Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016 Exécuté par NxkmnWork (administrateur) sur NXKMNWORKPC (11-12-2016 08:55:35) Exécuté depuis C:\Users\NxkmnWork\Desktop Profils chargés: NxkmnWork (Profils disponibles: NxkmnWork) Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AMD) C:\Windows\System32\atiesrxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe () C:\Windows\Temp\g47D8.tmp.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-03-14] (Advanced Micro Devices, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-06] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-06] (AVAST Software) GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4 Tcpip\..\Interfaces\{64A5EE5D-AAC8-4C6E-969C-38D778607783}: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{BB9A7834-18F7-46E2-AB7E-7E129C22215E}: [DhcpNameServer] 192.168.1.1 ManualProxies: Internet Explorer: ================== HKU\S-1-5-21-371081638-2154724566-1239883047-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp BHO: Pas de nom -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Pas de fichier BHO-x32: Pas de nom -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Pas de fichier Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) FireFox: ======== FF DefaultProfile: 04kglz7w.default FF ProfilePath: C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default [2016-12-11] FF NewTab: Mozilla\Firefox\Profiles\04kglz7w.default -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\04kglz7w.default -> Yahoo! (Avast) FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\04kglz7w.default -> Yahoo! (Avast) FF SelectedSearchEngine: Mozilla\Firefox\Profiles\04kglz7w.default -> Yahoo! (Avast) FF Homepage: Mozilla\Firefox\Profiles\04kglz7w.default -> hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl FF Extension: (Fast search) - C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default\Extensions\amcontextmenu@loucypher [2016-12-10] FF Extension: (Adblock Plus) - C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-04] FF SearchPlugin: C:\Users\NxkmnWork\AppData\Roaming\Mozilla\Firefox\Profiles\04kglz7w.default\searchplugins\yahoo-avast.xml [2016-12-06] FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-08] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems) Chrome: ======= CHR DefaultProfile: ChromeDefaultData CHR Profile: C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-10] <==== ATTENTION CHR Extension: (Google Docs) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-06] CHR Extension: (Google Drive) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-06] CHR Extension: (YouTube) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-06] CHR Extension: (Google Docs hors connexion) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-06] CHR Extension: (Avast Online Security) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-06] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-06] CHR Extension: (Fast search) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pbdpajcdgknpendpmecafmopknefafha [2016-12-06] CHR Extension: (Gmail) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-06] CHR Extension: (Chrome Media Router) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-06] CHR Profile: C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default [2016-12-06] CHR Extension: (Google Slides) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-15] CHR Extension: (Google Docs) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-15] CHR Extension: (Google Drive) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-15] CHR Extension: (YouTube) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-15] CHR Extension: (Google Sheets) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-15] CHR Extension: (Google Docs hors connexion) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-18] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-15] CHR Extension: (Fast search) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2016-12-06] CHR Extension: (Gmail) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-15] CHR Extension: (Chrome Media Router) - C:\Users\NxkmnWork\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-16] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-03-14] (Advanced Micro Devices) [Fichier non signé] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-06] (AVAST Software) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-08-27] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-03-14] (Advanced Micro Devices) S3 AMDCIR64; C:\Windows\system32\drivers\AMDCIR64.sys [79488 2011-12-16] (Advanced Micro Devices) S3 amdefix; C:\Windows\system32\drivers\amdefix.sys [18456 2015-07-18] (Advanced Micro Devices) S3 AmdGpio2; C:\Windows\system32\drivers\AmdGpio2.sys [44792 2015-09-28] (Advanced Micro Devices, INC.) S3 amdi2c; C:\Windows\system32\drivers\amdi2c.sys [61688 2015-09-28] (Advanced Micro Devices, INC.) R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-12-06] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-12-06] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-12-06] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-06] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-12-06] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-12-06] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-12-06] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-06] (AVAST Software) S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [69888 2011-10-17] (Fresco Logic) S3 rccfg; C:\Windows\system32\drivers\rccfg.sys [21680 2014-08-27] (AMD, Inc.) S3 rcraid; C:\Windows\system32\drivers\rcraid.sys [539824 2014-08-27] (AMD, Inc.) S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [101376 2011-11-21] (Renesas Electronics Corporation) S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [217088 2011-11-21] (Renesas Electronics Corporation) S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [204800 2011-11-14] (VIA Technologies, Inc.) S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [256000 2011-11-14] (VIA Technologies, Inc.) S3 catchme; \??\C:\Users\NXKMNW~1\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-12-11 08:55 - 2016-12-11 08:55 - 02420224 _____ (Farbar) C:\Users\NxkmnWork\Desktop\FRST64.exe 2016-12-11 08:55 - 2016-12-11 08:55 - 00012986 _____ C:\Users\NxkmnWork\Desktop\FRST.txt 2016-12-11 08:55 - 2016-12-11 08:55 - 00000000 ____D C:\FRST 2016-12-10 18:20 - 2016-12-10 18:23 - 00000586 _____ C:\Users\NxkmnWork\Downloads\pt_shiftlayers_v2.31.zip 2016-12-07 23:39 - 2016-12-07 23:39 - 00004689 _____ C:\Users\NxkmnWork\Desktop\MalawareByte.txt 2016-12-07 22:40 - 2016-12-07 22:40 - 00001874 _____ C:\Users\NxkmnWork\Desktop\ZHPFixReport.txt 2016-12-07 22:38 - 2016-12-07 22:39 - 00000000 ____D C:\Program Files (x86)\ZHPFix 2016-12-07 22:38 - 2016-12-07 22:38 - 00001849 _____ C:\Users\Public\Desktop\ZHPFix.lnk 2016-12-07 22:38 - 2016-12-07 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2016-12-07 22:37 - 2016-12-07 22:38 - 03521617 _____ (Nicolas Coolman ) C:\Users\NxkmnWork\Downloads\zhpfix_2015.10.19.9.exe 2016-12-07 18:44 - 2016-12-10 18:05 - 00089565 _____ C:\Users\NxkmnWork\Desktop\ZHPDiag.txt 2016-12-07 18:31 - 2016-12-07 19:05 - 00001222 _____ C:\Users\NxkmnWork\Desktop\JRT.txt 2016-12-07 18:26 - 2016-12-07 18:26 - 00006401 _____ C:\Users\NxkmnWork\Desktop\AdwCleaner[C0].txt 2016-12-07 18:25 - 2016-12-07 19:01 - 00000000 ____D C:\AdwCleaner 2016-12-07 18:19 - 2016-12-07 18:57 - 00001914 _____ C:\Users\NxkmnWork\Desktop\ZHPCleaner.txt 2016-12-07 18:14 - 2016-12-07 18:51 - 00000900 _____ C:\Users\NxkmnWork\Desktop\ZHPCleaner.lnk 2016-12-07 18:13 - 2016-12-07 18:13 - 03968464 _____ C:\Users\NxkmnWork\Desktop\adwcleaner_6.040.exe 2016-12-07 18:13 - 2016-12-07 18:13 - 01631928 _____ (Malwarebytes) C:\Users\NxkmnWork\Desktop\JRT.exe 2016-12-07 18:12 - 2016-12-07 18:12 - 02553856 _____ C:\Users\NxkmnWork\Desktop\zhpcleaner_2016.11.28.206.exe 2016-12-06 23:06 - 2016-12-06 23:06 - 00093870 _____ C:\Users\NxkmnWork\Documents\ZHPDiag.txt 2016-12-06 23:00 - 2016-12-10 18:04 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\ZHP 2016-12-06 23:00 - 2016-12-10 18:03 - 00000786 _____ C:\Users\NxkmnWork\Desktop\ZHPDiag.lnk 2016-12-06 22:59 - 2016-12-06 22:59 - 02547712 _____ C:\Users\NxkmnWork\Downloads\ZHPDiag3.exe 2016-12-06 22:58 - 2016-12-06 22:58 - 00133997 _____ C:\Users\NxkmnWork\Downloads\ZHPDiag.txt 2016-12-06 21:21 - 2016-12-06 21:21 - 00001922 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk 2016-12-06 21:21 - 2016-12-06 21:21 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\AVAST Software 2016-12-06 21:21 - 2016-12-06 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2016-12-06 21:20 - 2016-12-07 22:22 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2016-12-06 21:20 - 2016-12-06 21:21 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2016-12-06 21:20 - 2016-12-06 21:21 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2016-12-06 21:20 - 2016-12-06 21:21 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys 2016-12-06 21:20 - 2016-12-06 21:20 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2016-12-06 21:20 - 2016-12-06 21:20 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2016-12-06 21:20 - 2016-12-06 21:20 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2016-12-06 21:20 - 2016-12-06 21:20 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2016-12-06 21:20 - 2016-12-06 21:20 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2016-12-06 21:20 - 2016-12-06 21:20 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr 2016-12-06 21:20 - 2016-12-06 21:20 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2016-12-06 21:20 - 2016-12-06 21:20 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software 2016-12-06 21:20 - 2016-12-06 21:20 - 00000000 ____D C:\Program Files\Common Files\AV 2016-12-06 21:18 - 2016-12-06 21:18 - 00000000 ____D C:\Program Files\AVAST Software 2016-12-06 21:13 - 2016-12-06 21:13 - 06334848 _____ (AVAST Software) C:\Users\NxkmnWork\Downloads\avast_free_antivirus_setup_online.exe 2016-12-06 21:12 - 2016-12-06 21:12 - 00388608 _____ (Trend Micro Inc.) C:\Users\NxkmnWork\Downloads\HijackThis.exe 2016-12-06 20:57 - 2016-12-06 22:40 - 00000000 ____D C:\ProgramData\Freemake 2016-12-06 20:57 - 2016-12-06 20:57 - 00000000 ____D C:\Users\NxkmnWork\Documents\Freemake 2016-12-06 20:34 - 2016-12-06 20:36 - 00000290 __RSH C:\Users\NxkmnWork\ntuser.pol 2016-12-06 20:10 - 2016-12-07 23:41 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-12-06 20:10 - 2016-12-06 20:51 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-12-06 20:10 - 2016-12-06 20:10 - 22851472 _____ (Malwarebytes ) C:\Users\NxkmnWork\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe 2016-12-06 20:10 - 2016-12-06 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-12-06 20:10 - 2016-12-06 20:10 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-12-06 20:10 - 2016-12-06 20:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-12-06 20:10 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-12-06 20:10 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-12-06 20:10 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-12-06 20:00 - 2016-12-06 20:00 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Chromium 2016-12-06 20:00 - 2016-12-06 20:00 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\CEF 2016-12-06 19:45 - 2016-11-09 15:55 - 00778752 _____ C:\Windows\system32\chtbrkg.dll 2016-12-06 19:45 - 2016-11-09 15:55 - 00590848 _____ C:\Windows\SysWOW64\chtbrkg.dll 2016-12-06 19:41 - 2016-12-06 19:41 - 00000000 _____ C:\TOSTACK 2016-12-06 19:40 - 2016-12-06 20:10 - 00000000 ____D C:\Windows\system32\SSL 2016-12-06 19:40 - 2016-12-06 19:40 - 00000000 ____D C:\Windows\SysWOW64\sstmp 2016-12-06 19:40 - 2016-12-06 19:40 - 00000000 ____D C:\Windows\system32\sstmp 2016-12-06 19:39 - 2016-12-11 08:55 - 00016734 _____ C:\Windows\System32\Tasks\573z97453t857 2016-12-06 19:39 - 2016-12-06 21:13 - 00000000 ____D C:\ProgramData\AVAST Software 2016-12-06 19:39 - 2016-12-06 19:48 - 00000000 ____D C:\Program Files (x86)\eRightSoft 2016-12-06 19:39 - 2016-12-06 19:40 - 00002334 __RSH C:\ProgramData\ntuser.pol 2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ___HD C:\ProgramData\573z97453t857 2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ____D C:\Users\NxkmnWork\Documents\eRightSoft 2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ____D C:\ProgramData\Avira 2016-12-06 19:39 - 2016-12-06 19:39 - 00000000 ____D C:\ProgramData\Avg 2016-12-06 19:39 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll 2016-12-06 19:39 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll 2016-12-06 19:39 - 2003-06-05 13:57 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2016-12-06 19:39 - 2003-02-21 04:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2016-12-06 19:38 - 2016-12-06 20:43 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\Rafage 2016-12-06 19:38 - 2016-12-06 20:43 - 00000000 ____D C:\Program Files (x86)\Grupuse 2016-12-06 19:38 - 2016-12-06 19:40 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Graserph 2016-12-06 19:38 - 2016-12-06 19:38 - 00003566 _____ C:\Windows\System32\Tasks\f6a63bbfe553147895993c7e8697a131 2016-12-06 19:17 - 2016-12-06 19:17 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\MPEG Streamclip 2016-12-06 19:16 - 2094-06-24 01:00 - 00179811 ____N C:\Users\NxkmnWork\Downloads\MPEG Streamclip Guide.pdf 2016-12-06 19:16 - 2016-12-06 19:16 - 00000000 ____D C:\Users\NxkmnWork\Downloads\International (Italian) 2016-12-06 19:16 - 2008-08-10 12:09 - 01083904 ____N (Squared 5) C:\Users\NxkmnWork\Downloads\MPEG_Streamclip.exe 2016-12-06 19:14 - 2016-12-06 19:14 - 00554844 _____ C:\Users\NxkmnWork\Downloads\MPEG_Streamclip_1.2.zip 2016-12-05 22:04 - 2016-12-05 22:04 - 02107060 _____ C:\Windows\080cfee5fab43463492744e4b96e1728.exe 2016-11-20 01:41 - 2016-11-20 01:41 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\Aescripts 2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\Users\NxkmnWork\Downloads\zl_explodeshapelayers_v3.3.1_monter 2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\WinRAR 2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-11-20 01:31 - 2016-11-20 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-11-20 01:30 - 2016-11-20 01:31 - 00000000 ____D C:\Program Files\WinRAR 2016-11-20 01:29 - 2016-11-20 01:29 - 02278304 _____ C:\Users\NxkmnWork\Downloads\winrar-x64-540fr.exe 2016-11-20 01:19 - 2016-11-20 01:21 - 02323970 _____ C:\Users\NxkmnWork\Downloads\zl_explodeshapelayers_v3.3.1_monter.rar 2016-11-19 21:28 - 2016-12-11 08:46 - 00000000 ____D C:\Users\NxkmnWork\AppData\LocalLow\Mozilla 2016-11-19 00:01 - 2016-11-19 00:01 - 01026032 _____ C:\Windows\Minidump\111916-12355-01.dmp 2016-11-18 22:23 - 2016-12-06 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-11-17 22:18 - 2016-11-20 03:33 - 04469876 _____ C:\Users\NxkmnWork\Downloads\Logo Sutter Event.psd 2016-11-17 21:14 - 2016-11-17 21:14 - 00107649 _____ C:\Users\NxkmnWork\Downloads\before582e10b0a30c82.43350158.eps 2016-11-17 21:10 - 2016-11-17 21:10 - 00000650 _____ C:\Users\NxkmnWork\Downloads\15049886_10209428244375407_475942937_n1.ai 2016-11-17 21:07 - 2016-11-17 21:07 - 00630131 _____ C:\Users\NxkmnWork\Downloads\15049886_10209428244375407_475942937_n.ai 2016-11-17 21:06 - 2016-11-17 21:06 - 00000078 _____ C:\Users\NxkmnWork\Downloads\15049886_10209428244375407_475942937_n.svg 2016-11-17 17:27 - 2016-12-06 20:51 - 00001260 _____ C:\Users\NxkmnWork\Desktop\4K Video Downloader.lnk 2016-11-17 17:27 - 2016-12-06 19:38 - 00000000 ____D C:\Program Files (x86)\4KDownload 2016-11-17 17:27 - 2016-11-17 17:27 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\4kdownload.com 2016-11-17 17:27 - 2016-11-17 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download 2016-11-17 17:24 - 2016-11-17 17:25 - 31343344 _____ (Open Media LLC ) C:\Users\NxkmnWork\Downloads\4kvideodownloader_4.1(1).exe ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-12-11 08:51 - 2016-03-18 15:20 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Adobe 2016-12-11 08:47 - 2011-04-12 10:16 - 00746916 _____ C:\Windows\system32\perfh00C.dat 2016-12-11 08:47 - 2011-04-12 10:16 - 00149440 _____ C:\Windows\system32\perfc00C.dat 2016-12-11 08:47 - 2009-07-14 06:13 - 01667292 _____ C:\Windows\system32\PerfStringBackup.INI 2016-12-11 08:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-12-11 08:45 - 2016-05-15 23:52 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-12-11 08:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-10 23:46 - 2016-03-18 15:11 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2016-12-10 23:46 - 2009-07-14 05:45 - 00027248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-10 23:46 - 2009-07-14 05:45 - 00027248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-10 23:08 - 2016-05-15 23:52 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-12-10 22:03 - 2016-04-17 22:57 - 00000000 ____D C:\Users\NxkmnWork\AppData\Roaming\vlc 2016-12-07 23:40 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media 2016-12-06 22:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\TAPI 2016-12-06 22:20 - 2016-03-18 15:17 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\VirtualStore 2016-12-06 21:32 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup 2016-12-06 21:31 - 2016-03-18 15:32 - 00001135 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-12-06 21:31 - 2016-03-18 15:32 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-12-06 21:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help 2016-12-06 20:51 - 2016-06-14 21:58 - 00001031 _____ C:\Users\NxkmnWork\Desktop\WinDirStat.lnk 2016-12-06 20:51 - 2016-05-15 23:52 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-06 20:51 - 2016-05-15 23:52 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-06 20:51 - 2016-05-14 16:18 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk 2016-12-06 20:51 - 2016-05-14 16:16 - 00001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2016-12-06 20:51 - 2016-05-14 16:16 - 00001512 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk 2016-12-06 20:51 - 2016-05-14 15:36 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-12-06 20:51 - 2016-05-14 15:30 - 00001372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk 2016-12-06 20:51 - 2016-05-14 15:30 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk 2016-12-06 20:51 - 2016-04-18 13:37 - 00001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk 2016-12-06 20:51 - 2016-04-17 22:57 - 00001060 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-12-06 20:51 - 2016-03-18 18:36 - 00001028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk 2016-12-06 20:51 - 2016-03-18 18:36 - 00001016 _____ C:\Users\NxkmnWork\Desktop\Adobe Lightroom.lnk 2016-12-06 20:51 - 2016-03-18 15:17 - 00001429 _____ C:\Users\NxkmnWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-12-06 20:51 - 2016-03-18 15:16 - 00001398 _____ C:\Users\Public\Desktop\Installer .Net 4.6.lnk 2016-12-06 20:51 - 2016-03-18 15:12 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2016-12-06 20:51 - 2016-03-18 15:12 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2016-12-06 20:51 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk 2016-12-06 20:51 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-12-06 20:51 - 2009-07-14 05:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk 2016-12-06 20:51 - 2009-07-14 05:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk 2016-12-06 20:51 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk 2016-12-06 20:51 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk 2016-12-06 20:51 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk 2016-12-06 20:41 - 2016-03-18 15:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-06 20:36 - 2016-03-18 15:17 - 00000000 ____D C:\Users\NxkmnWork 2016-12-06 20:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Branding 2016-12-06 19:41 - 2016-06-14 21:58 - 00000000 ____D C:\Program Files (x86)\WinDirStat 2016-12-06 19:41 - 2016-04-17 22:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2016-12-06 19:41 - 2016-03-18 17:29 - 00000000 ____D C:\ProgramData\Package Cache 2016-12-06 19:41 - 2009-07-14 06:08 - 00028648 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-12-06 19:40 - 2016-05-14 15:22 - 00000000 ____D C:\Program Files (x86)\uTorrent 2016-12-06 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT 2016-12-06 19:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\GroupPolicy 2016-12-06 19:38 - 2016-05-15 23:52 - 00000000 ____D C:\Program Files (x86)\Google 2016-12-06 19:38 - 2016-05-14 15:36 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2016-12-06 19:38 - 2016-03-18 17:50 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-12-06 19:38 - 2016-03-18 17:50 - 00000000 ____D C:\Program Files (x86)\AMD 2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar 2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-12-06 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-11-22 22:57 - 2016-06-20 18:57 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\ElevatedDiagnostics 2016-11-22 21:51 - 2016-05-20 21:56 - 00000194 _____ C:\Users\NxkmnWork\Documents\Media Browser Provider Exception 2016-11-22 21:51 - 2016-05-20 21:56 - 00000172 _____ C:\Users\NxkmnWork\Documents\Recent Directories 2016-11-22 21:51 - 2016-05-20 21:56 - 00000156 _____ C:\Users\NxkmnWork\Documents\SharedView Column Settings 2016-11-19 00:01 - 2016-03-18 19:21 - 00000000 ____D C:\Windows\Minidump 2016-11-16 21:08 - 2016-05-15 23:52 - 00000000 ____D C:\Users\NxkmnWork\AppData\Local\Google ==================== Fichiers à la racine de certains dossiers ======= 2016-05-09 21:44 - 2016-05-09 21:44 - 0007605 _____ () C:\Users\NxkmnWork\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-12-04 13:43 ==================== Fin de FRST.txt ============================