Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017
Exécuté par PC Q (administrateur) sur PCQ-PC (09-09-2017 09:06:05)
Exécuté depuis C:\Users\PC Q\Desktop
Profils chargés: PC Q (Profils disponibles: PC Q)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: "C:\Program Files\Maxthon5\Bin\Maxthon.exe" "%1")
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Maxthon International ltd.) C:\Program Files\Maxthon5\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon5\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon5\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon5\Bin\Maxthon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Maxthon International ltd.) C:\Program Files\Maxthon5\Bin\Maxthon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-01] (AVAST Software)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [536668 2017-03-28] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient.exe [3971528 2017-09-06] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2939468264-998961724-2388039128-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [4019312 2017-06-28] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2017-09-06]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{75FEF49E-48E7-4772-89EE-35B04BAD2AD8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{96B6D22D-CEE4-4DA4-AC2D-F3B34A01F3AB}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E3BBB335-9A62-4B1F-ADDA-1E1141B4A87A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F46D356B-6A8F-46A3-A503-E322F00E25F2}: [DhcpNameServer] 192.168.1.1
ManualProxies: 0hxxp://accessquickweb.com/wpad.dat?b9e2fa254214b9206b1d0a129a3ba6ed34985379
Internet Explorer:
==================
HKU\S-1-5-21-2939468264-998961724-2388039128-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-eg/?ocid=iehp
URLSearchHook: [S-1-5-21-2939468264-998961724-2388039128-1000] ATTENTION => URLSearchHook par défaut est absent
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2017-06-23] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-09-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-07-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-01] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-02] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2939468264-998961724-2388039128-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-02] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-02] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-02] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-02] (Microsoft Corporation)
FireFox:
========
FF HKU\S-1-5-21-2939468264-998961724-2388039128-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF HKU\S-1-5-21-2939468264-998961724-2388039128-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\PC Q\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\PC Q\AppData\Roaming\IDM\idmmzcc5 [2017-07-13] [non signé]
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-07-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-07-02] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-02] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-02] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default [2017-09-07]
CHR Extension: (Heartbeat) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\aailiojlhjbichheofhdpcongebcgcgm [2017-07-17]
CHR Extension: (عروض Google التقديمية) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-27]
CHR Extension: (محرّر مستندات Google) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-27]
CHR Extension: (Google Drive) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-27]
CHR Extension: (Youtube) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-27]
CHR Extension: (آدبلوك بلس) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-13]
CHR Extension: (Adobe Acrobat) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-29]
CHR Extension: (Avast SafePrice) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-03]
CHR Extension: (جداول بيانات Google ) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-27]
CHR Extension: (Alerte Bons Plans eBuyClub) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjjddemkcndmbbeeibicagaobbijjgmm [2017-08-06]
CHR Extension: (مستندات Google في وضع عدم الاتصال) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-27]
CHR Extension: (Avast Online Security) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-09-03]
CHR Extension: (goo.gl URL Shortener (Unofficial)) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2017-09-03]
CHR Extension: (IDM Integration Module) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2001-12-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-14]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2017-06-28]
CHR HKU\S-1-5-21-2939468264-998961724-2388039128-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\PC Q\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-08-19]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5830352 2017-09-01] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-01] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2840768 2017-08-28] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4430792 2017-08-21] (Malwarebytes)
S2 MxService; C:\Program Files\Maxthon5\Bin\MxService.exe [143648 2017-03-30] (Maxthon International ltd.)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient.exe [3971528 2017-09-06] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [274514 2017-03-28] (IDT, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [267520 2017-09-01] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157416 2017-09-01] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276736 2017-09-01] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50384 2017-09-01] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42856 2017-09-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [124952 2017-09-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [99568 2017-09-01] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70864 2017-09-01] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [773800 2017-09-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [500136 2017-09-01] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [147720 2017-09-01] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [296824 2017-09-01] (AVAST Software)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2015-08-31] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [108032 2017-04-01] (Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-03-27] (REALiX(tm))
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [110280 2017-03-28] (Qualcomm Atheros Co., Ltd.)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0121.sys [37920 2017-09-06] (SoftEther Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [945504 2017-03-28] (Ralink Technology Corp.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-09 09:06 - 2017-09-09 09:07 - 000016080 _____ C:\Users\PC Q\Desktop\FRST.txt
2017-09-09 09:04 - 2017-09-09 09:06 - 000000000 ____D C:\FRST
2017-09-09 09:04 - 2017-09-09 09:04 - 001792512 _____ (Farbar) C:\Users\PC Q\Desktop\FRST.exe
2017-09-08 20:00 - 2017-09-08 20:02 - 000000000 ____D C:\Users\PC Q\Desktop\Nouveau dossier (5)
2017-09-08 00:35 - 2017-09-08 00:42 - 000000000 ____D C:\Users\PC Q\Desktop\souri hd
2017-09-08 00:18 - 2017-09-08 00:38 - 000000000 ____D C:\Users\PC Q\Desktop\SOURI
2017-09-07 22:21 - 2017-09-07 22:21 - 000002668 _____ C:\Users\PC Q\Desktop\ZHPFixReport.txt
2017-09-07 18:04 - 2017-09-07 18:17 - 000110990 _____ C:\Users\PC Q\Desktop\ZHPDiag.txt
2017-09-07 17:53 - 2017-09-07 17:53 - 000000220 _____ C:\Users\PC
2017-09-07 17:51 - 2017-09-07 22:21 - 000000000 ____D C:\Users\PC Q\AppData\Roaming\ZHP
2017-09-07 17:51 - 2017-09-07 17:56 - 000000000 ____D C:\Users\PC Q\AppData\Local\ZHP
2017-09-07 17:51 - 2017-09-07 17:51 - 000000781 _____ C:\Users\PC Q\Desktop\ZHPDiag.lnk
2017-09-07 11:56 - 2017-09-07 11:56 - 000001240 _____ C:\Users\PC Q\Desktop\m.txt
2017-09-07 11:02 - 2017-09-07 11:09 - 000000000 ____D C:\AdwCleaner
2017-09-06 20:49 - 2017-09-06 20:49 - 000141768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2017-09-06 20:49 - 2017-09-06 20:49 - 000037920 _____ (SoftEther Corporation) C:\Windows\system32\Drivers\Neo_0121.sys
2017-09-06 20:48 - 2017-09-06 20:48 - 000002062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
2017-09-06 20:48 - 2017-09-06 20:48 - 000002056 _____ C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk
2017-09-06 20:48 - 2017-09-06 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
2017-09-06 20:48 - 2002-01-01 00:01 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2017-09-06 20:18 - 2017-09-06 20:21 - 000000000 ____D C:\Program Files\TAP-Windows
2017-09-06 19:47 - 2017-09-06 19:47 - 000001544 _____ C:\Users\PC Q\Desktop\HH.txt
2017-09-06 17:53 - 2002-01-01 00:02 - 000166848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-06 17:52 - 2002-01-01 00:01 - 000040352 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-06 17:52 - 2002-01-01 00:00 - 000065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-06 17:51 - 2002-01-01 00:00 - 000221632 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-06 17:50 - 2017-09-07 11:59 - 000059904 _____ C:\Windows\system32\Drivers\mbae.sys
2017-09-06 17:50 - 2017-09-06 17:50 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-06 17:50 - 2017-09-06 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-06 17:49 - 2017-09-06 17:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-06 17:49 - 2017-09-06 17:49 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-06 17:30 - 2017-09-06 17:31 - 000002872 _____ C:\Users\PC Q\Desktop\Rkill.txt
2017-09-06 11:57 - 2017-09-06 19:48 - 000000000 ____D C:\Users\PC Q\Desktop\ps4
2017-09-05 15:25 - 2017-09-05 15:25 - 000000000 ____D C:\Program Files\Common Files\Skype
2017-09-05 14:12 - 2017-09-05 14:15 - 000000000 ____D C:\Users\PC Q\Desktop\Nouveau dossier (4)
2017-09-03 15:43 - 2017-09-03 15:43 - 000000000 _____ C:\Users\PC Q\Documents\DROP.txt
2017-09-02 22:42 - 2017-09-02 22:42 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-09-01 06:15 - 2017-09-01 06:14 - 000304816 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-08-31 22:11 - 2017-09-01 01:05 - 000000000 ____D C:\Users\PC Q\Desktop\Nouveau dossier (3)
2017-08-31 00:27 - 2017-09-05 14:23 - 000000000 ____D C:\Users\PC Q\Desktop\TOP
2017-08-31 00:13 - 2017-08-31 00:13 - 000001051 _____ C:\Users\PC Q\Desktop\PhotoZoom Pro 6.lnk
2017-08-31 00:13 - 2017-08-31 00:13 - 000000000 ____D C:\Users\PC Q\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoZoom Pro 6
2017-08-31 00:13 - 2017-08-31 00:13 - 000000000 ____D C:\Program Files\PhotoZoom Pro 6
2017-08-30 23:58 - 2017-08-31 00:26 - 000000000 ____D C:\Users\PC Q\Desktop\Nouveau dossier (2)
2017-08-29 17:41 - 2017-08-31 00:26 - 000000000 ____D C:\Users\PC Q\Desktop\Nouveau dossier
2017-08-26 21:58 - 2017-08-26 22:00 - 030407204 _____ C:\Users\PC Q\Downloads\whatsapp-messenger.apk
2017-08-26 21:31 - 2017-08-26 21:42 - 039243282 _____ C:\Users\PC Q\Downloads\whatsapp-messenger-2-17-313.apk
2017-08-24 22:12 - 2017-08-24 22:12 - 000111056 _____ C:\Users\PC Q\AppData\Local\GDIPFONTCACHEV1.DAT
2017-08-19 14:57 - 2017-08-19 14:57 - 000001876 _____ C:\Users\PC Q\Desktop\XM Global MT4.lnk
2017-08-18 20:19 - 2017-08-18 20:19 - 000000000 ____D C:\Users\PC Q\AppData\Roaming\Opera Software
2017-08-18 20:19 - 2017-08-18 20:19 - 000000000 ____D C:\Users\PC Q\AppData\Local\Opera Software
2017-08-18 20:18 - 2017-09-07 11:09 - 000001057 _____ C:\Users\Public\Desktop\Navigateur Opera.lnk
2017-08-18 20:18 - 2017-09-07 11:09 - 000001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2017-08-18 20:16 - 2017-08-26 21:41 - 000000000 ____D C:\Program Files\Opera
2017-08-18 11:52 - 2017-08-18 11:52 - 000000000 ____D C:\ProgramData\MetaQuotes
2017-08-18 11:50 - 2017-08-18 11:50 - 000001876 _____ C:\Users\Public\Desktop\XM Global MT4.lnk
2017-08-18 11:50 - 2017-08-18 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM Global MT4
2017-08-18 11:50 - 2017-08-18 11:50 - 000000000 ____D C:\Program Files\XM Global MT4
2017-08-16 20:37 - 2017-08-16 20:37 - 000001849 _____ C:\Users\Public\Desktop\MetaTrader.lnk
2017-08-16 20:37 - 2017-08-16 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader
2017-08-16 20:37 - 2017-08-16 20:37 - 000000000 ____D C:\Program Files\MetaTrader
2017-08-16 20:23 - 2017-08-16 20:37 - 000000000 ____D C:\Users\PC Q\AppData\Roaming\MetaQuotes
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-09-08 12:06 - 2017-03-27 22:10 - 000000000 ____D C:\Users\PC Q\AppData\Roaming\DMCache
2017-09-07 22:19 - 2017-07-13 15:38 - 000000000 ____D C:\Users\PC Q\AppData\Roaming\IDM
2017-09-07 11:09 - 2017-03-27 22:32 - 000000000 ____D C:\ProgramData\IObit
2017-09-07 11:09 - 2017-03-27 20:11 - 000002115 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-07 11:09 - 2017-03-27 20:11 - 000002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-07 11:09 - 2017-03-27 00:29 - 000001387 _____ C:\Users\PC Q\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-09-06 20:51 - 2009-07-14 02:37 - 000000000 ____D C:\Windows\inf
2017-09-06 20:46 - 2017-03-27 22:10 - 000000000 ____D C:\Users\PC Q\Downloads\Compressed
2017-09-06 20:29 - 2017-03-28 00:22 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-06 18:37 - 2011-04-12 01:35 - 000748052 _____ C:\Windows\system32\perfh00C.dat
2017-09-06 18:37 - 2011-04-12 01:35 - 000149984 _____ C:\Windows\system32\perfc00C.dat
2017-09-06 18:37 - 2010-11-20 21:01 - 001669828 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-06 10:15 - 2017-03-27 22:10 - 000000000 ____D C:\Users\PC Q\Downloads\Video
2017-09-05 15:26 - 2017-05-17 22:15 - 000000000 ____D C:\ProgramData\Skype
2017-09-05 15:25 - 2017-05-17 22:15 - 000000000 ___RD C:\Program Files\Skype
2017-09-02 22:46 - 2017-03-27 19:49 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-02 22:42 - 2009-07-14 02:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-01 18:20 - 2017-03-27 19:57 - 000000000 ____D C:\Program Files\Common Files\AV
2017-09-01 06:14 - 2017-03-27 19:57 - 000296824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-09-01 06:14 - 2017-03-27 19:57 - 000147720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-09-01 06:14 - 2017-03-27 19:56 - 000773800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-09-01 06:14 - 2017-03-27 19:56 - 000500136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-09-01 06:14 - 2017-03-27 19:56 - 000276736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-09-01 06:14 - 2017-03-27 19:56 - 000267520 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-09-01 06:14 - 2017-03-27 19:56 - 000157416 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-09-01 06:14 - 2017-03-27 19:56 - 000124952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-09-01 06:14 - 2017-03-27 19:56 - 000099568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-09-01 06:14 - 2017-03-27 19:56 - 000070864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-09-01 06:14 - 2017-03-27 19:56 - 000050384 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-09-01 06:14 - 2017-03-27 19:56 - 000042856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-08-29 18:02 - 2017-04-24 20:53 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-22 12:42 - 2017-07-25 15:17 - 000000000 ____D C:\Windows\Minidump
2017-08-22 12:42 - 2017-05-06 12:05 - 000000000 ____D C:\Users\PC Q\AppData\Local\CrashDumps
2017-08-22 12:42 - 2017-04-10 22:39 - 000000000 ____D C:\Users\PC Q\AppData\Roaming\TeamViewer
2017-08-18 19:59 - 2017-07-09 12:51 - 000000000 ____D C:\Users\PC Q\Desktop\STOCK
2017-08-11 16:21 - 2009-07-14 04:53 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-11 13:52 - 2017-05-05 19:10 - 000000000 ____D C:\Users\PC Q\Documents\Camtasia Studio
2017-08-10 00:55 - 2017-03-27 23:38 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-08-10 00:55 - 2017-03-27 23:38 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-08-10 00:55 - 2017-03-27 23:38 - 000000000 ____D C:\Windows\system32\Macromed
==================== Fichiers à la racine de certains dossiers =======
2017-07-06 01:56 - 2017-07-26 18:29 - 000000132 _____ () C:\Users\PC Q\AppData\Roaming\تفضيلات Adobe PNG Format CS5
2017-05-06 21:21 - 2017-05-13 13:08 - 000001432 _____ () C:\Users\PC Q\AppData\Local\Adobe Save for Web 12.0 Prefs
2017-04-04 21:52 - 2017-04-11 15:55 - 000003584 _____ () C:\Users\PC Q\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-09-05 21:22
==================== Fin de FRST.txt ============================