Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2017 Exécuté par Mad Archangel (administrateur) sur LOU (10-09-2017 11:38:34) Exécuté depuis C:\Users\Mad Archangel\Desktop Profils chargés: Mad Archangel (Profils disponibles: Mad Archangel) Platform: Windows 10 Home Version 1703 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Opera) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2016-03-04] (Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17662072 2017-07-11] (Logitech Inc.) HKLM\...\Run: [iTunesHelper] => D:\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-07-21] (Razer Inc.) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-3842693976-3908345051-2490356946-1002\...\Run: [Discord] => C:\Users\Mad Archangel\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.) HKU\S-1-5-21-3842693976-3908345051-2490356946-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1052488 2017-08-23] () HKU\S-1-5-21-3842693976-3908345051-2490356946-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 Startup: C:\Users\Mad Archangel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-04-12] ShortcutTarget: Twitch.lnk -> C:\Users\Mad Archangel\AppData\Roaming\Curse Client\Bin\Twitch.exe (Pas de fichier) GroupPolicy: Restriction - Chrome <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1e4e1136-3b5d-4673-8559-17a849d1fca3}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4b3bdfe8-54a2-4e1a-8a11-6de4e705d802}: [DhcpNameServer] 195.238.2.21 195.238.2.22 Tcpip\..\Interfaces\{cfee9aab-ab02-4f3b-a299-3823a0a47092}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-3842693976-3908345051-2490356946-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-be/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FireFox: ======== FF DefaultProfile: ss7l1n1q.default FF ProfilePath: C:\Users\Mad Archangel\AppData\Roaming\Mozilla\Firefox\Profiles\ss7l1n1q.default [2017-08-31] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-01] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-01] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN) Opera: ======= OPR StartupUrls: "hxxp://google.com/","hxxp://facebook.com/","hxxp://youtube.com/","hxxps://euw.op.gg/summoner/userName=Quiet%20Mind" OPR Extension: (BetterTTV) - C:\Users\Mad Archangel\AppData\Roaming\Opera Software\Opera Stable\Extensions\deofbbdfofnmppcjbhjibgodpcdchjii [2017-07-08] OPR Extension: (Youtube MP3) - C:\Users\Mad Archangel\AppData\Roaming\Opera Software\Opera Stable\Extensions\nkbfcllahijofemakcaddiebkenjfana [2017-03-02] OPR Extension: (Google™ Translator Sidebar) - C:\Users\Mad Archangel\AppData\Roaming\Opera Software\Opera Stable\Extensions\ogmklpmbehclccahgccdnhjipkmmjaom [2017-03-02] OPR Extension: (Adblock Plus) - C:\Users\Mad Archangel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-07-13] StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-08-31] () S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Fichier non signé] R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation) S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-01-06] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-07-11] (Logitech Inc.) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation) R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-10-25] (NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1450824 2017-08-23] (Overwolf LTD) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-08-07] (Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [179840 2017-08-07] (Razer Inc.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] () S2 SkypeUpdate; C:\Program Files (x86)\Updater\Updater.exe [317400 2017-03-14] (Skype Technologies) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices) [Fichier non signé] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-19] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-19] (Disc Soft Ltd) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-03-04] (REALiX(tm)) S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [23936 2014-02-03] () S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD.sys [44744 2014-02-03] () R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-08] (Logitech Inc.) R1 MpKsl49950c19; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9817D07E-2A98-405E-A5F4-CD5DD4F4CFEE}\MpKsl49950c19.sys [44928 2017-09-09] (Microsoft Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-10-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-10-25] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2016-03-04] (Realtek ) R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51216 2016-05-12] (Razer Inc) R3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [47632 2016-05-12] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-07-18] (Razer, Inc.) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-03-04] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205952 2017-04-28] (Oracle Corporation) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [137920 2017-04-28] (Oracle Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-09-29] (Wellbia.com Co., Ltd.) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-09-10 11:38 - 2017-09-10 11:38 - 000015175 _____ C:\Users\Mad Archangel\Desktop\FRST.txt 2017-09-10 11:34 - 2017-09-10 11:38 - 000000000 ____D C:\FRST 2017-09-10 11:34 - 2017-09-10 11:34 - 002396160 _____ (Farbar) C:\Users\Mad Archangel\Desktop\FRST64.exe 2017-09-10 11:29 - 2017-09-10 11:29 - 000000000 ____D C:\Users\Mad Archangel\Desktop\Fond d'écran 2017-09-10 06:07 - 2017-09-10 06:07 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-09-08 18:03 - 2017-09-08 18:03 - 000003960 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1488449108 2017-09-08 18:03 - 2017-09-08 18:03 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2017-08-31 11:09 - 2017-08-31 11:09 - 000000000 ____D C:\Users\Mad Archangel\AppData\Local\TslGame 2017-08-31 08:08 - 2017-08-31 08:08 - 000002442 _____ C:\Users\Mad Archangel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamLabels.lnk 2017-08-23 18:59 - 2017-08-23 18:59 - 000000539 _____ C:\Users\Mad Archangel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk 2017-08-19 01:05 - 2017-08-19 01:05 - 000000000 ____D C:\Users\Mad Archangel\AppData\Local\DBG 2017-08-12 19:01 - 2017-08-12 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2017-08-12 18:55 - 2017-08-12 19:00 - 000000000 __SHD C:\AI_RecycleBin ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-09-10 11:20 - 2015-09-01 16:53 - 000000000 ____D C:\Users\Mad Archangel\AppData\Local\Microsoft Help 2017-09-10 11:18 - 2016-01-17 16:51 - 000000000 ____D C:\Users\Mad Archangel\AppData\Roaming\vlc 2017-09-10 10:52 - 2017-07-08 03:46 - 000000000 ____D C:\Users\Mad Archangel\Desktop\srteam 2017-09-10 06:07 - 2017-07-30 12:45 - 000000000 ____D C:\Users\Mad Archangel 2017-09-10 06:07 - 2017-07-30 12:45 - 000000000 ____D C:\ProgramData\NVIDIA 2017-09-10 06:07 - 2015-08-26 17:21 - 000000000 __SHD C:\Users\Mad Archangel\IntelGraphicsProfiles 2017-09-10 02:00 - 2017-07-30 12:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-09-10 01:35 - 2015-08-14 21:34 - 000000000 ____D C:\Users\Mad Archangel\AppData\Roaming\TS3Client 2017-09-09 14:12 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-09-09 14:12 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-09-08 18:03 - 2017-03-02 12:04 - 000000000 ____D C:\Program Files\Opera 2017-09-07 12:24 - 2017-07-30 12:55 - 002011150 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-09-07 12:24 - 2017-03-20 07:10 - 000908532 _____ C:\WINDOWS\system32\perfh00C.dat 2017-09-07 12:24 - 2017-03-20 07:10 - 000180362 _____ C:\WINDOWS\system32\perfc00C.dat 2017-09-07 12:18 - 2017-07-30 12:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-09-07 12:18 - 2017-07-30 12:44 - 000400720 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-09-07 12:18 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI 2017-09-06 23:25 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-09-05 21:57 - 2016-03-04 14:25 - 000000000 ____D C:\ProgramData\ProductData 2017-09-03 10:27 - 2017-03-20 07:11 - 000000000 ____D C:\WINDOWS\OCR 2017-09-03 00:16 - 2015-08-15 01:25 - 000000000 ____D C:\Users\Mad Archangel\AppData\Roaming\Skype 2017-08-31 15:28 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-08-31 11:09 - 2015-10-28 16:22 - 000000000 ____D C:\ProgramData\Package Cache 2017-08-31 11:09 - 2015-08-14 20:47 - 000000000 ____D C:\Users\Mad Archangel\AppData\Local\NVIDIA Corporation 2017-08-31 08:22 - 2016-08-08 20:11 - 000000000 ____D C:\Users\Mad Archangel\AppData\Roaming\obs-studio 2017-08-31 08:07 - 2017-07-08 01:38 - 000000050 _____ C:\Users\Mad Archangel\Documents\session_followers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000010 _____ C:\Users\Mad Archangel\Documents\session_most_recent_follower.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000010 _____ C:\Users\Mad Archangel\Documents\most_recent_follower.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000005 _____ C:\Users\Mad Archangel\Documents\weekly_donation_amount.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000005 _____ C:\Users\Mad Archangel\Documents\total_donation_amount.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000005 _____ C:\Users\Mad Archangel\Documents\session_donation_amount.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000005 _____ C:\Users\Mad Archangel\Documents\monthly_donation_amount.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000005 _____ C:\Users\Mad Archangel\Documents\30day_donation_amount.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000001 _____ C:\Users\Mad Archangel\Documents\weekly_cheer_amount.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000001 _____ C:\Users\Mad Archangel\Documents\total_subscriber_score.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000001 _____ C:\Users\Mad Archangel\Documents\total_subscriber_count.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000001 _____ C:\Users\Mad Archangel\Documents\total_follower_count.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000001 _____ C:\Users\Mad Archangel\Documents\session_subscriber_count.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000001 _____ C:\Users\Mad Archangel\Documents\session_follower_count.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000001 _____ C:\Users\Mad Archangel\Documents\session_cheer_amount.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000001 _____ C:\Users\Mad Archangel\Documents\monthly_cheer_amount.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000001 _____ C:\Users\Mad Archangel\Documents\30day_cheer_amount.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\weekly_top_donators.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\weekly_top_donator.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\weekly_top_donations.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\weekly_top_cheers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\weekly_top_cheerers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\weekly_top_cheerer.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\total_cheer_amount.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_top_donators.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_top_donator.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_top_donations.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_top_cheers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_top_cheerers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_top_cheerer.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_subscribers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_most_recent_subscriber.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_most_recent_donator.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_most_recent_cheerer.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_donators.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\session_cheerers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\most_recent_subscriber.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\most_recent_donator.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\most_recent_cheerer.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\monthly_top_donators.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\monthly_top_donator.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\monthly_top_donations.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\monthly_top_cheers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\monthly_top_cheerers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\monthly_top_cheerer.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\donation_goal.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\all_time_top_donators.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\all_time_top_donator.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\all_time_top_donations.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\all_time_top_cheers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\all_time_top_cheerers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\all_time_top_cheerer.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\30day_top_donators.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\30day_top_donator.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\30day_top_donations.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\30day_top_cheers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\30day_top_cheerers.txt 2017-08-31 08:07 - 2017-07-08 01:38 - 000000000 _____ C:\Users\Mad Archangel\Documents\30day_top_cheerer.txt 2017-08-31 07:53 - 2017-07-05 22:25 - 000000000 ____D C:\Users\Mad Archangel\AppData\LocalLow\Mozilla 2017-08-28 21:49 - 2017-07-27 17:49 - 000000000 ____D C:\Program Files (x86)\Overwolf 2017-08-18 18:21 - 2015-08-17 15:35 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-08-17 12:53 - 2017-07-30 12:44 - 000000000 ____D C:\Program Files (x86)\Razer 2017-08-12 18:32 - 2015-08-14 22:02 - 000000000 ____D C:\Users\Mad Archangel\AppData\Roaming\Riot Games ==================== Fichiers à la racine de certains dossiers ======= 2014-07-11 11:03 - 2014-07-11 11:03 - 000000000 ____H () C:\Program Files\DP45977C.lfl 2017-03-14 08:12 - 2017-03-14 08:12 - 000031451 _____ () C:\Program Files (x86)\third-party_attributions.txt 2016-11-01 09:39 - 2016-11-01 09:39 - 000007630 _____ () C:\Users\Mad Archangel\AppData\Local\Resmon.ResmonCfg 2016-09-29 08:53 - 2016-09-29 08:53 - 000000016 _____ () C:\ProgramData\mntemp Fichiers à déplacer ou supprimer: ==================== C:\Users\Mad Archangel\FL Studio VSTi (Multi).dll C:\Users\Mad Archangel\FL Studio VSTi.dll Certains fichiers dans TEMP: ==================== 2017-09-02 00:26 - 2017-09-02 00:27 - 058782680 _____ (Skype Technologies S.A.) C:\Users\Mad Archangel\AppData\Local\Temp\SkypeSetup.exe 2017-09-10 11:32 - 2017-08-03 19:57 - 015866480 _____ (Spotify Ltd) C:\Users\Mad Archangel\AppData\Local\Temp\SpotifyUninstall.exe 2017-09-10 11:14 - 2017-09-10 11:14 - 030950664 _____ () C:\Users\Mad Archangel\AppData\Local\Temp\vlc-2.2.6-win32.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-09-02 21:58 ==================== Fin de FRST.txt ============================