Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 19-04-2017
Exécuté par marouane (administrateur) sur PC-DE-MAROUANE (20-04-2017 15:06:40)
Exécuté depuis C:\Users\marouane\Desktop
Profils chargés: marouane & Administrateur (Profils disponibles: marouane & Administrateur)
Platform: Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
() C:\Program Files\HSPA USB MODEM\ModemListener.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(SFR) C:\Program Files\SFR\Kit\9props.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Samsung) C:\Program Files\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics, Inc.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-12-24] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [206128 2008-10-10] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard)
HKLM\...\Run: [ModemListener] => C:\Program Files\HSPA USB MODEM\ModemListener.exe [98304 2010-05-28] ()
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [450652 2009-06-03] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Run: [Connexion SFR 9props.exe] => C:\Program Files\SFR\Kit\9props.exe [959880 2011-06-10] (SFR)
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-10-02] (Apple Inc.)
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1023664 2016-08-31] (Samsung)
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\MountPoints2: {6fd6f25a-922c-11e0-b2c3-00238bc94c8e} - F:\AutoRun.exe
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\MountPoints2: {6fd6f25c-922c-11e0-b2c3-00238bc94c8e} - F:\AutoRun.exe
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\MountPoints2: {6fd6f2df-922c-11e0-b2c3-00238bc94c8e} - F:\AutoRun.exe
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\MountPoints2: {71037fe4-8440-11e1-ab38-00238bc94c8e} - F:\AutoRun.exe
HKU\S-1-5-21-1695219916-2950406433-1086351045-500\...\Run: [HPADVISOR] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [966656 2008-11-18] (Hewlett-Packard)
HKU\S-1-5-21-1695219916-2950406433-1086351045-500\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
ShellExecuteHooks: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll [51656 2012-11-10] (EasyBits Software Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk [2011-10-22]
ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
Startup: C:\Users\marouane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 3520 series.lnk [2017-04-19]
ShortcutTarget: Alertes de surveillance de l'encre - HP Deskjet 3520 series.lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy\User: Restriction ? <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{447604D6-E51B-41C1-903B-7B7F56A215FE}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8FCE0FF2-9876-44CA-8852-7A3BF14BEFF3}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{F1F95A56-01E5-4FB9-9361-FD2EA93FFB1B}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1695219916-2950406433-1086351045-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Presario&pf=cnnb
HKU\S-1-5-21-1695219916-2950406433-1086351045-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Presario&pf=cnnb
SearchScopes: HKLM -> DefaultScope la valeur est absente
BHO: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2013-12-18] (Adobe Systems Incorporated)
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-15] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-15] (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll Pas de fichier
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_121-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00121-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_121-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - Pas de fichier
FireFox:
========
FF ProfilePath: C:\Users\marouane\AppData\Roaming\Mozilla\Firefox\Profiles\kzcpmz66.default-1490452153662 [2017-04-20]
FF Homepage: Mozilla\Firefox\Profiles\kzcpmz66.default-1490452153662 -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\kzcpmz66.default-1490452153662 -> est activé.
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-10-31] [non signé]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [FFToolbar@bitdefender.com] - C:\Program Files\BitDefender\BitDefender 2010\bdaphffext
FF Extension: (BitDefender Antiphishing Toolbar) - C:\Program Files\BitDefender\BitDefender 2010\bdaphffext [2011-06-21] [non signé]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-03-29]
FF HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => non trouvé(e)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-08-06] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1695219916-2950406433-1086351045-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\marouane\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [Pas de fichier]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default [2017-04-20]
CHR Extension: (Google Slides) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-19]
CHR Extension: (Google Docs) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-19]
CHR Extension: (Google Drive) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-19]
CHR Extension: (YouTube) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-19]
CHR Extension: (Adblock Plus) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-15]
CHR Extension: (Google Sheets) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-19]
CHR Extension: (AdBlock) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-19]
CHR Extension: (MLB Feeder with news) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\klcoadkbipccihbleddchklhfnefjoko [2017-04-14]
CHR Extension: (Carlo Gesualdo: Murder, Witchcraft) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\llcgljnjfaopoiojnfpapchjflddgmjh [2017-04-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Gmail) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-19]
CHR Extension: (25th Anniversary of the End) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmhgddacfcjnmnnhdebdofpnpoalccao [2017-04-10]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [81920 2009-03-02] (Andrea Electronics Corporation)
R2 AVP17.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Fichier non signé]
R3 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [223232 2008-10-23] (Hewlett-Packard Development Company, L.P.) [Fichier non signé]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [Fichier non signé]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2008-11-26] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe [217170 2009-06-03] (IDT, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [170840 2016-06-10] (AO Kaspersky Lab)
R1 cryptfd; C:\Windows\System32\drivers\cryptfd.sys [176552 2017-03-03] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [165296 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [57264 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [71504 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [69000 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [155360 2017-04-14] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [129520 2017-04-13] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [805088 2017-04-14] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49744 2017-03-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [46000 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [38072 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41392 2016-05-31] (AO Kaspersky Lab)
R1 kltdf; C:\Windows\System32\DRIVERS\kltdf.sys [82352 2016-05-17] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [71088 2016-05-17] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [165088 2017-04-14] (AO Kaspersky Lab)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [103552 2009-08-27] (TCT International Mobile Ltd)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113664 2009-12-08] (Huawei Technologies Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [X]
S3 ssudmdm; system32\DRIVERS\ssudmdm.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 15:06 - 2017-04-20 15:06 - 00025675 _____ C:\Users\marouane\Desktop\FRST.txt
2017-04-20 15:05 - 2017-04-20 15:06 - 00000000 ____D C:\FRST
2017-04-20 15:04 - 2017-04-20 15:03 - 01766912 _____ (Farbar) C:\Users\marouane\Desktop\FRST.exe
2017-04-20 15:03 - 2017-04-20 15:03 - 01766912 _____ (Farbar) C:\Users\marouane\Downloads\FRST.exe
2017-04-20 14:24 - 2017-04-20 14:24 - 00001029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\atomiccleaner3.lnk
2017-04-20 14:24 - 2017-04-20 14:24 - 00000000 ____D C:\Program Files\atomicware
2017-04-19 23:39 - 2017-04-19 23:40 - 19012068 _____ C:\Users\marouane\Downloads\Promotion immobliere.zip
2017-04-19 23:38 - 2017-04-19 23:38 - 00038932 _____ C:\Users\marouane\Downloads\The-bigest-data-base_retraité_Verifiier (1).xls
2017-04-19 23:37 - 2017-04-19 23:38 - 00038932 _____ C:\Users\marouane\Downloads\The-bigest-data-base_retraité_Verifiier.xls
2017-04-19 22:23 - 2017-04-19 22:23 - 00001634 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-04-19 22:23 - 2017-04-19 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-04-19 22:22 - 2017-04-19 22:23 - 00000000 ____D C:\Program Files\ZHPFix
2017-04-19 22:21 - 2017-04-19 22:21 - 01874868 _____ (atomicware ) C:\Users\marouane\Downloads\atomiccleaner3_1.3.4.1.exe
2017-04-19 22:19 - 2017-04-19 22:20 - 03521617 _____ (Nicolas Coolman ) C:\Users\marouane\Downloads\zhpfix_2015.10.19.9.exe
2017-04-18 21:18 - 2017-04-18 21:43 - 00399214 _____ C:\Windows\ntbtlog.txt
2017-04-16 02:11 - 2017-04-18 22:01 - 00001759 _____ C:\Users\marouane\Desktop\ZHPCleaner.txt
2017-04-15 23:38 - 2017-04-15 23:38 - 00000739 _____ C:\Users\marouane\Desktop\ZHPCleaner.lnk
2017-04-15 23:38 - 2017-04-15 23:38 - 00000000 ____D C:\Users\marouane\AppData\Local\ZHP
2017-04-15 23:23 - 2017-04-15 23:23 - 02760704 _____ C:\Users\marouane\Downloads\ZHPCleaner.exe
2017-04-15 23:19 - 2017-04-15 23:19 - 02717696 _____ C:\Users\marouane\Downloads\ZHPDiag3 (1).exe
2017-04-15 23:08 - 2017-04-19 22:39 - 00000729 _____ C:\Users\marouane\Desktop\ZHPDiag.lnk
2017-04-15 16:39 - 2017-04-15 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-15 16:39 - 2017-04-15 16:38 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2017-04-15 16:35 - 2017-04-15 16:35 - 00000000 ____D C:\Users\marouane\AppData\Roaming\Sun
2017-04-15 00:06 - 2017-04-15 00:06 - 00262144 _____ C:\Windows\system32\config\elam
2017-04-13 23:47 - 2017-04-13 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2017-04-13 23:47 - 2017-04-13 23:45 - 00002081 _____ C:\Users\Public\Desktop\Protection bancaire.lnk
2017-04-13 23:47 - 2017-04-13 23:45 - 00002015 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2017-04-13 23:34 - 2017-04-20 14:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-04-13 23:34 - 2017-04-13 23:34 - 00000000 ____D C:\Program Files\Kaspersky Lab
2017-04-13 23:24 - 2017-04-14 00:03 - 00805088 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2017-04-13 23:24 - 2017-04-14 00:01 - 00155360 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2017-04-13 23:23 - 2017-04-13 23:46 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-04-13 22:38 - 2017-04-13 23:03 - 196193912 _____ (Kaspersky Lab) C:\Users\marouane\Downloads\kis17.0.0.611fr-fr_full.exe
2017-04-11 00:39 - 2017-04-20 14:27 - 00000000 ____D C:\Users\marouane\Desktop\Cleaner
2017-04-11 00:18 - 2017-04-13 23:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-11 00:15 - 2017-04-11 00:15 - 00000000 ____D C:\Users\marouane\AppData\Roaming\Obsidium
2017-04-11 00:13 - 2017-04-11 00:13 - 56011299 _____ C:\Users\marouane\Desktop\MalwareBytes premium by Megaez WD (2).rar
2017-04-11 00:01 - 2017-04-11 00:13 - 56011299 _____ C:\Users\marouane\Downloads\MalwareBytes premium by Megaez WD (2).rar
2017-04-10 23:59 - 2017-04-11 00:00 - 56011299 _____ C:\Users\marouane\Downloads\MalwareBytes premium by Megaez WD (1).rar
2017-04-10 23:38 - 2017-04-14 23:48 - 00000022 _____ C:\Users\marouane\Downloads\gen.zip
2017-04-10 23:27 - 2017-04-10 23:35 - 59272008 _____ (Malwarebytes ) C:\Users\marouane\Downloads\mb3-setup-consumer-3.0.6.1469-1096.exe
2017-04-09 22:23 - 2017-04-09 22:23 - 00137086 _____ C:\Users\marouane\Downloads\Formulaire_Biometrique (2).pdf
2017-04-06 22:55 - 2017-04-06 22:57 - 07084141 _____ C:\Users\marouane\Downloads\CV (1).zip
2017-04-04 22:12 - 2017-04-04 22:12 - 00069880 _____ C:\Users\marouane\Downloads\CV.zip
2017-04-04 14:47 - 2017-04-04 14:47 - 01489491 _____ C:\Users\marouane\Downloads\Rapport_Expertise_Atelier_Vert_V2.pdf
2017-04-01 16:22 - 2017-04-01 16:23 - 00496818 _____ C:\Users\marouane\Downloads\SECTION II_22_09_2016_Format_4_9_SC (1).pptx
2017-04-01 16:22 - 2017-04-01 16:22 - 01825704 _____ C:\Users\marouane\Downloads\SECTION 0_SECTION I_22_09_2016_Format_4_9_SC.pptx
2017-04-01 16:22 - 2017-04-01 16:22 - 00496818 _____ C:\Users\marouane\Downloads\SECTION II_22_09_2016_Format_4_9_SC.pptx
2017-04-01 16:22 - 2017-04-01 16:22 - 00398349 _____ C:\Users\marouane\Downloads\SECTION III_22_09_2016_Format_4_9._SC.pptx
2017-03-31 00:09 - 2017-03-31 00:09 - 00000000 ____D C:\Windows\pss
2017-03-30 23:55 - 2017-04-19 23:30 - 00000000 ____D C:\Users\marouane\AppData\Roaming\ZHP
2017-03-30 23:53 - 2017-03-30 23:54 - 02105344 _____ C:\Users\marouane\Downloads\ZHPDiag3.exe
2017-03-30 14:58 - 2017-04-11 00:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-29 12:11 - 2017-04-13 23:59 - 00129520 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2017-03-29 12:11 - 2017-03-29 12:11 - 00049744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2017-03-29 03:13 - 2017-03-29 03:14 - 00142864 _____ C:\Windows\Minidump\Mini032917-01.dmp
2017-03-27 22:00 - 2017-03-29 03:13 - 221039244 _____ C:\Windows\MEMORY.DMP
2017-03-27 22:00 - 2017-03-27 22:00 - 00142864 _____ C:\Windows\Minidump\Mini032717-01.dmp
2017-03-27 21:53 - 2017-03-27 21:53 - 00137086 _____ C:\Users\marouane\Downloads\Formulaire_Biometrique (1).pdf
2017-03-27 21:52 - 2017-03-27 21:53 - 00137086 _____ C:\Users\marouane\Downloads\Formulaire_Biometrique.pdf
2017-03-27 17:32 - 2017-03-27 17:33 - 45584824 _____ C:\Users\marouane\Downloads\Firefox Setup 52.0.1esr.exe
2017-03-26 18:03 - 2017-04-17 22:56 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-26 18:03 - 2017-04-17 22:56 - 00001073 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-26 17:48 - 2017-03-26 17:48 - 00000000 ____D C:\Program Files\GUME90.tmp
2017-03-26 17:11 - 2017-03-26 17:11 - 01129376 _____ (Google Inc.) C:\Users\marouane\Downloads\ChromeSetup.exe
2017-03-26 01:05 - 2017-03-26 01:05 - 01663904 _____ (Malwarebytes) C:\Users\marouane\Downloads\JRT (1).exe
2017-03-26 01:03 - 2017-03-26 01:04 - 01663904 _____ (Malwarebytes) C:\Users\marouane\Downloads\JRT.exe
2017-03-26 00:10 - 2017-04-14 23:46 - 00000022 _____ C:\Users\marouane\Downloads\Malwarebytes_Premium_3_0_6.zip
2017-03-26 00:00 - 2017-03-26 01:16 - 00000000 ____D C:\SUPERDelete
2017-03-25 23:51 - 2017-03-26 00:01 - 57131432 _____ (Malwarebytes ) C:\Users\marouane\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-25 23:49 - 2017-03-25 23:52 - 29581496 _____ (SUPERAntiSpyware) C:\Users\marouane\Downloads\SAS_677960.EXE
2017-03-25 23:48 - 2017-03-26 00:38 - 148183320 _____ (Microsoft Corporation) C:\Users\marouane\Downloads\msert (1).exe
2017-03-25 23:35 - 2017-03-25 23:44 - 37748736 _____ C:\Users\marouane\Downloads\msert.exe
2017-03-25 17:24 - 2017-03-25 17:23 - 04031440 _____ C:\Users\marouane\Desktop\adwcleaner_6.044.exe
2017-03-25 17:22 - 2017-03-25 17:23 - 04031440 _____ C:\Users\marouane\Downloads\adwcleaner_6.044.exe
2017-03-25 16:08 - 2017-03-25 16:29 - 00000000 ____D C:\Users\marouane\Desktop\Anciennes données de Firefox
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 14:40 - 2014-03-16 02:49 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-04-20 14:40 - 2014-01-11 02:32 - 00000002 _____ C:\Users\marouane\Desktop\quinte.txt
2017-04-20 14:02 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-20 14:02 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-20 14:01 - 2012-12-03 14:47 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1695219916-2950406433-1086351045-1000UA.job
2017-04-20 14:01 - 2012-12-03 14:47 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1695219916-2950406433-1086351045-1000Core.job
2017-04-19 22:34 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-19 22:31 - 2006-11-02 14:58 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-04-19 02:03 - 2016-06-29 01:31 - 00000000 ____D C:\Users\marouane\AppData\Roaming\HpUpdate
2017-04-17 22:56 - 2014-02-23 14:12 - 00000000 ____D C:\AdwCleaner
2017-04-16 17:21 - 2017-03-11 18:33 - 87868715 _____ C:\Users\marouane\Downloads\PaketSpamera.rar
2017-04-16 14:28 - 2010-11-11 22:42 - 00000000 ____D C:\Program Files\Common Files\DeviceHelper
2017-04-15 16:40 - 2012-05-24 19:09 - 00000000 ____D C:\Program Files\Common Files\Java
2017-04-15 16:38 - 2009-02-26 23:42 - 00000000 ____D C:\Program Files\Java
2017-04-15 16:33 - 2014-02-06 19:41 - 00268864 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2017-04-15 16:31 - 2014-02-06 19:42 - 00000000 ____D C:\ProgramData\Oracle
2017-04-15 00:35 - 2012-05-04 20:25 - 00000859 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-04-15 00:00 - 2011-04-20 20:45 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-04-15 00:00 - 2010-07-08 18:12 - 00000000 ____D C:\Program Files\Apple Software Update
2017-04-14 23:48 - 2017-03-11 17:32 - 00000027 _____ C:\Users\marouane\Downloads\advanced_email_verifier_8_0_2_crack(1).rar
2017-04-14 23:48 - 2017-03-11 17:26 - 00000027 _____ C:\Users\marouane\Downloads\advanced_email_verifier_8_0_2_crack.rar
2017-04-14 23:47 - 2017-03-14 02:31 - 00000022 _____ C:\Users\marouane\Downloads\live-email-verifier(1).zip
2017-04-14 23:47 - 2017-03-14 02:22 - 02183378 _____ C:\Users\marouane\Downloads\Live Email Verifier Professional 6.4 + Crack.zip
2017-04-14 23:47 - 2017-03-14 01:58 - 02183378 _____ C:\Users\marouane\Downloads\live-email-verifier-professional-63427321081[aRb]Cracked.zip
2017-04-14 23:47 - 2017-03-13 00:05 - 00000027 _____ C:\Users\marouane\Downloads\Advanced-Email-Verifier-Full-Download.rar
2017-04-14 23:47 - 2017-03-11 18:41 - 00000027 _____ C:\Users\marouane\Downloads\advanced_email_verifier_7_keygen.rar
2017-04-14 23:47 - 2017-03-11 17:37 - 00000027 _____ C:\Users\marouane\Downloads\advanced_email_verifier_8_0.rar
2017-04-14 23:46 - 2017-03-13 03:12 - 00000027 _____ C:\Users\marouane\Downloads\Advanced-Email-Verifier-Full-Download(3).rar
2017-04-14 23:46 - 2017-03-13 03:12 - 00000027 _____ C:\Users\marouane\Downloads\Advanced-Email-Verifier-Full-Download(2).rar
2017-04-14 23:46 - 2017-03-13 00:06 - 00000027 _____ C:\Users\marouane\Downloads\Advanced-Email-Verifier-Full-Download(1).rar
2017-04-14 23:44 - 2012-10-10 03:58 - 00000000 ____D C:\Users\marouane\Downloads\Nouveau dossier
2017-04-14 23:41 - 2017-03-13 02:25 - 00002160 _____ C:\Users\marouane\Downloads\aev(9).zip
2017-04-14 00:34 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2017-04-14 00:25 - 2014-02-22 01:31 - 00000858 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-14 00:25 - 2014-02-22 01:31 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-04-14 00:25 - 2011-04-26 15:44 - 00000833 _____ C:\Users\marouane\Desktop\Internet Explorer.lnk
2017-04-14 00:25 - 2010-06-18 14:01 - 00001001 _____ C:\Users\marouane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-14 00:02 - 2016-06-14 17:47 - 00165088 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2017-04-13 23:44 - 2010-06-18 13:51 - 00000000 ____D C:\Users\marouane
2017-04-13 23:15 - 2014-09-02 22:22 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-13 23:15 - 2014-02-22 17:51 - 00000000 ____D C:\ProgramData\Avira
2017-04-13 22:39 - 2009-02-27 06:28 - 00735242 _____ C:\Windows\system32\perfh00C.dat
2017-04-13 22:39 - 2009-02-27 06:28 - 00152176 _____ C:\Windows\system32\perfc00C.dat
2017-04-13 22:39 - 2006-11-02 12:33 - 01652500 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-13 22:36 - 2017-03-04 03:30 - 00000000 ____D C:\Users\marouane\AppData\LocalLow\Mozilla
2017-04-13 22:34 - 2014-02-22 19:42 - 00000000 ____D C:\Users\marouane\AppData\Roaming\Avira
2017-04-11 00:52 - 2014-02-22 01:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-04-11 00:49 - 2010-06-21 00:31 - 00000000 ____D C:\Users\marouane\AppData\Roaming\uTorrent
2017-04-10 14:41 - 2017-03-07 13:47 - 00000000 ____D C:\Users\marouane\Desktop\Base Email Anass
2017-04-03 00:32 - 2011-04-19 21:52 - 00000000 ____D C:\Users\marouane\Desktop\CV
2017-04-01 16:25 - 2012-03-24 21:03 - 00000000 ____D C:\Users\marouane\Desktop\Documentation
2017-03-31 15:17 - 2012-10-09 14:21 - 00000000 ____D C:\Users\marouane\AppData\Roaming\Skype
2017-03-29 03:13 - 2011-05-26 00:01 - 00000000 ____D C:\Windows\Minidump
2017-03-27 22:06 - 2017-03-04 03:27 - 00000290 __RSH C:\ProgramData\ntuser.pol
2017-03-27 22:06 - 2010-06-18 14:02 - 00008750 _____ C:\ProgramData\HPWALog.txt
2017-03-26 15:55 - 2014-02-25 15:30 - 00000000 ____D C:\Program Files\Amazon
2017-03-26 00:48 - 2006-11-02 13:18 - 00000000 ___SD C:\Windows\Downloaded Program Files
==================== Fichiers à la racine de certains dossiers =======
2017-03-07 17:58 - 2017-03-07 17:58 - 0000049 ____H () C:\Users\marouane\AppData\Roaming\eMail Verifier.ini
2016-11-11 21:55 - 2016-11-11 21:55 - 0146336 _____ () C:\Users\marouane\AppData\Roaming\UserTile.png
2011-06-17 18:23 - 2011-06-17 18:23 - 0000212 _____ () C:\Users\marouane\AppData\Roaming\wklnhst.dat
2017-03-13 17:00 - 2017-03-13 17:00 - 0000000 _____ () C:\Users\marouane\AppData\Local\AtStart.txt
2017-03-13 17:00 - 2017-03-13 17:00 - 0000000 _____ () C:\Users\marouane\AppData\Local\DSwitch.txt
2017-03-14 03:05 - 2017-03-14 03:05 - 0000096 _____ () C:\Users\marouane\AppData\Local\fusioncache.dat
2017-03-13 17:00 - 2017-03-13 17:00 - 0000000 _____ () C:\Users\marouane\AppData\Local\QSwitch.txt
2016-06-29 01:11 - 2016-06-29 01:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-03-11 17:18 - 2017-03-11 17:18 - 0005049 _____ () C:\ProgramData\duavsiev.mnv
2010-06-18 14:30 - 2017-03-13 17:10 - 0000286 _____ () C:\ProgramData\hpqp.ini
2012-09-25 00:23 - 2013-01-29 00:59 - 0000021 _____ () C:\ProgramData\hpqp.txt
2010-06-18 14:02 - 2017-03-27 22:06 - 0008750 _____ () C:\ProgramData\HPWALog.txt
2010-06-18 14:33 - 2010-06-18 14:33 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-02-26 23:38 - 2009-02-26 23:38 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-06-18 14:32 - 2010-06-18 14:32 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-02-26 23:33 - 2009-02-26 23:34 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-06-18 14:31 - 2010-06-18 14:31 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-06-18 14:33 - 2010-06-18 14:33 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-02-26 23:32 - 2009-02-26 23:32 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-02-26 23:34 - 2009-02-26 23:38 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-06-18 14:33 - 2010-06-18 14:33 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
Certains fichiers dans TEMP:
====================
2017-03-09 20:18 - 2017-03-09 20:18 - 0000000 ____D () C:\Users\Administrateur\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-04-19 22:51
==================== Fin de FRST.txt ============================
Exécuté par marouane (administrateur) sur PC-DE-MAROUANE (20-04-2017 15:06:40)
Exécuté depuis C:\Users\marouane\Desktop
Profils chargés: marouane & Administrateur (Profils disponibles: marouane & Administrateur)
Platform: Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
() C:\Program Files\HSPA USB MODEM\ModemListener.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(SFR) C:\Program Files\SFR\Kit\9props.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Samsung) C:\Program Files\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics, Inc.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-12-24] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [206128 2008-10-10] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard)
HKLM\...\Run: [ModemListener] => C:\Program Files\HSPA USB MODEM\ModemListener.exe [98304 2010-05-28] ()
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [450652 2009-06-03] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Run: [Connexion SFR 9props.exe] => C:\Program Files\SFR\Kit\9props.exe [959880 2011-06-10] (SFR)
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-10-02] (Apple Inc.)
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1023664 2016-08-31] (Samsung)
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\MountPoints2: {6fd6f25a-922c-11e0-b2c3-00238bc94c8e} - F:\AutoRun.exe
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\MountPoints2: {6fd6f25c-922c-11e0-b2c3-00238bc94c8e} - F:\AutoRun.exe
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\MountPoints2: {6fd6f2df-922c-11e0-b2c3-00238bc94c8e} - F:\AutoRun.exe
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\MountPoints2: {71037fe4-8440-11e1-ab38-00238bc94c8e} - F:\AutoRun.exe
HKU\S-1-5-21-1695219916-2950406433-1086351045-500\...\Run: [HPADVISOR] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [966656 2008-11-18] (Hewlett-Packard)
HKU\S-1-5-21-1695219916-2950406433-1086351045-500\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
ShellExecuteHooks: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll [51656 2012-11-10] (EasyBits Software Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk [2011-10-22]
ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
Startup: C:\Users\marouane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 3520 series.lnk [2017-04-19]
ShortcutTarget: Alertes de surveillance de l'encre - HP Deskjet 3520 series.lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy\User: Restriction ? <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{447604D6-E51B-41C1-903B-7B7F56A215FE}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8FCE0FF2-9876-44CA-8852-7A3BF14BEFF3}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{F1F95A56-01E5-4FB9-9361-FD2EA93FFB1B}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1695219916-2950406433-1086351045-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Presario&pf=cnnb
HKU\S-1-5-21-1695219916-2950406433-1086351045-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Presario&pf=cnnb
SearchScopes: HKLM -> DefaultScope la valeur est absente
BHO: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2013-12-18] (Adobe Systems Incorporated)
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-15] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-15] (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll Pas de fichier
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_121-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00121-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_121-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - Pas de fichier
FireFox:
========
FF ProfilePath: C:\Users\marouane\AppData\Roaming\Mozilla\Firefox\Profiles\kzcpmz66.default-1490452153662 [2017-04-20]
FF Homepage: Mozilla\Firefox\Profiles\kzcpmz66.default-1490452153662 -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\kzcpmz66.default-1490452153662 -> est activé.
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-10-31] [non signé]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [FFToolbar@bitdefender.com] - C:\Program Files\BitDefender\BitDefender 2010\bdaphffext
FF Extension: (BitDefender Antiphishing Toolbar) - C:\Program Files\BitDefender\BitDefender 2010\bdaphffext [2011-06-21] [non signé]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-03-29]
FF HKU\S-1-5-21-1695219916-2950406433-1086351045-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => non trouvé(e)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-08-06] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1695219916-2950406433-1086351045-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\marouane\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [Pas de fichier]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default [2017-04-20]
CHR Extension: (Google Slides) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-19]
CHR Extension: (Google Docs) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-19]
CHR Extension: (Google Drive) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-19]
CHR Extension: (YouTube) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-19]
CHR Extension: (Adblock Plus) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-15]
CHR Extension: (Google Sheets) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-19]
CHR Extension: (AdBlock) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-19]
CHR Extension: (MLB Feeder with news) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\klcoadkbipccihbleddchklhfnefjoko [2017-04-14]
CHR Extension: (Carlo Gesualdo: Murder, Witchcraft) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\llcgljnjfaopoiojnfpapchjflddgmjh [2017-04-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Gmail) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-19]
CHR Extension: (25th Anniversary of the End) - C:\Users\marouane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmhgddacfcjnmnnhdebdofpnpoalccao [2017-04-10]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [81920 2009-03-02] (Andrea Electronics Corporation)
R2 AVP17.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Fichier non signé]
R3 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [223232 2008-10-23] (Hewlett-Packard Development Company, L.P.) [Fichier non signé]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [Fichier non signé]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2008-11-26] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe [217170 2009-06-03] (IDT, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [170840 2016-06-10] (AO Kaspersky Lab)
R1 cryptfd; C:\Windows\System32\drivers\cryptfd.sys [176552 2017-03-03] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [165296 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [57264 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [71504 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [69000 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [155360 2017-04-14] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [129520 2017-04-13] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [805088 2017-04-14] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49744 2017-03-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [46000 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [38072 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41392 2016-05-31] (AO Kaspersky Lab)
R1 kltdf; C:\Windows\System32\DRIVERS\kltdf.sys [82352 2016-05-17] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [71088 2016-05-17] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [165088 2017-04-14] (AO Kaspersky Lab)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [103552 2009-08-27] (TCT International Mobile Ltd)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113664 2009-12-08] (Huawei Technologies Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [X]
S3 ssudmdm; system32\DRIVERS\ssudmdm.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 15:06 - 2017-04-20 15:06 - 00025675 _____ C:\Users\marouane\Desktop\FRST.txt
2017-04-20 15:05 - 2017-04-20 15:06 - 00000000 ____D C:\FRST
2017-04-20 15:04 - 2017-04-20 15:03 - 01766912 _____ (Farbar) C:\Users\marouane\Desktop\FRST.exe
2017-04-20 15:03 - 2017-04-20 15:03 - 01766912 _____ (Farbar) C:\Users\marouane\Downloads\FRST.exe
2017-04-20 14:24 - 2017-04-20 14:24 - 00001029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\atomiccleaner3.lnk
2017-04-20 14:24 - 2017-04-20 14:24 - 00000000 ____D C:\Program Files\atomicware
2017-04-19 23:39 - 2017-04-19 23:40 - 19012068 _____ C:\Users\marouane\Downloads\Promotion immobliere.zip
2017-04-19 23:38 - 2017-04-19 23:38 - 00038932 _____ C:\Users\marouane\Downloads\The-bigest-data-base_retraité_Verifiier (1).xls
2017-04-19 23:37 - 2017-04-19 23:38 - 00038932 _____ C:\Users\marouane\Downloads\The-bigest-data-base_retraité_Verifiier.xls
2017-04-19 22:23 - 2017-04-19 22:23 - 00001634 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-04-19 22:23 - 2017-04-19 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-04-19 22:22 - 2017-04-19 22:23 - 00000000 ____D C:\Program Files\ZHPFix
2017-04-19 22:21 - 2017-04-19 22:21 - 01874868 _____ (atomicware ) C:\Users\marouane\Downloads\atomiccleaner3_1.3.4.1.exe
2017-04-19 22:19 - 2017-04-19 22:20 - 03521617 _____ (Nicolas Coolman ) C:\Users\marouane\Downloads\zhpfix_2015.10.19.9.exe
2017-04-18 21:18 - 2017-04-18 21:43 - 00399214 _____ C:\Windows\ntbtlog.txt
2017-04-16 02:11 - 2017-04-18 22:01 - 00001759 _____ C:\Users\marouane\Desktop\ZHPCleaner.txt
2017-04-15 23:38 - 2017-04-15 23:38 - 00000739 _____ C:\Users\marouane\Desktop\ZHPCleaner.lnk
2017-04-15 23:38 - 2017-04-15 23:38 - 00000000 ____D C:\Users\marouane\AppData\Local\ZHP
2017-04-15 23:23 - 2017-04-15 23:23 - 02760704 _____ C:\Users\marouane\Downloads\ZHPCleaner.exe
2017-04-15 23:19 - 2017-04-15 23:19 - 02717696 _____ C:\Users\marouane\Downloads\ZHPDiag3 (1).exe
2017-04-15 23:08 - 2017-04-19 22:39 - 00000729 _____ C:\Users\marouane\Desktop\ZHPDiag.lnk
2017-04-15 16:39 - 2017-04-15 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-15 16:39 - 2017-04-15 16:38 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2017-04-15 16:35 - 2017-04-15 16:35 - 00000000 ____D C:\Users\marouane\AppData\Roaming\Sun
2017-04-15 00:06 - 2017-04-15 00:06 - 00262144 _____ C:\Windows\system32\config\elam
2017-04-13 23:47 - 2017-04-13 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2017-04-13 23:47 - 2017-04-13 23:45 - 00002081 _____ C:\Users\Public\Desktop\Protection bancaire.lnk
2017-04-13 23:47 - 2017-04-13 23:45 - 00002015 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2017-04-13 23:34 - 2017-04-20 14:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-04-13 23:34 - 2017-04-13 23:34 - 00000000 ____D C:\Program Files\Kaspersky Lab
2017-04-13 23:24 - 2017-04-14 00:03 - 00805088 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2017-04-13 23:24 - 2017-04-14 00:01 - 00155360 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2017-04-13 23:23 - 2017-04-13 23:46 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-04-13 22:38 - 2017-04-13 23:03 - 196193912 _____ (Kaspersky Lab) C:\Users\marouane\Downloads\kis17.0.0.611fr-fr_full.exe
2017-04-11 00:39 - 2017-04-20 14:27 - 00000000 ____D C:\Users\marouane\Desktop\Cleaner
2017-04-11 00:18 - 2017-04-13 23:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-11 00:15 - 2017-04-11 00:15 - 00000000 ____D C:\Users\marouane\AppData\Roaming\Obsidium
2017-04-11 00:13 - 2017-04-11 00:13 - 56011299 _____ C:\Users\marouane\Desktop\MalwareBytes premium by Megaez WD (2).rar
2017-04-11 00:01 - 2017-04-11 00:13 - 56011299 _____ C:\Users\marouane\Downloads\MalwareBytes premium by Megaez WD (2).rar
2017-04-10 23:59 - 2017-04-11 00:00 - 56011299 _____ C:\Users\marouane\Downloads\MalwareBytes premium by Megaez WD (1).rar
2017-04-10 23:38 - 2017-04-14 23:48 - 00000022 _____ C:\Users\marouane\Downloads\gen.zip
2017-04-10 23:27 - 2017-04-10 23:35 - 59272008 _____ (Malwarebytes ) C:\Users\marouane\Downloads\mb3-setup-consumer-3.0.6.1469-1096.exe
2017-04-09 22:23 - 2017-04-09 22:23 - 00137086 _____ C:\Users\marouane\Downloads\Formulaire_Biometrique (2).pdf
2017-04-06 22:55 - 2017-04-06 22:57 - 07084141 _____ C:\Users\marouane\Downloads\CV (1).zip
2017-04-04 22:12 - 2017-04-04 22:12 - 00069880 _____ C:\Users\marouane\Downloads\CV.zip
2017-04-04 14:47 - 2017-04-04 14:47 - 01489491 _____ C:\Users\marouane\Downloads\Rapport_Expertise_Atelier_Vert_V2.pdf
2017-04-01 16:22 - 2017-04-01 16:23 - 00496818 _____ C:\Users\marouane\Downloads\SECTION II_22_09_2016_Format_4_9_SC (1).pptx
2017-04-01 16:22 - 2017-04-01 16:22 - 01825704 _____ C:\Users\marouane\Downloads\SECTION 0_SECTION I_22_09_2016_Format_4_9_SC.pptx
2017-04-01 16:22 - 2017-04-01 16:22 - 00496818 _____ C:\Users\marouane\Downloads\SECTION II_22_09_2016_Format_4_9_SC.pptx
2017-04-01 16:22 - 2017-04-01 16:22 - 00398349 _____ C:\Users\marouane\Downloads\SECTION III_22_09_2016_Format_4_9._SC.pptx
2017-03-31 00:09 - 2017-03-31 00:09 - 00000000 ____D C:\Windows\pss
2017-03-30 23:55 - 2017-04-19 23:30 - 00000000 ____D C:\Users\marouane\AppData\Roaming\ZHP
2017-03-30 23:53 - 2017-03-30 23:54 - 02105344 _____ C:\Users\marouane\Downloads\ZHPDiag3.exe
2017-03-30 14:58 - 2017-04-11 00:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-29 12:11 - 2017-04-13 23:59 - 00129520 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2017-03-29 12:11 - 2017-03-29 12:11 - 00049744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2017-03-29 03:13 - 2017-03-29 03:14 - 00142864 _____ C:\Windows\Minidump\Mini032917-01.dmp
2017-03-27 22:00 - 2017-03-29 03:13 - 221039244 _____ C:\Windows\MEMORY.DMP
2017-03-27 22:00 - 2017-03-27 22:00 - 00142864 _____ C:\Windows\Minidump\Mini032717-01.dmp
2017-03-27 21:53 - 2017-03-27 21:53 - 00137086 _____ C:\Users\marouane\Downloads\Formulaire_Biometrique (1).pdf
2017-03-27 21:52 - 2017-03-27 21:53 - 00137086 _____ C:\Users\marouane\Downloads\Formulaire_Biometrique.pdf
2017-03-27 17:32 - 2017-03-27 17:33 - 45584824 _____ C:\Users\marouane\Downloads\Firefox Setup 52.0.1esr.exe
2017-03-26 18:03 - 2017-04-17 22:56 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-26 18:03 - 2017-04-17 22:56 - 00001073 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-26 17:48 - 2017-03-26 17:48 - 00000000 ____D C:\Program Files\GUME90.tmp
2017-03-26 17:11 - 2017-03-26 17:11 - 01129376 _____ (Google Inc.) C:\Users\marouane\Downloads\ChromeSetup.exe
2017-03-26 01:05 - 2017-03-26 01:05 - 01663904 _____ (Malwarebytes) C:\Users\marouane\Downloads\JRT (1).exe
2017-03-26 01:03 - 2017-03-26 01:04 - 01663904 _____ (Malwarebytes) C:\Users\marouane\Downloads\JRT.exe
2017-03-26 00:10 - 2017-04-14 23:46 - 00000022 _____ C:\Users\marouane\Downloads\Malwarebytes_Premium_3_0_6.zip
2017-03-26 00:00 - 2017-03-26 01:16 - 00000000 ____D C:\SUPERDelete
2017-03-25 23:51 - 2017-03-26 00:01 - 57131432 _____ (Malwarebytes ) C:\Users\marouane\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-25 23:49 - 2017-03-25 23:52 - 29581496 _____ (SUPERAntiSpyware) C:\Users\marouane\Downloads\SAS_677960.EXE
2017-03-25 23:48 - 2017-03-26 00:38 - 148183320 _____ (Microsoft Corporation) C:\Users\marouane\Downloads\msert (1).exe
2017-03-25 23:35 - 2017-03-25 23:44 - 37748736 _____ C:\Users\marouane\Downloads\msert.exe
2017-03-25 17:24 - 2017-03-25 17:23 - 04031440 _____ C:\Users\marouane\Desktop\adwcleaner_6.044.exe
2017-03-25 17:22 - 2017-03-25 17:23 - 04031440 _____ C:\Users\marouane\Downloads\adwcleaner_6.044.exe
2017-03-25 16:08 - 2017-03-25 16:29 - 00000000 ____D C:\Users\marouane\Desktop\Anciennes données de Firefox
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-04-20 14:40 - 2014-03-16 02:49 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-04-20 14:40 - 2014-01-11 02:32 - 00000002 _____ C:\Users\marouane\Desktop\quinte.txt
2017-04-20 14:02 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-20 14:02 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-20 14:01 - 2012-12-03 14:47 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1695219916-2950406433-1086351045-1000UA.job
2017-04-20 14:01 - 2012-12-03 14:47 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1695219916-2950406433-1086351045-1000Core.job
2017-04-19 22:34 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-19 22:31 - 2006-11-02 14:58 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-04-19 02:03 - 2016-06-29 01:31 - 00000000 ____D C:\Users\marouane\AppData\Roaming\HpUpdate
2017-04-17 22:56 - 2014-02-23 14:12 - 00000000 ____D C:\AdwCleaner
2017-04-16 17:21 - 2017-03-11 18:33 - 87868715 _____ C:\Users\marouane\Downloads\PaketSpamera.rar
2017-04-16 14:28 - 2010-11-11 22:42 - 00000000 ____D C:\Program Files\Common Files\DeviceHelper
2017-04-15 16:40 - 2012-05-24 19:09 - 00000000 ____D C:\Program Files\Common Files\Java
2017-04-15 16:38 - 2009-02-26 23:42 - 00000000 ____D C:\Program Files\Java
2017-04-15 16:33 - 2014-02-06 19:41 - 00268864 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2017-04-15 16:31 - 2014-02-06 19:42 - 00000000 ____D C:\ProgramData\Oracle
2017-04-15 00:35 - 2012-05-04 20:25 - 00000859 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-04-15 00:00 - 2011-04-20 20:45 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-04-15 00:00 - 2010-07-08 18:12 - 00000000 ____D C:\Program Files\Apple Software Update
2017-04-14 23:48 - 2017-03-11 17:32 - 00000027 _____ C:\Users\marouane\Downloads\advanced_email_verifier_8_0_2_crack(1).rar
2017-04-14 23:48 - 2017-03-11 17:26 - 00000027 _____ C:\Users\marouane\Downloads\advanced_email_verifier_8_0_2_crack.rar
2017-04-14 23:47 - 2017-03-14 02:31 - 00000022 _____ C:\Users\marouane\Downloads\live-email-verifier(1).zip
2017-04-14 23:47 - 2017-03-14 02:22 - 02183378 _____ C:\Users\marouane\Downloads\Live Email Verifier Professional 6.4 + Crack.zip
2017-04-14 23:47 - 2017-03-14 01:58 - 02183378 _____ C:\Users\marouane\Downloads\live-email-verifier-professional-63427321081[aRb]Cracked.zip
2017-04-14 23:47 - 2017-03-13 00:05 - 00000027 _____ C:\Users\marouane\Downloads\Advanced-Email-Verifier-Full-Download.rar
2017-04-14 23:47 - 2017-03-11 18:41 - 00000027 _____ C:\Users\marouane\Downloads\advanced_email_verifier_7_keygen.rar
2017-04-14 23:47 - 2017-03-11 17:37 - 00000027 _____ C:\Users\marouane\Downloads\advanced_email_verifier_8_0.rar
2017-04-14 23:46 - 2017-03-13 03:12 - 00000027 _____ C:\Users\marouane\Downloads\Advanced-Email-Verifier-Full-Download(3).rar
2017-04-14 23:46 - 2017-03-13 03:12 - 00000027 _____ C:\Users\marouane\Downloads\Advanced-Email-Verifier-Full-Download(2).rar
2017-04-14 23:46 - 2017-03-13 00:06 - 00000027 _____ C:\Users\marouane\Downloads\Advanced-Email-Verifier-Full-Download(1).rar
2017-04-14 23:44 - 2012-10-10 03:58 - 00000000 ____D C:\Users\marouane\Downloads\Nouveau dossier
2017-04-14 23:41 - 2017-03-13 02:25 - 00002160 _____ C:\Users\marouane\Downloads\aev(9).zip
2017-04-14 00:34 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2017-04-14 00:25 - 2014-02-22 01:31 - 00000858 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-14 00:25 - 2014-02-22 01:31 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-04-14 00:25 - 2011-04-26 15:44 - 00000833 _____ C:\Users\marouane\Desktop\Internet Explorer.lnk
2017-04-14 00:25 - 2010-06-18 14:01 - 00001001 _____ C:\Users\marouane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-14 00:02 - 2016-06-14 17:47 - 00165088 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2017-04-13 23:44 - 2010-06-18 13:51 - 00000000 ____D C:\Users\marouane
2017-04-13 23:15 - 2014-09-02 22:22 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-13 23:15 - 2014-02-22 17:51 - 00000000 ____D C:\ProgramData\Avira
2017-04-13 22:39 - 2009-02-27 06:28 - 00735242 _____ C:\Windows\system32\perfh00C.dat
2017-04-13 22:39 - 2009-02-27 06:28 - 00152176 _____ C:\Windows\system32\perfc00C.dat
2017-04-13 22:39 - 2006-11-02 12:33 - 01652500 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-13 22:36 - 2017-03-04 03:30 - 00000000 ____D C:\Users\marouane\AppData\LocalLow\Mozilla
2017-04-13 22:34 - 2014-02-22 19:42 - 00000000 ____D C:\Users\marouane\AppData\Roaming\Avira
2017-04-11 00:52 - 2014-02-22 01:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-04-11 00:49 - 2010-06-21 00:31 - 00000000 ____D C:\Users\marouane\AppData\Roaming\uTorrent
2017-04-10 14:41 - 2017-03-07 13:47 - 00000000 ____D C:\Users\marouane\Desktop\Base Email Anass
2017-04-03 00:32 - 2011-04-19 21:52 - 00000000 ____D C:\Users\marouane\Desktop\CV
2017-04-01 16:25 - 2012-03-24 21:03 - 00000000 ____D C:\Users\marouane\Desktop\Documentation
2017-03-31 15:17 - 2012-10-09 14:21 - 00000000 ____D C:\Users\marouane\AppData\Roaming\Skype
2017-03-29 03:13 - 2011-05-26 00:01 - 00000000 ____D C:\Windows\Minidump
2017-03-27 22:06 - 2017-03-04 03:27 - 00000290 __RSH C:\ProgramData\ntuser.pol
2017-03-27 22:06 - 2010-06-18 14:02 - 00008750 _____ C:\ProgramData\HPWALog.txt
2017-03-26 15:55 - 2014-02-25 15:30 - 00000000 ____D C:\Program Files\Amazon
2017-03-26 00:48 - 2006-11-02 13:18 - 00000000 ___SD C:\Windows\Downloaded Program Files
==================== Fichiers à la racine de certains dossiers =======
2017-03-07 17:58 - 2017-03-07 17:58 - 0000049 ____H () C:\Users\marouane\AppData\Roaming\eMail Verifier.ini
2016-11-11 21:55 - 2016-11-11 21:55 - 0146336 _____ () C:\Users\marouane\AppData\Roaming\UserTile.png
2011-06-17 18:23 - 2011-06-17 18:23 - 0000212 _____ () C:\Users\marouane\AppData\Roaming\wklnhst.dat
2017-03-13 17:00 - 2017-03-13 17:00 - 0000000 _____ () C:\Users\marouane\AppData\Local\AtStart.txt
2017-03-13 17:00 - 2017-03-13 17:00 - 0000000 _____ () C:\Users\marouane\AppData\Local\DSwitch.txt
2017-03-14 03:05 - 2017-03-14 03:05 - 0000096 _____ () C:\Users\marouane\AppData\Local\fusioncache.dat
2017-03-13 17:00 - 2017-03-13 17:00 - 0000000 _____ () C:\Users\marouane\AppData\Local\QSwitch.txt
2016-06-29 01:11 - 2016-06-29 01:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-03-11 17:18 - 2017-03-11 17:18 - 0005049 _____ () C:\ProgramData\duavsiev.mnv
2010-06-18 14:30 - 2017-03-13 17:10 - 0000286 _____ () C:\ProgramData\hpqp.ini
2012-09-25 00:23 - 2013-01-29 00:59 - 0000021 _____ () C:\ProgramData\hpqp.txt
2010-06-18 14:02 - 2017-03-27 22:06 - 0008750 _____ () C:\ProgramData\HPWALog.txt
2010-06-18 14:33 - 2010-06-18 14:33 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-02-26 23:38 - 2009-02-26 23:38 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-06-18 14:32 - 2010-06-18 14:32 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-02-26 23:33 - 2009-02-26 23:34 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-06-18 14:31 - 2010-06-18 14:31 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-06-18 14:33 - 2010-06-18 14:33 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-02-26 23:32 - 2009-02-26 23:32 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-02-26 23:34 - 2009-02-26 23:38 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-06-18 14:33 - 2010-06-18 14:33 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
Certains fichiers dans TEMP:
====================
2017-03-09 20:18 - 2017-03-09 20:18 - 0000000 ____D () C:\Users\Administrateur\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-04-19 22:51
==================== Fin de FRST.txt ============================