Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 02-11-2017 02
Exécuté par EL ALAMI (administrateur) sur ELALAMI-HP (04-11-2017 07:31:31)
Exécuté depuis C:\Users\EL ALAMI\Desktop
Profils chargés: EL ALAMI (Profils disponibles: EL ALAMI & lalalala)
Platform: Microsoft Windows 7 Professionnel (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\stacsv.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\AEstSrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(McAfee, Inc.) C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\ProgramData\Modem HDM EC156\OnlineUpdate\ouc.exe
(McAfee, Inc.) C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
() C:\Program Files\SiteAdvisor\6173\SiteAdv.exe
() C:\Program Files\SiteAdvisor\6173\SAService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(SFX TEAM) C:\Program Files\SuperCopier2\SuperCopier2.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
(Mozilla Corporation) C:\Program Files\mozilla firefox\tobedeleted\nsy2AA.tmp
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(ArcSoft, Inc.) C:\Windows\System32\uArcCapture.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtTry.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Intel Security) C:\Program Files\Intel Security\True Key\application\truekey.exe
(Intel Security) C:\Program Files\Intel Security\True Key\application\truekey.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\EL ALAMI\Desktop\frst 32.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-25] (Intel Corporation)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-10-23] (PDF Complete Inc)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1690680 2009-12-16] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-05-14] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [MVS Splash] => C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe [562496 2009-11-17] (McAfee, Inc.)
HKLM\...\Run: [McAfee Managed Services Tray] => C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe [95552 2009-11-17] (McAfee, Inc.)
HKLM\...\Run: [SiteAdvisor] => C:\Program Files\SiteAdvisor\6173\SiteAdv.exe [36640 2007-08-28] ()
HKLM\...\Run: [File Sanitizer] => C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-17] (IDT, Inc.)
HKLM\...\Run: [DTRun] => c:\Program Files\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [518656 2009-11-18] (ArcSoft Inc.)
HKLM\...\Run: [NortonOnlineBackupReminder] => C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP: C:\windows\system32\DeviceNP.dll [2009-11-17] (Hewlett-Packard Limited)
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\Run: [Skype] => C:\Program Files\Skype\\Phone\Skype.exe [25623336 2009-10-09] (Skype Technologies S.A.)
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\Run: [SuperCopier2.exe] => C:\Program Files\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {4d3b97be-79ae-11e6-9e1c-70f39584cc23} - D:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {4d3b97c1-79ae-11e6-9e1c-70f39584cc23} - H:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {9a609eb1-a361-11e6-af77-70f39584cc23} - D:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {9a609ec2-a361-11e6-af77-70f39584cc23} - H:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {9a609f0c-a361-11e6-af77-70f39584cc23} - D:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {9a609f36-a361-11e6-af77-70f39584cc23} - D:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {9a609f4c-a361-11e6-af77-70f39584cc23} - D:\AutoRun.exe
Lsa: [Notification Packages] DPPassFilter scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-05-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-25]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\EL ALAMI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hylxrdwb.exe [2017-09-16] ()
Startup: C:\Users\lalalala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hylxrdwb.exe [2016-11-17] (Avira GmbH)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-4003220337-2150668752-462664786-1002] => 10.10.21.1:3128
AutoConfigURL: [S-1-5-21-4003220337-2150668752-462664786-1002] => 10.10.21.1:3128
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{11B27633-B574-4C9A-B940-3F95BFB43242}: [NameServer] 192.168.50.58 192.168.60.55
Tcpip\..\Interfaces\{1B680F8D-F167-461D-8E95-2835492063F8}: [NameServer] 192.168.50.58 192.168.60.55
Tcpip\..\Interfaces\{315535D0-7EA5-4778-B1DD-71B6C36B6CE7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{34B61401-A53F-4036-81FA-45A6427291B9}: [NameServer] 192.168.50.58 192.168.60.55
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/9
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/9
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/9
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/9
SearchScopes: HKLM -> DefaultScope {8FF9B1E1-48D5-435C-AF5E-3B8D6F9806E2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {8FF9B1E1-48D5-435C-AF5E-3B8D6F9806E2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4003220337-2150668752-462664786-1002 -> DefaultScope {8FF9B1E1-48D5-435C-AF5E-3B8D6F9806E2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4003220337-2150668752-462664786-1002 -> {8FF9B1E1-48D5-435C-AF5E-3B8D6F9806E2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Pas de nom -> {089FD14D-132B-48FC-8861-0048AE113215} -> C:\Program Files\SiteAdvisor\6173\SiteAdv.dll [2007-08-28] ()
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12] (Hewlett-Packard)
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-12-03] (DigitalPersona, Inc.)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2017-09-07] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Toolbar: HKLM - McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll [2007-08-28] ()
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKU\S-1-5-21-4003220337-2150668752-462664786-1002 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4003220337-2150668752-462664786-1002 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\myRmProt4.9.2.358.dll [2009-11-17] (McAfee, Inc.)
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll [2007-08-28] ()
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2009-10-09] (Skype Technologies)
FireFox:
========
FF DefaultProfile: 0hr2je6x.default
FF ProfilePath: C:\Users\EL ALAMI\AppData\Roaming\Mozilla\Firefox\Profiles\0hr2je6x.default [2017-10-31]
FF Extension: (Autofill Forms) - C:\Users\EL ALAMI\AppData\Roaming\Mozilla\Firefox\Profiles\0hr2je6x.default\Extensions\autofillForms@blueimp.net.xpi [2017-07-10]
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-06-07] [non signé]
FF HKU\.DEFAULT\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6173\FF
FF Extension: (McAfee SiteAdvisor) - C:\Program Files\SiteAdvisor\6173\FF [2010-06-07] [non signé]
FF HKU\S-1-5-19\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6173\FF
FF HKU\S-1-5-20\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6173\FF
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.fr/
CHR NewTab: Default -> Not-active:"chrome-extension://pmcbjgaeoooknmebnbjmaalegeegdjid/stubby.html"
CHR Session Restore: Default -> est activé.
CHR Profile: C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default [2017-11-04]
CHR Extension: (Slides) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Docs) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-06]
CHR Extension: (YouTube) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-06]
CHR Extension: (Adobe Acrobat) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-30]
CHR Extension: (Sheets) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-04]
CHR Extension: (VideoConvert) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcbjgaeoooknmebnbjmaalegeegdjid [2016-10-01]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nagnmfhgkjkplbhplkbicmpkfopmnefp] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-11-02] (LSI Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2840768 2017-07-18] (Microsoft Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808 2009-11-25] (DigitalPersona, Inc.)
R2 EngineServer; C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe [14144 2009-06-03] (McAfee, Inc.)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-11-17] (Hewlett-Packard Ltd)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-03-24] (Hewlett-Packard) [Fichier non signé]
R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [102968 2009-12-16] (Hewlett-Packard)
R2 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-11-18] (Hewlett-Packard Development Company, L.P) [Fichier non signé]
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [90112 2010-05-10] (Hewlett-Packard Company) [Fichier non signé]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2009-12-16] (McAfee, Inc.)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [Fichier non signé]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [Fichier non signé]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [321760 2017-09-05] (McAfee, Inc.)
S2 McShield; C:\Program Files\McAfee\Managed VirusScan\VScan\McShield.exe [144704 2009-06-03] (McAfee, Inc.)
S2 Modem HDM EC156. RunOuc; C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 myAgtSvc; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [221024 2009-11-17] (McAfee, Inc.)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-10-23] (PDF Complete Inc)
R2 SiteAdvisor Service; C:\Program Files\SiteAdvisor\6173\SAService.exe [341280 2010-06-07] ()
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe [229458 2010-03-17] (IDT, Inc.)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1002472 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [17992 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [74816 2017-06-26] (McAfee, Inc.)
R2 uArcCapture; C:\windows\system32\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)
S2 vcsFPService; C:\windows\system32\vcsFPService.exe [1639728 2009-12-14] (Validity Sensors, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Afc; C:\windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [29824 2009-12-04] (ArcSoft, Inc.)
R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [286248 2010-03-18] (Broadcom Corporation.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv.sys [32312 2009-10-21] (Hewlett-Packard Development Company L.P.)
S3 MfeAVFK; C:\windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [40088 2009-12-16] (McAfee, Inc.)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [110520 2009-12-16] () [Fichier non signé]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51800 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [13256 2009-12-16] (McAfee, Inc.)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2009-12-18] ()
R3 vpcbus; C:\windows\System32\DRIVERS\vpchbus.sys [165376 2016-05-02] (Microsoft Corporation)
R1 vpcnfltr; C:\windows\System32\DRIVERS\vpcnfltr.sys [55040 2016-05-02] (Microsoft Corporation)
R3 vpcusb; C:\windows\System32\DRIVERS\vpcusb.sys [78336 2016-05-02] (Microsoft Corporation)
R1 vpcvmm; C:\windows\System32\drivers\vpcvmm.sys [295128 2009-12-01] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-04 07:31 - 2017-11-04 07:32 - 000025452 _____ C:\Users\EL ALAMI\Desktop\FRST.txt
2017-11-04 07:31 - 2017-11-04 07:31 - 000000000 ____D C:\FRST
2017-11-04 07:30 - 2017-11-04 07:30 - 001799680 _____ (Farbar) C:\Users\EL ALAMI\Desktop\frst 32.exe
2017-11-04 07:20 - 2017-11-04 07:21 - 002393600 _____ (Farbar) C:\Users\EL ALAMI\Desktop\FRST64-.exe
2017-11-04 07:18 - 2017-11-04 07:18 - 002403328 _____ (Farbar) C:\Users\EL ALAMI\Desktop\FRST64.exe
2017-11-04 06:17 - 2017-11-04 06:17 - 000002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-04 06:17 - 2017-11-04 06:17 - 000002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-04 06:12 - 2017-11-04 06:13 - 000000000 ____D C:\Users\EL ALAMI\AppData\Local\Deployment
2017-11-04 06:12 - 2017-11-04 06:12 - 000000000 ____D C:\Users\EL ALAMI\AppData\Local\Apps\2.0
2017-11-04 06:04 - 2017-11-04 06:04 - 000000000 ____D C:\windows\system32\appmgmt
2017-11-04 02:19 - 2017-11-04 02:19 - 000001758 __RSH C:\ProgramData\ntuser.pol
2017-10-25 17:05 - 2017-10-25 17:05 - 004137341 _____ C:\Users\EL ALAMI\Downloads\Rapport annuel de la cour des comptes, 2012 (version française) - global -.pdf
2017-10-17 12:43 - 2017-10-17 12:43 - 001308816 _____ C:\Users\EL ALAMI\Downloads\Humboldt-Verlag-Das-grose-Buch-der-Musterbriefe.pdf
2017-10-17 12:43 - 2017-10-17 12:43 - 000640729 _____ C:\Users\EL ALAMI\Downloads\DEUTSCH_perfekt_2007-05_Extra_-_Briefe_schreibe.pdf
2017-10-13 17:28 - 2017-10-13 17:28 - 000000035 _____ C:\Users\EL ALAMI\Downloads\dropbox (2)
2017-10-13 17:19 - 2017-10-13 17:19 - 000000035 _____ C:\Users\EL ALAMI\Downloads\dropbox (1)
2017-10-06 16:38 - 2017-10-06 16:38 - 001380021 _____ C:\Users\EL ALAMI\Downloads\Studienkolleg.pdf
2017-10-06 16:38 - 2017-10-06 16:38 - 000204842 _____ C:\Users\EL ALAMI\Downloads\2017-10-06_ZUL_bedingt_El Alami_Yassine_1999-03-03.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-04 06:16 - 2016-05-06 08:23 - 000000000 ____D C:\Program Files\Google
2017-11-04 06:10 - 2017-07-12 02:45 - 000000000 ____D C:\Users\EL ALAMI\AppData\Local\tkdata
2017-11-04 06:05 - 2017-08-25 23:14 - 000000000 ____D C:\Program Files\mozilla firefox
2017-11-04 02:55 - 2010-06-07 11:01 - 004905090 _____ C:\windows\system32\perfh00C.dat
2017-11-04 02:55 - 2010-06-07 11:01 - 001553010 _____ C:\windows\system32\perfc00C.dat
2017-11-04 02:55 - 2010-06-07 10:36 - 000006272 _____ C:\windows\system32\PerfStringBackup.INI
2017-11-04 02:55 - 2009-07-14 05:34 - 000020720 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-04 02:55 - 2009-07-14 05:34 - 000020720 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-04 02:52 - 2017-07-30 22:18 - 000000000 ____D C:\ProgramData\TEMP
2017-11-04 02:47 - 2017-07-11 07:34 - 000000000 ____D C:\Users\EL ALAMI\xhrkbqhx
2017-11-04 02:47 - 2010-06-07 10:48 - 000000000 ____D C:\ProgramData\HPQLOG
2017-11-04 02:46 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2017-11-04 02:19 - 2009-07-14 03:37 - 000000000 ___HD C:\windows\system32\GroupPolicy
2017-10-30 07:51 - 2016-09-12 22:55 - 000000000 ____D C:\Users\EL ALAMI\AppData\Roaming\vlc
2017-10-28 22:12 - 2009-07-14 03:37 - 000000000 ____D C:\windows\system32\NDF
==================== Fichiers à la racine de certains dossiers =======
2016-12-17 17:55 - 2017-06-26 18:52 - 000000117 _____ () C:\Users\EL ALAMI\AppData\Roaming\D2Info0
2016-12-17 17:55 - 2017-06-26 18:56 - 000000008 _____ () C:\Users\EL ALAMI\AppData\Roaming\DofusAppId0_1
2016-12-24 16:18 - 2017-01-29 22:44 - 000000008 _____ () C:\Users\EL ALAMI\AppData\Roaming\DofusAppId0_2
2017-07-27 23:14 - 2017-07-27 23:14 - 000000000 _____ () C:\Users\EL ALAMI\AppData\Roaming\Microsoft\E575.tmp
Certains fichiers dans TEMP:
====================
2016-05-01 16:16 - 2016-05-01 16:34 - 000426044 _____ (Hewlett-Packard Company) C:\Users\EL ALAMI\AppData\Local\Temp\CpqMC.dll
2016-12-17 18:10 - 2016-12-17 18:11 - 000049678 _____ () C:\Users\EL ALAMI\AppData\Local\Temp\uninstall.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\windows\explorer.exe => Le fichier est signé numériquement
C:\windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\windows\system32\wininit.exe => Le fichier est signé numériquement
C:\windows\system32\svchost.exe => Le fichier est signé numériquement
C:\windows\system32\services.exe => Le fichier est signé numériquement
C:\windows\system32\User32.dll => Le fichier est signé numériquement
C:\windows\system32\userinit.exe => Le fichier est signé numériquement
C:\windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
C:\windows\system32\drivers\SafeBoot.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
LastRegBack: 2017-10-10 02:12
==================== Fin de FRST.txt ============================
Exécuté par EL ALAMI (administrateur) sur ELALAMI-HP (04-11-2017 07:31:31)
Exécuté depuis C:\Users\EL ALAMI\Desktop
Profils chargés: EL ALAMI (Profils disponibles: EL ALAMI & lalalala)
Platform: Microsoft Windows 7 Professionnel (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\stacsv.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\AEstSrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(McAfee, Inc.) C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\ProgramData\Modem HDM EC156\OnlineUpdate\ouc.exe
(McAfee, Inc.) C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
() C:\Program Files\SiteAdvisor\6173\SiteAdv.exe
() C:\Program Files\SiteAdvisor\6173\SAService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(SFX TEAM) C:\Program Files\SuperCopier2\SuperCopier2.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
(Mozilla Corporation) C:\Program Files\mozilla firefox\tobedeleted\nsy2AA.tmp
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(ArcSoft, Inc.) C:\Windows\System32\uArcCapture.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtTry.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Intel Security) C:\Program Files\Intel Security\True Key\application\truekey.exe
(Intel Security) C:\Program Files\Intel Security\True Key\application\truekey.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\EL ALAMI\Desktop\frst 32.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-25] (Intel Corporation)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-10-23] (PDF Complete Inc)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1690680 2009-12-16] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-05-14] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [MVS Splash] => C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe [562496 2009-11-17] (McAfee, Inc.)
HKLM\...\Run: [McAfee Managed Services Tray] => C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe [95552 2009-11-17] (McAfee, Inc.)
HKLM\...\Run: [SiteAdvisor] => C:\Program Files\SiteAdvisor\6173\SiteAdv.exe [36640 2007-08-28] ()
HKLM\...\Run: [File Sanitizer] => C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-17] (IDT, Inc.)
HKLM\...\Run: [DTRun] => c:\Program Files\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [518656 2009-11-18] (ArcSoft Inc.)
HKLM\...\Run: [NortonOnlineBackupReminder] => C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP: C:\windows\system32\DeviceNP.dll [2009-11-17] (Hewlett-Packard Limited)
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\Run: [Skype] => C:\Program Files\Skype\\Phone\Skype.exe [25623336 2009-10-09] (Skype Technologies S.A.)
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\Run: [SuperCopier2.exe] => C:\Program Files\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {4d3b97be-79ae-11e6-9e1c-70f39584cc23} - D:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {4d3b97c1-79ae-11e6-9e1c-70f39584cc23} - H:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {9a609eb1-a361-11e6-af77-70f39584cc23} - D:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {9a609ec2-a361-11e6-af77-70f39584cc23} - H:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {9a609f0c-a361-11e6-af77-70f39584cc23} - D:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {9a609f36-a361-11e6-af77-70f39584cc23} - D:\AutoRun.exe
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\...\MountPoints2: {9a609f4c-a361-11e6-af77-70f39584cc23} - D:\AutoRun.exe
Lsa: [Notification Packages] DPPassFilter scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-05-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-25]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\EL ALAMI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hylxrdwb.exe [2017-09-16] ()
Startup: C:\Users\lalalala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hylxrdwb.exe [2016-11-17] (Avira GmbH)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-4003220337-2150668752-462664786-1002] => 10.10.21.1:3128
AutoConfigURL: [S-1-5-21-4003220337-2150668752-462664786-1002] => 10.10.21.1:3128
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{11B27633-B574-4C9A-B940-3F95BFB43242}: [NameServer] 192.168.50.58 192.168.60.55
Tcpip\..\Interfaces\{1B680F8D-F167-461D-8E95-2835492063F8}: [NameServer] 192.168.50.58 192.168.60.55
Tcpip\..\Interfaces\{315535D0-7EA5-4778-B1DD-71B6C36B6CE7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{34B61401-A53F-4036-81FA-45A6427291B9}: [NameServer] 192.168.50.58 192.168.60.55
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/9
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/9
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/9
HKU\S-1-5-21-4003220337-2150668752-462664786-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/9
SearchScopes: HKLM -> DefaultScope {8FF9B1E1-48D5-435C-AF5E-3B8D6F9806E2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {8FF9B1E1-48D5-435C-AF5E-3B8D6F9806E2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4003220337-2150668752-462664786-1002 -> DefaultScope {8FF9B1E1-48D5-435C-AF5E-3B8D6F9806E2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4003220337-2150668752-462664786-1002 -> {8FF9B1E1-48D5-435C-AF5E-3B8D6F9806E2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Pas de nom -> {089FD14D-132B-48FC-8861-0048AE113215} -> C:\Program Files\SiteAdvisor\6173\SiteAdv.dll [2007-08-28] ()
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12] (Hewlett-Packard)
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-12-03] (DigitalPersona, Inc.)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2017-09-07] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Toolbar: HKLM - McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll [2007-08-28] ()
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKU\S-1-5-21-4003220337-2150668752-462664786-1002 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4003220337-2150668752-462664786-1002 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\myRmProt4.9.2.358.dll [2009-11-17] (McAfee, Inc.)
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll [2007-08-28] ()
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2009-10-09] (Skype Technologies)
FireFox:
========
FF DefaultProfile: 0hr2je6x.default
FF ProfilePath: C:\Users\EL ALAMI\AppData\Roaming\Mozilla\Firefox\Profiles\0hr2je6x.default [2017-10-31]
FF Extension: (Autofill Forms) - C:\Users\EL ALAMI\AppData\Roaming\Mozilla\Firefox\Profiles\0hr2je6x.default\Extensions\autofillForms@blueimp.net.xpi [2017-07-10]
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-06-07] [non signé]
FF HKU\.DEFAULT\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6173\FF
FF Extension: (McAfee SiteAdvisor) - C:\Program Files\SiteAdvisor\6173\FF [2010-06-07] [non signé]
FF HKU\S-1-5-19\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6173\FF
FF HKU\S-1-5-20\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6173\FF
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.fr/
CHR NewTab: Default -> Not-active:"chrome-extension://pmcbjgaeoooknmebnbjmaalegeegdjid/stubby.html"
CHR Session Restore: Default -> est activé.
CHR Profile: C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default [2017-11-04]
CHR Extension: (Slides) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Docs) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-06]
CHR Extension: (YouTube) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-06]
CHR Extension: (Adobe Acrobat) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-30]
CHR Extension: (Sheets) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-04]
CHR Extension: (VideoConvert) - C:\Users\EL ALAMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcbjgaeoooknmebnbjmaalegeegdjid [2016-10-01]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nagnmfhgkjkplbhplkbicmpkfopmnefp] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-11-02] (LSI Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2840768 2017-07-18] (Microsoft Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808 2009-11-25] (DigitalPersona, Inc.)
R2 EngineServer; C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe [14144 2009-06-03] (McAfee, Inc.)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-11-17] (Hewlett-Packard Ltd)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-03-24] (Hewlett-Packard) [Fichier non signé]
R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [102968 2009-12-16] (Hewlett-Packard)
R2 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-11-18] (Hewlett-Packard Development Company, L.P) [Fichier non signé]
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [90112 2010-05-10] (Hewlett-Packard Company) [Fichier non signé]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2009-12-16] (McAfee, Inc.)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [Fichier non signé]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [Fichier non signé]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [321760 2017-09-05] (McAfee, Inc.)
S2 McShield; C:\Program Files\McAfee\Managed VirusScan\VScan\McShield.exe [144704 2009-06-03] (McAfee, Inc.)
S2 Modem HDM EC156. RunOuc; C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 myAgtSvc; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [221024 2009-11-17] (McAfee, Inc.)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-10-23] (PDF Complete Inc)
R2 SiteAdvisor Service; C:\Program Files\SiteAdvisor\6173\SAService.exe [341280 2010-06-07] ()
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe [229458 2010-03-17] (IDT, Inc.)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1002472 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [17992 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [74816 2017-06-26] (McAfee, Inc.)
R2 uArcCapture; C:\windows\system32\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)
S2 vcsFPService; C:\windows\system32\vcsFPService.exe [1639728 2009-12-14] (Validity Sensors, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Afc; C:\windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [29824 2009-12-04] (ArcSoft, Inc.)
R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [286248 2010-03-18] (Broadcom Corporation.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv.sys [32312 2009-10-21] (Hewlett-Packard Development Company L.P.)
S3 MfeAVFK; C:\windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [40088 2009-12-16] (McAfee, Inc.)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [110520 2009-12-16] () [Fichier non signé]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51800 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [13256 2009-12-16] (McAfee, Inc.)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2009-12-18] ()
R3 vpcbus; C:\windows\System32\DRIVERS\vpchbus.sys [165376 2016-05-02] (Microsoft Corporation)
R1 vpcnfltr; C:\windows\System32\DRIVERS\vpcnfltr.sys [55040 2016-05-02] (Microsoft Corporation)
R3 vpcusb; C:\windows\System32\DRIVERS\vpcusb.sys [78336 2016-05-02] (Microsoft Corporation)
R1 vpcvmm; C:\windows\System32\drivers\vpcvmm.sys [295128 2009-12-01] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-04 07:31 - 2017-11-04 07:32 - 000025452 _____ C:\Users\EL ALAMI\Desktop\FRST.txt
2017-11-04 07:31 - 2017-11-04 07:31 - 000000000 ____D C:\FRST
2017-11-04 07:30 - 2017-11-04 07:30 - 001799680 _____ (Farbar) C:\Users\EL ALAMI\Desktop\frst 32.exe
2017-11-04 07:20 - 2017-11-04 07:21 - 002393600 _____ (Farbar) C:\Users\EL ALAMI\Desktop\FRST64-.exe
2017-11-04 07:18 - 2017-11-04 07:18 - 002403328 _____ (Farbar) C:\Users\EL ALAMI\Desktop\FRST64.exe
2017-11-04 06:17 - 2017-11-04 06:17 - 000002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-04 06:17 - 2017-11-04 06:17 - 000002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-04 06:12 - 2017-11-04 06:13 - 000000000 ____D C:\Users\EL ALAMI\AppData\Local\Deployment
2017-11-04 06:12 - 2017-11-04 06:12 - 000000000 ____D C:\Users\EL ALAMI\AppData\Local\Apps\2.0
2017-11-04 06:04 - 2017-11-04 06:04 - 000000000 ____D C:\windows\system32\appmgmt
2017-11-04 02:19 - 2017-11-04 02:19 - 000001758 __RSH C:\ProgramData\ntuser.pol
2017-10-25 17:05 - 2017-10-25 17:05 - 004137341 _____ C:\Users\EL ALAMI\Downloads\Rapport annuel de la cour des comptes, 2012 (version française) - global -.pdf
2017-10-17 12:43 - 2017-10-17 12:43 - 001308816 _____ C:\Users\EL ALAMI\Downloads\Humboldt-Verlag-Das-grose-Buch-der-Musterbriefe.pdf
2017-10-17 12:43 - 2017-10-17 12:43 - 000640729 _____ C:\Users\EL ALAMI\Downloads\DEUTSCH_perfekt_2007-05_Extra_-_Briefe_schreibe.pdf
2017-10-13 17:28 - 2017-10-13 17:28 - 000000035 _____ C:\Users\EL ALAMI\Downloads\dropbox (2)
2017-10-13 17:19 - 2017-10-13 17:19 - 000000035 _____ C:\Users\EL ALAMI\Downloads\dropbox (1)
2017-10-06 16:38 - 2017-10-06 16:38 - 001380021 _____ C:\Users\EL ALAMI\Downloads\Studienkolleg.pdf
2017-10-06 16:38 - 2017-10-06 16:38 - 000204842 _____ C:\Users\EL ALAMI\Downloads\2017-10-06_ZUL_bedingt_El Alami_Yassine_1999-03-03.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-04 06:16 - 2016-05-06 08:23 - 000000000 ____D C:\Program Files\Google
2017-11-04 06:10 - 2017-07-12 02:45 - 000000000 ____D C:\Users\EL ALAMI\AppData\Local\tkdata
2017-11-04 06:05 - 2017-08-25 23:14 - 000000000 ____D C:\Program Files\mozilla firefox
2017-11-04 02:55 - 2010-06-07 11:01 - 004905090 _____ C:\windows\system32\perfh00C.dat
2017-11-04 02:55 - 2010-06-07 11:01 - 001553010 _____ C:\windows\system32\perfc00C.dat
2017-11-04 02:55 - 2010-06-07 10:36 - 000006272 _____ C:\windows\system32\PerfStringBackup.INI
2017-11-04 02:55 - 2009-07-14 05:34 - 000020720 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-04 02:55 - 2009-07-14 05:34 - 000020720 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-04 02:52 - 2017-07-30 22:18 - 000000000 ____D C:\ProgramData\TEMP
2017-11-04 02:47 - 2017-07-11 07:34 - 000000000 ____D C:\Users\EL ALAMI\xhrkbqhx
2017-11-04 02:47 - 2010-06-07 10:48 - 000000000 ____D C:\ProgramData\HPQLOG
2017-11-04 02:46 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2017-11-04 02:19 - 2009-07-14 03:37 - 000000000 ___HD C:\windows\system32\GroupPolicy
2017-10-30 07:51 - 2016-09-12 22:55 - 000000000 ____D C:\Users\EL ALAMI\AppData\Roaming\vlc
2017-10-28 22:12 - 2009-07-14 03:37 - 000000000 ____D C:\windows\system32\NDF
==================== Fichiers à la racine de certains dossiers =======
2016-12-17 17:55 - 2017-06-26 18:52 - 000000117 _____ () C:\Users\EL ALAMI\AppData\Roaming\D2Info0
2016-12-17 17:55 - 2017-06-26 18:56 - 000000008 _____ () C:\Users\EL ALAMI\AppData\Roaming\DofusAppId0_1
2016-12-24 16:18 - 2017-01-29 22:44 - 000000008 _____ () C:\Users\EL ALAMI\AppData\Roaming\DofusAppId0_2
2017-07-27 23:14 - 2017-07-27 23:14 - 000000000 _____ () C:\Users\EL ALAMI\AppData\Roaming\Microsoft\E575.tmp
Certains fichiers dans TEMP:
====================
2016-05-01 16:16 - 2016-05-01 16:34 - 000426044 _____ (Hewlett-Packard Company) C:\Users\EL ALAMI\AppData\Local\Temp\CpqMC.dll
2016-12-17 18:10 - 2016-12-17 18:11 - 000049678 _____ () C:\Users\EL ALAMI\AppData\Local\Temp\uninstall.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\windows\explorer.exe => Le fichier est signé numériquement
C:\windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\windows\system32\wininit.exe => Le fichier est signé numériquement
C:\windows\system32\svchost.exe => Le fichier est signé numériquement
C:\windows\system32\services.exe => Le fichier est signé numériquement
C:\windows\system32\User32.dll => Le fichier est signé numériquement
C:\windows\system32\userinit.exe => Le fichier est signé numériquement
C:\windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
C:\windows\system32\drivers\SafeBoot.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
LastRegBack: 2017-10-10 02:12
==================== Fin de FRST.txt ============================