7.0.11.zip
2018-01-10 13:52 - 2018-01-10 13:52 - 000000000 ____D C:\Users\roial\Downloads\SteamAchievementManager-7.0.11
2018-01-10 13:48 - 2018-01-10 13:48 - 000124278 _____ C:\Users\roial\Downloads\SteamAchievementManager-master.zip
2018-01-09 23:52 - 2018-01-09 23:53 - 000000000 ____D C:\Users\roial\Desktop\sauvegarde borderrland anacien
2018-01-09 23:34 - 2018-01-09 23:34 - 000000128 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2018-01-09 23:34 - 2018-01-09 23:34 - 000000000 ____D C:\Users\roial\AppData\Roaming\Fatshark

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-02-08 14:37 - 2017-12-05 23:33 - 000017908 _____ C:\Users\roial\Downloads\FRST.txt
2018-02-08 14:36 - 2017-12-05 23:32 - 000000000 ____D C:\FRST
2018-02-08 14:28 - 2017-12-06 17:15 - 000000000 ____D C:\Users\roial\AppData\Roaming\Skype
2018-02-08 12:27 - 2017-12-06 14:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-08 12:27 - 2016-11-18 12:18 - 000000000 ____D C:\Users\roial\AppData\LocalLow\Mozilla
2018-02-08 12:07 - 2017-12-06 17:10 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-08 04:04 - 2017-12-06 14:16 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-08 03:30 - 2017-12-06 16:11 - 002377434 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-08 03:30 - 2017-12-06 14:12 - 001104140 _____ C:\WINDOWS\system32\perfh00C.dat
2018-02-08 03:30 - 2017-12-06 14:12 - 000239098 _____ C:\WINDOWS\system32\perfc00C.dat
2018-02-08 03:24 - 2017-12-06 14:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-08 03:20 - 2017-12-06 14:07 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-08 03:14 - 2017-12-06 17:15 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-08 02:26 - 2017-12-06 13:50 - 000000000 ____D C:\Users\roial\Desktop\process-monitor_3-31_fr_27722
2018-02-08 02:09 - 2017-12-18 14:00 - 000000000 ____D C:\ProgramData\Origin
2018-02-08 02:09 - 2017-12-06 14:18 - 000000000 ____D C:\Users\roial
2018-02-08 02:01 - 2017-12-18 14:04 - 000000000 ____D C:\Users\roial\AppData\Roaming\Origin
2018-02-08 01:12 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-08 01:06 - 2017-12-06 18:17 - 000000000 ____D C:\Users\roial\AppData\Roaming\discord
2018-02-08 01:01 - 2017-12-06 16:30 - 000000000 ____D C:\Users\roial\AppData\Local\Battle.net
2018-02-07 23:08 - 2017-12-06 16:35 - 000000000 ____D C:\Program Files (x86)\Overwatch
2018-02-07 19:33 - 2017-12-06 16:33 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2018-02-07 19:31 - 2017-12-06 16:25 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-02-07 19:25 - 2017-12-06 22:03 - 000000000 ____D C:\Users\roial\AppData\Roaming\WhatsApp
2018-02-07 19:25 - 2017-12-06 14:07 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-07 19:24 - 2017-12-06 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-07 19:24 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-06 19:05 - 2017-12-18 01:05 - 000011877 _____ C:\Users\roial\Documents\Science Politique.odt
2018-02-06 17:33 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 17:33 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 17:08 - 2017-12-06 16:12 - 000000000 ____D C:\Users\roial\AppData\Local\ConnectedDevicesPlatform
2018-02-06 03:49 - 2017-12-16 21:18 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-12-16 21:18 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 17:39 - 2017-12-06 16:12 - 000000000 ____D C:\Users\roial\AppData\Local\Publishers
2018-02-05 01:13 - 2017-12-17 22:03 - 000007627 _____ C:\Users\roial\AppData\Local\Resmon.ResmonCfg
2018-02-04 15:52 - 2017-12-06 16:12 - 000000000 ____D C:\Users\roial\AppData\Local\Packages
2018-02-02 23:10 - 2017-12-06 16:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-02 23:10 - 2017-12-06 16:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-02 18:30 - 2017-12-06 16:23 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-02 18:30 - 2017-12-06 16:23 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-01 02:53 - 2017-12-06 19:01 - 000000000 ____D C:\Users\roial\AppData\Roaming\Twitch
2018-01-31 19:30 - 2017-12-07 21:53 - 000000000 ____D C:\Users\roial\AppData\Roaming\uTorrent
2018-01-31 16:07 - 2016-12-03 22:33 - 000000000 ____D C:\Users\roial\.gimp-2.8
2018-01-30 18:56 - 2017-12-18 14:03 - 000000000 ____D C:\Program Files (x86)\Origin
2018-01-30 00:32 - 2017-12-06 16:16 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-01-30 00:22 - 2017-12-06 16:14 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1838514857-3352204903-1559925929-1001
2018-01-30 00:22 - 2017-12-06 16:13 - 000002418 _____ C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 00:22 - 2016-09-09 00:23 - 000000000 __RDL C:\Users\roial\OneDrive
2018-01-28 13:58 - 2017-12-08 00:42 - 000000000 ____D C:\Users\roial\AppData\Roaming\vlc
2018-01-28 04:04 - 2016-10-19 13:24 - 000000000 ____D C:\Users\roial\Documents\Witcher 2
2018-01-25 18:15 - 2017-10-09 18:53 - 000000000 ____D C:\Users\roial\Desktop\Confrérie Refonte
2018-01-25 00:05 - 2017-12-07 22:21 - 000000000 ____D C:\Users\roial\AppData\Local\UnrealEngine
2018-01-24 21:13 - 2017-12-06 18:16 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 16:35 - 2017-08-09 13:23 - 000000000 ____D C:\Users\roial\Desktop\Assemblée des jeunes projets
2018-01-21 13:35 - 2017-12-06 22:03 - 000002272 _____ C:\Users\roial\Desktop\WhatsApp.lnk
2018-01-21 13:35 - 2017-12-06 22:03 - 000000000 ____D C:\Users\roial\AppData\Local\WhatsApp
2018-01-21 13:35 - 2017-03-02 21:13 - 000000000 ____D C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-01-21 13:33 - 2017-12-06 18:17 - 000000000 ____D C:\Users\roial\AppData\Local\SquirrelTemp
2018-01-21 03:19 - 2016-09-09 14:28 - 000002224 _____ C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2018-01-20 16:56 - 2017-12-06 14:09 - 000000000 ____D C:\WINDOWS\INF
2018-01-18 19:06 - 2017-12-06 14:16 - 000336872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-17 19:26 - 2018-01-02 17:08 - 000000000 ____D C:\Users\roial\AppData\Local\Arma 3 Launcher
2018-01-17 13:17 - 2017-12-06 16:56 - 000001046 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2018-01-16 22:02 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-16 13:46 - 2017-12-06 14:10 - 000000167 _____ C:\WINDOWS\win.ini
2018-01-15 23:33 - 2016-11-17 17:57 - 000000000 ____D C:\Users\roial\Desktop\Dossier
2018-01-15 18:22 - 2017-12-06 14:16 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-15 18:22 - 2016-09-09 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-01-15 17:55 - 2016-09-09 00:24 - 000000000 ____D C:\Users\roial\Desktop\CV - Lettre
2018-01-15 12:52 - 2017-12-06 14:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-01-15 12:47 - 2017-12-06 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-01-15 12:47 - 2017-12-06 14:10 - 000000000 ____D C:\Program Files\Common Files\system
2018-01-14 03:04 - 2017-12-11 22:15 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7
2018-01-12 12:51 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\rescache
2018-01-11 16:53 - 2017-03-05 14:55 - 000000365 _____ C:\Users\roial\Desktop\Séries.txt
2018-01-11 14:34 - 2017-12-06 18:49 - 000000000 ____D C:\Users\roial\AppData\Local\Ubisoft Game Launcher
2018-01-10 01:22 - 2017-12-07 22:21 - 000811760 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2018-01-09 20:18 - 2017-12-06 18:17 - 000002244 _____ C:\Users\roial\Desktop\Discord.lnk
2018-01-09 20:18 - 2017-12-06 18:17 - 000000000 ____D C:\Users\roial\AppData\Local\Discord
2018-01-09 20:18 - 2017-08-09 00:56 - 000000000 ____D C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2018-01-09 19:07 - 2017-12-07 10:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-09 19:05 - 2017-12-07 10:43 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-09 19:05 - 2017-12-07 10:43 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-09 19:03 - 2017-12-16 18:36 - 000004594 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

==================== Fichiers à la racine de certains dossiers =======

2018-01-31 16:05 - 2018-01-31 16:05 - 000008641 _____ () C:\Users\roial\AppData\Local\recently-used.xbel
2017-12-17 22:03 - 2018-02-05 01:13 - 000007627 _____ () C:\Users\roial\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2018-02-05 19:30

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité