Publicité
Publicité
Commentaire : processus iexplore.exe multiple et insuprimable
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01
Exécuté par Hp (administrateur) sur HP-PC (19-06-2017 16:51:39)
Exécuté depuis C:\Users\Hp\Downloads
Profils chargés: Hp (Profils disponibles: Hp)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
() C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe
(Ralink Technology, Inc.) C:\Program Files (x86)\Ralink\Common\RaWiFi.exe
() C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaCountryRegion.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company)
HKLM-x32\...\Run: [InternetEverywhere_InternetEverywhere_Launcher.exe] => C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe [969464 2015-08-25] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-04-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-03-20] (Seagate Technology LLC)
HKLM-x32\...\RunOnce: [] => [X]
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\Run: [uTorrent] => C:\Users\Hp\AppData\Roaming\uTorrent\uTorrent.exe [2144448 2017-04-06] (BitTorrent Inc.)
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [909696 2010-12-21] (Microsoft Corporation)
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\Run: [Viber] => C:\Users\Hp\AppData\Local\Viber\Viber.exe [30676560 2017-05-06] (Viber Media S.Ã r.l.)
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [143080 2017-03-20] (Seagate Technology LLC)
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\MountPoints2: {09bbad92-611a-11e5-8f38-a01d48af3b48} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\MountPoints2: {1a6d3c87-32f1-11e6-9dbd-38b1db0ec48e} - G:\AutoRun.exe
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\MountPoints2: {45fdf03e-6807-11e5-8d55-a01d48af3b48} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\MountPoints2: {7863fd42-5a37-11e5-abe5-38b1db0ec48e} - F:\AutoRun.exe
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\MountPoints2: {c16fb8f9-b372-11e5-8799-38b1db0ec48e} - F:\iLinker.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2015-10-01]
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2015-09-11]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaWiFi.exe (Ralink Technology, Inc.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{216B2C8E-8E84-4456-B2BE-2BDF2A6A80D9}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{295BC701-D273-4D10-A969-A672F4AB9C52}: [NameServer] 10.47.9.33 10.47.9.36
Tcpip\..\Interfaces\{46BC9D8F-355A-41D3-B03A-D90B712AB699}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55399FE6-A9F6-444C-BE98-4551C70F2DDF}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{A078845A-A8D6-4278-9324-4B1855642BB7}: [NameServer] 10.47.9.33 10.47.9.36
Tcpip\..\Interfaces\{ADB8F14C-671D-4DA4-8475-0559146336B3}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{B5F2DBB3-11E0-4295-B47D-3704DDAEFD7B}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{BCD7FCE9-ED81-43B0-BDF5-8CA18A98EFEF}: [NameServer] 10.47.9.35 10.47.9.36
Tcpip\..\Interfaces\{BEF91889-AE18-4E7F-AC3E-D25A28741DBA}: [NameServer] 10.47.9.35 10.47.9.36
Tcpip\..\Interfaces\{CBC900E1-CAD1-4311-A986-AAEC25AC6F8C}: [NameServer] 10.47.9.34 10.47.9.36
Tcpip\..\Interfaces\{D092AB07-1B9E-4C46-A101-F7DB288EC38A}: [NameServer] 10.47.9.33 10.47.9.36
Tcpip\..\Interfaces\{E1D57EE2-A014-4C34-A434-FBE818DC5C8C}: [NameServer] 10.47.9.33 10.47.9.36
Tcpip\..\Interfaces\{F906A95D-BC24-4714-B693-2809AE3D93C5}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{FD8C4677-9A67-4D7E-B4BA-6AF3EB3E069D}: [NameServer] 10.47.9.33 10.47.9.36
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449824978&z=fd2ca4e92f9ddb8ee5bc589g7zdz2t0b5ocz4tam9w&from=ient07021&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-eg/?ocid=iehp
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449824978&z=fd2ca4e92f9ddb8ee5bc589g7zdz2t0b5ocz4tam9w&from=ient07021&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3263399412-2912011979-914214451-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3263399412-2912011979-914214451-1000 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-3263399412-2912011979-914214451-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-12-28]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird => non trouvé(e)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2009-07-26] (the VideoLAN Team)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default [2017-06-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-16]
CHR Extension: (Kaspersky Protection) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-06-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-16]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-3263399412-2912011979-914214451-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-04-23]
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [Fichier non signé]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Fichier non signé]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 InternetEverywhere_Service; C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe [600824 2015-08-25] ()
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2015-09-23] ()
R2 RalinkCountryRegion; C:\Program Files (x86)\Ralink\Common\RaCountryRegion.exe [42496 2012-07-27] (Ralink Technology, Corp.) [Fichier non signé]
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [Fichier non signé]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [Fichier non signé]
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Fichier non signé]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-03-20] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-03-20] (Seagate Technology LLC)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Fichier non signé]
S2 HuaweiHiSuiteService64.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-05] (Ralink Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 ewusbmbb; C:\Windows\SysWOW64\DRIVERS\ewusbwwan.sys [422400 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 ew_hwusbdev; C:\Windows\SysWOW64\DRIVERS\ew_hwusbdev.sys [117248 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 ew_usbenumfilter; C:\Windows\SysWOW64\DRIVERS\ew_usbenumfilter.sys [13952 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 huawei_cdcacm; C:\Windows\SysWOW64\DRIVERS\ew_jucdcacm.sys [98304 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 huawei_cdcecm; C:\Windows\SysWOW64\DRIVERS\ew_jucdcecm.sys [72192 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
R3 huawei_enumerator; C:\Windows\SysWOW64\DRIVERS\ew_jubusenum.sys [87040 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 huawei_ext_ctrl; C:\Windows\SysWOW64\DRIVERS\ew_juextctrl.sys [28672 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [223232 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [380672 2014-09-30] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-11-18] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-07] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-07] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [67584 2010-02-19] (Chingachguk & Denger2k (Elite & SP edition)) [Fichier non signé]
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2486416 2014-12-31] (MediaTek Inc.)
R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [692832 2012-10-09] (Ralink Technology, Corp.)
S3 usbser; C:\Windows\System32\DRIVERS\USBSER.sys [33280 2015-05-07] (Microsoft Corporation) [Fichier non signé]
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-19 16:51 - 2017-06-19 16:53 - 00031495 _____ C:\Users\Hp\Downloads\FRST.txt
2017-06-19 16:50 - 2017-06-19 16:51 - 00000000 ____D C:\FRST
2017-06-19 16:47 - 2017-06-19 16:48 - 02439680 _____ (Farbar) C:\Users\Hp\Downloads\FRST64.exe
2017-06-16 19:27 - 2017-06-16 19:27 - 03824032 _____ (SOSVirus) C:\Users\Hp\Downloads\UsbFix.exe
2017-06-16 19:26 - 2017-06-16 19:26 - 03824024 _____ (SOSVirus) C:\Users\Hp\Downloads\UsbFix_9.052.exe
2017-06-16 19:08 - 2017-06-16 19:08 - 00077575 _____ C:\Users\Hp\Desktop\Fondations des bâtiments.pdf
2017-06-16 19:08 - 2017-06-16 19:08 - 00077575 _____ C:\Users\Hp\Desktop\Fondations des bâtiments.html
2017-06-16 19:08 - 2017-06-16 19:08 - 00000000 ____D C:\Users\Hp\Desktop\Fondations des bâtiments_files
2017-06-16 18:50 - 2017-06-16 18:50 - 04749141 _____ C:\Users\Hp\Desktop\cours_fondations-profondes-FRANKI_procedes-generaux-de-construction.pdf
2017-06-16 15:44 - 2017-06-16 15:52 - 48453364 _____ C:\Users\Hp\Downloads\Le grand livre de la gestion de projet.rar
2017-06-16 15:11 - 2017-06-16 15:11 - 00122368 _____ C:\Users\Hp\Downloads\BTE-PV-Chantier N°2 (1).xls
2017-06-16 15:03 - 2017-06-16 15:03 - 00122368 _____ C:\Users\Hp\Downloads\BTE-PV-Chantier N°2.xls
2017-06-16 15:03 - 2017-06-16 15:03 - 00012887 _____ C:\Users\Hp\Downloads\BTE-Liste des intervenants.xlsx
2017-06-16 02:29 - 2017-06-16 02:29 - 00024042 _____ C:\Users\Hp\Desktop\ZHPCleaner.txt
2017-06-16 02:10 - 2017-06-16 02:29 - 00000000 ____D C:\Users\Hp\AppData\Roaming\ZHP
2017-06-16 02:10 - 2017-06-16 02:12 - 00000000 ____D C:\Users\Hp\AppData\Local\ZHP
2017-06-16 02:10 - 2017-06-16 02:10 - 02794880 _____ C:\Users\Hp\Downloads\ZHPCleaner.exe
2017-06-16 02:10 - 2017-06-16 02:10 - 02794880 _____ C:\Users\Hp\Downloads\ZHPCleaner (1).exe
2017-06-16 02:10 - 2017-06-16 02:10 - 00000824 _____ C:\Users\Hp\Desktop\ZHPCleaner.lnk
2017-06-15 15:43 - 2017-06-15 15:44 - 03124524 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Hp\Downloads\usbfix-8-248.exe
2017-06-01 21:44 - 2017-06-01 21:44 - 00337935 _____ C:\Users\Hp\Desktop\cv_cyrine_2017_fr.pdf
2017-05-26 16:56 - 2017-05-26 16:56 - 00729096 _____ C:\Users\Hp\Downloads\Knauf_guide_cloisons_.pdf
2017-05-25 11:43 - 2017-05-25 11:43 - 00989056 _____ C:\Users\Hp\Desktop\20091118_gl_voirie_guide_conception_structures_de_chaussees.pdf
2017-05-25 09:21 - 2017-05-19 17:23 - 17163786 _____ C:\Users\Hp\Desktop\20057-0000-C70-DW-00006-005 WITH ALL THE RED MARK FORMAT A3.pdf
2017-05-21 14:05 - 2017-05-21 14:05 - 00238131 _____ C:\Users\Hp\Downloads\tableau récap .menui métallique à jour 2017 (1).xlsx
2017-05-21 14:04 - 2017-05-21 14:05 - 00238131 _____ C:\Users\Hp\Downloads\tableau récap .menui métallique à jour 2017.xlsx
2017-05-21 14:04 - 2017-05-21 14:04 - 00960564 _____ C:\Users\Hp\Downloads\Menuiserie métallique.zip
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-18 18:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-06-17 02:38 - 2011-04-12 10:16 - 00749910 _____ C:\Windows\system32\perfh00C.dat
2017-06-17 02:38 - 2011-04-12 10:16 - 00150524 _____ C:\Windows\system32\perfc00C.dat
2017-06-17 02:38 - 2009-07-14 06:13 - 01675006 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-17 02:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-06-16 01:43 - 2015-10-05 16:26 - 00000000 ____D C:\Log
2017-06-15 15:46 - 2017-03-29 15:59 - 00000000 ____D C:\UsbFix
2017-06-02 15:00 - 2015-12-11 22:30 - 00000000 ____D C:\Users\Hp\AppData\Roaming\ViberPC
2017-06-01 02:10 - 2016-07-21 10:27 - 00000000 ___RD C:\Users\Hp\Desktop\Nouveau dossier
2017-06-01 02:10 - 2016-06-30 07:07 - 00000000 ____D C:\Users\Hp\Desktop\GTP gabes files
2017-06-01 01:41 - 2016-01-06 21:29 - 00000000 ____D C:\Users\Hp\Documents\ViberDownloads
2017-05-27 07:17 - 2017-02-10 10:24 - 00000000 ____D C:\Users\Hp\Desktop\2017 gtp batiment
2017-05-26 17:48 - 2017-02-16 16:07 - 00000000 ____D C:\Users\Hp\Downloads\Now.You.See.Me.2.2016.1080p.BluRay.x264.AC3-JYK
2017-05-26 17:48 - 2016-12-06 11:37 - 00000000 ____D C:\100APPLE
2017-05-25 09:23 - 2015-09-30 10:40 - 00000000 ____D C:\Users\Hp\AppData\Local\cache
2017-05-24 16:19 - 2017-04-22 11:58 - 00214640 _____ C:\Users\Hp\Desktop\curriculum vitae ben el mechri othmen.pdf
2017-05-24 16:16 - 2017-04-28 15:40 - 00539878 _____ C:\Users\Hp\Desktop\cv_othmanbenmechri_2017_fr.pdf
==================== Fichiers à la racine de certains dossiers =======
2016-10-07 09:22 - 2016-10-07 09:22 - 0006144 _____ () C:\Users\Hp\AppData\Roaming\com.apple.antiphishing.db
2016-06-20 09:59 - 2016-06-20 15:02 - 0000138 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-10-07 20:17 - 2015-12-11 15:17 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
testsigning: ==> 'testsigning' est activé. Rechercher un éventuel pilote non signé <===== ATTENTION
LastRegBack: 2017-04-23 17:27
==================== Fin de FRST.txt ============================
Exécuté par Hp (administrateur) sur HP-PC (19-06-2017 16:51:39)
Exécuté depuis C:\Users\Hp\Downloads
Profils chargés: Hp (Profils disponibles: Hp)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
() C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe
(Ralink Technology, Inc.) C:\Program Files (x86)\Ralink\Common\RaWiFi.exe
() C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaCountryRegion.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company)
HKLM-x32\...\Run: [InternetEverywhere_InternetEverywhere_Launcher.exe] => C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe [969464 2015-08-25] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-04-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-03-20] (Seagate Technology LLC)
HKLM-x32\...\RunOnce: [] => [X]
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\Run: [uTorrent] => C:\Users\Hp\AppData\Roaming\uTorrent\uTorrent.exe [2144448 2017-04-06] (BitTorrent Inc.)
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [909696 2010-12-21] (Microsoft Corporation)
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\Run: [Viber] => C:\Users\Hp\AppData\Local\Viber\Viber.exe [30676560 2017-05-06] (Viber Media S.Ã r.l.)
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [143080 2017-03-20] (Seagate Technology LLC)
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\MountPoints2: {09bbad92-611a-11e5-8f38-a01d48af3b48} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\MountPoints2: {1a6d3c87-32f1-11e6-9dbd-38b1db0ec48e} - G:\AutoRun.exe
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\MountPoints2: {45fdf03e-6807-11e5-8d55-a01d48af3b48} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\MountPoints2: {7863fd42-5a37-11e5-abe5-38b1db0ec48e} - F:\AutoRun.exe
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\...\MountPoints2: {c16fb8f9-b372-11e5-8799-38b1db0ec48e} - F:\iLinker.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2015-10-01]
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2015-09-11]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaWiFi.exe (Ralink Technology, Inc.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{216B2C8E-8E84-4456-B2BE-2BDF2A6A80D9}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{295BC701-D273-4D10-A969-A672F4AB9C52}: [NameServer] 10.47.9.33 10.47.9.36
Tcpip\..\Interfaces\{46BC9D8F-355A-41D3-B03A-D90B712AB699}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55399FE6-A9F6-444C-BE98-4551C70F2DDF}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{A078845A-A8D6-4278-9324-4B1855642BB7}: [NameServer] 10.47.9.33 10.47.9.36
Tcpip\..\Interfaces\{ADB8F14C-671D-4DA4-8475-0559146336B3}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{B5F2DBB3-11E0-4295-B47D-3704DDAEFD7B}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{BCD7FCE9-ED81-43B0-BDF5-8CA18A98EFEF}: [NameServer] 10.47.9.35 10.47.9.36
Tcpip\..\Interfaces\{BEF91889-AE18-4E7F-AC3E-D25A28741DBA}: [NameServer] 10.47.9.35 10.47.9.36
Tcpip\..\Interfaces\{CBC900E1-CAD1-4311-A986-AAEC25AC6F8C}: [NameServer] 10.47.9.34 10.47.9.36
Tcpip\..\Interfaces\{D092AB07-1B9E-4C46-A101-F7DB288EC38A}: [NameServer] 10.47.9.33 10.47.9.36
Tcpip\..\Interfaces\{E1D57EE2-A014-4C34-A434-FBE818DC5C8C}: [NameServer] 10.47.9.33 10.47.9.36
Tcpip\..\Interfaces\{F906A95D-BC24-4714-B693-2809AE3D93C5}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{FD8C4677-9A67-4D7E-B4BA-6AF3EB3E069D}: [NameServer] 10.47.9.33 10.47.9.36
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449824978&z=fd2ca4e92f9ddb8ee5bc589g7zdz2t0b5ocz4tam9w&from=ient07021&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-eg/?ocid=iehp
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W
HKU\S-1-5-21-3263399412-2912011979-914214451-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449824978&z=fd2ca4e92f9ddb8ee5bc589g7zdz2t0b5ocz4tam9w&from=ient07021&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349250&z=5b11c6ca0ca67cd42951d27g3z0zcbbcdz3t9o7z9t&from=ient07031&uid=ST500LT012-1DG142_S3PGA88W&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3263399412-2912011979-914214451-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3263399412-2912011979-914214451-1000 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-3263399412-2912011979-914214451-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-12-28]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird => non trouvé(e)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2009-07-26] (the VideoLAN Team)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default [2017-06-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-16]
CHR Extension: (Kaspersky Protection) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-06-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-16]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-3263399412-2912011979-914214451-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-04-23]
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [Fichier non signé]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Fichier non signé]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 InternetEverywhere_Service; C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe [600824 2015-08-25] ()
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2015-09-23] ()
R2 RalinkCountryRegion; C:\Program Files (x86)\Ralink\Common\RaCountryRegion.exe [42496 2012-07-27] (Ralink Technology, Corp.) [Fichier non signé]
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [Fichier non signé]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [Fichier non signé]
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Fichier non signé]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-03-20] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-03-20] (Seagate Technology LLC)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Fichier non signé]
S2 HuaweiHiSuiteService64.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-05] (Ralink Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 ewusbmbb; C:\Windows\SysWOW64\DRIVERS\ewusbwwan.sys [422400 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 ew_hwusbdev; C:\Windows\SysWOW64\DRIVERS\ew_hwusbdev.sys [117248 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 ew_usbenumfilter; C:\Windows\SysWOW64\DRIVERS\ew_usbenumfilter.sys [13952 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 huawei_cdcacm; C:\Windows\SysWOW64\DRIVERS\ew_jucdcacm.sys [98304 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 huawei_cdcecm; C:\Windows\SysWOW64\DRIVERS\ew_jucdcecm.sys [72192 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
R3 huawei_enumerator; C:\Windows\SysWOW64\DRIVERS\ew_jubusenum.sys [87040 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 huawei_ext_ctrl; C:\Windows\SysWOW64\DRIVERS\ew_juextctrl.sys [28672 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [223232 2015-10-01] (Huawei Technologies Co., Ltd.) [Fichier non signé]
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [380672 2014-09-30] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-11-18] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-07] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-07] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [67584 2010-02-19] (Chingachguk & Denger2k (Elite & SP edition)) [Fichier non signé]
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2486416 2014-12-31] (MediaTek Inc.)
R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [692832 2012-10-09] (Ralink Technology, Corp.)
S3 usbser; C:\Windows\System32\DRIVERS\USBSER.sys [33280 2015-05-07] (Microsoft Corporation) [Fichier non signé]
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-19 16:51 - 2017-06-19 16:53 - 00031495 _____ C:\Users\Hp\Downloads\FRST.txt
2017-06-19 16:50 - 2017-06-19 16:51 - 00000000 ____D C:\FRST
2017-06-19 16:47 - 2017-06-19 16:48 - 02439680 _____ (Farbar) C:\Users\Hp\Downloads\FRST64.exe
2017-06-16 19:27 - 2017-06-16 19:27 - 03824032 _____ (SOSVirus) C:\Users\Hp\Downloads\UsbFix.exe
2017-06-16 19:26 - 2017-06-16 19:26 - 03824024 _____ (SOSVirus) C:\Users\Hp\Downloads\UsbFix_9.052.exe
2017-06-16 19:08 - 2017-06-16 19:08 - 00077575 _____ C:\Users\Hp\Desktop\Fondations des bâtiments.pdf
2017-06-16 19:08 - 2017-06-16 19:08 - 00077575 _____ C:\Users\Hp\Desktop\Fondations des bâtiments.html
2017-06-16 19:08 - 2017-06-16 19:08 - 00000000 ____D C:\Users\Hp\Desktop\Fondations des bâtiments_files
2017-06-16 18:50 - 2017-06-16 18:50 - 04749141 _____ C:\Users\Hp\Desktop\cours_fondations-profondes-FRANKI_procedes-generaux-de-construction.pdf
2017-06-16 15:44 - 2017-06-16 15:52 - 48453364 _____ C:\Users\Hp\Downloads\Le grand livre de la gestion de projet.rar
2017-06-16 15:11 - 2017-06-16 15:11 - 00122368 _____ C:\Users\Hp\Downloads\BTE-PV-Chantier N°2 (1).xls
2017-06-16 15:03 - 2017-06-16 15:03 - 00122368 _____ C:\Users\Hp\Downloads\BTE-PV-Chantier N°2.xls
2017-06-16 15:03 - 2017-06-16 15:03 - 00012887 _____ C:\Users\Hp\Downloads\BTE-Liste des intervenants.xlsx
2017-06-16 02:29 - 2017-06-16 02:29 - 00024042 _____ C:\Users\Hp\Desktop\ZHPCleaner.txt
2017-06-16 02:10 - 2017-06-16 02:29 - 00000000 ____D C:\Users\Hp\AppData\Roaming\ZHP
2017-06-16 02:10 - 2017-06-16 02:12 - 00000000 ____D C:\Users\Hp\AppData\Local\ZHP
2017-06-16 02:10 - 2017-06-16 02:10 - 02794880 _____ C:\Users\Hp\Downloads\ZHPCleaner.exe
2017-06-16 02:10 - 2017-06-16 02:10 - 02794880 _____ C:\Users\Hp\Downloads\ZHPCleaner (1).exe
2017-06-16 02:10 - 2017-06-16 02:10 - 00000824 _____ C:\Users\Hp\Desktop\ZHPCleaner.lnk
2017-06-15 15:43 - 2017-06-15 15:44 - 03124524 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Hp\Downloads\usbfix-8-248.exe
2017-06-01 21:44 - 2017-06-01 21:44 - 00337935 _____ C:\Users\Hp\Desktop\cv_cyrine_2017_fr.pdf
2017-05-26 16:56 - 2017-05-26 16:56 - 00729096 _____ C:\Users\Hp\Downloads\Knauf_guide_cloisons_.pdf
2017-05-25 11:43 - 2017-05-25 11:43 - 00989056 _____ C:\Users\Hp\Desktop\20091118_gl_voirie_guide_conception_structures_de_chaussees.pdf
2017-05-25 09:21 - 2017-05-19 17:23 - 17163786 _____ C:\Users\Hp\Desktop\20057-0000-C70-DW-00006-005 WITH ALL THE RED MARK FORMAT A3.pdf
2017-05-21 14:05 - 2017-05-21 14:05 - 00238131 _____ C:\Users\Hp\Downloads\tableau récap .menui métallique à jour 2017 (1).xlsx
2017-05-21 14:04 - 2017-05-21 14:05 - 00238131 _____ C:\Users\Hp\Downloads\tableau récap .menui métallique à jour 2017.xlsx
2017-05-21 14:04 - 2017-05-21 14:04 - 00960564 _____ C:\Users\Hp\Downloads\Menuiserie métallique.zip
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-06-18 18:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-06-17 02:38 - 2011-04-12 10:16 - 00749910 _____ C:\Windows\system32\perfh00C.dat
2017-06-17 02:38 - 2011-04-12 10:16 - 00150524 _____ C:\Windows\system32\perfc00C.dat
2017-06-17 02:38 - 2009-07-14 06:13 - 01675006 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-17 02:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-06-16 01:43 - 2015-10-05 16:26 - 00000000 ____D C:\Log
2017-06-15 15:46 - 2017-03-29 15:59 - 00000000 ____D C:\UsbFix
2017-06-02 15:00 - 2015-12-11 22:30 - 00000000 ____D C:\Users\Hp\AppData\Roaming\ViberPC
2017-06-01 02:10 - 2016-07-21 10:27 - 00000000 ___RD C:\Users\Hp\Desktop\Nouveau dossier
2017-06-01 02:10 - 2016-06-30 07:07 - 00000000 ____D C:\Users\Hp\Desktop\GTP gabes files
2017-06-01 01:41 - 2016-01-06 21:29 - 00000000 ____D C:\Users\Hp\Documents\ViberDownloads
2017-05-27 07:17 - 2017-02-10 10:24 - 00000000 ____D C:\Users\Hp\Desktop\2017 gtp batiment
2017-05-26 17:48 - 2017-02-16 16:07 - 00000000 ____D C:\Users\Hp\Downloads\Now.You.See.Me.2.2016.1080p.BluRay.x264.AC3-JYK
2017-05-26 17:48 - 2016-12-06 11:37 - 00000000 ____D C:\100APPLE
2017-05-25 09:23 - 2015-09-30 10:40 - 00000000 ____D C:\Users\Hp\AppData\Local\cache
2017-05-24 16:19 - 2017-04-22 11:58 - 00214640 _____ C:\Users\Hp\Desktop\curriculum vitae ben el mechri othmen.pdf
2017-05-24 16:16 - 2017-04-28 15:40 - 00539878 _____ C:\Users\Hp\Desktop\cv_othmanbenmechri_2017_fr.pdf
==================== Fichiers à la racine de certains dossiers =======
2016-10-07 09:22 - 2016-10-07 09:22 - 0006144 _____ () C:\Users\Hp\AppData\Roaming\com.apple.antiphishing.db
2016-06-20 09:59 - 2016-06-20 15:02 - 0000138 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-10-07 20:17 - 2015-12-11 15:17 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
testsigning: ==> 'testsigning' est activé. Rechercher un éventuel pilote non signé <===== ATTENTION
LastRegBack: 2017-04-23 17:27
==================== Fin de FRST.txt ============================