Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 18-07-2017 Exécuté par Nol (administrateur) sur PC-NOL (20-07-2017 08:22:36) Exécuté depuis C:\Users\Nol\Desktop Profils chargés: Nol (Profils disponibles: Nol) Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe () C:\Program Files\Hewlett-Packard\HP Theft Recovery\CtService.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe () C:\Riot Games\LolScreenSaver\service\service.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Flux Software LLC) C:\Users\Nol\AppData\Local\FluxSoftware\Flux\flux.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [HP File Sanitizer] => C:\Program Files\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2014-02-05] (Hewlett-Packard) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [StartCCC] => C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-08-04] (Advanced Micro Devices, Inc.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-48481381-1960598968-269085737-1002\...\Run: [Speech Recognition] => C:\windows\Speech\Common\sapisvr.exe [51712 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-48481381-1960598968-269085737-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6495144 2015-09-16] (Piriform Ltd) HKU\S-1-5-21-48481381-1960598968-269085737-1002\...\Run: [Discord] => C:\Users\Nol\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.) HKU\S-1-5-21-48481381-1960598968-269085737-1002\...\Run: [f.lux] => C:\Users\Nol\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-06] (Flux Software LLC) HKU\S-1-5-21-48481381-1960598968-269085737-1002\...\Run: [GoogleChromeAutoLaunch_093E5D094D45D7E4E8AA92D1D96258BB] => C:\Program Files\Google\Chrome\Application\chrome.exe [1027928 2017-06-23] (Google Inc.) HKU\S-1-5-21-48481381-1960598968-269085737-1002\...\MountPoints2: G - G:\setup.exe HKU\S-1-5-21-48481381-1960598968-269085737-1002\...\MountPoints2: {87a788d4-41c3-11e5-a8b4-806e6f6e6963} - F:\AOEINST.EXE /autorun HKU\S-1-5-21-48481381-1960598968-269085737-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\System32\lol.scr [3721216 2016-03-30] () Lsa: [Notification Packages] DPPassFilter scecli Startup: C:\Users\Nol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-04-17] ShortcutTarget: Twitch.lnk -> C:\Users\Nol\AppData\Roaming\Curse Client\Bin\Twitch.exe (Pas de fichier) CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyEnable: [.DEFAULT] => Proxy est activé. ProxyServer: [.DEFAULT] => http=127.0.0.1:49692;https=127.0.0.1:49692 AutoConfigURL: [.DEFAULT] => http=127.0.0.1:49692;https=127.0.0.1:49692 Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4 Tcpip\..\Interfaces\{FCE90704-ACF6-4331-BC43-053BBED4E182}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130992273421753745&GUID=3C91005A-4512-4413-8BAA-6B278F52457F HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-48481381-1960598968-269085737-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130992273422053745&GUID=3C91005A-4512-4413-8BAA-6B278F52457F URLSearchHook: HKLM -> Par défaut = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-48481381-1960598968-269085737-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05] (Hewlett-Packard) BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) FireFox: ======== FF HKLM\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome FF Extension: (HP Client Security Manager) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-12-29] [non signé] FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin: digitalpersona.com/ChromeDPAgent -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-02-11] (DigitalPersona, Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.palikan.com/?f=7&a=plk_ggbg_15_33&cd=2XzuyEtN2Y1L1QzuzyyEtCtDtA0E0E0AtAtDtAtBtCtDtCtCtN0D0Tzu0StCtAtBtAtN1L2XzutAtFtCtBtFyDtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyC0A0BtBtDtDtC0FtGyEyE0BtBtGyDzy0E0DtGyBtAtC0AtG0CyD0FyEyCzyyEyEyBtA0C0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0F0DyByDtC0DtBtG0EzzzztBtGyEyDtAyCtG0ByEtBtDtG0B0C0FyD0DyC0A0CtByCyB0D2QtN0A0LzuyE&cr=175012994&ir=","hxxp://www.mysites123.com/?type=hp&ts=1454606039&z=ff856fd683087adb57c0cc7g3zdw4z4q4e5qde9c6t&from=amt&uid=st500dm002-1bd142_z6edrccx" CHR Profile: C:\Users\Nol\AppData\Local\Google\Chrome\User Data\Default [2017-07-20] CHR Extension: (Adblock Plus) - C:\Users\Nol\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-19] CHR Extension: (DominGo Live Extension) - C:\Users\Nol\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkbkaknlncjiplhgcaomjkcnhbpkiek [2017-07-19] CHR Extension: (HP Client Security Manager) - C:\Users\Nol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2017-07-19] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Nol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-19] CHR Extension: (Chrome Media Router) - C:\Users\Nol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-19] CHR HKLM\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-02-11] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [276992 2015-08-04] (Advanced Micro Devices, Inc.) [Fichier non signé] R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [165376 2014-04-02] (Broadcom Corporation) [Fichier non signé] R2 CtAgentService; C:\Program Files\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-08-15] () [Fichier non signé] R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [376144 2014-02-11] (DigitalPersona, Inc.) S3 EasyAntiCheat; C:\windows\system32\EasyAntiCheat.exe [399120 2017-03-19] (EasyAntiCheat Ltd) S3 FLCDLOCK; c:\windows\system32\flcdlock.exe [567608 2013-11-21] (Hewlett-Packard Company) R2 HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-22] (Hewlett-Packard Company) [Fichier non signé] R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [1758936 2014-02-05] (Hewlett-Packard) R2 LolScreenSaverService; C:\Riot Games\LolScreenSaver\service\service.exe [707072 2016-03-30] () [Fichier non signé] R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation) S3 VSStandardCollectorService140; C:\Program Files\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [86760 2016-09-06] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-12-04] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 amdhub30; C:\windows\system32\drivers\amdhub30.sys [85312 2013-05-28] (Advanced Micro Devices, INC.) R3 amdxhc; C:\windows\system32\drivers\amdxhc.sys [178496 2013-05-28] (Advanced Micro Devices, INC.) R0 amd_sata; C:\windows\System32\drivers\amd_sata.sys [71400 2013-11-06] (Advanced Micro Devices) R0 amd_xata; C:\windows\System32\drivers\amd_xata.sys [35560 2013-11-06] (Advanced Micro Devices) R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices) S3 Blfp; C:\windows\System32\DRIVERS\basp.sys [114688 2014-04-23] (Broadcom Corporation) S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv.sys [52952 2013-10-07] (Hewlett-Packard Company) S3 dtlitescsibus; C:\windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-02-06] (Disc Soft Ltd) S3 dtliteusbbus; C:\windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-02-06] (Disc Soft Ltd) S3 e1kexpress; C:\windows\System32\DRIVERS\e1k6032.sys [164864 2009-07-14] (Intel Corporation) R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation) S3 Netaapl; C:\windows\System32\DRIVERS\netaapl.sys [18944 2014-08-16] (Apple Inc.) [Fichier non signé] R0 PinFile; C:\windows\System32\DRIVERS\PinFile.sys [44608 2014-02-04] (WinMagic Inc.) R3 RTL8192cu; C:\windows\System32\DRIVERS\RTL8192cu.sys [728064 2011-06-01] (Realtek Semiconductor Corporation ) R0 SDDisk2K; C:\windows\System32\DRIVERS\SDDisk2K.sys [474688 2014-02-04] (WinMagic Inc.) R0 SDDToki; C:\windows\System32\DRIVERS\SDDToki.sys [138688 2014-02-04] (WinMagic Inc.) S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2015-06-17] (Apple, Inc.) [Fichier non signé] R3 XSplit_Dummy; C:\windows\System32\drivers\xspltspk.sys [22104 2015-05-26] (SplitmediaLabs Limited) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-07-20 08:22 - 2017-07-20 08:23 - 00015925 _____ C:\Users\Nol\Desktop\FRST.txt 2017-07-20 08:22 - 2017-07-20 08:22 - 00000000 ____D C:\FRST 2017-07-20 08:19 - 2017-07-20 08:19 - 01778176 _____ (Farbar) C:\Users\Nol\Desktop\FRST.exe 2017-07-20 06:56 - 2017-07-20 06:56 - 00002823 _____ C:\Users\Nol\Desktop\ZHPFixReport.txt 2017-07-20 06:55 - 2017-07-20 06:55 - 00000000 ____D C:\Users\Nol\Downloads\Quarantine 2017-07-20 06:53 - 2017-07-20 06:53 - 03067264 _____ (Nicolas Coolman) C:\Users\Nol\Downloads\zhpfix_2017-6-13-1.exe 2017-07-19 18:34 - 2017-07-19 18:34 - 00003628 _____ C:\Users\Nol\Desktop\JRT.txt 2017-07-19 18:21 - 2017-07-19 18:43 - 00000200 _____ C:\Users\Nol\Desktop\Réponse.txt 2017-07-19 18:21 - 2017-07-19 18:23 - 00000000 ____D C:\AdwCleaner 2017-07-19 18:20 - 2017-07-19 18:21 - 08162248 _____ (Malwarebytes) C:\Users\Nol\Downloads\adwcleaner_7.0.0.0.exe 2017-07-19 18:20 - 2017-07-19 18:21 - 01790024 _____ (Malwarebytes) C:\Users\Nol\Downloads\JRT.exe 2017-07-19 18:13 - 2017-07-19 18:16 - 00010688 _____ C:\Users\Nol\Desktop\ZHPCleaner.txt 2017-07-19 18:05 - 2017-07-19 18:05 - 00000878 _____ C:\Users\Nol\Desktop\ZHPCleaner.lnk 2017-07-19 18:04 - 2017-07-19 18:04 - 02830208 _____ C:\Users\Nol\Downloads\zhpcleaner_2017.7.17.123.exe 2017-07-18 18:18 - 2017-07-19 18:05 - 00000000 ____D C:\Users\Nol\AppData\Local\ZHP 2017-07-18 18:18 - 2017-07-18 18:20 - 00000824 _____ C:\Users\Nol\Desktop\ZHPDiag.lnk 2017-07-18 18:17 - 2017-07-18 18:18 - 02787200 _____ C:\Users\Nol\Downloads\ZHPDiag3.exe 2017-07-12 09:32 - 2017-06-30 05:32 - 00346312 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2017-07-12 09:32 - 2017-06-30 04:39 - 01549312 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll 2017-07-12 09:32 - 2017-06-30 04:38 - 01400320 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll 2017-07-12 09:32 - 2017-06-30 04:38 - 01363968 _____ (Microsoft Corporation) C:\windows\system32\Query.dll 2017-07-12 09:32 - 2017-06-30 04:38 - 00666624 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll 2017-07-12 09:32 - 2017-06-30 04:38 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll 2017-07-12 09:32 - 2017-06-30 04:38 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll 2017-07-12 09:32 - 2017-06-30 04:38 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\mssitlb.dll 2017-07-12 09:32 - 2017-06-30 04:38 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll 2017-07-12 09:32 - 2017-06-30 04:38 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll 2017-07-12 09:32 - 2017-06-30 04:27 - 00427520 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe 2017-07-12 09:32 - 2017-06-30 04:27 - 00164352 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe 2017-07-12 09:32 - 2017-06-30 04:26 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe 2017-07-12 09:32 - 2017-06-30 04:26 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll 2017-07-12 09:32 - 2017-06-29 07:35 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2017-07-12 09:32 - 2017-06-29 07:35 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2017-07-12 09:32 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2017-07-12 09:32 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2017-07-12 09:32 - 2017-06-29 07:23 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2017-07-12 09:32 - 2017-06-29 07:23 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2017-07-12 09:32 - 2017-06-29 07:22 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2017-07-12 09:32 - 2017-06-29 07:22 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2017-07-12 09:32 - 2017-06-29 07:19 - 02290176 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2017-07-12 09:32 - 2017-06-29 07:17 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2017-07-12 09:32 - 2017-06-29 07:16 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2017-07-12 09:32 - 2017-06-29 07:14 - 00476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2017-07-12 09:32 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2017-07-12 09:32 - 2017-06-29 07:13 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2017-07-12 09:32 - 2017-06-29 07:13 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2017-07-12 09:32 - 2017-06-29 07:13 - 00104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2017-07-12 09:32 - 2017-06-29 07:08 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2017-07-12 09:32 - 2017-06-29 07:05 - 00416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2017-07-12 09:32 - 2017-06-29 07:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2017-07-12 09:32 - 2017-06-29 07:00 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll 2017-07-12 09:32 - 2017-06-29 07:00 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx 2017-07-12 09:32 - 2017-06-29 06:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2017-07-12 09:32 - 2017-06-29 06:56 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2017-07-12 09:32 - 2017-06-29 06:56 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2017-07-12 09:32 - 2017-06-29 06:54 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll 2017-07-12 09:32 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2017-07-12 09:32 - 2017-06-29 06:48 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2017-07-12 09:32 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2017-07-12 09:32 - 2017-06-29 06:47 - 00689664 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2017-07-12 09:32 - 2017-06-29 06:46 - 02057216 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2017-07-12 09:32 - 2017-06-29 06:46 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2017-07-12 09:32 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2017-07-12 09:32 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2017-07-12 09:32 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2017-07-12 09:32 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2017-07-12 09:32 - 2017-06-22 16:50 - 02402304 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2017-07-12 09:32 - 2017-06-15 22:18 - 00514048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys 2017-07-12 09:32 - 2017-06-13 00:32 - 00250600 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys 2017-07-12 09:32 - 2017-06-13 00:32 - 00137960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2017-07-12 09:32 - 2017-06-13 00:32 - 00067304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2017-07-12 09:32 - 2017-06-13 00:29 - 01227264 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll 2017-07-12 09:32 - 2017-06-13 00:29 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll 2017-07-12 09:32 - 2017-06-13 00:29 - 00390144 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx 2017-07-12 09:32 - 2017-06-13 00:29 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2017-07-12 09:32 - 2017-06-13 00:29 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2017-07-12 09:32 - 2017-06-13 00:29 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 01062912 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00554496 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00261120 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\pdhui.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2017-07-12 09:32 - 2017-06-13 00:28 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2017-07-12 09:32 - 2017-06-13 00:09 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2017-07-12 09:32 - 2017-06-13 00:06 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\msinfo32.exe 2017-07-12 09:32 - 2017-06-13 00:06 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\perfmon.exe 2017-07-12 09:32 - 2017-06-13 00:06 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\resmon.exe 2017-07-12 09:32 - 2017-06-13 00:05 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2017-07-12 09:32 - 2017-06-13 00:05 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2017-07-12 09:32 - 2017-06-13 00:05 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2017-07-12 09:32 - 2017-06-13 00:05 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll 2017-07-12 09:32 - 2017-06-13 00:05 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2017-07-12 09:32 - 2017-06-13 00:05 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2017-07-12 09:32 - 2017-06-10 17:39 - 00271360 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll 2017-07-12 09:32 - 2017-06-09 17:17 - 01213672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys 2017-07-12 09:32 - 2017-06-06 17:12 - 01499648 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll 2017-07-12 09:32 - 2017-05-30 06:39 - 01309928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2017-07-12 09:32 - 2017-05-30 06:39 - 00240872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2017-07-12 09:32 - 2017-05-30 06:39 - 00187624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2017-07-12 09:32 - 2017-05-21 06:06 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll 2017-07-12 09:32 - 2017-05-16 17:16 - 00730856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys 2017-07-12 09:32 - 2017-05-16 17:16 - 00218856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys 2017-07-12 09:32 - 2017-05-16 17:12 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll 2017-07-12 09:30 - 2017-05-03 17:15 - 00081640 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2017-07-12 09:30 - 2017-05-03 17:10 - 00987648 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2017-07-12 09:30 - 2017-05-03 15:05 - 01327616 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2017-07-12 09:30 - 2017-05-03 15:05 - 00505856 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2017-07-12 09:30 - 2017-05-03 15:05 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2017-07-12 09:30 - 2017-05-03 15:05 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2017-07-12 09:30 - 2017-05-03 15:05 - 00236032 _____ (Microsoft Corporation) C:\windows\system32\centel.dll 2017-07-12 09:30 - 2017-05-03 15:05 - 00182784 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll 2017-07-12 09:30 - 2017-05-03 15:05 - 00104960 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2017-07-12 09:30 - 2017-03-23 04:06 - 01602048 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe 2017-07-06 22:16 - 2017-07-06 22:17 - 08498248 _____ C:\Users\Nol\Downloads\Lj1Uu8cnChlq_FAO.mp4 2017-06-27 02:12 - 2017-06-27 23:22 - 00000000 ____D C:\Users\Nol\Desktop\Oral 2017-06-23 18:48 - 2017-06-23 18:48 - 00000216 _____ C:\Users\Nol\Desktop\Age of Empires II HD Edition.url 2017-06-22 16:20 - 2017-06-22 16:20 - 17219362 _____ C:\Users\Nol\Downloads\7-8_EUW1-3153655340_02.webm 2017-06-22 16:19 - 2017-06-22 16:19 - 11422158 _____ C:\Users\Nol\Downloads\7-12_EUW1-3233743000_01 (1).webm 2017-06-22 16:18 - 2017-06-22 16:18 - 11422158 _____ C:\Users\Nol\Downloads\7-12_EUW1-3233743000_01.webm ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-07-20 07:06 - 2009-07-14 06:34 - 00027344 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-07-20 07:06 - 2009-07-14 06:34 - 00027344 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-07-20 07:05 - 2015-12-21 19:41 - 00136040 _____ C:\Users\Nol\Desktop\ZHPDiag.txt 2017-07-20 07:02 - 2015-12-21 19:36 - 00000000 ____D C:\Users\Nol\AppData\Roaming\ZHP 2017-07-20 06:58 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT 2017-07-20 06:57 - 2014-12-29 22:00 - 00065536 _____ C:\windows\system32\spu_storage.bin 2017-07-19 18:45 - 2016-02-29 22:50 - 00000000 ____D C:\Program Files\Steam 2017-07-19 18:44 - 2009-07-14 04:37 - 00000000 ____D C:\windows\inf 2017-07-19 10:01 - 2015-08-30 19:22 - 00000000 ____D C:\Program Files\Common Files\Steam 2017-07-18 18:22 - 2017-03-24 18:12 - 00000312 _____ C:\windows\Tasks\HPCeeScheduleForNol.job 2017-07-17 04:24 - 2016-06-04 20:04 - 00000000 ____D C:\Users\Nol\AppData\Local\CrashDumps 2017-07-17 04:11 - 2016-05-16 18:47 - 00170200 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2017-07-16 19:46 - 2015-08-13 18:24 - 00000000 ____D C:\Users\Nol\Desktop\jeux vidéos 2017-07-16 18:26 - 2015-08-22 21:45 - 00000000 ____D C:\Users\Nol\AppData\Roaming\TS3Client 2017-07-15 18:29 - 2015-08-29 23:08 - 00000000 ____D C:\Users\Nol\AppData\Roaming\Audacity 2017-07-14 04:14 - 2009-07-14 04:37 - 00000000 ____D C:\windows\rescache 2017-07-13 12:44 - 2009-07-14 06:33 - 00498280 _____ C:\windows\system32\FNTCACHE.DAT 2017-07-13 12:42 - 2015-08-15 14:33 - 00000000 ____D C:\windows\system32\appraiser 2017-07-13 01:45 - 2016-05-16 18:38 - 00000000 ____D C:\windows\system32\MRT 2017-07-13 01:42 - 2016-05-16 18:38 - 132532600 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2017-07-09 02:22 - 2017-03-19 14:19 - 00000000 ____D C:\Users\Nol\AppData\Local\Ubisoft Game Launcher 2017-07-02 16:52 - 2017-04-06 19:13 - 00000000 ____D C:\Users\Nol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2017-06-29 00:13 - 2015-08-13 23:52 - 00002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-06-22 16:21 - 2015-11-01 00:51 - 00000000 ____D C:\Users\Nol\AppData\Roaming\vlc 2017-06-20 22:55 - 2016-09-03 15:47 - 00002412 _____ C:\Users\Nol\Documents\Skins de moi.txt ==================== Fichiers à la racine de certains dossiers ======= 2016-06-08 12:47 - 2016-06-08 13:03 - 0005120 _____ () C:\Users\Nol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-01-12 23:16 - 2016-01-12 23:16 - 0000017 _____ () C:\Users\Nol\AppData\Local\resmon.resmoncfg 2016-11-07 20:26 - 2016-11-07 20:26 - 0000000 _____ () C:\Users\Nol\AppData\Local\{59122396-B42A-412F-9E30-D7E5E0BCF1E8} 2014-12-29 22:03 - 2014-12-29 22:05 - 7044304 _____ () C:\ProgramData\hpcsmmsilogs.log 2014-12-29 22:13 - 2014-12-29 22:14 - 1469614 _____ () C:\ProgramData\hpdam_install_log.txt 2014-12-29 22:13 - 2014-12-29 22:13 - 0512572 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt 2015-08-14 01:22 - 2015-08-14 01:22 - 0005076 _____ () C:\ProgramData\vczcspay.tpu ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\windows\explorer.exe => Le fichier est signé numériquement C:\windows\system32\winlogon.exe => Le fichier est signé numériquement C:\windows\system32\wininit.exe => Le fichier est signé numériquement C:\windows\system32\svchost.exe => Le fichier est signé numériquement C:\windows\system32\services.exe => Le fichier est signé numériquement C:\windows\system32\User32.dll => Le fichier est signé numériquement C:\windows\system32\userinit.exe => Le fichier est signé numériquement C:\windows\system32\rpcss.dll => Le fichier est signé numériquement C:\windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-07-14 04:06 ==================== Fin de FRST.txt ============================