Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Exécuté par Mag (administrateur) sur MAG-PC (13-04-2017 02:17:09)
Exécuté depuis C:\Users\Mag\Downloads
Profils chargés: Mag & UpdatusUser (Profils disponibles: Mag & UpdatusUser & Administrator)
Platform: Windows 7 Professional (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ESET) C:\Program Files\ESET\ESET Smart Security Premium\ekrn.exe
(DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
() C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security Premium\egui.exe
() C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\Notifier.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776192 2017-02-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-02-04] (Realtek Semiconductor)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074600 2016-08-28] (The Eraser Project)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376 2012-02-09] (Power Software Ltd)
HKLM-x32\...\Run: [SOS Notifier] => C:\Program Files (x86)\Steganos Online Shield\Notifier.exe [4198896 2017-02-21] (Steganos Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\Run: [EsetPasswordManager] => C:\Program Files\ESET\ESET Password Manager\pwm.exe [92672 2016-11-28] (ESET)
HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4001848 2016-12-15] (Tonec Inc.)
HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\Run: [GoogleChromeAutoLaunch_59EDC63376AF36EBDCCAFA94134A07BD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1111896 2017-03-29] (Google Inc.)
HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\Run: [SOS Browser Monitor] => C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe [1130520 2017-02-21] (Steganos Software GmbH)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [241984 2011-11-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [203072 2011-11-27] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2016-08-09] (DESlock Limited)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.192.0.1
Tcpip\..\Interfaces\{F11C54CF-BA2E-4FA7-8076-2DEE7D04783F}: [DhcpNameServer] 10.192.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\iToolsBHO64.dll [2017-04-11] (iTools.hk)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\iToolsBHO.dll [2017-04-11] (iTools.hk)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mag\AppData\Roaming\Mozilla\Firefox\Profiles\dari2vq4.default-1490895363906 [2017-04-13]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Mag\AppData\Roaming\Mozilla\Firefox\Profiles\dari2vq4.default-1490895363906\Extensions\firefox@zenmate.com.xpi [2017-03-30]
FF Extension: (Disable Prefetch) - C:\Users\Mag\AppData\Roaming\Mozilla\Firefox\Profiles\dari2vq4.default-1490895363906\features\{bc38bbe5-c932-4b03-a6ec-2e291d6170fd}\disable-prefetch@mozilla.org.xpi [2017-04-04]
FF Extension: (Site Deployment Checker) - C:\Program Files\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-29] [non signé]
FF HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Mag\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Mag\AppData\Roaming\IDM\idmmzcc5 [2017-04-13] [non signé]
FF HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\npiTools.dll [2017-04-11] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\npiTools.dll [2017-04-11] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default [2017-04-13]
CHR Extension: (Google Slides) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-07]
CHR Extension: (Google Docs) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-07]
CHR Extension: (Google Drive) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-07]
CHR Extension: (YouTube) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-07]
CHR Extension: (ZenMate VPN - Sécurité internet & Unblock) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-03-29]
CHR Extension: (Google Sheets) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-07]
CHR Extension: (FBDown Video Downloader) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2017-04-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-08]
CHR Extension: (IDM Integration Module) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-04-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-29]
CHR Extension: (Gmail) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-07]
CHR Extension: (Chrome Media Router) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-05]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [540864 2016-07-08] (DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security Premium\ekrn.exe [2836296 2016-12-14] (ESET)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-12-29] (Foxit Software Inc.)
R2 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Online Shield Starter Service; C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe [354840 2017-02-21] (Steganos Software GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 DLMFENC; C:\Windows\System32\DRIVERS\DLMFENC.sys [179712 2016-08-04] (DESlock Ltd.)
R0 DLPCRYPT; C:\Windows\System32\DRIVERS\dlpcrypt.sys [121184 2016-08-09] (DESlock Ltd.)
R0 dlpvdisk; C:\Windows\System32\DRIVERS\dlpvdisk.sys [98304 2016-08-04] (DESlock Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132272 2016-12-13] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106768 2016-12-13] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180544 2016-12-13] (ESET)
S4 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [49672 2016-12-13] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [77616 2016-12-13] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [60536 2016-12-13] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [96856 2016-12-13] (ESET)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-04] (REALiX(tm))
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-04-12] ()
R0 VDLPToken2; C:\Windows\System32\DRIVERS\vdlptkn2.sys [135736 2016-08-04] (DESlock Ltd.)
S3 catchme; \??\C:\Users\Mag\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-13 02:17 - 2017-04-13 02:18 - 00017437 _____ C:\Users\Mag\Downloads\FRST.txt
2017-04-13 02:17 - 2017-04-13 02:17 - 00000000 ____D C:\FRST
2017-04-13 02:16 - 2017-04-13 02:16 - 02424832 _____ (Farbar) C:\Users\Mag\Downloads\FRST64.exe
2017-04-13 02:10 - 2017-04-13 02:10 - 00000000 ____D C:\Users\Mag\AppData\Local\CrashDumps
2017-04-13 02:09 - 2017-04-13 02:09 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2017-04-12 23:55 - 2017-04-12 23:53 - 00002286 _____ C:\Users\Mag\Desktop\ZHPFixReport.txt
2017-04-12 23:50 - 2017-04-12 23:51 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2017-04-12 23:50 - 2017-04-12 23:50 - 00001853 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-04-12 23:50 - 2017-04-12 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-04-12 23:48 - 2017-04-12 23:49 - 03521617 _____ (Nicolas Coolman ) C:\Users\Mag\Desktop\ZHPFix.exe
2017-04-12 19:35 - 2017-04-12 19:35 - 00106333 _____ C:\Users\Mag\Desktop\ZHPDiag.txt
2017-04-12 19:31 - 2017-04-12 19:31 - 00000780 _____ C:\Users\Mag\Desktop\ZHPDiag.lnk
2017-04-12 19:30 - 2017-04-12 19:30 - 02717696 _____ C:\Users\Mag\Downloads\ZHPDiag3.exe
2017-04-12 18:02 - 2017-04-12 18:02 - 00000790 _____ C:\Users\Mag\Desktop\ZHPCleaner.lnk
2017-04-12 18:01 - 2017-04-12 23:55 - 00000000 ____D C:\Users\Mag\AppData\Roaming\ZHP
2017-04-12 18:01 - 2017-04-12 19:32 - 00000000 ____D C:\Users\Mag\AppData\Local\ZHP
2017-04-12 17:19 - 2017-04-12 17:20 - 02760704 _____ C:\Users\Mag\Downloads\ZHPCleaner.exe
2017-04-12 17:19 - 2017-04-12 17:19 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-04-12 17:18 - 2017-04-12 17:18 - 00000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-04-12 17:18 - 2017-04-12 17:18 - 00000000 ____D C:\ProgramData\RogueKiller
2017-04-12 17:18 - 2017-04-12 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-04-12 17:17 - 2017-04-12 17:18 - 00000000 ____D C:\Program Files\RogueKiller
2017-04-12 17:10 - 2017-04-12 17:11 - 35207600 _____ (Adlice Software ) C:\Users\Mag\Downloads\setup.exe
2017-04-12 17:09 - 2017-04-12 17:12 - 00000000 ____D C:\AdwCleaner
2017-04-12 17:08 - 2017-04-12 17:08 - 04089296 _____ C:\Users\Mag\Desktop\adwcleaner_6.045.exe
2017-04-12 17:06 - 2017-04-12 17:07 - 00000000 ____D C:\Users\Mag\Desktop\projet
2017-04-12 16:04 - 2017-04-12 16:05 - 00086019 _____ C:\Users\Mag\Downloads\formulaire-formation-continue-956278.pdf
2017-04-12 16:01 - 2017-04-12 16:01 - 00543997 _____ C:\Users\Mag\Downloads\Passeport(1).pdf
2017-04-12 15:59 - 2017-04-12 15:59 - 00390789 _____ C:\Users\Mag\Downloads\lettre de recomm.pdf
2017-04-12 15:53 - 2017-04-12 15:53 - 00192988 _____ C:\Users\Mag\Downloads\Lettre_de_motivation-1-1.pdf
2017-04-12 02:07 - 2017-04-12 02:08 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-04-12 02:07 - 2017-04-12 02:07 - 03961080 _____ (Crystal Dew World ) C:\Users\Mag\Downloads\CrystalDiskInfo7_0_5.exe
2017-04-12 02:07 - 2017-04-12 02:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-04-11 22:30 - 2017-04-11 22:30 - 00262144 _____ C:\Windows\Minidump\041117-18392-01.dmp
2017-04-11 18:42 - 2017-04-11 18:42 - 00000000 ____D C:\ProgramData\Apple Computer
2017-04-11 18:41 - 2017-04-11 18:42 - 00000000 ____D C:\Users\Mag\AppData\Roaming\Apple Computer
2017-04-11 18:41 - 2017-04-11 18:41 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-04-11 18:40 - 2017-04-11 18:42 - 00000000 ____D C:\ProgramData\Apple
2017-04-11 18:35 - 2017-04-13 02:14 - 00003280 _____ C:\Windows\System32\Tasks\iToolsDaemon
2017-04-11 18:35 - 2017-04-13 02:14 - 00000314 _____ C:\Windows\Tasks\iToolsDaemon.job
2017-04-11 18:35 - 2017-04-11 18:35 - 00000000 ____D C:\ProgramData\ThinkSky
2017-04-11 18:35 - 2017-04-11 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTools 3
2017-04-11 18:35 - 2017-04-11 18:35 - 00000000 ____D C:\Program Files (x86)\ThinkSky
2017-04-11 18:34 - 2017-04-11 18:34 - 17686616 _____ C:\Users\Mag\Downloads\iToolsSetup_EN_3.3.9.5.exe
2017-04-09 14:48 - 2017-04-09 14:48 - 00000737 _____ C:\Users\Mag\Desktop\Start Tor Browser.lnk
2017-04-09 14:47 - 2017-04-09 14:47 - 00000000 ____D C:\Users\Mag\Desktop\Tor Browser
2017-04-09 14:45 - 2017-04-09 14:46 - 50766760 _____ C:\Users\Mag\Downloads\torbrowser-install-6.5.1_en-US(1).exe
2017-04-08 20:38 - 2017-04-08 20:38 - 00000017 _____ C:\Users\Mag\AppData\Local\resmon.resmoncfg
2017-04-07 21:03 - 2017-04-07 21:03 - 00000000 ____D C:\Program Files\Broadcom
2017-04-07 21:02 - 2017-04-07 21:02 - 00000000 ____D C:\Windows\Downloaded Installations
2017-04-07 19:50 - 2017-04-09 14:48 - 00000785 _____ C:\Users\Mag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-04-07 19:47 - 2017-04-07 19:48 - 50766760 _____ C:\Users\Mag\Downloads\torbrowser-install-6.5.1_en-US.exe
2017-04-05 22:58 - 2017-04-05 22:58 - 00056076 _____ C:\Users\Mag\Downloads\Résumer projet.pdf
2017-04-05 22:16 - 2017-04-05 22:16 - 03341748 _____ C:\Users\Mag\Downloads\Memoire_PFE_GC5_EtienneDaelman.pdf
2017-04-05 22:15 - 2017-04-05 22:15 - 00214297 _____ C:\Users\Mag\Downloads\fran.pdf
2017-04-05 21:22 - 2017-04-05 21:22 - 03515025 _____ C:\Users\Mag\Downloads\PFE1011.pdf
2017-04-04 16:10 - 2017-04-06 17:31 - 00009304 _____ C:\Users\Administrator\Desktop\Triangle wave finale 0704.asc
2017-04-04 16:10 - 2017-04-06 17:18 - 01540398 _____ C:\Users\Administrator\Desktop\Triangle wave finale 2.raw
2017-04-04 16:10 - 2017-04-06 17:18 - 00001885 _____ C:\Users\Administrator\Desktop\Triangle wave finale 2.net
2017-04-04 16:09 - 2017-04-06 16:16 - 00004235 _____ C:\Users\Administrator\AppData\Roaming\LTspiceXVII.ini
2017-04-04 16:09 - 2017-04-06 15:00 - 00037122 _____ C:\Users\Administrator\Desktop\Triangle wave finale aviol.raw
2017-04-03 14:55 - 2017-04-03 14:55 - 00000000 ____D C:\Users\Administrator\Documents\LTspiceXVII
2017-04-03 14:39 - 2017-04-03 17:38 - 00321700 _____ C:\Users\Administrator\Desktop\Triangle wave finale.raw
2017-04-03 14:39 - 2017-04-03 16:40 - 00008866 _____ C:\Users\Administrator\Desktop\Triangle wave finale aviol.asc
2017-04-02 21:42 - 2017-04-02 21:42 - 00089154 _____ C:\Users\Mag\Downloads\Appréciation_pédagogique.pdf
2017-04-02 21:35 - 2017-04-02 21:35 - 01328426 _____ C:\Users\Mag\Downloads\Relevé_de_ntoes.pdf
2017-04-02 21:30 - 2017-04-02 21:48 - 00191913 _____ C:\Users\Mag\Downloads\Lettre_de_motivation-1.pdf
2017-04-02 21:27 - 2017-04-02 21:27 - 00543997 _____ C:\Users\Mag\Downloads\Passeport.pdf
2017-04-02 21:26 - 2017-04-02 21:26 - 01260747 _____ C:\Users\Mag\Downloads\Diplôme_.pdf
2017-04-02 21:25 - 2017-04-02 21:25 - 00223495 _____ C:\Users\Mag\Downloads\SALMI Mouad CV.pdf
2017-03-31 22:21 - 2017-03-31 22:21 - 00109248 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-31 22:00 - 2017-04-06 14:38 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Steganos
2017-03-31 21:59 - 2017-03-31 21:59 - 00000000 ____D C:\Users\Administrator\AppData\Local\DESlock+
2017-03-30 19:40 - 2017-03-30 19:40 - 39825040 _____ (Steganos Software GmbH) C:\Users\Mag\Downloads\sosint.exe
2017-03-30 19:40 - 2017-03-30 19:40 - 00000000 ____D C:\Users\Mag\AppData\Roaming\Steganos VPN
2017-03-30 19:40 - 2017-03-30 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Online Shield
2017-03-30 19:40 - 2017-03-30 19:40 - 00000000 ____D C:\Program Files (x86)\Steganos Online Shield
2017-03-30 19:39 - 2017-04-01 12:19 - 00000000 ____D C:\Users\Mag\AppData\Roaming\Steganos
2017-03-30 19:39 - 2017-03-30 19:39 - 02756632 _____ (Steganos Software GmbH) C:\Users\Mag\Downloads\sosintdle.exe
2017-03-30 12:43 - 2017-03-30 12:49 - 00000000 ____D C:\Users\Mag\AppData\Roaming\HD Tune Pro
2017-03-30 12:43 - 2017-03-30 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2017-03-30 12:43 - 2017-03-30 12:43 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro
2017-03-30 11:48 - 2017-03-30 12:03 - 00000000 ____D C:\Users\Mag\AppData\Local\ElevatedDiagnostics
2017-03-29 20:01 - 2017-03-29 20:01 - 00003096 _____ C:\Users\Mag\Downloads\Triangle-wave-et-additionneur(1).asc
2017-03-29 19:00 - 2017-03-29 19:54 - 00007940 _____ C:\Users\Mag\Downloads\Triangle-wave-et-additionneur.raw
2017-03-29 18:59 - 2017-03-29 18:59 - 00003096 _____ C:\Users\Mag\Downloads\Triangle-wave-et-additionneur.asc
2017-03-29 15:48 - 2017-04-10 23:45 - 00004771 _____ C:\Users\Mag\AppData\Roaming\LTspiceXVII.ini
2017-03-29 15:48 - 2017-03-29 15:49 - 00001662 _____ C:\Users\Mag\Downloads\Triangle wave.asc
2017-03-29 15:32 - 2017-03-29 22:50 - 00001324 _____ C:\Users\Mag\AppData\Roaming\Microsoft\Windows\Start Menu\LTspice XVII.lnk
2017-03-29 15:32 - 2017-03-29 15:32 - 00000000 ____D C:\Users\Mag\Documents\LTspiceXVII
2017-03-29 15:30 - 2017-03-29 15:30 - 00000000 ____D C:\Program Files\LTC
2017-03-29 03:49 - 2017-03-29 03:49 - 00956630 _____ C:\Users\Mag\Downloads\video-1488754122.mp4
2017-03-29 03:04 - 2017-03-29 03:05 - 00001901 _____ C:\Users\Mag\Downloads\partc.asc
2017-03-28 23:26 - 2017-03-28 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinToUSB
2017-03-28 23:06 - 2017-03-28 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2017-03-28 23:06 - 2017-03-28 23:06 - 00000000 ____D C:\Program Files (x86)\PowerISO
2017-03-28 05:27 - 2017-03-28 05:27 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2017-03-28 05:27 - 2017-03-28 05:27 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2017-03-26 23:06 - 2017-03-26 23:06 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-03-26 23:06 - 2017-03-26 23:06 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2017-03-22 06:16 - 2017-03-22 06:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2017-03-22 06:15 - 2017-03-22 06:15 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TrueCrypt
2017-03-22 06:14 - 2017-04-10 22:35 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2017-03-22 06:14 - 2017-04-04 18:09 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2017-03-22 06:14 - 2017-03-26 22:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2017-03-22 06:14 - 2017-03-22 06:14 - 00001463 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-22 06:14 - 2017-03-22 06:14 - 00001429 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2017-03-22 06:14 - 2017-03-22 06:14 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2017-03-22 06:14 - 2017-03-22 06:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\ESET
2017-03-22 06:13 - 2017-03-22 06:14 - 00000000 ____D C:\Users\Administrator
2017-03-22 06:13 - 2017-03-22 06:13 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Voisinage réseau
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Voisinage d'impression
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Modèles
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Mes documents
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Menu Démarrer
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Documents\Mes vidéos
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Documents\Mes images
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Documents\Ma musique
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Historique
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2017-03-22 06:13 - 2009-07-14 17:35 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-13 02:15 - 2017-02-04 01:41 - 00000000 ____D C:\Users\Mag\AppData\LocalLow\Mozilla
2017-04-13 02:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-13 02:07 - 2017-02-04 02:01 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-04-13 00:55 - 2017-02-04 02:29 - 00000000 ____D C:\Users\Mag\AppData\Roaming\vlc
2017-04-13 00:04 - 2009-07-14 06:45 - 00020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-13 00:04 - 2009-07-14 06:45 - 00020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-12 23:55 - 2017-02-04 01:51 - 00000000 ____D C:\Users\Mag\AppData\Roaming\DMCache
2017-04-12 17:07 - 2017-01-01 06:18 - 00000000 ____D C:\Users\Mag\Desktop\psseree
2017-04-11 22:30 - 2017-02-08 21:20 - 454089987 _____ C:\Windows\MEMORY.DMP
2017-04-11 22:30 - 2017-02-08 21:20 - 00000000 ____D C:\Windows\Minidump
2017-04-11 18:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-04-11 03:27 - 2017-02-07 03:21 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-11 03:27 - 2017-02-07 03:21 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-08 20:07 - 2017-02-04 02:17 - 00000000 ____D C:\Users\UpdatusUser
2017-04-08 15:04 - 2009-07-14 17:24 - 00747154 _____ C:\Windows\system32\perfh00C.dat
2017-04-08 15:04 - 2009-07-14 17:24 - 00149646 _____ C:\Windows\system32\perfc00C.dat
2017-04-08 15:04 - 2009-07-14 07:13 - 01667292 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-04 12:17 - 2017-02-07 03:21 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-02 01:26 - 2017-02-06 20:05 - 00000000 ____D C:\Users\Mag\AppData\Local\Eraser 6
2017-03-29 05:32 - 2017-02-05 16:39 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-29 05:32 - 2017-02-05 16:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-28 23:26 - 2017-02-04 03:01 - 00000000 ____D C:\Program Files\WinToUSB
2017-03-28 23:06 - 2017-02-04 01:51 - 00000000 ____D C:\Users\Mag\Downloads\Compressed
2017-03-28 22:26 - 2009-07-14 06:45 - 00407640 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-28 05:30 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2017-03-28 05:20 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
==================== Fichiers à la racine de certains dossiers =======
2017-03-29 15:48 - 2017-04-10 23:45 - 0004771 _____ () C:\Users\Mag\AppData\Roaming\LTspiceXVII.ini
2017-04-08 20:38 - 2017-04-08 20:38 - 0000017 _____ () C:\Users\Mag\AppData\Local\resmon.resmoncfg
2017-02-04 01:58 - 2017-02-04 01:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-04-06 19:49
==================== Fin de FRST.txt ============================
Exécuté par Mag (administrateur) sur MAG-PC (13-04-2017 02:17:09)
Exécuté depuis C:\Users\Mag\Downloads
Profils chargés: Mag & UpdatusUser (Profils disponibles: Mag & UpdatusUser & Administrator)
Platform: Windows 7 Professional (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ESET) C:\Program Files\ESET\ESET Smart Security Premium\ekrn.exe
(DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
() C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security Premium\egui.exe
() C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\Notifier.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776192 2017-02-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-02-04] (Realtek Semiconductor)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074600 2016-08-28] (The Eraser Project)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376 2012-02-09] (Power Software Ltd)
HKLM-x32\...\Run: [SOS Notifier] => C:\Program Files (x86)\Steganos Online Shield\Notifier.exe [4198896 2017-02-21] (Steganos Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\Run: [EsetPasswordManager] => C:\Program Files\ESET\ESET Password Manager\pwm.exe [92672 2016-11-28] (ESET)
HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4001848 2016-12-15] (Tonec Inc.)
HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\Run: [GoogleChromeAutoLaunch_59EDC63376AF36EBDCCAFA94134A07BD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1111896 2017-03-29] (Google Inc.)
HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\Run: [SOS Browser Monitor] => C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe [1130520 2017-02-21] (Steganos Software GmbH)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [241984 2011-11-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [203072 2011-11-27] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2016-08-09] (DESlock Limited)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.192.0.1
Tcpip\..\Interfaces\{F11C54CF-BA2E-4FA7-8076-2DEE7D04783F}: [DhcpNameServer] 10.192.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\iToolsBHO64.dll [2017-04-11] (iTools.hk)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\iToolsBHO.dll [2017-04-11] (iTools.hk)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mag\AppData\Roaming\Mozilla\Firefox\Profiles\dari2vq4.default-1490895363906 [2017-04-13]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Mag\AppData\Roaming\Mozilla\Firefox\Profiles\dari2vq4.default-1490895363906\Extensions\firefox@zenmate.com.xpi [2017-03-30]
FF Extension: (Disable Prefetch) - C:\Users\Mag\AppData\Roaming\Mozilla\Firefox\Profiles\dari2vq4.default-1490895363906\features\{bc38bbe5-c932-4b03-a6ec-2e291d6170fd}\disable-prefetch@mozilla.org.xpi [2017-04-04]
FF Extension: (Site Deployment Checker) - C:\Program Files\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-29] [non signé]
FF HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Mag\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Mag\AppData\Roaming\IDM\idmmzcc5 [2017-04-13] [non signé]
FF HKU\S-1-5-21-2807117934-1017500276-2245334856-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\npiTools.dll [2017-04-11] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\npiTools.dll [2017-04-11] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default [2017-04-13]
CHR Extension: (Google Slides) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-07]
CHR Extension: (Google Docs) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-07]
CHR Extension: (Google Drive) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-07]
CHR Extension: (YouTube) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-07]
CHR Extension: (ZenMate VPN - Sécurité internet & Unblock) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-03-29]
CHR Extension: (Google Sheets) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-07]
CHR Extension: (FBDown Video Downloader) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2017-04-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-08]
CHR Extension: (IDM Integration Module) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-04-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-29]
CHR Extension: (Gmail) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-07]
CHR Extension: (Chrome Media Router) - C:\Users\Mag\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-05]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [540864 2016-07-08] (DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security Premium\ekrn.exe [2836296 2016-12-14] (ESET)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-12-29] (Foxit Software Inc.)
R2 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Online Shield Starter Service; C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe [354840 2017-02-21] (Steganos Software GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 DLMFENC; C:\Windows\System32\DRIVERS\DLMFENC.sys [179712 2016-08-04] (DESlock Ltd.)
R0 DLPCRYPT; C:\Windows\System32\DRIVERS\dlpcrypt.sys [121184 2016-08-09] (DESlock Ltd.)
R0 dlpvdisk; C:\Windows\System32\DRIVERS\dlpvdisk.sys [98304 2016-08-04] (DESlock Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132272 2016-12-13] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106768 2016-12-13] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180544 2016-12-13] (ESET)
S4 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [49672 2016-12-13] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [77616 2016-12-13] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [60536 2016-12-13] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [96856 2016-12-13] (ESET)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-04] (REALiX(tm))
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-04-12] ()
R0 VDLPToken2; C:\Windows\System32\DRIVERS\vdlptkn2.sys [135736 2016-08-04] (DESlock Ltd.)
S3 catchme; \??\C:\Users\Mag\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-13 02:17 - 2017-04-13 02:18 - 00017437 _____ C:\Users\Mag\Downloads\FRST.txt
2017-04-13 02:17 - 2017-04-13 02:17 - 00000000 ____D C:\FRST
2017-04-13 02:16 - 2017-04-13 02:16 - 02424832 _____ (Farbar) C:\Users\Mag\Downloads\FRST64.exe
2017-04-13 02:10 - 2017-04-13 02:10 - 00000000 ____D C:\Users\Mag\AppData\Local\CrashDumps
2017-04-13 02:09 - 2017-04-13 02:09 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2017-04-12 23:55 - 2017-04-12 23:53 - 00002286 _____ C:\Users\Mag\Desktop\ZHPFixReport.txt
2017-04-12 23:50 - 2017-04-12 23:51 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2017-04-12 23:50 - 2017-04-12 23:50 - 00001853 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-04-12 23:50 - 2017-04-12 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-04-12 23:48 - 2017-04-12 23:49 - 03521617 _____ (Nicolas Coolman ) C:\Users\Mag\Desktop\ZHPFix.exe
2017-04-12 19:35 - 2017-04-12 19:35 - 00106333 _____ C:\Users\Mag\Desktop\ZHPDiag.txt
2017-04-12 19:31 - 2017-04-12 19:31 - 00000780 _____ C:\Users\Mag\Desktop\ZHPDiag.lnk
2017-04-12 19:30 - 2017-04-12 19:30 - 02717696 _____ C:\Users\Mag\Downloads\ZHPDiag3.exe
2017-04-12 18:02 - 2017-04-12 18:02 - 00000790 _____ C:\Users\Mag\Desktop\ZHPCleaner.lnk
2017-04-12 18:01 - 2017-04-12 23:55 - 00000000 ____D C:\Users\Mag\AppData\Roaming\ZHP
2017-04-12 18:01 - 2017-04-12 19:32 - 00000000 ____D C:\Users\Mag\AppData\Local\ZHP
2017-04-12 17:19 - 2017-04-12 17:20 - 02760704 _____ C:\Users\Mag\Downloads\ZHPCleaner.exe
2017-04-12 17:19 - 2017-04-12 17:19 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-04-12 17:18 - 2017-04-12 17:18 - 00000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-04-12 17:18 - 2017-04-12 17:18 - 00000000 ____D C:\ProgramData\RogueKiller
2017-04-12 17:18 - 2017-04-12 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-04-12 17:17 - 2017-04-12 17:18 - 00000000 ____D C:\Program Files\RogueKiller
2017-04-12 17:10 - 2017-04-12 17:11 - 35207600 _____ (Adlice Software ) C:\Users\Mag\Downloads\setup.exe
2017-04-12 17:09 - 2017-04-12 17:12 - 00000000 ____D C:\AdwCleaner
2017-04-12 17:08 - 2017-04-12 17:08 - 04089296 _____ C:\Users\Mag\Desktop\adwcleaner_6.045.exe
2017-04-12 17:06 - 2017-04-12 17:07 - 00000000 ____D C:\Users\Mag\Desktop\projet
2017-04-12 16:04 - 2017-04-12 16:05 - 00086019 _____ C:\Users\Mag\Downloads\formulaire-formation-continue-956278.pdf
2017-04-12 16:01 - 2017-04-12 16:01 - 00543997 _____ C:\Users\Mag\Downloads\Passeport(1).pdf
2017-04-12 15:59 - 2017-04-12 15:59 - 00390789 _____ C:\Users\Mag\Downloads\lettre de recomm.pdf
2017-04-12 15:53 - 2017-04-12 15:53 - 00192988 _____ C:\Users\Mag\Downloads\Lettre_de_motivation-1-1.pdf
2017-04-12 02:07 - 2017-04-12 02:08 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-04-12 02:07 - 2017-04-12 02:07 - 03961080 _____ (Crystal Dew World ) C:\Users\Mag\Downloads\CrystalDiskInfo7_0_5.exe
2017-04-12 02:07 - 2017-04-12 02:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-04-11 22:30 - 2017-04-11 22:30 - 00262144 _____ C:\Windows\Minidump\041117-18392-01.dmp
2017-04-11 18:42 - 2017-04-11 18:42 - 00000000 ____D C:\ProgramData\Apple Computer
2017-04-11 18:41 - 2017-04-11 18:42 - 00000000 ____D C:\Users\Mag\AppData\Roaming\Apple Computer
2017-04-11 18:41 - 2017-04-11 18:41 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-04-11 18:40 - 2017-04-11 18:42 - 00000000 ____D C:\ProgramData\Apple
2017-04-11 18:35 - 2017-04-13 02:14 - 00003280 _____ C:\Windows\System32\Tasks\iToolsDaemon
2017-04-11 18:35 - 2017-04-13 02:14 - 00000314 _____ C:\Windows\Tasks\iToolsDaemon.job
2017-04-11 18:35 - 2017-04-11 18:35 - 00000000 ____D C:\ProgramData\ThinkSky
2017-04-11 18:35 - 2017-04-11 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTools 3
2017-04-11 18:35 - 2017-04-11 18:35 - 00000000 ____D C:\Program Files (x86)\ThinkSky
2017-04-11 18:34 - 2017-04-11 18:34 - 17686616 _____ C:\Users\Mag\Downloads\iToolsSetup_EN_3.3.9.5.exe
2017-04-09 14:48 - 2017-04-09 14:48 - 00000737 _____ C:\Users\Mag\Desktop\Start Tor Browser.lnk
2017-04-09 14:47 - 2017-04-09 14:47 - 00000000 ____D C:\Users\Mag\Desktop\Tor Browser
2017-04-09 14:45 - 2017-04-09 14:46 - 50766760 _____ C:\Users\Mag\Downloads\torbrowser-install-6.5.1_en-US(1).exe
2017-04-08 20:38 - 2017-04-08 20:38 - 00000017 _____ C:\Users\Mag\AppData\Local\resmon.resmoncfg
2017-04-07 21:03 - 2017-04-07 21:03 - 00000000 ____D C:\Program Files\Broadcom
2017-04-07 21:02 - 2017-04-07 21:02 - 00000000 ____D C:\Windows\Downloaded Installations
2017-04-07 19:50 - 2017-04-09 14:48 - 00000785 _____ C:\Users\Mag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-04-07 19:47 - 2017-04-07 19:48 - 50766760 _____ C:\Users\Mag\Downloads\torbrowser-install-6.5.1_en-US.exe
2017-04-05 22:58 - 2017-04-05 22:58 - 00056076 _____ C:\Users\Mag\Downloads\Résumer projet.pdf
2017-04-05 22:16 - 2017-04-05 22:16 - 03341748 _____ C:\Users\Mag\Downloads\Memoire_PFE_GC5_EtienneDaelman.pdf
2017-04-05 22:15 - 2017-04-05 22:15 - 00214297 _____ C:\Users\Mag\Downloads\fran.pdf
2017-04-05 21:22 - 2017-04-05 21:22 - 03515025 _____ C:\Users\Mag\Downloads\PFE1011.pdf
2017-04-04 16:10 - 2017-04-06 17:31 - 00009304 _____ C:\Users\Administrator\Desktop\Triangle wave finale 0704.asc
2017-04-04 16:10 - 2017-04-06 17:18 - 01540398 _____ C:\Users\Administrator\Desktop\Triangle wave finale 2.raw
2017-04-04 16:10 - 2017-04-06 17:18 - 00001885 _____ C:\Users\Administrator\Desktop\Triangle wave finale 2.net
2017-04-04 16:09 - 2017-04-06 16:16 - 00004235 _____ C:\Users\Administrator\AppData\Roaming\LTspiceXVII.ini
2017-04-04 16:09 - 2017-04-06 15:00 - 00037122 _____ C:\Users\Administrator\Desktop\Triangle wave finale aviol.raw
2017-04-03 14:55 - 2017-04-03 14:55 - 00000000 ____D C:\Users\Administrator\Documents\LTspiceXVII
2017-04-03 14:39 - 2017-04-03 17:38 - 00321700 _____ C:\Users\Administrator\Desktop\Triangle wave finale.raw
2017-04-03 14:39 - 2017-04-03 16:40 - 00008866 _____ C:\Users\Administrator\Desktop\Triangle wave finale aviol.asc
2017-04-02 21:42 - 2017-04-02 21:42 - 00089154 _____ C:\Users\Mag\Downloads\Appréciation_pédagogique.pdf
2017-04-02 21:35 - 2017-04-02 21:35 - 01328426 _____ C:\Users\Mag\Downloads\Relevé_de_ntoes.pdf
2017-04-02 21:30 - 2017-04-02 21:48 - 00191913 _____ C:\Users\Mag\Downloads\Lettre_de_motivation-1.pdf
2017-04-02 21:27 - 2017-04-02 21:27 - 00543997 _____ C:\Users\Mag\Downloads\Passeport.pdf
2017-04-02 21:26 - 2017-04-02 21:26 - 01260747 _____ C:\Users\Mag\Downloads\Diplôme_.pdf
2017-04-02 21:25 - 2017-04-02 21:25 - 00223495 _____ C:\Users\Mag\Downloads\SALMI Mouad CV.pdf
2017-03-31 22:21 - 2017-03-31 22:21 - 00109248 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-31 22:00 - 2017-04-06 14:38 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Steganos
2017-03-31 21:59 - 2017-03-31 21:59 - 00000000 ____D C:\Users\Administrator\AppData\Local\DESlock+
2017-03-30 19:40 - 2017-03-30 19:40 - 39825040 _____ (Steganos Software GmbH) C:\Users\Mag\Downloads\sosint.exe
2017-03-30 19:40 - 2017-03-30 19:40 - 00000000 ____D C:\Users\Mag\AppData\Roaming\Steganos VPN
2017-03-30 19:40 - 2017-03-30 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Online Shield
2017-03-30 19:40 - 2017-03-30 19:40 - 00000000 ____D C:\Program Files (x86)\Steganos Online Shield
2017-03-30 19:39 - 2017-04-01 12:19 - 00000000 ____D C:\Users\Mag\AppData\Roaming\Steganos
2017-03-30 19:39 - 2017-03-30 19:39 - 02756632 _____ (Steganos Software GmbH) C:\Users\Mag\Downloads\sosintdle.exe
2017-03-30 12:43 - 2017-03-30 12:49 - 00000000 ____D C:\Users\Mag\AppData\Roaming\HD Tune Pro
2017-03-30 12:43 - 2017-03-30 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2017-03-30 12:43 - 2017-03-30 12:43 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro
2017-03-30 11:48 - 2017-03-30 12:03 - 00000000 ____D C:\Users\Mag\AppData\Local\ElevatedDiagnostics
2017-03-29 20:01 - 2017-03-29 20:01 - 00003096 _____ C:\Users\Mag\Downloads\Triangle-wave-et-additionneur(1).asc
2017-03-29 19:00 - 2017-03-29 19:54 - 00007940 _____ C:\Users\Mag\Downloads\Triangle-wave-et-additionneur.raw
2017-03-29 18:59 - 2017-03-29 18:59 - 00003096 _____ C:\Users\Mag\Downloads\Triangle-wave-et-additionneur.asc
2017-03-29 15:48 - 2017-04-10 23:45 - 00004771 _____ C:\Users\Mag\AppData\Roaming\LTspiceXVII.ini
2017-03-29 15:48 - 2017-03-29 15:49 - 00001662 _____ C:\Users\Mag\Downloads\Triangle wave.asc
2017-03-29 15:32 - 2017-03-29 22:50 - 00001324 _____ C:\Users\Mag\AppData\Roaming\Microsoft\Windows\Start Menu\LTspice XVII.lnk
2017-03-29 15:32 - 2017-03-29 15:32 - 00000000 ____D C:\Users\Mag\Documents\LTspiceXVII
2017-03-29 15:30 - 2017-03-29 15:30 - 00000000 ____D C:\Program Files\LTC
2017-03-29 03:49 - 2017-03-29 03:49 - 00956630 _____ C:\Users\Mag\Downloads\video-1488754122.mp4
2017-03-29 03:04 - 2017-03-29 03:05 - 00001901 _____ C:\Users\Mag\Downloads\partc.asc
2017-03-28 23:26 - 2017-03-28 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinToUSB
2017-03-28 23:06 - 2017-03-28 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2017-03-28 23:06 - 2017-03-28 23:06 - 00000000 ____D C:\Program Files (x86)\PowerISO
2017-03-28 05:27 - 2017-03-28 05:27 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2017-03-28 05:27 - 2017-03-28 05:27 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2017-03-26 23:06 - 2017-03-26 23:06 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-03-26 23:06 - 2017-03-26 23:06 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2017-03-22 06:16 - 2017-03-22 06:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2017-03-22 06:15 - 2017-03-22 06:15 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TrueCrypt
2017-03-22 06:14 - 2017-04-10 22:35 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2017-03-22 06:14 - 2017-04-04 18:09 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2017-03-22 06:14 - 2017-03-26 22:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2017-03-22 06:14 - 2017-03-22 06:14 - 00001463 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-22 06:14 - 2017-03-22 06:14 - 00001429 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2017-03-22 06:14 - 2017-03-22 06:14 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2017-03-22 06:14 - 2017-03-22 06:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\ESET
2017-03-22 06:13 - 2017-03-22 06:14 - 00000000 ____D C:\Users\Administrator
2017-03-22 06:13 - 2017-03-22 06:13 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Voisinage réseau
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Voisinage d'impression
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Modèles
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Mes documents
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Menu Démarrer
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Documents\Mes vidéos
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Documents\Mes images
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\Documents\Ma musique
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Historique
2017-03-22 06:13 - 2017-03-22 06:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2017-03-22 06:13 - 2009-07-14 17:35 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-13 02:15 - 2017-02-04 01:41 - 00000000 ____D C:\Users\Mag\AppData\LocalLow\Mozilla
2017-04-13 02:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-13 02:07 - 2017-02-04 02:01 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-04-13 00:55 - 2017-02-04 02:29 - 00000000 ____D C:\Users\Mag\AppData\Roaming\vlc
2017-04-13 00:04 - 2009-07-14 06:45 - 00020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-13 00:04 - 2009-07-14 06:45 - 00020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-12 23:55 - 2017-02-04 01:51 - 00000000 ____D C:\Users\Mag\AppData\Roaming\DMCache
2017-04-12 17:07 - 2017-01-01 06:18 - 00000000 ____D C:\Users\Mag\Desktop\psseree
2017-04-11 22:30 - 2017-02-08 21:20 - 454089987 _____ C:\Windows\MEMORY.DMP
2017-04-11 22:30 - 2017-02-08 21:20 - 00000000 ____D C:\Windows\Minidump
2017-04-11 18:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-04-11 03:27 - 2017-02-07 03:21 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-11 03:27 - 2017-02-07 03:21 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-08 20:07 - 2017-02-04 02:17 - 00000000 ____D C:\Users\UpdatusUser
2017-04-08 15:04 - 2009-07-14 17:24 - 00747154 _____ C:\Windows\system32\perfh00C.dat
2017-04-08 15:04 - 2009-07-14 17:24 - 00149646 _____ C:\Windows\system32\perfc00C.dat
2017-04-08 15:04 - 2009-07-14 07:13 - 01667292 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-04 12:17 - 2017-02-07 03:21 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-02 01:26 - 2017-02-06 20:05 - 00000000 ____D C:\Users\Mag\AppData\Local\Eraser 6
2017-03-29 05:32 - 2017-02-05 16:39 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-29 05:32 - 2017-02-05 16:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-28 23:26 - 2017-02-04 03:01 - 00000000 ____D C:\Program Files\WinToUSB
2017-03-28 23:06 - 2017-02-04 01:51 - 00000000 ____D C:\Users\Mag\Downloads\Compressed
2017-03-28 22:26 - 2009-07-14 06:45 - 00407640 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-28 05:30 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2017-03-28 05:20 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
==================== Fichiers à la racine de certains dossiers =======
2017-03-29 15:48 - 2017-04-10 23:45 - 0004771 _____ () C:\Users\Mag\AppData\Roaming\LTspiceXVII.ini
2017-04-08 20:38 - 2017-04-08 20:38 - 0000017 _____ () C:\Users\Mag\AppData\Local\resmon.resmoncfg
2017-02-04 01:58 - 2017-02-04 01:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-04-06 19:49
==================== Fin de FRST.txt ============================