Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2017
Exécuté par Hp (administrateur) sur HP-HP (15-11-2017 18:46:11)
Exécuté depuis C:\Users\Hp\Desktop
Profils chargés: Hp (Profils disponibles: Hp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
() C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-13] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-05-17] (EasyBits Software AS)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-10] (Easybits)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2534400 2014-05-14] (MyHeritage)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2017-11-08] (PDF Complete Inc)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Run: [Google Update] => C:\Users\Hp\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Run: [Chromium] => "c:\users\hp\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-02-21] (EasyBits Software Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-03-12]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-06-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk [2016-03-12]
ShortcutTarget: Notifications de Mises à jour.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Utilitaire de configuration sans fil.lnk [2013-11-15]
ShortcutTarget: Utilitaire de configuration sans fil.lnk -> C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2016-03-12]
ShortcutTarget: WinZip Préchargeur.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{8D200654-2CCC-4FA1-9CE0-25573CD677BE}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{9190E923-A712-4D0E-AD0C-9EB2FCDF718D}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/webhp?hl=fr&tab=ww&gws_rd=ssl
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {21ECC71F-128D-4C98-84DF-3329EC231302} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {F42D4712-298F-4502-8668-7B9940C3FB00} URL = hxxp://www.basicseek.com/?prt=BASICSEEK111&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-13] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-09] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-13] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-09] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Toolbar: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
DPF: HKLM-x32 {55A2C0CD-3DE8-4264-9637-A0B40B05714E} hxxps://col0-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=1663973501
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-06-30] [Legacy] [non signé]
FF HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-06-30] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-269968275-2894576949-3566824943-1000: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 -> C:\Users\Hp\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll [2010-03-04] (Stonetrip)
FF Plugin HKU\S-1-5-21-269968275-2894576949-3566824943-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Hp\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-269968275-2894576949-3566824943-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Hp\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.fr/webhp?hl=fr&tab=ww&gws_rd=ssl
CHR StartupUrls: Default -> "hxxps://www.google.fr/webhp?hl=fr&tab=ww&gws_rd=ssl"
CHR Profile: C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default [2017-11-15]
CHR Extension: (YouTube) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Recherche Google) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-27]
CHR Extension: (Spring Theme) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpcfekghemjkdgnodkinnfbookfaapf [2015-04-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-15]
CHR HKU\S-1-5-21-269968275-2894576949-3566824943-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.HMHXFNEK4WV2KRDAJGPQASPCTI - C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-13] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-13] (AVAST Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Fichier non signé]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Fichier non signé]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe [167936 2008-06-26] () [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [183584 2017-11-13] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321032 2017-11-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [198968 2017-11-13] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343288 2017-11-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57728 2017-11-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47008 2017-11-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148288 2017-11-13] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110376 2017-11-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84416 2017-11-13] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026232 2017-11-13] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455376 2017-11-15] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203976 2017-11-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [364464 2017-11-13] (AVAST Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-15 18:46 - 2017-11-15 18:46 - 000021704 _____ C:\Users\Hp\Desktop\FRST.txt
2017-11-15 18:45 - 2017-11-15 18:46 - 000000000 ____D C:\FRST
2017-11-15 18:44 - 2017-11-15 18:44 - 002392576 _____ (Farbar) C:\Users\Hp\Desktop\FRST64.exe
2017-11-15 17:25 - 2017-11-15 17:25 - 000052053 _____ C:\Users\Hp\Downloads\2017%202018conseil%20de%20classe%20%20trimestre%201%20et%20semestre%201.xlsx
2017-11-15 16:14 - 2017-11-15 16:14 - 000156652 _____ C:\Users\Hp\Desktop\ZHPDiag.txt
2017-11-15 16:03 - 2017-11-15 16:03 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-15 16:03 - 2017-11-15 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Complete
2017-11-15 15:56 - 2017-11-15 16:01 - 000000000 ____D C:\AdwCleaner
2017-11-15 15:53 - 2017-11-15 15:54 - 008261584 _____ (Malwarebytes) C:\Users\Hp\Desktop\adwcleaner_7.0.4.0.exe
2017-11-15 15:19 - 2017-11-15 15:23 - 000012516 _____ C:\Users\Hp\Desktop\ZHPCleaner.txt
2017-11-15 15:05 - 2017-11-15 15:05 - 000000791 _____ C:\Users\Hp\Desktop\ZHPCleaner.lnk
2017-11-15 15:03 - 2017-11-15 15:03 - 002971008 _____ C:\Users\Hp\Desktop\ZHPCleaner.exe
2017-11-15 11:37 - 2017-11-15 16:10 - 000000000 ____D C:\Users\Hp\AppData\Roaming\ZHP
2017-11-15 11:37 - 2017-11-15 16:10 - 000000000 ____D C:\Users\Hp\AppData\Local\ZHP
2017-11-15 11:37 - 2017-11-15 11:37 - 000000781 _____ C:\Users\Hp\Desktop\ZHPDiag.lnk
2017-11-15 11:34 - 2017-11-15 11:34 - 002932096 _____ C:\Users\Hp\Downloads\ZHPDiag3.exe
2017-11-15 10:40 - 2017-11-15 10:40 - 000066546 _____ C:\Users\Hp\Desktop\UsbFix_Report.txt
2017-11-15 09:54 - 2017-11-15 10:40 - 000004552 _____ C:\usbfix-debug.txt
2017-11-15 09:43 - 2017-11-15 10:40 - 000000000 ____D C:\UsbFix
2017-11-15 09:39 - 2017-11-15 09:39 - 008222104 _____ (SOSVirus) C:\Users\Hp\Desktop\UsbFix_9.067.exe
2017-11-13 16:07 - 2017-11-13 16:07 - 003391054 _____ C:\Users\Hp\Downloads\ed6134.pdf
2017-11-13 15:42 - 2017-11-13 15:42 - 000023401 _____ C:\Users\Hp\Downloads\ReleveDePrestations_journalier_du_11_11_2017.pdf
2017-11-13 09:16 - 2017-11-13 09:15 - 000183584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2017-11-13 09:15 - 2017-11-13 09:15 - 000365168 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-11-12 06:59 - 2017-11-12 06:59 - 000000000 ____D C:\$AV_ASW
2017-11-11 14:07 - 2017-11-11 14:07 - 000474760 _____ C:\Users\Hp\Desktop\doc (1).pdf
2017-11-11 14:07 - 2017-11-11 14:07 - 000474739 _____ C:\Users\Hp\Desktop\doc.pdf
2017-11-09 17:09 - 2017-11-09 17:09 - 000003998 _____ C:\Users\Hp\AppData\Local\recently-used.xbel
2017-11-06 11:29 - 2017-11-06 11:29 - 003371977 _____ C:\Users\Hp\Downloads\Video111.MOV
2017-11-01 13:28 - 2017-11-01 13:30 - 091022966 _____ C:\Users\Hp\Downloads\June - No Love Lost, No Trust Given 2.zip
2017-10-31 09:36 - 2017-10-31 09:36 - 000101762 _____ C:\Users\Hp\Downloads\ns239 (4).pdf
2017-10-31 08:05 - 2017-10-31 08:05 - 000101762 _____ C:\Users\Hp\Downloads\ns239 (3).pdf
2017-10-31 07:49 - 2017-10-31 07:49 - 000194786 _____ C:\Users\Hp\Downloads\tf84.pdf
2017-10-31 07:43 - 2017-10-31 07:43 - 000101762 _____ C:\Users\Hp\Downloads\ns239 (2).pdf
2017-10-30 11:23 - 2017-10-30 11:23 - 001091502 _____ C:\Users\Hp\Downloads\Article Compteurs Linky magazine QUE CHOISIR Octobre 2017.pdf
2017-10-29 20:22 - 2017-10-29 20:22 - 000014015 _____ C:\Users\Hp\Downloads\Bordereau-Vinted-68325530.pdf
2017-10-28 09:34 - 2017-10-28 09:34 - 000023849 _____ C:\Users\Hp\Downloads\ReleveDePrestations_journalier_du_26_10_2017.pdf
2017-10-24 18:05 - 2017-10-24 18:06 - 027473572 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1981__CN81000451_1981_FR3300-DIC_1420 (1).jp2
2017-10-24 18:01 - 2017-10-24 18:01 - 027473572 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1981__CN81000451_1981_FR3300-DIC_1420.jp2
2017-10-24 17:56 - 2017-10-24 17:57 - 027901436 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1980-09-06__C1336-0051_1980_FR9139_0004.jp2
2017-10-24 17:04 - 2017-10-24 17:04 - 005895415 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1957-06-28__C1332-0051_1957_F1332-1632_0247.jp2
2017-10-23 20:00 - 2017-10-23 20:00 - 000629497 _____ C:\Users\Hp\Downloads\33 - Le Verdon-sur-Mer - Arrêté de zonage archéologique.pdf
2017-10-23 06:30 - 2017-10-23 06:30 - 000023598 _____ C:\Users\Hp\Downloads\ReleveDePrestations_journalier_du_21_10_2017.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-15 17:18 - 2017-05-25 11:00 - 000000000 ____D C:\Users\Hp\AppData\LocalLow\Mozilla
2017-11-15 16:49 - 2012-02-21 13:48 - 000747644 _____ C:\Windows\system32\perfh00C.dat
2017-11-15 16:49 - 2012-02-21 13:48 - 000150168 _____ C:\Windows\system32\perfc00C.dat
2017-11-15 16:49 - 2009-07-14 06:13 - 001669584 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-15 16:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-15 16:11 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-15 16:11 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-15 16:10 - 2012-08-29 12:39 - 000455376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-11-15 16:08 - 2012-02-21 14:19 - 000000000 ____D C:\ProgramData\PDFC
2017-11-15 16:03 - 2012-02-21 14:19 - 000000000 ____D C:\Program Files (x86)\PDF Complete
2017-11-15 16:03 - 2012-02-21 14:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers
2017-11-15 16:02 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-15 16:01 - 2017-09-04 15:46 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2017-11-15 16:01 - 2012-06-30 10:10 - 000000000 ____D C:\Users\Hp\AppData\Roaming\Yahoo!
2017-11-15 15:23 - 2012-07-07 07:05 - 000000000 ____D C:\Users\Hp\AppData\Local\Google
2017-11-15 10:54 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-11-15 10:49 - 2012-03-07 09:45 - 000003912 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{663C1A98-E9EE-42F7-93F5-73DC037A192D}
2017-11-15 09:33 - 2012-07-07 07:05 - 000003670 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-269968275-2894576949-3566824943-1000UA
2017-11-15 09:33 - 2012-07-07 07:05 - 000003398 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-269968275-2894576949-3566824943-1000Core
2017-11-15 09:17 - 2014-12-25 09:10 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-14 20:33 - 2012-07-07 07:06 - 000002335 _____ C:\Users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 20:33 - 2012-07-07 07:06 - 000002327 _____ C:\Users\Hp\Desktop\Google Chrome.lnk
2017-11-14 19:16 - 2013-03-13 07:03 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-14 19:16 - 2012-12-08 09:32 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 19:16 - 2012-12-08 09:32 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-14 19:16 - 2012-02-21 14:14 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 19:16 - 2012-02-21 14:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-13 12:29 - 2016-04-14 11:09 - 000003168 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHp
2017-11-13 12:29 - 2016-04-14 11:09 - 000000320 _____ C:\Windows\Tasks\HPCeeScheduleForHp.job
2017-11-13 09:16 - 2017-03-24 21:24 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-11-13 09:15 - 2017-03-24 21:24 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-11-13 09:15 - 2017-03-24 21:24 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-11-13 09:15 - 2017-03-24 21:24 - 000198968 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-11-13 09:15 - 2017-03-24 21:24 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-11-13 09:15 - 2014-05-15 09:39 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-11-13 09:15 - 2014-01-04 10:27 - 000203976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-11-13 09:15 - 2013-03-19 08:23 - 000364464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-11-13 09:15 - 2013-03-19 08:23 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-11-13 09:15 - 2012-08-29 12:39 - 001026232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-11-13 09:15 - 2012-08-29 12:39 - 000455384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys.151075863448001
2017-11-13 09:15 - 2012-08-29 12:39 - 000148288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-11-13 09:15 - 2012-08-29 12:39 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-11-10 19:36 - 2012-09-30 06:39 - 000000000 ____D C:\Users\Hp\AppData\Local\CrashDumps
2017-11-08 11:03 - 2012-02-21 14:19 - 000027680 _____ (PDF Complete, Inc.) C:\Windows\system32\pdfc_port.dll
2017-11-04 18:28 - 2015-01-31 19:54 - 000000020 ____H C:\ProgramData\PKP_DLev.DAT
2017-11-04 18:28 - 2015-01-31 19:54 - 000000020 ____H C:\ProgramData\PKP_DLet.DAT
2017-11-01 09:17 - 2012-08-29 12:39 - 001020536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.150952430834007
2017-11-01 09:17 - 2012-08-29 12:39 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-28 19:56 - 2012-11-01 09:28 - 000000000 ____D C:\Users\Hp\AppData\Roaming\Youtube Downloader HD
2017-10-17 20:28 - 2014-06-19 00:14 - 000000000 ____D C:\Users\Hp\AppData\Roaming\vlc
2017-10-16 14:27 - 2016-11-23 08:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-10-16 14:27 - 2012-10-14 07:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Fichiers à la racine de certains dossiers =======
2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\PageLibraries
2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\PDEs
2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\Pipe Organ
2015-01-31 19:55 - 2015-01-31 19:55 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\PPD Plugins
2014-11-20 15:58 - 2016-12-04 08:13 - 000006656 _____ () C:\Users\Hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-09 17:09 - 2017-11-09 17:09 - 000003998 _____ () C:\Users\Hp\AppData\Local\recently-used.xbel
2012-06-29 14:52 - 2013-12-30 10:31 - 000006140 _____ () C:\ProgramData\hpzinstall.log
2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\ProgramData\People
2015-01-31 19:55 - 2015-01-31 19:55 - 000000268 ___RH () C:\ProgramData\Percussion Kit
2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\ProgramData\Perl
2015-01-31 19:54 - 2015-01-31 19:54 - 000000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2015-01-31 19:55 - 2016-03-05 08:17 - 000000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-01-31 19:54 - 2017-11-04 18:28 - 000000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-01-31 19:54 - 2017-11-04 18:28 - 000000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-01-31 19:54 - 2015-01-31 19:54 - 000000012 ___RH () C:\ProgramData\Plug-Ins
2015-01-31 19:55 - 2015-01-31 19:55 - 000000012 ___RH () C:\ProgramData\Podcasting
2015-01-31 19:54 - 2015-01-31 19:54 - 000000012 ___RH () C:\ProgramData\Pop Kit
2015-01-31 19:54 - 2015-01-31 19:54 - 000000012 ___RH () C:\ProgramData\Sci-Fi
Certains fichiers dans TEMP:
====================
2016-11-06 08:40 - 2016-11-06 08:40 - 000003584 _____ () C:\Users\Hp\AppData\Local\Temp\1btjav6o.dll
2014-04-06 17:56 - 2014-04-06 17:56 - 000041984 _____ () C:\Users\Hp\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5y3you.dll
2013-06-04 09:30 - 2013-06-04 09:30 - 000050432 ____R () C:\Users\Hp\AppData\Local\Temp\Extract.exe
2012-07-06 20:45 - 2012-07-06 20:45 - 000074808 _____ (Hewlett-Packard) C:\Users\Hp\AppData\Local\Temp\HPHelpUpdater.exe
2015-11-21 10:49 - 2015-10-22 01:08 - 000595656 _____ (Hewlett-Packard) C:\Users\Hp\AppData\Local\Temp\HPSFUpdater.exe
2013-01-31 00:58 - 2013-01-31 00:58 - 000897448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
2013-02-16 06:00 - 2013-02-16 06:00 - 000897448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
2013-03-01 21:00 - 2013-03-01 21:00 - 000897448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
2013-06-22 02:58 - 2013-06-22 02:58 - 000903080 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
2013-10-08 19:27 - 2013-10-08 19:27 - 000915368 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
2013-12-19 18:06 - 2013-12-19 18:06 - 000921512 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
2014-07-28 06:15 - 2014-07-28 06:15 - 000918440 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
2014-09-29 18:06 - 2014-09-29 18:06 - 000937896 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
2017-06-09 17:57 - 2017-06-09 17:57 - 000739904 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-8u131-windows-au.exe
2014-12-18 18:29 - 2014-12-18 18:29 - 000641448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-8u31-windows-au.exe
2016-07-04 11:40 - 2016-07-04 11:40 - 000739904 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-8u91-windows-au.exe
2015-06-08 09:01 - 2016-01-09 10:38 - 017938337 _____ () C:\Users\Hp\AppData\Local\Temp\MyHeritage_Version_7_0_0_7143_Size_36843992.exe
2016-12-23 10:53 - 2016-12-23 10:53 - 003734835 _____ () C:\Users\Hp\AppData\Local\Temp\MyHeritage_Version_8_0_0_8333_Size_47737760.exe
2012-09-20 02:15 - 2012-09-20 02:15 - 050352408 _____ (Microsoft Corporation) C:\Users\Hp\AppData\Local\Temp\NetFramework45.exe
2015-01-28 15:44 - 2015-01-28 15:44 - 000026424 _____ () C:\Users\Hp\AppData\Local\Temp\ochelper.exe
2006-10-28 04:58 - 2006-10-28 04:58 - 000145184 ____R (Microsoft Corporation) C:\Users\Hp\AppData\Local\Temp\ose00000.exe
2012-11-30 21:36 - 2012-05-04 02:24 - 000031616 _____ (Hewlett-Packard Company) C:\Users\Hp\AppData\Local\Temp\Resource.exe
2012-11-02 16:50 - 2012-11-02 16:50 - 000040587 _____ () C:\Users\Hp\AppData\Local\Temp\Runner.exe
2012-09-16 16:01 - 2012-09-16 16:02 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{1779AE8F-7125-4ED7-974C-AE92B4D29FA1}.exe
2012-09-19 16:24 - 2012-09-19 16:25 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{1C0FFD6F-341A-46D9-9F13-6DCE144C99F6}.exe
2012-10-11 15:51 - 2012-10-11 15:52 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{2EF3D0B0-C5B1-4CB6-9CAE-854971EA09B3}.exe
2013-01-13 09:07 - 2013-01-13 09:08 - 048437312 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{3A485A48-586B-4B77-9D92-856E4DE851B5}.exe
2012-10-13 06:24 - 2012-10-13 06:25 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{3F511274-51EE-4088-8539-25A4AFC68B37}.exe
2012-09-30 06:35 - 2012-09-30 06:36 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{4BADFA81-4DE6-4AFF-A360-C55746D57300}.exe
2012-10-11 06:44 - 2012-10-11 06:45 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{645E8926-CCA7-4CC0-A595-A5D89C5F07E8}.exe
2012-10-07 14:11 - 2012-10-07 14:12 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{7210C28F-A029-466E-8867-50201C1F4DCA}.exe
2013-01-10 08:41 - 2013-01-10 08:41 - 048437312 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{7C920D53-40D9-4E8C-A3C6-93141D396036}.exe
2012-09-13 06:17 - 2012-09-13 06:18 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{993AC96D-B96E-41BE-9052-5DEE8ED23394}.exe
2012-10-04 15:41 - 2012-10-04 15:42 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{AA42145F-16EA-44BE-BB18-3D274A661D4C}.exe
2012-09-20 06:21 - 2012-09-20 06:22 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{B4D0D5E1-4630-440E-B31E-D2B75C564AEC}.exe
2012-10-28 10:24 - 2012-10-28 10:25 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{C5BD36ED-FFF6-462B-9B4A-7384B89ED9A9}.exe
2012-09-14 16:27 - 2012-09-14 16:28 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{C6BFE14B-21A6-46F7-9DA7-35C18BD4A3AF}.exe
2012-09-19 04:52 - 2012-09-19 04:53 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{CE74B58E-55BA-492F-A766-FE9DC5FCC26A}.exe
2012-09-22 05:44 - 2012-09-22 05:44 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{D4CC8D1D-9083-4BAF-8781-1E13215C3ABB}.exe
2012-09-30 06:39 - 2012-09-30 06:40 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{DCA0D5D1-2B20-416A-AB33-DC28643C6BAA}.exe
2012-09-26 16:25 - 2012-09-26 16:26 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{E12127A2-80C2-440B-B101-5C9D337ADB8A}.exe
2012-07-06 20:40 - 2012-07-06 20:42 - 057826304 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Hp\AppData\Local\Temp\sp54931.exe
2012-11-16 21:12 - 2012-11-30 21:36 - 041580520 _____ (Hewlett-Packard ) C:\Users\Hp\AppData\Local\Temp\sp58915.exe
2014-01-24 09:45 - 2014-01-24 09:45 - 044799704 _____ (Hewlett-Packard ) C:\Users\Hp\AppData\Local\Temp\sp64126.exe
2014-04-25 02:52 - 2014-04-25 02:52 - 184800632 _____ ( ) C:\Users\Hp\AppData\Local\Temp\SP66194.exe
2013-11-22 07:22 - 2013-11-22 07:06 - 000599419 _____ () C:\Users\Hp\AppData\Local\Temp\Sqlite3.dll
2013-06-29 08:38 - 2013-06-16 09:40 - 000389632 _____ (Babylon Ltd.) C:\Users\Hp\AppData\Local\Temp\uninst1.exe
2012-07-06 20:42 - 2015-09-28 09:36 - 000144912 _____ (Hewlett-Packard Company) C:\Users\Hp\AppData\Local\Temp\UninstallHPSA.exe
2013-04-22 04:26 - 2013-04-22 04:26 - 022948790 _____ () C:\Users\Hp\AppData\Local\Temp\vlc-2.0.6-win32.exe
2015-12-01 19:50 - 2015-12-01 19:50 - 006912080 _____ () C:\Users\Hp\AppData\Local\Temp\{0DB40C06-1D06-471D-A985-F636A7656A86}-47.0.2526.73_46.0.2490.86_chrome_updater.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-12-04 08:40
==================== Fin de FRST.txt ============================
Exécuté par Hp (administrateur) sur HP-HP (15-11-2017 18:46:11)
Exécuté depuis C:\Users\Hp\Desktop
Profils chargés: Hp (Profils disponibles: Hp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
() C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-13] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-05-17] (EasyBits Software AS)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-10] (Easybits)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2534400 2014-05-14] (MyHeritage)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2017-11-08] (PDF Complete Inc)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Run: [Google Update] => C:\Users\Hp\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Run: [Chromium] => "c:\users\hp\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-02-21] (EasyBits Software Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-03-12]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-06-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk [2016-03-12]
ShortcutTarget: Notifications de Mises à jour.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Utilitaire de configuration sans fil.lnk [2013-11-15]
ShortcutTarget: Utilitaire de configuration sans fil.lnk -> C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2016-03-12]
ShortcutTarget: WinZip Préchargeur.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{8D200654-2CCC-4FA1-9CE0-25573CD677BE}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{9190E923-A712-4D0E-AD0C-9EB2FCDF718D}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/webhp?hl=fr&tab=ww&gws_rd=ssl
HKU\S-1-5-21-269968275-2894576949-3566824943-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {21ECC71F-128D-4C98-84DF-3329EC231302} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {F42D4712-298F-4502-8668-7B9940C3FB00} URL = hxxp://www.basicseek.com/?prt=BASICSEEK111&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-13] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-09] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-13] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-09] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Toolbar: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
DPF: HKLM-x32 {55A2C0CD-3DE8-4264-9637-A0B40B05714E} hxxps://col0-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=1663973501
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-06-30] [Legacy] [non signé]
FF HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-06-30] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-269968275-2894576949-3566824943-1000: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 -> C:\Users\Hp\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll [2010-03-04] (Stonetrip)
FF Plugin HKU\S-1-5-21-269968275-2894576949-3566824943-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Hp\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-269968275-2894576949-3566824943-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Hp\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.fr/webhp?hl=fr&tab=ww&gws_rd=ssl
CHR StartupUrls: Default -> "hxxps://www.google.fr/webhp?hl=fr&tab=ww&gws_rd=ssl"
CHR Profile: C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default [2017-11-15]
CHR Extension: (YouTube) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Recherche Google) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-27]
CHR Extension: (Spring Theme) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpcfekghemjkdgnodkinnfbookfaapf [2015-04-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-15]
CHR HKU\S-1-5-21-269968275-2894576949-3566824943-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.HMHXFNEK4WV2KRDAJGPQASPCTI - C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-13] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-13] (AVAST Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Fichier non signé]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Fichier non signé]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe [167936 2008-06-26] () [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [183584 2017-11-13] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321032 2017-11-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [198968 2017-11-13] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343288 2017-11-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57728 2017-11-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47008 2017-11-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148288 2017-11-13] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110376 2017-11-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84416 2017-11-13] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026232 2017-11-13] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455376 2017-11-15] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203976 2017-11-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [364464 2017-11-13] (AVAST Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-15 18:46 - 2017-11-15 18:46 - 000021704 _____ C:\Users\Hp\Desktop\FRST.txt
2017-11-15 18:45 - 2017-11-15 18:46 - 000000000 ____D C:\FRST
2017-11-15 18:44 - 2017-11-15 18:44 - 002392576 _____ (Farbar) C:\Users\Hp\Desktop\FRST64.exe
2017-11-15 17:25 - 2017-11-15 17:25 - 000052053 _____ C:\Users\Hp\Downloads\2017%202018conseil%20de%20classe%20%20trimestre%201%20et%20semestre%201.xlsx
2017-11-15 16:14 - 2017-11-15 16:14 - 000156652 _____ C:\Users\Hp\Desktop\ZHPDiag.txt
2017-11-15 16:03 - 2017-11-15 16:03 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-15 16:03 - 2017-11-15 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Complete
2017-11-15 15:56 - 2017-11-15 16:01 - 000000000 ____D C:\AdwCleaner
2017-11-15 15:53 - 2017-11-15 15:54 - 008261584 _____ (Malwarebytes) C:\Users\Hp\Desktop\adwcleaner_7.0.4.0.exe
2017-11-15 15:19 - 2017-11-15 15:23 - 000012516 _____ C:\Users\Hp\Desktop\ZHPCleaner.txt
2017-11-15 15:05 - 2017-11-15 15:05 - 000000791 _____ C:\Users\Hp\Desktop\ZHPCleaner.lnk
2017-11-15 15:03 - 2017-11-15 15:03 - 002971008 _____ C:\Users\Hp\Desktop\ZHPCleaner.exe
2017-11-15 11:37 - 2017-11-15 16:10 - 000000000 ____D C:\Users\Hp\AppData\Roaming\ZHP
2017-11-15 11:37 - 2017-11-15 16:10 - 000000000 ____D C:\Users\Hp\AppData\Local\ZHP
2017-11-15 11:37 - 2017-11-15 11:37 - 000000781 _____ C:\Users\Hp\Desktop\ZHPDiag.lnk
2017-11-15 11:34 - 2017-11-15 11:34 - 002932096 _____ C:\Users\Hp\Downloads\ZHPDiag3.exe
2017-11-15 10:40 - 2017-11-15 10:40 - 000066546 _____ C:\Users\Hp\Desktop\UsbFix_Report.txt
2017-11-15 09:54 - 2017-11-15 10:40 - 000004552 _____ C:\usbfix-debug.txt
2017-11-15 09:43 - 2017-11-15 10:40 - 000000000 ____D C:\UsbFix
2017-11-15 09:39 - 2017-11-15 09:39 - 008222104 _____ (SOSVirus) C:\Users\Hp\Desktop\UsbFix_9.067.exe
2017-11-13 16:07 - 2017-11-13 16:07 - 003391054 _____ C:\Users\Hp\Downloads\ed6134.pdf
2017-11-13 15:42 - 2017-11-13 15:42 - 000023401 _____ C:\Users\Hp\Downloads\ReleveDePrestations_journalier_du_11_11_2017.pdf
2017-11-13 09:16 - 2017-11-13 09:15 - 000183584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2017-11-13 09:15 - 2017-11-13 09:15 - 000365168 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-11-12 06:59 - 2017-11-12 06:59 - 000000000 ____D C:\$AV_ASW
2017-11-11 14:07 - 2017-11-11 14:07 - 000474760 _____ C:\Users\Hp\Desktop\doc (1).pdf
2017-11-11 14:07 - 2017-11-11 14:07 - 000474739 _____ C:\Users\Hp\Desktop\doc.pdf
2017-11-09 17:09 - 2017-11-09 17:09 - 000003998 _____ C:\Users\Hp\AppData\Local\recently-used.xbel
2017-11-06 11:29 - 2017-11-06 11:29 - 003371977 _____ C:\Users\Hp\Downloads\Video111.MOV
2017-11-01 13:28 - 2017-11-01 13:30 - 091022966 _____ C:\Users\Hp\Downloads\June - No Love Lost, No Trust Given 2.zip
2017-10-31 09:36 - 2017-10-31 09:36 - 000101762 _____ C:\Users\Hp\Downloads\ns239 (4).pdf
2017-10-31 08:05 - 2017-10-31 08:05 - 000101762 _____ C:\Users\Hp\Downloads\ns239 (3).pdf
2017-10-31 07:49 - 2017-10-31 07:49 - 000194786 _____ C:\Users\Hp\Downloads\tf84.pdf
2017-10-31 07:43 - 2017-10-31 07:43 - 000101762 _____ C:\Users\Hp\Downloads\ns239 (2).pdf
2017-10-30 11:23 - 2017-10-30 11:23 - 001091502 _____ C:\Users\Hp\Downloads\Article Compteurs Linky magazine QUE CHOISIR Octobre 2017.pdf
2017-10-29 20:22 - 2017-10-29 20:22 - 000014015 _____ C:\Users\Hp\Downloads\Bordereau-Vinted-68325530.pdf
2017-10-28 09:34 - 2017-10-28 09:34 - 000023849 _____ C:\Users\Hp\Downloads\ReleveDePrestations_journalier_du_26_10_2017.pdf
2017-10-24 18:05 - 2017-10-24 18:06 - 027473572 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1981__CN81000451_1981_FR3300-DIC_1420 (1).jp2
2017-10-24 18:01 - 2017-10-24 18:01 - 027473572 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1981__CN81000451_1981_FR3300-DIC_1420.jp2
2017-10-24 17:56 - 2017-10-24 17:57 - 027901436 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1980-09-06__C1336-0051_1980_FR9139_0004.jp2
2017-10-24 17:04 - 2017-10-24 17:04 - 005895415 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1957-06-28__C1332-0051_1957_F1332-1632_0247.jp2
2017-10-23 20:00 - 2017-10-23 20:00 - 000629497 _____ C:\Users\Hp\Downloads\33 - Le Verdon-sur-Mer - Arrêté de zonage archéologique.pdf
2017-10-23 06:30 - 2017-10-23 06:30 - 000023598 _____ C:\Users\Hp\Downloads\ReleveDePrestations_journalier_du_21_10_2017.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-15 17:18 - 2017-05-25 11:00 - 000000000 ____D C:\Users\Hp\AppData\LocalLow\Mozilla
2017-11-15 16:49 - 2012-02-21 13:48 - 000747644 _____ C:\Windows\system32\perfh00C.dat
2017-11-15 16:49 - 2012-02-21 13:48 - 000150168 _____ C:\Windows\system32\perfc00C.dat
2017-11-15 16:49 - 2009-07-14 06:13 - 001669584 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-15 16:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-15 16:11 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-15 16:11 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-15 16:10 - 2012-08-29 12:39 - 000455376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-11-15 16:08 - 2012-02-21 14:19 - 000000000 ____D C:\ProgramData\PDFC
2017-11-15 16:03 - 2012-02-21 14:19 - 000000000 ____D C:\Program Files (x86)\PDF Complete
2017-11-15 16:03 - 2012-02-21 14:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers
2017-11-15 16:02 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-15 16:01 - 2017-09-04 15:46 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2017-11-15 16:01 - 2012-06-30 10:10 - 000000000 ____D C:\Users\Hp\AppData\Roaming\Yahoo!
2017-11-15 15:23 - 2012-07-07 07:05 - 000000000 ____D C:\Users\Hp\AppData\Local\Google
2017-11-15 10:54 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-11-15 10:49 - 2012-03-07 09:45 - 000003912 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{663C1A98-E9EE-42F7-93F5-73DC037A192D}
2017-11-15 09:33 - 2012-07-07 07:05 - 000003670 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-269968275-2894576949-3566824943-1000UA
2017-11-15 09:33 - 2012-07-07 07:05 - 000003398 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-269968275-2894576949-3566824943-1000Core
2017-11-15 09:17 - 2014-12-25 09:10 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-14 20:33 - 2012-07-07 07:06 - 000002335 _____ C:\Users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 20:33 - 2012-07-07 07:06 - 000002327 _____ C:\Users\Hp\Desktop\Google Chrome.lnk
2017-11-14 19:16 - 2013-03-13 07:03 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-14 19:16 - 2012-12-08 09:32 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 19:16 - 2012-12-08 09:32 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-14 19:16 - 2012-02-21 14:14 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 19:16 - 2012-02-21 14:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-13 12:29 - 2016-04-14 11:09 - 000003168 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHp
2017-11-13 12:29 - 2016-04-14 11:09 - 000000320 _____ C:\Windows\Tasks\HPCeeScheduleForHp.job
2017-11-13 09:16 - 2017-03-24 21:24 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-11-13 09:15 - 2017-03-24 21:24 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-11-13 09:15 - 2017-03-24 21:24 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-11-13 09:15 - 2017-03-24 21:24 - 000198968 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-11-13 09:15 - 2017-03-24 21:24 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-11-13 09:15 - 2014-05-15 09:39 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-11-13 09:15 - 2014-01-04 10:27 - 000203976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-11-13 09:15 - 2013-03-19 08:23 - 000364464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-11-13 09:15 - 2013-03-19 08:23 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-11-13 09:15 - 2012-08-29 12:39 - 001026232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-11-13 09:15 - 2012-08-29 12:39 - 000455384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys.151075863448001
2017-11-13 09:15 - 2012-08-29 12:39 - 000148288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-11-13 09:15 - 2012-08-29 12:39 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-11-10 19:36 - 2012-09-30 06:39 - 000000000 ____D C:\Users\Hp\AppData\Local\CrashDumps
2017-11-08 11:03 - 2012-02-21 14:19 - 000027680 _____ (PDF Complete, Inc.) C:\Windows\system32\pdfc_port.dll
2017-11-04 18:28 - 2015-01-31 19:54 - 000000020 ____H C:\ProgramData\PKP_DLev.DAT
2017-11-04 18:28 - 2015-01-31 19:54 - 000000020 ____H C:\ProgramData\PKP_DLet.DAT
2017-11-01 09:17 - 2012-08-29 12:39 - 001020536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.150952430834007
2017-11-01 09:17 - 2012-08-29 12:39 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-28 19:56 - 2012-11-01 09:28 - 000000000 ____D C:\Users\Hp\AppData\Roaming\Youtube Downloader HD
2017-10-17 20:28 - 2014-06-19 00:14 - 000000000 ____D C:\Users\Hp\AppData\Roaming\vlc
2017-10-16 14:27 - 2016-11-23 08:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-10-16 14:27 - 2012-10-14 07:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Fichiers à la racine de certains dossiers =======
2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\PageLibraries
2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\PDEs
2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\Pipe Organ
2015-01-31 19:55 - 2015-01-31 19:55 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\PPD Plugins
2014-11-20 15:58 - 2016-12-04 08:13 - 000006656 _____ () C:\Users\Hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-09 17:09 - 2017-11-09 17:09 - 000003998 _____ () C:\Users\Hp\AppData\Local\recently-used.xbel
2012-06-29 14:52 - 2013-12-30 10:31 - 000006140 _____ () C:\ProgramData\hpzinstall.log
2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\ProgramData\People
2015-01-31 19:55 - 2015-01-31 19:55 - 000000268 ___RH () C:\ProgramData\Percussion Kit
2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\ProgramData\Perl
2015-01-31 19:54 - 2015-01-31 19:54 - 000000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2015-01-31 19:55 - 2016-03-05 08:17 - 000000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-01-31 19:54 - 2017-11-04 18:28 - 000000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-01-31 19:54 - 2017-11-04 18:28 - 000000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-01-31 19:54 - 2015-01-31 19:54 - 000000012 ___RH () C:\ProgramData\Plug-Ins
2015-01-31 19:55 - 2015-01-31 19:55 - 000000012 ___RH () C:\ProgramData\Podcasting
2015-01-31 19:54 - 2015-01-31 19:54 - 000000012 ___RH () C:\ProgramData\Pop Kit
2015-01-31 19:54 - 2015-01-31 19:54 - 000000012 ___RH () C:\ProgramData\Sci-Fi
Certains fichiers dans TEMP:
====================
2016-11-06 08:40 - 2016-11-06 08:40 - 000003584 _____ () C:\Users\Hp\AppData\Local\Temp\1btjav6o.dll
2014-04-06 17:56 - 2014-04-06 17:56 - 000041984 _____ () C:\Users\Hp\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5y3you.dll
2013-06-04 09:30 - 2013-06-04 09:30 - 000050432 ____R () C:\Users\Hp\AppData\Local\Temp\Extract.exe
2012-07-06 20:45 - 2012-07-06 20:45 - 000074808 _____ (Hewlett-Packard) C:\Users\Hp\AppData\Local\Temp\HPHelpUpdater.exe
2015-11-21 10:49 - 2015-10-22 01:08 - 000595656 _____ (Hewlett-Packard) C:\Users\Hp\AppData\Local\Temp\HPSFUpdater.exe
2013-01-31 00:58 - 2013-01-31 00:58 - 000897448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
2013-02-16 06:00 - 2013-02-16 06:00 - 000897448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
2013-03-01 21:00 - 2013-03-01 21:00 - 000897448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
2013-06-22 02:58 - 2013-06-22 02:58 - 000903080 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
2013-10-08 19:27 - 2013-10-08 19:27 - 000915368 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
2013-12-19 18:06 - 2013-12-19 18:06 - 000921512 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
2014-07-28 06:15 - 2014-07-28 06:15 - 000918440 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
2014-09-29 18:06 - 2014-09-29 18:06 - 000937896 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
2017-06-09 17:57 - 2017-06-09 17:57 - 000739904 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-8u131-windows-au.exe
2014-12-18 18:29 - 2014-12-18 18:29 - 000641448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-8u31-windows-au.exe
2016-07-04 11:40 - 2016-07-04 11:40 - 000739904 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-8u91-windows-au.exe
2015-06-08 09:01 - 2016-01-09 10:38 - 017938337 _____ () C:\Users\Hp\AppData\Local\Temp\MyHeritage_Version_7_0_0_7143_Size_36843992.exe
2016-12-23 10:53 - 2016-12-23 10:53 - 003734835 _____ () C:\Users\Hp\AppData\Local\Temp\MyHeritage_Version_8_0_0_8333_Size_47737760.exe
2012-09-20 02:15 - 2012-09-20 02:15 - 050352408 _____ (Microsoft Corporation) C:\Users\Hp\AppData\Local\Temp\NetFramework45.exe
2015-01-28 15:44 - 2015-01-28 15:44 - 000026424 _____ () C:\Users\Hp\AppData\Local\Temp\ochelper.exe
2006-10-28 04:58 - 2006-10-28 04:58 - 000145184 ____R (Microsoft Corporation) C:\Users\Hp\AppData\Local\Temp\ose00000.exe
2012-11-30 21:36 - 2012-05-04 02:24 - 000031616 _____ (Hewlett-Packard Company) C:\Users\Hp\AppData\Local\Temp\Resource.exe
2012-11-02 16:50 - 2012-11-02 16:50 - 000040587 _____ () C:\Users\Hp\AppData\Local\Temp\Runner.exe
2012-09-16 16:01 - 2012-09-16 16:02 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{1779AE8F-7125-4ED7-974C-AE92B4D29FA1}.exe
2012-09-19 16:24 - 2012-09-19 16:25 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{1C0FFD6F-341A-46D9-9F13-6DCE144C99F6}.exe
2012-10-11 15:51 - 2012-10-11 15:52 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{2EF3D0B0-C5B1-4CB6-9CAE-854971EA09B3}.exe
2013-01-13 09:07 - 2013-01-13 09:08 - 048437312 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{3A485A48-586B-4B77-9D92-856E4DE851B5}.exe
2012-10-13 06:24 - 2012-10-13 06:25 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{3F511274-51EE-4088-8539-25A4AFC68B37}.exe
2012-09-30 06:35 - 2012-09-30 06:36 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{4BADFA81-4DE6-4AFF-A360-C55746D57300}.exe
2012-10-11 06:44 - 2012-10-11 06:45 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{645E8926-CCA7-4CC0-A595-A5D89C5F07E8}.exe
2012-10-07 14:11 - 2012-10-07 14:12 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{7210C28F-A029-466E-8867-50201C1F4DCA}.exe
2013-01-10 08:41 - 2013-01-10 08:41 - 048437312 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{7C920D53-40D9-4E8C-A3C6-93141D396036}.exe
2012-09-13 06:17 - 2012-09-13 06:18 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{993AC96D-B96E-41BE-9052-5DEE8ED23394}.exe
2012-10-04 15:41 - 2012-10-04 15:42 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{AA42145F-16EA-44BE-BB18-3D274A661D4C}.exe
2012-09-20 06:21 - 2012-09-20 06:22 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{B4D0D5E1-4630-440E-B31E-D2B75C564AEC}.exe
2012-10-28 10:24 - 2012-10-28 10:25 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{C5BD36ED-FFF6-462B-9B4A-7384B89ED9A9}.exe
2012-09-14 16:27 - 2012-09-14 16:28 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{C6BFE14B-21A6-46F7-9DA7-35C18BD4A3AF}.exe
2012-09-19 04:52 - 2012-09-19 04:53 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{CE74B58E-55BA-492F-A766-FE9DC5FCC26A}.exe
2012-09-22 05:44 - 2012-09-22 05:44 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{D4CC8D1D-9083-4BAF-8781-1E13215C3ABB}.exe
2012-09-30 06:39 - 2012-09-30 06:40 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{DCA0D5D1-2B20-416A-AB33-DC28643C6BAA}.exe
2012-09-26 16:25 - 2012-09-26 16:26 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{E12127A2-80C2-440B-B101-5C9D337ADB8A}.exe
2012-07-06 20:40 - 2012-07-06 20:42 - 057826304 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Hp\AppData\Local\Temp\sp54931.exe
2012-11-16 21:12 - 2012-11-30 21:36 - 041580520 _____ (Hewlett-Packard ) C:\Users\Hp\AppData\Local\Temp\sp58915.exe
2014-01-24 09:45 - 2014-01-24 09:45 - 044799704 _____ (Hewlett-Packard ) C:\Users\Hp\AppData\Local\Temp\sp64126.exe
2014-04-25 02:52 - 2014-04-25 02:52 - 184800632 _____ ( ) C:\Users\Hp\AppData\Local\Temp\SP66194.exe
2013-11-22 07:22 - 2013-11-22 07:06 - 000599419 _____ () C:\Users\Hp\AppData\Local\Temp\Sqlite3.dll
2013-06-29 08:38 - 2013-06-16 09:40 - 000389632 _____ (Babylon Ltd.) C:\Users\Hp\AppData\Local\Temp\uninst1.exe
2012-07-06 20:42 - 2015-09-28 09:36 - 000144912 _____ (Hewlett-Packard Company) C:\Users\Hp\AppData\Local\Temp\UninstallHPSA.exe
2013-04-22 04:26 - 2013-04-22 04:26 - 022948790 _____ () C:\Users\Hp\AppData\Local\Temp\vlc-2.0.6-win32.exe
2015-12-01 19:50 - 2015-12-01 19:50 - 006912080 _____ () C:\Users\Hp\AppData\Local\Temp\{0DB40C06-1D06-471D-A985-F636A7656A86}-47.0.2526.73_46.0.2490.86_chrome_updater.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-12-04 08:40
==================== Fin de FRST.txt ============================