Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Exécuté par NxkmnWork (administrateur) sur NXKMNWORKPC (11-12-2016 08:55:35)
Exécuté depuis C:\Users\NxkmnWork\Desktop
Profils chargés: NxkmnWork (Profils disponibles: NxkmnWork)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
() C:\Windows\Temp\g47D8.tmp.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-03-14] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-06] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-06] (AVAST Software)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{64A5EE5D-AAC8-4C6E-969C-38D778607783}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{BB9A7834-18F7-46E2-AB7E-7E129C22215E}: [DhcpNameServer] 192.168.1.1
ManualProxies:
Internet Explorer:
==================
HKU\S-1-5-21-371081638-2154724566-1239883047-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
BHO: Pas de nom -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Pas de fichier
BHO-x32: Pas de nom -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Pas de fichier
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF DefaultProfile: 04kglz7w.default
FF ProfilePath: C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default [2016-12-11]
FF NewTab: Mozilla\Firefox\Profiles\04kglz7w.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\04kglz7w.default -> Yahoo! (Avast)
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\04kglz7w.default -> Yahoo! (Avast)
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\04kglz7w.default -> Yahoo! (Avast)
FF Homepage: Mozilla\Firefox\Profiles\04kglz7w.default -> hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl
FF Extension: (Fast search) - C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default\Extensions\amcontextmenu@loucypher [2016-12-10]
FF Extension: (Adblock Plus) - C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-04]
FF SearchPlugin: C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default\searchplugins\yahoo-avast.xml [2016-12-06]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-10] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-06]
CHR Extension: (Google Drive) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-06]
CHR Extension: (YouTube) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-06]
CHR Extension: (Avast Online Security) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-06]
CHR Extension: (Fast search) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pbdpajcdgknpendpmecafmopknefafha [2016-12-06]
CHR Extension: (Gmail) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-06]
CHR Extension: (Chrome Media Router) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-06]
CHR Profile: C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default [2016-12-06]
CHR Extension: (Google Slides) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-15]
CHR Extension: (Google Docs) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-15]
CHR Extension: (Google Drive) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-15]
CHR Extension: (YouTube) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-15]
CHR Extension: (Google Sheets) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-15]
CHR Extension: (Fast search) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2016-12-06]
CHR Extension: (Gmail) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-15]
CHR Extension: (Chrome Media Router) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-03-14] (Advanced Micro Devices) [Fichier non signé]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-06] (AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-08-27] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-03-14] (Advanced Micro Devices)
S3 AMDCIR64; C:\Windows\system32\drivers\AMDCIR64.sys [79488 2011-12-16] (Advanced Micro Devices)
S3 amdefix; C:\Windows\system32\drivers\amdefix.sys [18456 2015-07-18] (Advanced Micro Devices)
S3 AmdGpio2; C:\Windows\system32\drivers\AmdGpio2.sys [44792 2015-09-28] (Advanced Micro Devices, INC.)
S3 amdi2c; C:\Windows\system32\drivers\amdi2c.sys [61688 2015-09-28] (Advanced Micro Devices, INC.)
R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-12-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-12-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-12-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-12-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-12-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-06] (AVAST Software)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [69888 2011-10-17] (Fresco Logic)
S3 rccfg; C:\Windows\system32\drivers\rccfg.sys [21680 2014-08-27] (AMD, Inc.)
S3 rcraid; C:\Windows\system32\drivers\rcraid.sys [539824 2014-08-27] (AMD, Inc.)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [101376 2011-11-21] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [217088 2011-11-21] (Renesas Electronics Corporation)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [204800 2011-11-14] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [256000 2011-11-14] (VIA Technologies, Inc.)
S3 catchme; \??\C:\Users\NXKMNW~1\AppData\Local\Temp\catchme.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-11 08:55 - 2016-12-11 08:55 - 02420224 _____ (Farbar) C:\Users\NxkmnWork\Desktop\FRST64.exe
2016-12-11 08:55 - 2016-12-11 08:55 - 00012986 _____ C:\Users\NxkmnWork\Desktop\FRST.txt
2016-12-11 08:55 - 2016-12-11 08:55 - 00000000 ____D C:\FRST
2016-12-10 18:20 - 2016-12-10 18:23 - 00000586 _____ C:\Users\NxkmnWork\Downloads\pt_shiftlayers_v2.31.zip
2016-12-07 23:39 - 2016-12-07 23:39 - 00004689 _____ C:\Users\NxkmnWork\Desktop\MalawareByte.txt
2016-12-07 22:40 - 2016-12-07 22:40 - 00001874 _____ C:\Users\NxkmnWork\Desktop\ZHPFixReport.txt
2016-12-07 22:38 - 2016-12-07 22:39 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-12-07 22:38 - 2016-12-07 22:38 - 00001849 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-12-07 22:38 - 2016-12-07 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-12-07 22:37 - 2016-12-07 22:38 - 03521617 _____ (Nicolas Coolman ) C:\Users\NxkmnWork\Downloads\zhpfix_2015.10.19.9.exe
2016-12-07 18:44 - 2016-12-10 18:05 - 00089565 _____ C:\Users\NxkmnWork\Desktop\ZHPDiag.txt
2016-12-07 18:31 - 2016-12-07 19:05 - 00001222 _____ C:\Users\NxkmnWork\Desktop\JRT.txt
2016-12-07 18:26 - 2016-12-07 18:26 - 00006401 _____ C:\Users\NxkmnWork\Desktop\AdwCleaner[C0].txt
2016-12-07 18:25 - 2016-12-07 19:01 - 00000000 ____D C:\AdwCleaner
2016-12-07 18:19 - 2016-12-07 18:57 - 00001914 _____ C:\Users\NxkmnWork\Desktop\ZHPCleaner.txt
2016-12-07 18:14 - 2016-12-07 18:51 - 00000900 _____ C:\Users\NxkmnWork\Desktop\ZHPCleaner.lnk
2016-12-07 18:13 - 2016-12-07 18:13 - 03968464 _____ C:\Users\NxkmnWork\Desktop\adwcleaner_6.040.exe
2016-12-07 18:13 - 2016-12-07 18:13 - 01631928 _____ (Malwarebytes) C:\Users\NxkmnWork\Desktop\JRT.exe
2016-12-07 18:12 - 2016-12-07 18:12 - 02553856 _____ C:\Users\NxkmnWork\Desktop\zhpcleaner_2016.11.28.206.exe
2016-12-06 23:06 - 2016-12-06 23:06 - 00093870 _____ C:\Users\NxkmnWork\Documents\ZHPDiag.txt
2016-12-06 23:00 - 2016-12-10 18:04 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\ZHP
2016-12-06 23:00 - 2016-12-10 18:03 - 00000786 _____ C:\Users\NxkmnWork\Desktop\ZHPDiag.lnk
2016-12-06 22:59 - 2016-12-06 22:59 - 02547712 _____ C:\Users\NxkmnWork\Downloads\ZHPDiag3.exe
2016-12-06 22:58 - 2016-12-06 22:58 - 00133997 _____ C:\Users\NxkmnWork\Downloads\ZHPDiag.txt
2016-12-06 21:21 - 2016-12-06 21:21 - 00001922 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2016-12-06 21:21 - 2016-12-06 21:21 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\AVAST Software
2016-12-06 21:21 - 2016-12-06 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-12-06 21:20 - 2016-12-07 22:22 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-12-06 21:20 - 2016-12-06 21:21 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-12-06 21:20 - 2016-12-06 21:21 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-12-06 21:20 - 2016-12-06 21:21 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-12-06 21:20 - 2016-12-06 21:20 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-12-06 21:20 - 2016-12-06 21:20 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-12-06 21:20 - 2016-12-06 21:20 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-06 21:18 - 2016-12-06 21:18 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-06 21:13 - 2016-12-06 21:13 - 06334848 _____ (AVAST Software) C:\Users\NxkmnWork\Downloads\avast_free_antivirus_setup_online.exe
2016-12-06 21:12 - 2016-12-06 21:12 - 00388608 _____ (Trend Micro Inc.) C:\Users\NxkmnWork\Downloads\HijackThis.exe
2016-12-06 20:57 - 2016-12-06 22:40 - 00000000 ____D C:\ProgramData\Freemake
2016-12-06 20:57 - 2016-12-06 20:57 - 00000000 ____D C:\Users\NxkmnWork\Documents\Freemake
2016-12-06 20:34 - 2016-12-06 20:36 - 00000290 __RSH C:\Users\NxkmnWork\ntuser.pol
2016-12-06 20:10 - 2016-12-07 23:41 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-06 20:10 - 2016-12-06 20:51 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-12-06 20:10 - 2016-12-06 20:10 - 22851472 _____ (Malwarebytes ) C:\Users\NxkmnWork\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
2016-12-06 20:10 - 2016-12-06 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-06 20:10 - 2016-12-06 20:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-06 20:10 - 2016-12-06 20:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-12-06 20:10 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-06 20:10 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-06 20:10 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-06 20:00 - 2016-12-06 20:00 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Chromium
2016-12-06 20:00 - 2016-12-06 20:00 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\CEF
2016-12-06 19:45 - 2016-11-09 15:55 - 00778752 _____ C:\Windows\system32\chtbrkg.dll
2016-12-06 19:45 - 2016-11-09 15:55 - 00590848 _____ C:\Windows\SysWOW64\chtbrkg.dll
2016-12-06 19:41 - 2016-12-06 19:41 - 00000000 _____ C:\TOSTACK
2016-12-06 19:40 - 2016-12-06 20:10 - 00000000 ____D C:\Windows\system32\SSL
2016-12-06 19:40 - 2016-12-06 19:40 - 00000000 ____D C:\Windows\SysWOW64\sstmp
2016-12-06 19:40 - 2016-12-06 19:40 - 00000000 ____D C:\Windows\system32\sstmp
2016-12-06 19:39 - 2016-12-11 08:55 - 00016734 _____ C:\Windows\System32\Tasks\573z97453t857
2016-12-06 19:39 - 2016-12-06 21:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-06 19:39 - 2016-12-06 19:48 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2016-12-06 19:39 - 2016-12-06 19:40 - 00002334 __RSH C:\ProgramData\ntuser.pol
2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ___HD C:\ProgramData\573z97453t857
2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ____D C:\Users\NxkmnWork\Documents\eRightSoft
2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ____D C:\ProgramData\Avira
2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ____D C:\ProgramData\Avg
2016-12-06 19:39 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2016-12-06 19:39 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2016-12-06 19:39 - 2003-06-05 13:57 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2016-12-06 19:39 - 2003-02-21 04:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2016-12-06 19:38 - 2016-12-06 20:43 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\Rafage
2016-12-06 19:38 - 2016-12-06 20:43 - 00000000 ____D C:\Program Files (x86)\Grupuse
2016-12-06 19:38 - 2016-12-06 19:40 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Graserph
2016-12-06 19:38 - 2016-12-06 19:38 - 00003566 _____ C:\Windows\System32\Tasks\f6a63bbfe553147895993c7e8697a131
2016-12-06 19:17 - 2016-12-06 19:17 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\MPEG Streamclip
2016-12-06 19:16 - 2094-06-24 01:00 - 00179811 ____N C:\Users\NxkmnWork\Downloads\MPEG Streamclip Guide.pdf
2016-12-06 19:16 - 2016-12-06 19:16 - 00000000 ____D C:\Users\NxkmnWork\Downloads\International (Italian)
2016-12-06 19:16 - 2008-08-10 12:09 - 01083904 ____N (Squared 5) C:\Users\NxkmnWork\Downloads\MPEG_Streamclip.exe
2016-12-06 19:14 - 2016-12-06 19:14 - 00554844 _____ C:\Users\NxkmnWork\Downloads\MPEG_Streamclip_1.2.zip
2016-12-05 22:04 - 2016-12-05 22:04 - 02107060 _____ C:\Windows\080cfee5fab43463492744e4b96e1728.exe
2016-11-20 01:41 - 2016-11-20 01:41 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\Aescripts
2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\Users\NxkmnWork\Downloads\zl_explodeshapelayers_v3.3.1_monter
2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\WinRAR
2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-11-20 01:30 - 2016-11-20 01:31 - 00000000 ____D C:\Program Files\WinRAR
2016-11-20 01:29 - 2016-11-20 01:29 - 02278304 _____ C:\Users\NxkmnWork\Downloads\winrar-x64-540fr.exe
2016-11-20 01:19 - 2016-11-20 01:21 - 02323970 _____ C:\Users\NxkmnWork\Downloads\zl_explodeshapelayers_v3.3.1_monter.rar
2016-11-19 21:28 - 2016-12-11 08:46 - 00000000 ____D C:\Users\NxkmnWork\AppData\LocalLow\Mozilla
2016-11-19 00:01 - 2016-11-19 00:01 - 01026032 _____ C:\Windows\Minidump\111916-12355-01.dmp
2016-11-18 22:23 - 2016-12-06 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-17 22:18 - 2016-11-20 03:33 - 04469876 _____ C:\Users\NxkmnWork\Downloads\Logo Sutter Event.psd
2016-11-17 21:14 - 2016-11-17 21:14 - 00107649 _____ C:\Users\NxkmnWork\Downloads\before582e10b0a30c82.43350158.eps
2016-11-17 21:10 - 2016-11-17 21:10 - 00000650 _____ C:\Users\NxkmnWork\Downloads\15049886_10209428244375407_475942937_n1.ai
2016-11-17 21:07 - 2016-11-17 21:07 - 00630131 _____ C:\Users\NxkmnWork\Downloads\15049886_10209428244375407_475942937_n.ai
2016-11-17 21:06 - 2016-11-17 21:06 - 00000078 _____ C:\Users\NxkmnWork\Downloads\15049886_10209428244375407_475942937_n.svg
2016-11-17 17:27 - 2016-12-06 20:51 - 00001260 _____ C:\Users\NxkmnWork\Desktop\4K Video Downloader.lnk
2016-11-17 17:27 - 2016-12-06 19:38 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-11-17 17:27 - 2016-11-17 17:27 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\4kdownload.com
2016-11-17 17:27 - 2016-11-17 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-11-17 17:24 - 2016-11-17 17:25 - 31343344 _____ (Open Media LLC ) C:\Users\NxkmnWork\Downloads\4kvideodownloader_4.1(1).exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-11 08:51 - 2016-03-18 15:20 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Adobe
2016-12-11 08:47 - 2011-04-12 10:16 - 00746916 _____ C:\Windows\system32\perfh00C.dat
2016-12-11 08:47 - 2011-04-12 10:16 - 00149440 _____ C:\Windows\system32\perfc00C.dat
2016-12-11 08:47 - 2009-07-14 06:13 - 01667292 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-11 08:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-11 08:45 - 2016-05-15 23:52 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-11 08:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-10 23:46 - 2016-03-18 15:11 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-12-10 23:46 - 2009-07-14 05:45 - 00027248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-10 23:46 - 2009-07-14 05:45 - 00027248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-10 23:08 - 2016-05-15 23:52 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-10 22:03 - 2016-04-17 22:57 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\vlc
2016-12-07 23:40 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2016-12-06 22:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\TAPI
2016-12-06 22:20 - 2016-03-18 15:17 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\VirtualStore
2016-12-06 21:32 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup
2016-12-06 21:31 - 2016-03-18 15:32 - 00001135 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-06 21:31 - 2016-03-18 15:32 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-06 21:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2016-12-06 20:51 - 2016-06-14 21:58 - 00001031 _____ C:\Users\NxkmnWork\Desktop\WinDirStat.lnk
2016-12-06 20:51 - 2016-05-15 23:52 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-06 20:51 - 2016-05-15 23:52 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-06 20:51 - 2016-05-14 16:18 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-12-06 20:51 - 2016-05-14 16:16 - 00001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-12-06 20:51 - 2016-05-14 16:16 - 00001512 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-12-06 20:51 - 2016-05-14 15:36 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-12-06 20:51 - 2016-05-14 15:30 - 00001372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk
2016-12-06 20:51 - 2016-05-14 15:30 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk
2016-12-06 20:51 - 2016-04-18 13:37 - 00001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2016-12-06 20:51 - 2016-04-17 22:57 - 00001060 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-12-06 20:51 - 2016-03-18 18:36 - 00001028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2016-12-06 20:51 - 2016-03-18 18:36 - 00001016 _____ C:\Users\NxkmnWork\Desktop\Adobe Lightroom.lnk
2016-12-06 20:51 - 2016-03-18 15:17 - 00001429 _____ C:\Users\NxkmnWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-06 20:51 - 2016-03-18 15:16 - 00001398 _____ C:\Users\Public\Desktop\Installer .Net 4.6.lnk
2016-12-06 20:51 - 2016-03-18 15:12 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-12-06 20:51 - 2016-03-18 15:12 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-12-06 20:51 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-12-06 20:51 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-06 20:51 - 2009-07-14 05:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-12-06 20:51 - 2009-07-14 05:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-12-06 20:51 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-12-06 20:51 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-12-06 20:51 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-12-06 20:41 - 2016-03-18 15:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-06 20:36 - 2016-03-18 15:17 - 00000000 ____D C:\Users\NxkmnWork
2016-12-06 20:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Branding
2016-12-06 19:41 - 2016-06-14 21:58 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2016-12-06 19:41 - 2016-04-17 22:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-12-06 19:41 - 2016-03-18 17:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-06 19:41 - 2009-07-14 06:08 - 00028648 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-06 19:40 - 2016-05-14 15:22 - 00000000 ____D C:\Program Files (x86)\uTorrent
2016-12-06 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-12-06 19:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-12-06 19:38 - 2016-05-15 23:52 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-06 19:38 - 2016-05-14 15:36 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-12-06 19:38 - 2016-03-18 17:50 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-06 19:38 - 2016-03-18 17:50 - 00000000 ____D C:\Program Files (x86)\AMD
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-11-22 22:57 - 2016-06-20 18:57 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\ElevatedDiagnostics
2016-11-22 21:51 - 2016-05-20 21:56 - 00000194 _____ C:\Users\NxkmnWork\Documents\Media Browser Provider Exception
2016-11-22 21:51 - 2016-05-20 21:56 - 00000172 _____ C:\Users\NxkmnWork\Documents\Recent Directories
2016-11-22 21:51 - 2016-05-20 21:56 - 00000156 _____ C:\Users\NxkmnWork\Documents\SharedView Column Settings
2016-11-19 00:01 - 2016-03-18 19:21 - 00000000 ____D C:\Windows\Minidump
2016-11-16 21:08 - 2016-05-15 23:52 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Google
==================== Fichiers à la racine de certains dossiers =======
2016-05-09 21:44 - 2016-05-09 21:44 - 0007605 _____ () C:\Users\NxkmnWork\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-12-04 13:43
==================== Fin de FRST.txt ============================
Exécuté par NxkmnWork (administrateur) sur NXKMNWORKPC (11-12-2016 08:55:35)
Exécuté depuis C:\Users\NxkmnWork\Desktop
Profils chargés: NxkmnWork (Profils disponibles: NxkmnWork)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
() C:\Windows\Temp\g47D8.tmp.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-03-14] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-06] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-06] (AVAST Software)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{64A5EE5D-AAC8-4C6E-969C-38D778607783}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{BB9A7834-18F7-46E2-AB7E-7E129C22215E}: [DhcpNameServer] 192.168.1.1
ManualProxies:
Internet Explorer:
==================
HKU\S-1-5-21-371081638-2154724566-1239883047-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
BHO: Pas de nom -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Pas de fichier
BHO-x32: Pas de nom -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Pas de fichier
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF DefaultProfile: 04kglz7w.default
FF ProfilePath: C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default [2016-12-11]
FF NewTab: Mozilla\Firefox\Profiles\04kglz7w.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\04kglz7w.default -> Yahoo! (Avast)
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\04kglz7w.default -> Yahoo! (Avast)
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\04kglz7w.default -> Yahoo! (Avast)
FF Homepage: Mozilla\Firefox\Profiles\04kglz7w.default -> hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl
FF Extension: (Fast search) - C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default\Extensions\amcontextmenu@loucypher [2016-12-10]
FF Extension: (Adblock Plus) - C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-04]
FF SearchPlugin: C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default\searchplugins\yahoo-avast.xml [2016-12-06]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-10] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-06]
CHR Extension: (Google Drive) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-06]
CHR Extension: (YouTube) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-06]
CHR Extension: (Avast Online Security) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-06]
CHR Extension: (Fast search) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pbdpajcdgknpendpmecafmopknefafha [2016-12-06]
CHR Extension: (Gmail) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-06]
CHR Extension: (Chrome Media Router) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-06]
CHR Profile: C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default [2016-12-06]
CHR Extension: (Google Slides) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-15]
CHR Extension: (Google Docs) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-15]
CHR Extension: (Google Drive) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-15]
CHR Extension: (YouTube) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-15]
CHR Extension: (Google Sheets) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-15]
CHR Extension: (Fast search) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2016-12-06]
CHR Extension: (Gmail) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-15]
CHR Extension: (Chrome Media Router) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-03-14] (Advanced Micro Devices) [Fichier non signé]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-06] (AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-08-27] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-03-14] (Advanced Micro Devices)
S3 AMDCIR64; C:\Windows\system32\drivers\AMDCIR64.sys [79488 2011-12-16] (Advanced Micro Devices)
S3 amdefix; C:\Windows\system32\drivers\amdefix.sys [18456 2015-07-18] (Advanced Micro Devices)
S3 AmdGpio2; C:\Windows\system32\drivers\AmdGpio2.sys [44792 2015-09-28] (Advanced Micro Devices, INC.)
S3 amdi2c; C:\Windows\system32\drivers\amdi2c.sys [61688 2015-09-28] (Advanced Micro Devices, INC.)
R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-12-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-12-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-12-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-12-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-12-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-06] (AVAST Software)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [69888 2011-10-17] (Fresco Logic)
S3 rccfg; C:\Windows\system32\drivers\rccfg.sys [21680 2014-08-27] (AMD, Inc.)
S3 rcraid; C:\Windows\system32\drivers\rcraid.sys [539824 2014-08-27] (AMD, Inc.)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [101376 2011-11-21] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [217088 2011-11-21] (Renesas Electronics Corporation)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [204800 2011-11-14] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [256000 2011-11-14] (VIA Technologies, Inc.)
S3 catchme; \??\C:\Users\NXKMNW~1\AppData\Local\Temp\catchme.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-11 08:55 - 2016-12-11 08:55 - 02420224 _____ (Farbar) C:\Users\NxkmnWork\Desktop\FRST64.exe
2016-12-11 08:55 - 2016-12-11 08:55 - 00012986 _____ C:\Users\NxkmnWork\Desktop\FRST.txt
2016-12-11 08:55 - 2016-12-11 08:55 - 00000000 ____D C:\FRST
2016-12-10 18:20 - 2016-12-10 18:23 - 00000586 _____ C:\Users\NxkmnWork\Downloads\pt_shiftlayers_v2.31.zip
2016-12-07 23:39 - 2016-12-07 23:39 - 00004689 _____ C:\Users\NxkmnWork\Desktop\MalawareByte.txt
2016-12-07 22:40 - 2016-12-07 22:40 - 00001874 _____ C:\Users\NxkmnWork\Desktop\ZHPFixReport.txt
2016-12-07 22:38 - 2016-12-07 22:39 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-12-07 22:38 - 2016-12-07 22:38 - 00001849 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-12-07 22:38 - 2016-12-07 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-12-07 22:37 - 2016-12-07 22:38 - 03521617 _____ (Nicolas Coolman ) C:\Users\NxkmnWork\Downloads\zhpfix_2015.10.19.9.exe
2016-12-07 18:44 - 2016-12-10 18:05 - 00089565 _____ C:\Users\NxkmnWork\Desktop\ZHPDiag.txt
2016-12-07 18:31 - 2016-12-07 19:05 - 00001222 _____ C:\Users\NxkmnWork\Desktop\JRT.txt
2016-12-07 18:26 - 2016-12-07 18:26 - 00006401 _____ C:\Users\NxkmnWork\Desktop\AdwCleaner[C0].txt
2016-12-07 18:25 - 2016-12-07 19:01 - 00000000 ____D C:\AdwCleaner
2016-12-07 18:19 - 2016-12-07 18:57 - 00001914 _____ C:\Users\NxkmnWork\Desktop\ZHPCleaner.txt
2016-12-07 18:14 - 2016-12-07 18:51 - 00000900 _____ C:\Users\NxkmnWork\Desktop\ZHPCleaner.lnk
2016-12-07 18:13 - 2016-12-07 18:13 - 03968464 _____ C:\Users\NxkmnWork\Desktop\adwcleaner_6.040.exe
2016-12-07 18:13 - 2016-12-07 18:13 - 01631928 _____ (Malwarebytes) C:\Users\NxkmnWork\Desktop\JRT.exe
2016-12-07 18:12 - 2016-12-07 18:12 - 02553856 _____ C:\Users\NxkmnWork\Desktop\zhpcleaner_2016.11.28.206.exe
2016-12-06 23:06 - 2016-12-06 23:06 - 00093870 _____ C:\Users\NxkmnWork\Documents\ZHPDiag.txt
2016-12-06 23:00 - 2016-12-10 18:04 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\ZHP
2016-12-06 23:00 - 2016-12-10 18:03 - 00000786 _____ C:\Users\NxkmnWork\Desktop\ZHPDiag.lnk
2016-12-06 22:59 - 2016-12-06 22:59 - 02547712 _____ C:\Users\NxkmnWork\Downloads\ZHPDiag3.exe
2016-12-06 22:58 - 2016-12-06 22:58 - 00133997 _____ C:\Users\NxkmnWork\Downloads\ZHPDiag.txt
2016-12-06 21:21 - 2016-12-06 21:21 - 00001922 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2016-12-06 21:21 - 2016-12-06 21:21 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\AVAST Software
2016-12-06 21:21 - 2016-12-06 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-12-06 21:20 - 2016-12-07 22:22 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-12-06 21:20 - 2016-12-06 21:21 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-12-06 21:20 - 2016-12-06 21:21 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-12-06 21:20 - 2016-12-06 21:21 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-12-06 21:20 - 2016-12-06 21:20 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-12-06 21:20 - 2016-12-06 21:20 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-12-06 21:20 - 2016-12-06 21:20 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-12-06 21:20 - 2016-12-06 21:20 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-06 21:18 - 2016-12-06 21:18 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-06 21:13 - 2016-12-06 21:13 - 06334848 _____ (AVAST Software) C:\Users\NxkmnWork\Downloads\avast_free_antivirus_setup_online.exe
2016-12-06 21:12 - 2016-12-06 21:12 - 00388608 _____ (Trend Micro Inc.) C:\Users\NxkmnWork\Downloads\HijackThis.exe
2016-12-06 20:57 - 2016-12-06 22:40 - 00000000 ____D C:\ProgramData\Freemake
2016-12-06 20:57 - 2016-12-06 20:57 - 00000000 ____D C:\Users\NxkmnWork\Documents\Freemake
2016-12-06 20:34 - 2016-12-06 20:36 - 00000290 __RSH C:\Users\NxkmnWork\ntuser.pol
2016-12-06 20:10 - 2016-12-07 23:41 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-06 20:10 - 2016-12-06 20:51 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-12-06 20:10 - 2016-12-06 20:10 - 22851472 _____ (Malwarebytes ) C:\Users\NxkmnWork\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
2016-12-06 20:10 - 2016-12-06 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-06 20:10 - 2016-12-06 20:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-06 20:10 - 2016-12-06 20:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-12-06 20:10 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-06 20:10 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-06 20:10 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-06 20:00 - 2016-12-06 20:00 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Chromium
2016-12-06 20:00 - 2016-12-06 20:00 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\CEF
2016-12-06 19:45 - 2016-11-09 15:55 - 00778752 _____ C:\Windows\system32\chtbrkg.dll
2016-12-06 19:45 - 2016-11-09 15:55 - 00590848 _____ C:\Windows\SysWOW64\chtbrkg.dll
2016-12-06 19:41 - 2016-12-06 19:41 - 00000000 _____ C:\TOSTACK
2016-12-06 19:40 - 2016-12-06 20:10 - 00000000 ____D C:\Windows\system32\SSL
2016-12-06 19:40 - 2016-12-06 19:40 - 00000000 ____D C:\Windows\SysWOW64\sstmp
2016-12-06 19:40 - 2016-12-06 19:40 - 00000000 ____D C:\Windows\system32\sstmp
2016-12-06 19:39 - 2016-12-11 08:55 - 00016734 _____ C:\Windows\System32\Tasks\573z97453t857
2016-12-06 19:39 - 2016-12-06 21:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-06 19:39 - 2016-12-06 19:48 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2016-12-06 19:39 - 2016-12-06 19:40 - 00002334 __RSH C:\ProgramData\ntuser.pol
2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ___HD C:\ProgramData\573z97453t857
2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ____D C:\Users\NxkmnWork\Documents\eRightSoft
2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ____D C:\ProgramData\Avira
2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ____D C:\ProgramData\Avg
2016-12-06 19:39 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2016-12-06 19:39 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2016-12-06 19:39 - 2003-06-05 13:57 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2016-12-06 19:39 - 2003-02-21 04:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2016-12-06 19:38 - 2016-12-06 20:43 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\Rafage
2016-12-06 19:38 - 2016-12-06 20:43 - 00000000 ____D C:\Program Files (x86)\Grupuse
2016-12-06 19:38 - 2016-12-06 19:40 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Graserph
2016-12-06 19:38 - 2016-12-06 19:38 - 00003566 _____ C:\Windows\System32\Tasks\f6a63bbfe553147895993c7e8697a131
2016-12-06 19:17 - 2016-12-06 19:17 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\MPEG Streamclip
2016-12-06 19:16 - 2094-06-24 01:00 - 00179811 ____N C:\Users\NxkmnWork\Downloads\MPEG Streamclip Guide.pdf
2016-12-06 19:16 - 2016-12-06 19:16 - 00000000 ____D C:\Users\NxkmnWork\Downloads\International (Italian)
2016-12-06 19:16 - 2008-08-10 12:09 - 01083904 ____N (Squared 5) C:\Users\NxkmnWork\Downloads\MPEG_Streamclip.exe
2016-12-06 19:14 - 2016-12-06 19:14 - 00554844 _____ C:\Users\NxkmnWork\Downloads\MPEG_Streamclip_1.2.zip
2016-12-05 22:04 - 2016-12-05 22:04 - 02107060 _____ C:\Windows\080cfee5fab43463492744e4b96e1728.exe
2016-11-20 01:41 - 2016-11-20 01:41 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\Aescripts
2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\Users\NxkmnWork\Downloads\zl_explodeshapelayers_v3.3.1_monter
2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\WinRAR
2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-11-20 01:30 - 2016-11-20 01:31 - 00000000 ____D C:\Program Files\WinRAR
2016-11-20 01:29 - 2016-11-20 01:29 - 02278304 _____ C:\Users\NxkmnWork\Downloads\winrar-x64-540fr.exe
2016-11-20 01:19 - 2016-11-20 01:21 - 02323970 _____ C:\Users\NxkmnWork\Downloads\zl_explodeshapelayers_v3.3.1_monter.rar
2016-11-19 21:28 - 2016-12-11 08:46 - 00000000 ____D C:\Users\NxkmnWork\AppData\LocalLow\Mozilla
2016-11-19 00:01 - 2016-11-19 00:01 - 01026032 _____ C:\Windows\Minidump\111916-12355-01.dmp
2016-11-18 22:23 - 2016-12-06 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-17 22:18 - 2016-11-20 03:33 - 04469876 _____ C:\Users\NxkmnWork\Downloads\Logo Sutter Event.psd
2016-11-17 21:14 - 2016-11-17 21:14 - 00107649 _____ C:\Users\NxkmnWork\Downloads\before582e10b0a30c82.43350158.eps
2016-11-17 21:10 - 2016-11-17 21:10 - 00000650 _____ C:\Users\NxkmnWork\Downloads\15049886_10209428244375407_475942937_n1.ai
2016-11-17 21:07 - 2016-11-17 21:07 - 00630131 _____ C:\Users\NxkmnWork\Downloads\15049886_10209428244375407_475942937_n.ai
2016-11-17 21:06 - 2016-11-17 21:06 - 00000078 _____ C:\Users\NxkmnWork\Downloads\15049886_10209428244375407_475942937_n.svg
2016-11-17 17:27 - 2016-12-06 20:51 - 00001260 _____ C:\Users\NxkmnWork\Desktop\4K Video Downloader.lnk
2016-11-17 17:27 - 2016-12-06 19:38 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-11-17 17:27 - 2016-11-17 17:27 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\4kdownload.com
2016-11-17 17:27 - 2016-11-17 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-11-17 17:24 - 2016-11-17 17:25 - 31343344 _____ (Open Media LLC ) C:\Users\NxkmnWork\Downloads\4kvideodownloader_4.1(1).exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-12-11 08:51 - 2016-03-18 15:20 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Adobe
2016-12-11 08:47 - 2011-04-12 10:16 - 00746916 _____ C:\Windows\system32\perfh00C.dat
2016-12-11 08:47 - 2011-04-12 10:16 - 00149440 _____ C:\Windows\system32\perfc00C.dat
2016-12-11 08:47 - 2009-07-14 06:13 - 01667292 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-11 08:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-11 08:45 - 2016-05-15 23:52 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-11 08:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-10 23:46 - 2016-03-18 15:11 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-12-10 23:46 - 2009-07-14 05:45 - 00027248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-10 23:46 - 2009-07-14 05:45 - 00027248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-10 23:08 - 2016-05-15 23:52 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-10 22:03 - 2016-04-17 22:57 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\vlc
2016-12-07 23:40 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2016-12-06 22:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\TAPI
2016-12-06 22:20 - 2016-03-18 15:17 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\VirtualStore
2016-12-06 21:32 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup
2016-12-06 21:31 - 2016-03-18 15:32 - 00001135 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-06 21:31 - 2016-03-18 15:32 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-06 21:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2016-12-06 20:51 - 2016-06-14 21:58 - 00001031 _____ C:\Users\NxkmnWork\Desktop\WinDirStat.lnk
2016-12-06 20:51 - 2016-05-15 23:52 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-06 20:51 - 2016-05-15 23:52 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-06 20:51 - 2016-05-14 16:18 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-12-06 20:51 - 2016-05-14 16:16 - 00001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-12-06 20:51 - 2016-05-14 16:16 - 00001512 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-12-06 20:51 - 2016-05-14 15:36 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-12-06 20:51 - 2016-05-14 15:30 - 00001372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk
2016-12-06 20:51 - 2016-05-14 15:30 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk
2016-12-06 20:51 - 2016-04-18 13:37 - 00001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2016-12-06 20:51 - 2016-04-17 22:57 - 00001060 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-12-06 20:51 - 2016-03-18 18:36 - 00001028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2016-12-06 20:51 - 2016-03-18 18:36 - 00001016 _____ C:\Users\NxkmnWork\Desktop\Adobe Lightroom.lnk
2016-12-06 20:51 - 2016-03-18 15:17 - 00001429 _____ C:\Users\NxkmnWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-06 20:51 - 2016-03-18 15:16 - 00001398 _____ C:\Users\Public\Desktop\Installer .Net 4.6.lnk
2016-12-06 20:51 - 2016-03-18 15:12 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-12-06 20:51 - 2016-03-18 15:12 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-12-06 20:51 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-12-06 20:51 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-06 20:51 - 2009-07-14 05:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-12-06 20:51 - 2009-07-14 05:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-12-06 20:51 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-12-06 20:51 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-12-06 20:51 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-12-06 20:41 - 2016-03-18 15:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-06 20:36 - 2016-03-18 15:17 - 00000000 ____D C:\Users\NxkmnWork
2016-12-06 20:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Branding
2016-12-06 19:41 - 2016-06-14 21:58 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2016-12-06 19:41 - 2016-04-17 22:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-12-06 19:41 - 2016-03-18 17:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-06 19:41 - 2009-07-14 06:08 - 00028648 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-06 19:40 - 2016-05-14 15:22 - 00000000 ____D C:\Program Files (x86)\uTorrent
2016-12-06 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-12-06 19:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-12-06 19:38 - 2016-05-15 23:52 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-06 19:38 - 2016-05-14 15:36 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-12-06 19:38 - 2016-03-18 17:50 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-06 19:38 - 2016-03-18 17:50 - 00000000 ____D C:\Program Files (x86)\AMD
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-11-22 22:57 - 2016-06-20 18:57 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\ElevatedDiagnostics
2016-11-22 21:51 - 2016-05-20 21:56 - 00000194 _____ C:\Users\NxkmnWork\Documents\Media Browser Provider Exception
2016-11-22 21:51 - 2016-05-20 21:56 - 00000172 _____ C:\Users\NxkmnWork\Documents\Recent Directories
2016-11-22 21:51 - 2016-05-20 21:56 - 00000156 _____ C:\Users\NxkmnWork\Documents\SharedView Column Settings
2016-11-19 00:01 - 2016-03-18 19:21 - 00000000 ____D C:\Windows\Minidump
2016-11-16 21:08 - 2016-05-15 23:52 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Google
==================== Fichiers à la racine de certains dossiers =======
2016-05-09 21:44 - 2016-05-09 21:44 - 0007605 _____ () C:\Users\NxkmnWork\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-12-04 13:43
==================== Fin de FRST.txt ============================