Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2017 Exécuté par Hp (administrateur) sur HP-HP (15-11-2017 18:46:11) Exécuté depuis C:\Users\Hp\Desktop Profils chargés: Hp (Profils disponibles: Hp) Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe () C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe () C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-13] (AVAST Software) HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-05-17] (EasyBits Software AS) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-10] (Easybits) HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2534400 2014-05-14] (MyHeritage) HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2017-11-08] (PDF Complete Inc) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Run: [Google Update] => C:\Users\Hp\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Run: [Chromium] => "c:\users\hp\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-269968275-2894576949-3566824943-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-02-21] (EasyBits Software Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-03-12] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-06-30] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk [2016-03-12] ShortcutTarget: Notifications de Mises à jour.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Utilitaire de configuration sans fil.lnk [2013-11-15] ShortcutTarget: Utilitaire de configuration sans fil.lnk -> C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2016-03-12] ShortcutTarget: WinZip Préchargeur.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.) GroupPolicy: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240 Tcpip\..\Interfaces\{8D200654-2CCC-4FA1-9CE0-25573CD677BE}: [DhcpNameServer] 212.27.40.241 212.27.40.240 Tcpip\..\Interfaces\{9190E923-A712-4D0E-AD0C-9EB2FCDF718D}: [DhcpNameServer] 212.27.40.241 212.27.40.240 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-269968275-2894576949-3566824943-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/webhp?hl=fr&tab=ww&gws_rd=ssl HKU\S-1-5-21-269968275-2894576949-3566824943-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox SearchScopes: HKLM -> {21ECC71F-128D-4C98-84DF-3329EC231302} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKU\.DEFAULT -> {F42D4712-298F-4502-8668-7B9940C3FB00} URL = hxxp://www.basicseek.com/?prt=BASICSEEK111&keywords={searchTerms} SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = SearchScopes: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-13] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-09] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-13] (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-09] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier Toolbar: HKU\S-1-5-21-269968275-2894576949-3566824943-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier DPF: HKLM-x32 {55A2C0CD-3DE8-4264-9637-A0B40B05714E} hxxps://col0-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=1663973501 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-06-30] [Legacy] [non signé] FF HKU\S-1-5-21-269968275-2894576949-3566824943-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-09] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-09] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-06-30] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-24] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-269968275-2894576949-3566824943-1000: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 -> C:\Users\Hp\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll [2010-03-04] (Stonetrip) FF Plugin HKU\S-1-5-21-269968275-2894576949-3566824943-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Hp\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier] FF Plugin HKU\S-1-5-21-269968275-2894576949-3566824943-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Hp\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier] Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://www.google.fr/webhp?hl=fr&tab=ww&gws_rd=ssl CHR StartupUrls: Default -> "hxxps://www.google.fr/webhp?hl=fr&tab=ww&gws_rd=ssl" CHR Profile: C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default [2017-11-15] CHR Extension: (YouTube) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Recherche Google) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Adobe Acrobat) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-27] CHR Extension: (Spring Theme) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpcfekghemjkdgnodkinnfbookfaapf [2015-04-25] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Gmail) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR Extension: (Chrome Media Router) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-15] CHR HKU\S-1-5-21-269968275-2894576949-3566824943-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome.HMHXFNEK4WV2KRDAJGPQASPCTI - C:\Users\Hp\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-13] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-13] (AVAST Software) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Fichier non signé] R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Fichier non signé] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WlanWpsSvc; C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe [167936 2008-06-26] () [Fichier non signé] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [183584 2017-11-13] (AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321032 2017-11-13] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [198968 2017-11-13] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343288 2017-11-13] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57728 2017-11-13] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47008 2017-11-13] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-16] (AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148288 2017-11-13] (AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110376 2017-11-13] (AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84416 2017-11-13] (AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026232 2017-11-13] (AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455376 2017-11-15] (AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203976 2017-11-13] (AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [364464 2017-11-13] (AVAST Software) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-11-15 18:46 - 2017-11-15 18:46 - 000021704 _____ C:\Users\Hp\Desktop\FRST.txt 2017-11-15 18:45 - 2017-11-15 18:46 - 000000000 ____D C:\FRST 2017-11-15 18:44 - 2017-11-15 18:44 - 002392576 _____ (Farbar) C:\Users\Hp\Desktop\FRST64.exe 2017-11-15 17:25 - 2017-11-15 17:25 - 000052053 _____ C:\Users\Hp\Downloads\2017%202018conseil%20de%20classe%20%20trimestre%201%20et%20semestre%201.xlsx 2017-11-15 16:14 - 2017-11-15 16:14 - 000156652 _____ C:\Users\Hp\Desktop\ZHPDiag.txt 2017-11-15 16:03 - 2017-11-15 16:03 - 000000000 ____D C:\ProgramData\SWCUTemp 2017-11-15 16:03 - 2017-11-15 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Complete 2017-11-15 15:56 - 2017-11-15 16:01 - 000000000 ____D C:\AdwCleaner 2017-11-15 15:53 - 2017-11-15 15:54 - 008261584 _____ (Malwarebytes) C:\Users\Hp\Desktop\adwcleaner_7.0.4.0.exe 2017-11-15 15:19 - 2017-11-15 15:23 - 000012516 _____ C:\Users\Hp\Desktop\ZHPCleaner.txt 2017-11-15 15:05 - 2017-11-15 15:05 - 000000791 _____ C:\Users\Hp\Desktop\ZHPCleaner.lnk 2017-11-15 15:03 - 2017-11-15 15:03 - 002971008 _____ C:\Users\Hp\Desktop\ZHPCleaner.exe 2017-11-15 11:37 - 2017-11-15 16:10 - 000000000 ____D C:\Users\Hp\AppData\Roaming\ZHP 2017-11-15 11:37 - 2017-11-15 16:10 - 000000000 ____D C:\Users\Hp\AppData\Local\ZHP 2017-11-15 11:37 - 2017-11-15 11:37 - 000000781 _____ C:\Users\Hp\Desktop\ZHPDiag.lnk 2017-11-15 11:34 - 2017-11-15 11:34 - 002932096 _____ C:\Users\Hp\Downloads\ZHPDiag3.exe 2017-11-15 10:40 - 2017-11-15 10:40 - 000066546 _____ C:\Users\Hp\Desktop\UsbFix_Report.txt 2017-11-15 09:54 - 2017-11-15 10:40 - 000004552 _____ C:\usbfix-debug.txt 2017-11-15 09:43 - 2017-11-15 10:40 - 000000000 ____D C:\UsbFix 2017-11-15 09:39 - 2017-11-15 09:39 - 008222104 _____ (SOSVirus) C:\Users\Hp\Desktop\UsbFix_9.067.exe 2017-11-13 16:07 - 2017-11-13 16:07 - 003391054 _____ C:\Users\Hp\Downloads\ed6134.pdf 2017-11-13 15:42 - 2017-11-13 15:42 - 000023401 _____ C:\Users\Hp\Downloads\ReleveDePrestations_journalier_du_11_11_2017.pdf 2017-11-13 09:16 - 2017-11-13 09:15 - 000183584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2017-11-13 09:15 - 2017-11-13 09:15 - 000365168 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-11-12 06:59 - 2017-11-12 06:59 - 000000000 ____D C:\$AV_ASW 2017-11-11 14:07 - 2017-11-11 14:07 - 000474760 _____ C:\Users\Hp\Desktop\doc (1).pdf 2017-11-11 14:07 - 2017-11-11 14:07 - 000474739 _____ C:\Users\Hp\Desktop\doc.pdf 2017-11-09 17:09 - 2017-11-09 17:09 - 000003998 _____ C:\Users\Hp\AppData\Local\recently-used.xbel 2017-11-06 11:29 - 2017-11-06 11:29 - 003371977 _____ C:\Users\Hp\Downloads\Video111.MOV 2017-11-01 13:28 - 2017-11-01 13:30 - 091022966 _____ C:\Users\Hp\Downloads\June - No Love Lost, No Trust Given 2.zip 2017-10-31 09:36 - 2017-10-31 09:36 - 000101762 _____ C:\Users\Hp\Downloads\ns239 (4).pdf 2017-10-31 08:05 - 2017-10-31 08:05 - 000101762 _____ C:\Users\Hp\Downloads\ns239 (3).pdf 2017-10-31 07:49 - 2017-10-31 07:49 - 000194786 _____ C:\Users\Hp\Downloads\tf84.pdf 2017-10-31 07:43 - 2017-10-31 07:43 - 000101762 _____ C:\Users\Hp\Downloads\ns239 (2).pdf 2017-10-30 11:23 - 2017-10-30 11:23 - 001091502 _____ C:\Users\Hp\Downloads\Article Compteurs Linky magazine QUE CHOISIR Octobre 2017.pdf 2017-10-29 20:22 - 2017-10-29 20:22 - 000014015 _____ C:\Users\Hp\Downloads\Bordereau-Vinted-68325530.pdf 2017-10-28 09:34 - 2017-10-28 09:34 - 000023849 _____ C:\Users\Hp\Downloads\ReleveDePrestations_journalier_du_26_10_2017.pdf 2017-10-24 18:05 - 2017-10-24 18:06 - 027473572 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1981__CN81000451_1981_FR3300-DIC_1420 (1).jp2 2017-10-24 18:01 - 2017-10-24 18:01 - 027473572 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1981__CN81000451_1981_FR3300-DIC_1420.jp2 2017-10-24 17:56 - 2017-10-24 17:57 - 027901436 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1980-09-06__C1336-0051_1980_FR9139_0004.jp2 2017-10-24 17:04 - 2017-10-24 17:04 - 005895415 _____ C:\Users\Hp\Downloads\IGNF_PVA_1-0__1957-06-28__C1332-0051_1957_F1332-1632_0247.jp2 2017-10-23 20:00 - 2017-10-23 20:00 - 000629497 _____ C:\Users\Hp\Downloads\33 - Le Verdon-sur-Mer - Arrêté de zonage archéologique.pdf 2017-10-23 06:30 - 2017-10-23 06:30 - 000023598 _____ C:\Users\Hp\Downloads\ReleveDePrestations_journalier_du_21_10_2017.pdf ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-11-15 17:18 - 2017-05-25 11:00 - 000000000 ____D C:\Users\Hp\AppData\LocalLow\Mozilla 2017-11-15 16:49 - 2012-02-21 13:48 - 000747644 _____ C:\Windows\system32\perfh00C.dat 2017-11-15 16:49 - 2012-02-21 13:48 - 000150168 _____ C:\Windows\system32\perfc00C.dat 2017-11-15 16:49 - 2009-07-14 06:13 - 001669584 _____ C:\Windows\system32\PerfStringBackup.INI 2017-11-15 16:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2017-11-15 16:11 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-11-15 16:11 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-11-15 16:10 - 2012-08-29 12:39 - 000455376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-11-15 16:08 - 2012-02-21 14:19 - 000000000 ____D C:\ProgramData\PDFC 2017-11-15 16:03 - 2012-02-21 14:19 - 000000000 ____D C:\Program Files (x86)\PDF Complete 2017-11-15 16:03 - 2012-02-21 14:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers 2017-11-15 16:02 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-11-15 16:01 - 2017-09-04 15:46 - 000000000 _____ C:\Windows\SysWOW64\last.dump 2017-11-15 16:01 - 2012-06-30 10:10 - 000000000 ____D C:\Users\Hp\AppData\Roaming\Yahoo! 2017-11-15 15:23 - 2012-07-07 07:05 - 000000000 ____D C:\Users\Hp\AppData\Local\Google 2017-11-15 10:54 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp 2017-11-15 10:49 - 2012-03-07 09:45 - 000003912 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{663C1A98-E9EE-42F7-93F5-73DC037A192D} 2017-11-15 09:33 - 2012-07-07 07:05 - 000003670 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-269968275-2894576949-3566824943-1000UA 2017-11-15 09:33 - 2012-07-07 07:05 - 000003398 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-269968275-2894576949-3566824943-1000Core 2017-11-15 09:17 - 2014-12-25 09:10 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-11-14 20:33 - 2012-07-07 07:06 - 000002335 _____ C:\Users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-11-14 20:33 - 2012-07-07 07:06 - 000002327 _____ C:\Users\Hp\Desktop\Google Chrome.lnk 2017-11-14 19:16 - 2013-03-13 07:03 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-11-14 19:16 - 2012-12-08 09:32 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-11-14 19:16 - 2012-12-08 09:32 - 000000000 ____D C:\Windows\system32\Macromed 2017-11-14 19:16 - 2012-02-21 14:14 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-11-14 19:16 - 2012-02-21 14:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-11-13 12:29 - 2016-04-14 11:09 - 000003168 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHp 2017-11-13 12:29 - 2016-04-14 11:09 - 000000320 _____ C:\Windows\Tasks\HPCeeScheduleForHp.job 2017-11-13 09:16 - 2017-03-24 21:24 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-11-13 09:15 - 2017-03-24 21:24 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-11-13 09:15 - 2017-03-24 21:24 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-11-13 09:15 - 2017-03-24 21:24 - 000198968 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-11-13 09:15 - 2017-03-24 21:24 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-11-13 09:15 - 2014-05-15 09:39 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-11-13 09:15 - 2014-01-04 10:27 - 000203976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-11-13 09:15 - 2013-03-19 08:23 - 000364464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-11-13 09:15 - 2013-03-19 08:23 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-11-13 09:15 - 2012-08-29 12:39 - 001026232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-11-13 09:15 - 2012-08-29 12:39 - 000455384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys.151075863448001 2017-11-13 09:15 - 2012-08-29 12:39 - 000148288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-11-13 09:15 - 2012-08-29 12:39 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-11-10 19:36 - 2012-09-30 06:39 - 000000000 ____D C:\Users\Hp\AppData\Local\CrashDumps 2017-11-08 11:03 - 2012-02-21 14:19 - 000027680 _____ (PDF Complete, Inc.) C:\Windows\system32\pdfc_port.dll 2017-11-04 18:28 - 2015-01-31 19:54 - 000000020 ____H C:\ProgramData\PKP_DLev.DAT 2017-11-04 18:28 - 2015-01-31 19:54 - 000000020 ____H C:\ProgramData\PKP_DLet.DAT 2017-11-01 09:17 - 2012-08-29 12:39 - 001020536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.150952430834007 2017-11-01 09:17 - 2012-08-29 12:39 - 000000000 ____D C:\ProgramData\AVAST Software 2017-10-28 19:56 - 2012-11-01 09:28 - 000000000 ____D C:\Users\Hp\AppData\Roaming\Youtube Downloader HD 2017-10-17 20:28 - 2014-06-19 00:14 - 000000000 ____D C:\Users\Hp\AppData\Roaming\vlc 2017-10-16 14:27 - 2016-11-23 08:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2017-10-16 14:27 - 2012-10-14 07:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service ==================== Fichiers à la racine de certains dossiers ======= 2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\PageLibraries 2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\PDEs 2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\Pipe Organ 2015-01-31 19:55 - 2015-01-31 19:55 - 000000268 ___RH () C:\Users\Hp\AppData\Roaming\PPD Plugins 2014-11-20 15:58 - 2016-12-04 08:13 - 000006656 _____ () C:\Users\Hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-11-09 17:09 - 2017-11-09 17:09 - 000003998 _____ () C:\Users\Hp\AppData\Local\recently-used.xbel 2012-06-29 14:52 - 2013-12-30 10:31 - 000006140 _____ () C:\ProgramData\hpzinstall.log 2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\ProgramData\People 2015-01-31 19:55 - 2015-01-31 19:55 - 000000268 ___RH () C:\ProgramData\Percussion Kit 2015-01-31 19:54 - 2015-01-31 19:54 - 000000268 ___RH () C:\ProgramData\Perl 2015-01-31 19:54 - 2015-01-31 19:54 - 000000020 ____H () C:\ProgramData\PKP_DLeo.DAT 2015-01-31 19:55 - 2016-03-05 08:17 - 000000020 ____H () C:\ProgramData\PKP_DLes.DAT 2015-01-31 19:54 - 2017-11-04 18:28 - 000000020 ____H () C:\ProgramData\PKP_DLet.DAT 2015-01-31 19:54 - 2017-11-04 18:28 - 000000020 ____H () C:\ProgramData\PKP_DLev.DAT 2015-01-31 19:54 - 2015-01-31 19:54 - 000000012 ___RH () C:\ProgramData\Plug-Ins 2015-01-31 19:55 - 2015-01-31 19:55 - 000000012 ___RH () C:\ProgramData\Podcasting 2015-01-31 19:54 - 2015-01-31 19:54 - 000000012 ___RH () C:\ProgramData\Pop Kit 2015-01-31 19:54 - 2015-01-31 19:54 - 000000012 ___RH () C:\ProgramData\Sci-Fi Certains fichiers dans TEMP: ==================== 2016-11-06 08:40 - 2016-11-06 08:40 - 000003584 _____ () C:\Users\Hp\AppData\Local\Temp\1btjav6o.dll 2014-04-06 17:56 - 2014-04-06 17:56 - 000041984 _____ () C:\Users\Hp\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5y3you.dll 2013-06-04 09:30 - 2013-06-04 09:30 - 000050432 ____R () C:\Users\Hp\AppData\Local\Temp\Extract.exe 2012-07-06 20:45 - 2012-07-06 20:45 - 000074808 _____ (Hewlett-Packard) C:\Users\Hp\AppData\Local\Temp\HPHelpUpdater.exe 2015-11-21 10:49 - 2015-10-22 01:08 - 000595656 _____ (Hewlett-Packard) C:\Users\Hp\AppData\Local\Temp\HPSFUpdater.exe 2013-01-31 00:58 - 2013-01-31 00:58 - 000897448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe 2013-02-16 06:00 - 2013-02-16 06:00 - 000897448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe 2013-03-01 21:00 - 2013-03-01 21:00 - 000897448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe 2013-06-22 02:58 - 2013-06-22 02:58 - 000903080 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe 2013-10-08 19:27 - 2013-10-08 19:27 - 000915368 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe 2013-12-19 18:06 - 2013-12-19 18:06 - 000921512 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe 2014-07-28 06:15 - 2014-07-28 06:15 - 000918440 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe 2014-09-29 18:06 - 2014-09-29 18:06 - 000937896 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe 2017-06-09 17:57 - 2017-06-09 17:57 - 000739904 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-8u131-windows-au.exe 2014-12-18 18:29 - 2014-12-18 18:29 - 000641448 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-8u31-windows-au.exe 2016-07-04 11:40 - 2016-07-04 11:40 - 000739904 _____ (Oracle Corporation) C:\Users\Hp\AppData\Local\Temp\jre-8u91-windows-au.exe 2015-06-08 09:01 - 2016-01-09 10:38 - 017938337 _____ () C:\Users\Hp\AppData\Local\Temp\MyHeritage_Version_7_0_0_7143_Size_36843992.exe 2016-12-23 10:53 - 2016-12-23 10:53 - 003734835 _____ () C:\Users\Hp\AppData\Local\Temp\MyHeritage_Version_8_0_0_8333_Size_47737760.exe 2012-09-20 02:15 - 2012-09-20 02:15 - 050352408 _____ (Microsoft Corporation) C:\Users\Hp\AppData\Local\Temp\NetFramework45.exe 2015-01-28 15:44 - 2015-01-28 15:44 - 000026424 _____ () C:\Users\Hp\AppData\Local\Temp\ochelper.exe 2006-10-28 04:58 - 2006-10-28 04:58 - 000145184 ____R (Microsoft Corporation) C:\Users\Hp\AppData\Local\Temp\ose00000.exe 2012-11-30 21:36 - 2012-05-04 02:24 - 000031616 _____ (Hewlett-Packard Company) C:\Users\Hp\AppData\Local\Temp\Resource.exe 2012-11-02 16:50 - 2012-11-02 16:50 - 000040587 _____ () C:\Users\Hp\AppData\Local\Temp\Runner.exe 2012-09-16 16:01 - 2012-09-16 16:02 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{1779AE8F-7125-4ED7-974C-AE92B4D29FA1}.exe 2012-09-19 16:24 - 2012-09-19 16:25 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{1C0FFD6F-341A-46D9-9F13-6DCE144C99F6}.exe 2012-10-11 15:51 - 2012-10-11 15:52 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{2EF3D0B0-C5B1-4CB6-9CAE-854971EA09B3}.exe 2013-01-13 09:07 - 2013-01-13 09:08 - 048437312 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{3A485A48-586B-4B77-9D92-856E4DE851B5}.exe 2012-10-13 06:24 - 2012-10-13 06:25 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{3F511274-51EE-4088-8539-25A4AFC68B37}.exe 2012-09-30 06:35 - 2012-09-30 06:36 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{4BADFA81-4DE6-4AFF-A360-C55746D57300}.exe 2012-10-11 06:44 - 2012-10-11 06:45 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{645E8926-CCA7-4CC0-A595-A5D89C5F07E8}.exe 2012-10-07 14:11 - 2012-10-07 14:12 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{7210C28F-A029-466E-8867-50201C1F4DCA}.exe 2013-01-10 08:41 - 2013-01-10 08:41 - 048437312 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{7C920D53-40D9-4E8C-A3C6-93141D396036}.exe 2012-09-13 06:17 - 2012-09-13 06:18 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{993AC96D-B96E-41BE-9052-5DEE8ED23394}.exe 2012-10-04 15:41 - 2012-10-04 15:42 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{AA42145F-16EA-44BE-BB18-3D274A661D4C}.exe 2012-09-20 06:21 - 2012-09-20 06:22 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{B4D0D5E1-4630-440E-B31E-D2B75C564AEC}.exe 2012-10-28 10:24 - 2012-10-28 10:25 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{C5BD36ED-FFF6-462B-9B4A-7384B89ED9A9}.exe 2012-09-14 16:27 - 2012-09-14 16:28 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{C6BFE14B-21A6-46F7-9DA7-35C18BD4A3AF}.exe 2012-09-19 04:52 - 2012-09-19 04:53 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{CE74B58E-55BA-492F-A766-FE9DC5FCC26A}.exe 2012-09-22 05:44 - 2012-09-22 05:44 - 048366152 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{D4CC8D1D-9083-4BAF-8781-1E13215C3ABB}.exe 2012-09-30 06:39 - 2012-09-30 06:40 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{DCA0D5D1-2B20-416A-AB33-DC28643C6BAA}.exe 2012-09-26 16:25 - 2012-09-26 16:26 - 048417864 _____ () C:\Users\Hp\AppData\Local\Temp\Setup_{E12127A2-80C2-440B-B101-5C9D337ADB8A}.exe 2012-07-06 20:40 - 2012-07-06 20:42 - 057826304 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Hp\AppData\Local\Temp\sp54931.exe 2012-11-16 21:12 - 2012-11-30 21:36 - 041580520 _____ (Hewlett-Packard ) C:\Users\Hp\AppData\Local\Temp\sp58915.exe 2014-01-24 09:45 - 2014-01-24 09:45 - 044799704 _____ (Hewlett-Packard ) C:\Users\Hp\AppData\Local\Temp\sp64126.exe 2014-04-25 02:52 - 2014-04-25 02:52 - 184800632 _____ ( ) C:\Users\Hp\AppData\Local\Temp\SP66194.exe 2013-11-22 07:22 - 2013-11-22 07:06 - 000599419 _____ () C:\Users\Hp\AppData\Local\Temp\Sqlite3.dll 2013-06-29 08:38 - 2013-06-16 09:40 - 000389632 _____ (Babylon Ltd.) C:\Users\Hp\AppData\Local\Temp\uninst1.exe 2012-07-06 20:42 - 2015-09-28 09:36 - 000144912 _____ (Hewlett-Packard Company) C:\Users\Hp\AppData\Local\Temp\UninstallHPSA.exe 2013-04-22 04:26 - 2013-04-22 04:26 - 022948790 _____ () C:\Users\Hp\AppData\Local\Temp\vlc-2.0.6-win32.exe 2015-12-01 19:50 - 2015-12-01 19:50 - 006912080 _____ () C:\Users\Hp\AppData\Local\Temp\{0DB40C06-1D06-471D-A985-F636A7656A86}-47.0.2526.73_46.0.2490.86_chrome_updater.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-12-04 08:40 ==================== Fin de FRST.txt ============================