Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 07.02.2018 01 Exécuté par roial (administrateur) sur PC-JF (08-02-2018 14:36:59) Exécuté depuis C:\Users\roial\Downloads Profils chargés: roial (Profils disponibles: roial) Platform: Windows 10 Home Version 1709 16299.192 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Wargaming.net) G:\World of Warship\WargamingGameUpdater.exe (Gaijin Entertainment) C:\Users\roial\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (Spotify Ltd) C:\Users\roial\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.) C:\Users\roial\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe (Razer, Inc.) C:\Users\roial\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Farbar) C:\Users\roial\Downloads\FRST64(1).exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2016-01-20] (Realtek Semiconductor) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596664 2017-08-30] (Razer Inc.) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1838514857-3352204903-1559925929-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation) HKU\S-1-5-21-1838514857-3352204903-1559925929-1001\...\Run: [World of Warships] => G:\World of Warship\WargamingGameUpdater.exe [3140384 2018-01-25] (Wargaming.net) HKU\S-1-5-21-1838514857-3352204903-1559925929-1001\...\Run: [World of Tanks] => G:\World_of_Tanks\WargamingGameUpdater.exe [3139872 2018-01-05] (Wargaming.net) HKU\S-1-5-21-1838514857-3352204903-1559925929-1001\...\Run: [Gaijin.Net Agent] => C:\Users\roial\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2116168 2018-01-22] (Gaijin Entertainment) HKU\S-1-5-21-1838514857-3352204903-1559925929-1001\...\Run: [Spotify Web Helper] => C:\Users\roial\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-28] (Spotify Ltd) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{a483b107-0e27-49c3-9a4c-3dc0050156fc}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: l3wyl3ea.default FF ProfilePath: C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default [2018-02-08] FF Homepage: Mozilla\Firefox\Profiles\l3wyl3ea.default -> about:newtab FF Extension: (F.B. Purity - Cleans Up Facebook) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\fbp@fbpurity.com.xpi [2017-12-06] [Legacy] FF Extension: (F.B Purity - Cleans up Facebook (WX)) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\fbpElectroWebExt@fbpurity.com.xpi [2018-01-20] FF Extension: (Proxtube) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\ich@maltegoetz.de.xpi [2018-01-21] FF Extension: (YouTube mp3) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\info@youtube-mp3.org.xpi [2017-12-06] [Legacy] FF Extension: (TinEye Reverse Image Search) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\tineye@ideeinc.com.xpi [2017-12-06] FF Extension: (Adblock Plus) - C:\Users\roial\AppData\Roaming\Mozilla\Firefox\Profiles\l3wyl3ea.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] () FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-06] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-06] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default [2018-02-07] CHR Extension: (Slides) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-06] CHR Extension: (Docs) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-06] CHR Extension: (Google Drive) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-06] CHR Extension: (YouTube) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-06] CHR Extension: (Adobe Acrobat) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-14] CHR Extension: (Sheets) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-06] CHR Extension: (Google Docs hors connexion) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-06] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-06] CHR Extension: (Gmail) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-06] CHR Extension: (Chrome Media Router) - C:\Users\roial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-27] CHR Profile: C:\Users\roial\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-15] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7002120 2017-12-29] () S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-11-16] (EasyAntiCheat Ltd) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2154816 2018-01-20] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3024712 2018-01-20] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2017-12-06] () R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [435328 2017-10-10] (Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [916096 2017-10-17] (Razer Inc.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] () R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 CORK70; C:\WINDOWS\system32\drivers\CORK70.sys [25600 2012-10-31] ( ) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-12-05] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [46392 2015-12-05] (Disc Soft Ltd) R0 iaStorB; C:\WINDOWS\System32\drivers\iaStorB.sys [582128 2014-05-07] (Intel Corporation) R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-09-29] (Qualcomm Atheros, Inc.) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-02-08] (Malwarebytes) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f936d37e592b25aa\nvlddmkm.sys [16936048 2017-10-28] (NVIDIA Corporation) S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [26560 2017-11-16] (Windows (R) Win 7 DDK provider) S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation) U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [92344 2018-02-08] (Sysinternals - www.sysinternals.com) S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [50896 2015-10-26] (Razer Inc) S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [42192 2015-10-26] (Razer Inc) R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-10-26] (Razer Inc) S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29904 2015-10-26] (Razer Inc) S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36560 2015-10-26] (Razer Inc) S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [44752 2015-10-26] (Razer Inc) R3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [47312 2015-10-26] (Razer Inc) S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [50904 2015-10-26] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer, Inc.) S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [42712 2015-10-26] (Razer Inc) S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-10-26] (Razer Inc) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (QUALCOMM Incorporated) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [124872 2016-05-28] (BigNox Corporation) S3 VUSB3HUB; C:\WINDOWS\System32\drivers\ViaHub3.sys [227840 2014-10-31] (VIA Technologies, Inc.) S3 VUSBSTOR; C:\WINDOWS\System32\Drivers\vusbstor.sys [86064 2013-01-18] (VIA Technologies, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation) S3 WIMMount; G:\Windows Kits 10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [35736 2017-09-28] (Microsoft Corporation) S3 WofAdk; G:\Windows Kits 10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [224664 2017-09-28] (Microsoft Corporation) S3 xhcdrv; C:\WINDOWS\System32\drivers\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-02-08 14:36 - 2018-02-08 14:36 - 002402304 _____ (Farbar) C:\Users\roial\Downloads\FRST64(1).exe 2018-02-08 12:29 - 2018-02-08 12:29 - 000092344 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON23.SYS 2018-02-08 03:26 - 2018-02-08 03:35 - 000000000 ____D C:\Users\roial\AppData\Local\Windows Performance Analyzer 2018-02-08 03:26 - 2018-02-08 03:26 - 000000000 ____D C:\Users\roial\Documents\WPA Files 2018-02-08 03:25 - 2018-02-08 03:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-02-08 03:20 - 2018-02-08 03:26 - 000000000 ____D C:\Users\roial\Documents\WPR Files 2018-02-08 03:19 - 2018-02-08 03:19 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder 2018-02-08 03:16 - 2018-02-08 03:16 - 000000000 ____D C:\Program Files (x86)\Fake Product 2018-02-08 03:15 - 2018-02-08 03:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2018-02-08 02:31 - 2018-02-08 02:31 - 001747504 _____ (Microsoft Corporation) C:\Users\roial\Downloads\adksetup.exe 2018-02-04 16:38 - 2018-02-04 16:47 - 000000000 ____D C:\Users\roial\Desktop\Custruimu l'Avvene com 2018-01-31 16:05 - 2018-01-31 16:05 - 000008641 _____ C:\Users\roial\AppData\Local\recently-used.xbel 2018-01-28 14:06 - 2018-01-28 14:06 - 000000000 ____D C:\Users\roial\AppData\Roaming\Wargaming.net 2018-01-27 23:11 - 2018-01-27 23:12 - 089991899 _____ C:\Users\roial\Downloads\Marches du Royaume de France (edit_ Kori dit l'Amérique, Janvier 2017).zip 2018-01-27 22:30 - 2018-01-27 22:30 - 000000000 ____D C:\Users\roial\AppData\Local\NVIDIA Corporation 2018-01-27 22:09 - 2018-01-27 22:09 - 000000000 ____D C:\Users\roial\AppData\Local\Gaijin 2018-01-27 22:09 - 2018-01-27 22:09 - 000000000 ____D C:\ProgramData\Gaijin 2018-01-27 12:41 - 2018-01-27 12:41 - 000000000 ____D C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks 2018-01-27 12:39 - 2018-01-27 12:40 - 004773984 _____ (Wargaming.net ) C:\Users\roial\Downloads\WoT_internet_install_eu.exe 2018-01-26 13:22 - 2018-01-26 13:22 - 000000000 ____D C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships 2018-01-26 13:20 - 2018-01-26 13:20 - 006030864 _____ (Wargaming.net ) C:\Users\roial\Downloads\WoWS_internet_install_eu.exe 2018-01-24 00:42 - 2018-01-24 00:42 - 000000000 ____D C:\Users\roial\AppData\Local\The Witcher 2 2018-01-21 03:21 - 2018-01-28 15:36 - 000000000 ____D C:\Users\roial\AppData\Roaming\Spotify 2018-01-21 03:20 - 2018-01-28 15:52 - 000000000 ____D C:\Users\roial\AppData\Local\Spotify 2018-01-20 16:56 - 2018-01-20 16:56 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2018-01-19 22:54 - 2018-01-31 16:05 - 000000000 ____D C:\Users\roial\AppData\Local\gtk-2.0 2018-01-19 22:52 - 2018-01-19 22:52 - 000000000 ____D C:\Users\roial\AppData\Local\gegl-0.2 2018-01-19 22:52 - 2018-01-19 22:52 - 000000000 ____D C:\Users\roial\AppData\Local\fontconfig 2018-01-19 22:50 - 2018-01-26 14:02 - 000000000 ____D C:\Users\roial\Desktop\Royal Corsican Rangers 2018-01-19 22:50 - 2018-01-19 22:50 - 000000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2018-01-19 22:50 - 2018-01-19 22:50 - 000000000 ____D C:\Program Files\GIMP 2 2018-01-19 22:14 - 2018-01-19 22:15 - 089579672 _____ (The GIMP Team ) C:\Users\roial\Downloads\gimp-2.8.22-setup.exe 2018-01-18 19:06 - 2018-02-08 03:24 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-01-17 18:03 - 2018-01-17 19:23 - 000000000 ____D C:\Users\roial\AppData\Local\Arma 3 2018-01-17 18:03 - 2018-01-17 18:03 - 000000000 ____D C:\ProgramData\Bohemia Interactive 2018-01-17 01:35 - 2018-01-22 23:26 - 000000000 ____D C:\Users\roial\Desktop\Chasseurs Britannique 2018-01-17 01:22 - 2018-01-17 01:23 - 000637860 _____ C:\Users\roial\Downloads\téléchargement.htm 2018-01-16 13:47 - 2018-01-16 13:47 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2018-01-16 13:47 - 2018-01-16 13:47 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2018-01-15 18:22 - 2018-01-15 18:22 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies 2018-01-15 13:59 - 2018-01-17 22:17 - 000000000 ____D C:\Users\roial\Desktop\CV DOSSIER CTC 2018-01-15 13:09 - 2018-01-15 13:10 - 000000000 ____D C:\Users\roial\AppData\Local\MSfree Inc 2018-01-15 13:08 - 2018-01-15 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2018-01-15 13:08 - 2018-01-15 13:08 - 000000000 ____D C:\Program Files\7-Zip 2018-01-15 12:48 - 2018-01-15 12:48 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2018-01-15 12:48 - 2018-01-15 12:48 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk 2018-01-15 12:48 - 2018-01-15 12:48 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2018-01-15 12:48 - 2018-01-15 12:48 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2018-01-15 12:48 - 2018-01-15 12:48 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2018-01-15 12:48 - 2018-01-15 12:48 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2018-01-15 12:48 - 2018-01-15 12:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016 2018-01-15 12:47 - 2018-01-15 12:47 - 000000000 ____D C:\WINDOWS\PCHEALTH 2018-01-15 12:47 - 2018-01-15 12:47 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2018-01-15 12:47 - 2018-01-15 12:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2018-01-15 12:47 - 2018-01-15 12:47 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2018-01-15 12:46 - 2018-01-15 12:47 - 000000000 ____D C:\Program Files\Microsoft Office 2018-01-15 12:46 - 2018-01-15 12:46 - 000000000 ____D C:\WINDOWS\SHELLNEW 2018-01-15 12:46 - 2018-01-15 12:46 - 000000000 ____D C:\Users\roial\AppData\Local\Microsoft Help 2018-01-15 12:46 - 2018-01-15 12:46 - 000000000 ____D C:\Program Files\Microsoft Analysis Services 2018-01-15 12:46 - 2018-01-15 12:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-01-15 12:46 - 2018-01-15 12:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2018-01-12 17:10 - 2018-01-12 17:10 - 000000000 ____D C:\Users\roial\AppData\Local\CrashRpt 2018-01-10 23:16 - 2018-01-10 23:16 - 000066921 _____ C:\Users\roial\Downloads\Dami0N - Dying Light (Steam 2222112).CT 2018-01-10 18:36 - 2018-01-10 18:36 - 000085024 _____ C:\Users\roial\Downloads\Borderlands 1 CT v1.1.1.CT 2018-01-10 13:58 - 2018-01-10 13:58 - 000004446 _____ C:\Users\roial\Downloads\Borderlands.CT 2018-01-10 13:52 - 2018-01-10 13:52 - 000049105 _____ C:\Users\roial\Downloads\SteamAchievementManager-7.0.11.zip 2018-01-10 13:52 - 2018-01-10 13:52 - 000000000 ____D C:\Users\roial\Downloads\SteamAchievementManager-7.0.11 2018-01-10 13:48 - 2018-01-10 13:48 - 000124278 _____ C:\Users\roial\Downloads\SteamAchievementManager-master.zip 2018-01-09 23:52 - 2018-01-09 23:53 - 000000000 ____D C:\Users\roial\Desktop\sauvegarde borderrland anacien 2018-01-09 23:34 - 2018-01-09 23:34 - 000000128 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2018-01-09 23:34 - 2018-01-09 23:34 - 000000000 ____D C:\Users\roial\AppData\Roaming\Fatshark ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-02-08 14:37 - 2017-12-05 23:33 - 000017908 _____ C:\Users\roial\Downloads\FRST.txt 2018-02-08 14:36 - 2017-12-05 23:32 - 000000000 ____D C:\FRST 2018-02-08 14:28 - 2017-12-06 17:15 - 000000000 ____D C:\Users\roial\AppData\Roaming\Skype 2018-02-08 12:27 - 2017-12-06 14:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-02-08 12:27 - 2016-11-18 12:18 - 000000000 ____D C:\Users\roial\AppData\LocalLow\Mozilla 2018-02-08 12:07 - 2017-12-06 17:10 - 000000000 ____D C:\Program Files (x86)\Steam 2018-02-08 04:04 - 2017-12-06 14:16 - 000000000 ____D C:\ProgramData\NVIDIA 2018-02-08 03:30 - 2017-12-06 16:11 - 002377434 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-02-08 03:30 - 2017-12-06 14:12 - 001104140 _____ C:\WINDOWS\system32\perfh00C.dat 2018-02-08 03:30 - 2017-12-06 14:12 - 000239098 _____ C:\WINDOWS\system32\perfc00C.dat 2018-02-08 03:24 - 2017-12-06 14:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-02-08 03:20 - 2017-12-06 14:07 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-02-08 03:14 - 2017-12-06 17:15 - 000000000 ____D C:\ProgramData\Package Cache 2018-02-08 02:26 - 2017-12-06 13:50 - 000000000 ____D C:\Users\roial\Desktop\process-monitor_3-31_fr_27722 2018-02-08 02:09 - 2017-12-18 14:00 - 000000000 ____D C:\ProgramData\Origin 2018-02-08 02:09 - 2017-12-06 14:18 - 000000000 ____D C:\Users\roial 2018-02-08 02:01 - 2017-12-18 14:04 - 000000000 ____D C:\Users\roial\AppData\Roaming\Origin 2018-02-08 01:12 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-02-08 01:06 - 2017-12-06 18:17 - 000000000 ____D C:\Users\roial\AppData\Roaming\discord 2018-02-08 01:01 - 2017-12-06 16:30 - 000000000 ____D C:\Users\roial\AppData\Local\Battle.net 2018-02-07 23:08 - 2017-12-06 16:35 - 000000000 ____D C:\Program Files (x86)\Overwatch 2018-02-07 19:33 - 2017-12-06 16:33 - 000000000 ____D C:\Program Files (x86)\World of Warcraft 2018-02-07 19:31 - 2017-12-06 16:25 - 000000000 ____D C:\Program Files (x86)\Battle.net 2018-02-07 19:25 - 2017-12-06 22:03 - 000000000 ____D C:\Users\roial\AppData\Roaming\WhatsApp 2018-02-07 19:25 - 2017-12-06 14:07 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-02-07 19:24 - 2017-12-06 14:10 - 000000000 ___HD C:\Program Files\WindowsApps 2018-02-07 19:24 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-02-06 19:05 - 2017-12-18 01:05 - 000011877 _____ C:\Users\roial\Documents\Science Politique.odt 2018-02-06 17:33 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-02-06 17:33 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-02-06 17:08 - 2017-12-06 16:12 - 000000000 ____D C:\Users\roial\AppData\Local\ConnectedDevicesPlatform 2018-02-06 03:49 - 2017-12-16 21:18 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2018-02-06 03:49 - 2017-12-16 21:18 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-02-05 17:39 - 2017-12-06 16:12 - 000000000 ____D C:\Users\roial\AppData\Local\Publishers 2018-02-05 01:13 - 2017-12-17 22:03 - 000007627 _____ C:\Users\roial\AppData\Local\Resmon.ResmonCfg 2018-02-04 15:52 - 2017-12-06 16:12 - 000000000 ____D C:\Users\roial\AppData\Local\Packages 2018-02-02 23:10 - 2017-12-06 16:16 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-02-02 23:10 - 2017-12-06 16:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-02-02 18:30 - 2017-12-06 16:23 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-02-02 18:30 - 2017-12-06 16:23 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-02-01 02:53 - 2017-12-06 19:01 - 000000000 ____D C:\Users\roial\AppData\Roaming\Twitch 2018-01-31 19:30 - 2017-12-07 21:53 - 000000000 ____D C:\Users\roial\AppData\Roaming\uTorrent 2018-01-31 16:07 - 2016-12-03 22:33 - 000000000 ____D C:\Users\roial\.gimp-2.8 2018-01-30 18:56 - 2017-12-18 14:03 - 000000000 ____D C:\Program Files (x86)\Origin 2018-01-30 00:32 - 2017-12-06 16:16 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-01-30 00:22 - 2017-12-06 16:14 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1838514857-3352204903-1559925929-1001 2018-01-30 00:22 - 2017-12-06 16:13 - 000002418 _____ C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-01-30 00:22 - 2016-09-09 00:23 - 000000000 __RDL C:\Users\roial\OneDrive 2018-01-28 13:58 - 2017-12-08 00:42 - 000000000 ____D C:\Users\roial\AppData\Roaming\vlc 2018-01-28 04:04 - 2016-10-19 13:24 - 000000000 ____D C:\Users\roial\Documents\Witcher 2 2018-01-25 18:15 - 2017-10-09 18:53 - 000000000 ____D C:\Users\roial\Desktop\Confrérie Refonte 2018-01-25 00:05 - 2017-12-07 22:21 - 000000000 ____D C:\Users\roial\AppData\Local\UnrealEngine 2018-01-24 21:13 - 2017-12-06 18:16 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2018-01-24 16:35 - 2017-08-09 13:23 - 000000000 ____D C:\Users\roial\Desktop\Assemblée des jeunes projets 2018-01-21 13:35 - 2017-12-06 22:03 - 000002272 _____ C:\Users\roial\Desktop\WhatsApp.lnk 2018-01-21 13:35 - 2017-12-06 22:03 - 000000000 ____D C:\Users\roial\AppData\Local\WhatsApp 2018-01-21 13:35 - 2017-03-02 21:13 - 000000000 ____D C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2018-01-21 13:33 - 2017-12-06 18:17 - 000000000 ____D C:\Users\roial\AppData\Local\SquirrelTemp 2018-01-21 03:19 - 2016-09-09 14:28 - 000002224 _____ C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2018-01-20 16:56 - 2017-12-06 14:09 - 000000000 ____D C:\WINDOWS\INF 2018-01-18 19:06 - 2017-12-06 14:16 - 000336872 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-01-17 19:26 - 2018-01-02 17:08 - 000000000 ____D C:\Users\roial\AppData\Local\Arma 3 Launcher 2018-01-17 13:17 - 2017-12-06 16:56 - 000001046 _____ C:\Users\Public\Desktop\World of Warcraft.lnk 2018-01-16 22:02 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-01-16 13:46 - 2017-12-06 14:10 - 000000167 _____ C:\WINDOWS\win.ini 2018-01-15 23:33 - 2016-11-17 17:57 - 000000000 ____D C:\Users\roial\Desktop\Dossier 2018-01-15 18:22 - 2017-12-06 14:16 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-01-15 18:22 - 2016-09-09 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2018-01-15 17:55 - 2016-09-09 00:24 - 000000000 ____D C:\Users\roial\Desktop\CV - Lettre 2018-01-15 12:52 - 2017-12-06 14:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-01-15 12:47 - 2017-12-06 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-01-15 12:47 - 2017-12-06 14:10 - 000000000 ____D C:\Program Files\Common Files\system 2018-01-14 03:04 - 2017-12-11 22:15 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7 2018-01-12 12:51 - 2017-12-06 14:10 - 000000000 ____D C:\WINDOWS\rescache 2018-01-11 16:53 - 2017-03-05 14:55 - 000000365 _____ C:\Users\roial\Desktop\Séries.txt 2018-01-11 14:34 - 2017-12-06 18:49 - 000000000 ____D C:\Users\roial\AppData\Local\Ubisoft Game Launcher 2018-01-10 01:22 - 2017-12-07 22:21 - 000811760 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys 2018-01-09 20:18 - 2017-12-06 18:17 - 000002244 _____ C:\Users\roial\Desktop\Discord.lnk 2018-01-09 20:18 - 2017-12-06 18:17 - 000000000 ____D C:\Users\roial\AppData\Local\Discord 2018-01-09 20:18 - 2017-08-09 00:56 - 000000000 ____D C:\Users\roial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2018-01-09 19:07 - 2017-12-07 10:43 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-01-09 19:05 - 2017-12-07 10:43 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-01-09 19:05 - 2017-12-07 10:43 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-01-09 19:03 - 2017-12-16 18:36 - 000004594 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater ==================== Fichiers à la racine de certains dossiers ======= 2018-01-31 16:05 - 2018-01-31 16:05 - 000008641 _____ () C:\Users\roial\AppData\Local\recently-used.xbel 2017-12-17 22:03 - 2018-02-05 01:13 - 000007627 _____ () C:\Users\roial\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2018-02-05 19:30 ==================== Fin de FRST.txt ============================