Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Exécuté par E083646U (administrateur) sur EVA-HP (09-11-2017 09:25:25)
Exécuté depuis C:\Users\Eva\Desktop
Profils chargés: E083646U (Profils disponibles: E083646U)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avpsus.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
() C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\vapm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2016-02-29] (Broadcom Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-09-04] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-09-18] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-08-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-01-27] (Intel Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Mirage] => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-08-07] (CyberLink Corp.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2013-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1193728 2017-02-15] (PDF Complete Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\...\Run: [KLPkInst_8417b04f-b8ea-4182-8358-bbb168544a89] => "C:\Users\Eva\Downloads\kes10-setup-recherche.exe" -KLPI$ID 8417b04f-b8ea-4182-8358-bbb168544a89 -tl 4
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\...\Run: [Office Timeline Performance Helper] => C:\Program Files (x86)\Office Timeline\Current\OfficeTimelineStartup.exe [15432 2016-08-26] (OfficeTimeline LLC)
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [15669896 2017-10-26] (NordVPN)
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\...\MountPoints2: {5007aa06-b5a5-11e7-85be-f528b3cbf70e} - H:\HiSuiteDownLoader.exe
Lsa: [Notification Packages] DPPassFilter scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-02-29]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 platform wondershare.com
Tcpip\Parameters: [DhcpNameServer] 192.168.80.1
Tcpip\..\Interfaces\{1C4BBCFE-265D-4F6F-A4E3-2A5DAF7AC823}: [DhcpNameServer] 172.16.1.20 172.16.1.10 172.26.4.20
Tcpip\..\Interfaces\{53F7E8D7-4F17-4818-805C-4F894AD48D75}: [DhcpNameServer] 192.168.80.1
Tcpip\..\Interfaces\{9D08772B-F553-4C08-BF54-929D0B527E32}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/9
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/9
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/9
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/9
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/9
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/9
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-08] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-08] (Oracle Corporation)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-08-07] (Hewlett-Packard)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-10] (Hewlett-Packard)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: xqm8f7c8.default
FF DefaultProfile: ywcnbywg.default
FF ProfilePath: C:\Users\Eva\AppData\Roaming\Zotero\Zotero\Profiles\xqm8f7c8.default [2017-11-03]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2016-04-01] [non signé]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2016-04-01] [non signé]
FF ProfilePath: C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default [2017-11-06]
FF NetworkProxy: Mozilla\Firefox\Profiles\ywcnbywg.default -> autoconfig_url", "hxxp://cache.wifi.univ-nantes.fr/"
FF NetworkProxy: Mozilla\Firefox\Profiles\ywcnbywg.default -> http", "cache.wifi.univ-nantes.fr"
FF NetworkProxy: Mozilla\Firefox\Profiles\ywcnbywg.default -> http_port", 3128
FF NetworkProxy: Mozilla\Firefox\Profiles\ywcnbywg.default -> socks_remote_dns", true
FF NetworkProxy: Mozilla\Firefox\Profiles\ywcnbywg.default -> type", 4
FF Extension: (adblockgmail) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\jid1-dswFGkUjb2SIHv@jetpack.xpi [2017-03-30]
FF Extension: (AdBlocker for Facebook™) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\jid1-dwtGBwQjx3SUQc@jetpack.xpi [2017-03-30]
FF Extension: (AdBlocker for YouTube™) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2017-09-13]
FF Extension: (youtubetmadblock) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\jid1-w4wG5nJhx4LJZr@jetpack.xpi [2017-03-30]
FF Extension: (Qwant for Firefox) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\qwantcomforfirefox@jetpack.xpi [2017-03-30]
FF Extension: (Simple Mail) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\simplemail@telega.phpnet.us [2016-10-25]
FF Extension: (Zotero Bibliography Locale Switcher) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\zotbiblioswitchlocal@somwhere.org.xpi [2016-04-28]
FF Extension: (Zotero) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\zotero@chnm.gmu.edu.xpi [2017-10-05]
FF Extension: (ZotFile) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\zotfile@columbia.edu.xpi [2017-03-31]
FF Extension: (Zutilo Utility for Zotero) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\zutilo@www.wesailatdawn.com.xpi [2017-07-17]
FF Extension: (Adblock Plus) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-06]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (DPChrome) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-02-29] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-11-01] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-11-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-08] (Google Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2013-09-14] (DigitalPersona, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default [2017-11-09]
CHR Extension: (Bitmotion - New Tab) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\iinglghmhcgdgjjlafobajghjamdchik [2017-11-09]
CHR Extension: (Extension DigitalPersona) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2017-11-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-09]
CHR Extension: (Chrome Media Router) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-09]
CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2013-09-14]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe [2106664 2017-03-13] (AO Kaspersky Lab)
R2 avpsus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avpsus.exe [2692512 2017-03-13] (AO Kaspersky Lab)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2013-08-14] () [Fichier non signé]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-18] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-18] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-23] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-11-01] (Dropbox, Inc.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2013-09-14] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [567608 2013-09-06] (Hewlett-Packard Company)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-06-08] (Hewlett-Packard Company) [Fichier non signé]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-08-01] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 klnagent; C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe [166288 2017-01-19] (AO Kaspersky Lab)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [Fichier non signé]
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [416904 2017-10-26] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719552 2017-02-15] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [Fichier non signé]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-26] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2016-02-29] (Broadcom Corporation) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2012-09-24] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
S2 cvintdrv; C:\Windows\SysWow64\Drivers\cvintdrv.sys [4096 2006-04-10] () [Fichier non signé]
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-06-13] (Hewlett-Packard Company)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-07-13] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [197344 2017-03-11] (AO Kaspersky Lab)
R1 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [53528 2016-12-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [310256 2017-03-11] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1077984 2017-03-11] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50008 2016-10-01] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-10-01] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [73112 2016-10-12] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [135904 2017-02-01] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [200784 2016-10-09] (AO Kaspersky Lab)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-08-22] (WinMagic Inc.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [228544 2013-08-22] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131264 2013-08-22] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-04] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [34544 2013-09-04] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1512952 2013-08-20] (Sunplus)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2016-10-17] (The OpenVPN Project)
R3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [75088 2017-03-29] (The OpenVPN Project)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [121248 2016-08-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [195936 2016-08-16] (Oracle Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-09 07:20 - 2017-11-09 07:21 - 002929024 _____ C:\Users\Eva\Desktop\ZHPDiag3.exe
2017-11-09 07:14 - 2017-11-09 07:28 - 000000000 ____D C:\Users\Eva\Desktop\virus
2017-11-08 23:23 - 2017-11-08 23:23 - 000002200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-08 23:23 - 2017-11-08 23:23 - 000002188 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-08 23:22 - 2017-11-08 23:22 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-08 23:22 - 2017-11-08 23:22 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-08 23:15 - 2017-11-08 23:18 - 000055793 _____ C:\Users\Eva\Desktop\Addition.txt
2017-11-08 23:15 - 2017-11-08 23:15 - 001622528 _____ C:\Users\Eva\Desktop\ResetBrowser.exe
2017-11-08 23:14 - 2017-11-09 09:25 - 000027689 _____ C:\Users\Eva\Desktop\FRST.txt
2017-11-08 23:13 - 2017-11-09 09:25 - 000000000 ____D C:\FRST
2017-11-08 23:13 - 2017-11-08 23:13 - 002403328 _____ (Farbar) C:\Users\Eva\Desktop\FRST64.exe
2017-11-08 23:13 - 2017-11-08 23:13 - 000000000 ____D C:\Users\Eva\Desktop\FRST-OlderVersion
2017-11-08 22:50 - 2017-11-08 22:50 - 000000834 _____ C:\Users\Eva\Desktop\ZHPCleaner.lnk
2017-11-08 22:41 - 2017-11-09 07:22 - 000000000 ____D C:\Users\Eva\AppData\Roaming\ZHP
2017-11-08 22:41 - 2017-11-09 07:21 - 000000824 _____ C:\Users\Eva\Desktop\ZHPDiag.lnk
2017-11-08 22:41 - 2017-11-08 22:50 - 000000000 ____D C:\Users\Eva\AppData\Local\ZHP
2017-11-08 22:41 - 2017-11-08 22:41 - 002900480 _____ C:\Users\Eva\Downloads\zhpdiag_v2017.10.9.179.exe
2017-11-06 18:36 - 2017-11-06 18:37 - 000000000 ____D C:\ProgramData\NordVpn
2017-11-06 18:36 - 2017-11-06 18:36 - 000001920 _____ C:\Users\Public\Desktop\NordVPN.lnk
2017-11-06 18:36 - 2017-11-06 18:36 - 000000000 ____D C:\ProgramData\Caphyon
2017-11-06 18:35 - 2017-11-06 18:36 - 000000000 ____D C:\Users\Eva\AppData\Local\NordVPN
2017-11-06 18:35 - 2017-11-06 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2017-11-06 18:35 - 2017-11-06 18:35 - 000000000 ____D C:\Program Files (x86)\NordVPN
2017-11-06 18:34 - 2017-11-06 18:36 - 000000000 ____D C:\Users\Eva\AppData\Roaming\NordVPN
2017-11-06 18:34 - 2017-11-06 18:35 - 000000000 ____D C:\Program Files\TAP-NordVPN
2017-11-06 18:33 - 2017-11-06 18:34 - 024328176 _____ (NordVPN) C:\Users\Eva\Downloads\NordVPNSetup.exe
2017-11-06 09:28 - 2017-11-06 09:28 - 000079215 _____ C:\Users\Eva\Desktop\Eva COINTET_201711060922.pdf
2017-11-05 22:11 - 2017-11-05 22:11 - 000108447 _____ C:\Users\Eva\Downloads\telereglement_THCAP_20171105_221135.pdf
2017-11-03 20:55 - 2017-11-03 20:55 - 000073153 _____ C:\Users\Eva\Downloads\valerian.and.the.city.of.a.thousandanets.2017.720p.torrent
2017-11-03 20:17 - 2017-11-03 20:52 - 3043898810 _____ C:\Users\Eva\Downloads\Valérian.Et.La.Cité.Des.Mille.Planètes.2017.720p.TRUEFRENCH.HC.HDRip.MD.x264-SKRiN.WwW.Zone-Telechargement.Ws.mkv
2017-11-03 20:05 - 2017-11-03 20:07 - 183780216 _____ C:\Users\Eva\Downloads\Modern.Family.S09E06.VOSTFR.HDTV.XviD-ZT.WwW.Zone-Telechargement.Ws.avi
2017-11-03 19:44 - 2017-11-03 20:09 - 367031046 _____ C:\Users\Eva\Downloads\Greys.Anatomy.S14E06.SUBFRENCH.WEB-DL.XviD-ZT.WwW.Zone-Telechargement.Ws.avi
2017-11-03 09:05 - 2017-11-03 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-02 17:46 - 2017-11-02 17:46 - 000065230 _____ C:\Users\Eva\Downloads\Notion heure equivalent TD.pdf
2017-11-02 13:56 - 2017-11-02 13:56 - 000134969 _____ C:\Users\Eva\Downloads\Annexe 1- Questionnaire gracieux- version septembre 2016 (2).pdf
2017-11-01 12:58 - 2017-11-01 12:58 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-11-01 12:58 - 2017-11-01 12:58 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-11-01 10:55 - 2017-11-01 10:57 - 000000000 ____D C:\Users\Eva\Downloads\Blue.Planet.II.S01E01.One.Ocean.1080p.AMZN.WEBRip.DDP5.1.x264-NTb[rarbg]
2017-11-01 10:54 - 2017-11-01 19:43 - 000000000 ____D C:\Users\Eva\AppData\LocalLow\uTorrent
2017-10-30 19:20 - 2017-10-30 19:20 - 000000000 ____D C:\Users\Eva\Downloads\Brads.Status.2017.720p.KORSUB.HDRip.x264.AAC2.0-STUTTERSHIT
2017-10-30 19:19 - 2017-10-30 19:21 - 000000000 ____D C:\Users\Eva\Downloads\Ingrid.Goes.West.2017.1080p.BluRay.x264-GECKOS[rarbg]
2017-10-30 19:19 - 2017-10-30 19:19 - 000000000 ____D C:\Users\Eva\Downloads\OtherLife.2017.1080p.NF.WEBRip.DD5.1.x264-QOQ
2017-10-30 16:55 - 2017-10-30 16:56 - 000000000 ____D C:\Users\Eva\Desktop\primer
2017-10-30 16:53 - 2017-10-30 16:53 - 000000000 ____D C:\Users\Eva\Desktop\paper
2017-10-29 20:15 - 2017-10-29 20:15 - 000000000 ____D C:\Users\Eva\Desktop\projet film
2017-10-29 19:05 - 2017-10-29 19:07 - 000000000 ____D C:\ProgramData\Wondershare
2017-10-29 19:01 - 2017-10-29 19:01 - 000000955 _____ C:\Users\Public\Desktop\Wondershare Filmora.lnk
2017-10-29 19:01 - 2017-10-29 19:01 - 000000000 ____D C:\Users\Eva\AppData\Local\Wondershare
2017-10-29 19:01 - 2017-10-29 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-10-29 19:00 - 2017-10-29 20:15 - 000000000 ____D C:\Users\Eva\Documents\Wondershare Filmora
2017-10-29 19:00 - 2017-10-29 19:00 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2017-10-29 19:00 - 2017-10-29 19:00 - 000000000 ____D C:\Program Files\Wondershare
2017-10-29 19:00 - 2017-03-17 11:43 - 001250304 _____ (CineForm Inc.) C:\Windows\system32\CFDecode64.ax
2017-10-29 18:52 - 2017-10-29 18:54 - 000000000 ____D C:\Users\Eva\Downloads\Wondershare Filmora 8.4.0.1 (x64) + Keygen [CracksMind]
2017-10-29 18:46 - 2017-10-29 18:46 - 008249808 _____ (Malwarebytes) C:\Users\Eva\Downloads\adwcleaner_7-0-3-0_fr_430277.exe
2017-10-29 18:38 - 2017-10-29 18:38 - 000001734 __RSH C:\ProgramData\ntuser.pol
2017-10-29 17:39 - 2017-10-29 17:39 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2017-10-29 13:42 - 2017-10-29 13:42 - 000000000 ____D C:\Users\Eva\Downloads\The.Heyday.of.the.Insensitive.Bastards.2017.WEB-DL.x264-FGT
2017-10-29 13:29 - 2017-10-30 15:04 - 729167300 _____ C:\Users\Eva\Downloads\[ Torrent9.tv ] Un.Profil.Pour.Deux.2017.FRENCH.HDRip.XviD-EXTREME.avi
2017-10-29 13:28 - 2017-10-29 13:29 - 000000000 ____D C:\Users\Eva\Downloads\The.Shack.2017.1080p.BluRay.H264.AAC-RARBG
2017-10-29 13:28 - 2017-10-29 13:28 - 000030641 _____ C:\Users\Eva\Downloads\un-profil-pour-deux-french-webrip-2017.torrent
2017-10-29 13:27 - 2017-10-30 19:37 - 734355256 _____ C:\Users\Eva\Downloads\[ Torrent9.tv ] Les.Ex.2017.FRENCH.HDRip.XviD-GZR.avi
2017-10-29 13:27 - 2017-10-30 19:33 - 727802802 _____ C:\Users\Eva\Downloads\[ Torrent9.tv ] Comment.J.Ai.Rencontre.Mon.Pere.2017.FRENCH.HDRip.XviD-CR4ZYTiME.avi
2017-10-29 13:27 - 2017-10-29 13:27 - 000030824 _____ C:\Users\Eva\Downloads\les-ex-french-webrip-2017.torrent
2017-10-29 13:27 - 2017-10-29 13:27 - 000030615 _____ C:\Users\Eva\Downloads\comment-j-ai-rencontre-mon-pere-french-webrip-2017.torrent
2017-10-29 13:26 - 2017-10-29 13:26 - 000058934 _____ C:\Users\Eva\Downloads\ce-qui-nous-lie-french-dvdrip-2017.torrent
2017-10-18 19:30 - 2017-10-18 19:34 - 742438700 _____ C:\Users\Eva\Downloads\[ Torrent9.tv ] The.Other.Side.of.Hope.2017.FRENCH.BDRip.XviD.ACOOL.avi
2017-10-18 19:30 - 2017-10-18 19:30 - 000031018 _____ C:\Users\Eva\Downloads\l-autre-cote-de-l-espoir-french-dvdrip-2017.torrent
2017-10-16 14:47 - 2017-10-16 14:47 - 012742670 _____ C:\Users\Eva\Downloads\get.pdf
2017-10-15 15:54 - 2017-10-15 15:55 - 000000000 ____D C:\Users\Eva\Downloads\Modern.Family.S09E03.720p.HDTV.x264-AVS[rarbg]
2017-10-13 18:55 - 2017-10-13 18:55 - 000030492 _____ C:\Users\Eva\Downloads\marie-francine-french-dvdrip-2017.torrent
2017-10-13 18:46 - 2017-10-15 15:22 - 000000000 ____D C:\Users\Eva\Downloads\6.Below.Miracle.on.the.Mountain.2017.1080p.WEB-DL.DD5.1.H264-FGT
2017-10-13 18:39 - 2017-10-13 18:55 - 000000000 ____D C:\Users\Eva\Downloads\American.Made.2017.720p.KORSUB.HDRip.x264.AAC2.0-STUTTERSHIT
2017-10-12 22:24 - 2017-10-12 22:24 - 000017501 _____ C:\Users\Eva\Downloads\point compta date inventaire.odt
2017-10-10 19:40 - 2017-10-10 19:41 - 000000000 ____D C:\Users\Eva\Downloads\The.Big.Bang.Theory.S11E03.HDTV.x264-LOL[rarbg]
2017-10-10 19:39 - 2017-10-10 19:40 - 000011106 _____ C:\Users\Eva\Downloads\The.Big.Bang.Theory.S11E03.HDTV.x264-LOL[rartv]-[rarbg.to] (3).torrent
2017-10-10 19:39 - 2017-10-10 19:39 - 000011106 _____ C:\Users\Eva\Downloads\The.Big.Bang.Theory.S11E03.HDTV.x264-LOL[rartv]-[rarbg.to].torrent
2017-10-10 19:39 - 2017-10-10 19:39 - 000011106 _____ C:\Users\Eva\Downloads\The.Big.Bang.Theory.S11E03.HDTV.x264-LOL[rartv]-[rarbg.to] (2).torrent
2017-10-10 19:39 - 2017-10-10 19:39 - 000011106 _____ C:\Users\Eva\Downloads\The.Big.Bang.Theory.S11E03.HDTV.x264-LOL[rartv]-[rarbg.to] (1).torrent
2017-10-10 17:19 - 2017-10-10 17:19 - 000147302 _____ C:\Users\Eva\Downloads\Questionnaire gracieux (1).pdf
2017-10-10 17:16 - 2017-10-10 17:16 - 000134969 _____ C:\Users\Eva\Downloads\Annexe 1- Questionnaire gracieux- version septembre 2016 (1).pdf
2017-10-10 10:33 - 2017-10-10 10:33 - 000777345 _____ C:\Users\Eva\Downloads\gumbi2016.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-09 09:21 - 2016-03-11 09:32 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-11-09 09:21 - 2013-10-26 23:44 - 000000000 ____D C:\ProgramData\PDFC
2017-11-09 09:20 - 2016-06-23 10:01 - 000001186 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-09 09:20 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-09 07:26 - 2016-02-29 19:54 - 000748608 _____ C:\Windows\system32\perfh00C.dat
2017-11-09 07:26 - 2016-02-29 19:54 - 000150598 _____ C:\Windows\system32\perfc00C.dat
2017-11-09 07:26 - 2009-07-14 06:13 - 001671678 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-09 07:26 - 2009-07-14 05:45 - 000037408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-09 07:26 - 2009-07-14 05:45 - 000037408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-09 07:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-09 07:16 - 2017-03-01 18:49 - 000000000 ____D C:\AdwCleaner
2017-11-09 07:03 - 2016-06-23 10:01 - 000001190 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-08 23:23 - 2016-03-10 10:02 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-08 23:18 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-11-08 22:34 - 2017-10-03 20:52 - 000000000 ____D C:\Users\Eva\AppData\LocalLow\MyMusicTeacher
2017-11-08 17:14 - 2016-03-14 14:57 - 000000000 ____D C:\Users\Eva\Desktop\Thèse 2016
2017-11-07 18:11 - 2016-04-06 09:08 - 000000000 ____D C:\Users\Eva\AppData\Roaming\RStudio
2017-11-07 18:11 - 2016-04-06 09:06 - 000000000 ____D C:\Users\Eva\AppData\Local\RStudio-Desktop
2017-11-07 18:03 - 2016-11-29 14:25 - 000000000 ____D C:\Users\Eva\Desktop\R_FTIR
2017-11-07 17:51 - 2016-05-11 09:13 - 000000204 _____ C:\Windows\SysWOW64\eigldqw.dll
2017-11-07 17:51 - 2016-05-11 09:13 - 000000100 _____ C:\Windows\SysWOW64\prsgrc.dll
2017-11-07 17:49 - 2017-02-16 10:09 - 000144384 _____ C:\Users\Eva\AppData\Local\WebpageIcons.db
2017-11-07 17:40 - 2016-03-10 10:01 - 000000000 ____D C:\Users\Eva\AppData\Local\Deployment
2017-11-04 21:09 - 2016-03-21 17:59 - 000000000 ____D C:\Users\Eva\AppData\Roaming\vlc
2017-11-03 09:05 - 2016-06-23 10:01 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-11-02 13:57 - 2016-08-22 09:05 - 000000000 ____D C:\Users\Eva\Desktop\doc perso
2017-11-01 20:25 - 2016-09-29 09:54 - 000004624 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-01 20:25 - 2016-05-11 10:21 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-01 20:25 - 2013-10-26 23:44 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-01 20:25 - 2013-10-26 23:44 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-01 20:25 - 2013-10-26 23:44 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-01 20:25 - 2013-10-26 23:44 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-01 10:36 - 2017-09-29 14:25 - 000000000 ____D C:\Users\Eva\Desktop\doc formation
2017-11-01 10:31 - 2017-01-16 12:07 - 000000000 ____D C:\Users\Eva\Desktop\dossier vacation
2017-10-30 16:56 - 2016-08-22 09:05 - 000000000 ____D C:\Users\Eva\Desktop\doc these
2017-10-30 16:47 - 2017-03-30 14:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-30 16:47 - 2009-07-14 05:45 - 000453272 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-29 19:04 - 2016-03-10 08:43 - 000112304 _____ C:\Users\Eva\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-29 19:01 - 2017-07-03 09:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-10 13:38 - 2016-05-18 09:44 - 000000000 ____D C:\Users\Eva\Documents\MATLAB
==================== Fichiers à la racine de certains dossiers =======
2016-03-10 15:31 - 2016-03-10 15:59 - 006871040 _____ () C:\Program Files (x86)\GUT2ECF.tmp
2016-03-14 19:15 - 2016-03-14 19:15 - 000000038 ___SH () C:\Users\Eva\AppData\Local\16296312794fa2e97660bc35.82888684
2017-02-16 10:09 - 2017-11-07 17:49 - 000144384 _____ () C:\Users\Eva\AppData\Local\WebpageIcons.db
Certains fichiers dans TEMP:
====================
2017-08-03 11:26 - 2017-08-03 11:52 - 000000000 _____ () C:\Users\Eva\AppData\Local\Temp\{440B0E67-8DF0-49D4-96D2-F8308A26FB94}-DropboxClient_31.4.24.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-11-01 20:49
==================== Fin de FRST.txt ============================
Exécuté par E083646U (administrateur) sur EVA-HP (09-11-2017 09:25:25)
Exécuté depuis C:\Users\Eva\Desktop
Profils chargés: E083646U (Profils disponibles: E083646U)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avpsus.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
() C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\vapm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2016-02-29] (Broadcom Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-09-04] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-09-18] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-08-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-01-27] (Intel Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Mirage] => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-08-07] (CyberLink Corp.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2013-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1193728 2017-02-15] (PDF Complete Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\...\Run: [KLPkInst_8417b04f-b8ea-4182-8358-bbb168544a89] => "C:\Users\Eva\Downloads\kes10-setup-recherche.exe" -KLPI$ID 8417b04f-b8ea-4182-8358-bbb168544a89 -tl 4
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\...\Run: [Office Timeline Performance Helper] => C:\Program Files (x86)\Office Timeline\Current\OfficeTimelineStartup.exe [15432 2016-08-26] (OfficeTimeline LLC)
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [15669896 2017-10-26] (NordVPN)
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\...\MountPoints2: {5007aa06-b5a5-11e7-85be-f528b3cbf70e} - H:\HiSuiteDownLoader.exe
Lsa: [Notification Packages] DPPassFilter scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-02-29]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 platform wondershare.com
Tcpip\Parameters: [DhcpNameServer] 192.168.80.1
Tcpip\..\Interfaces\{1C4BBCFE-265D-4F6F-A4E3-2A5DAF7AC823}: [DhcpNameServer] 172.16.1.20 172.16.1.10 172.26.4.20
Tcpip\..\Interfaces\{53F7E8D7-4F17-4818-805C-4F894AD48D75}: [DhcpNameServer] 192.168.80.1
Tcpip\..\Interfaces\{9D08772B-F553-4C08-BF54-929D0B527E32}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/9
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/9
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/9
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/9
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/9
HKU\S-1-5-21-4166212848-265551831-3872078236-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/9
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-08] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-08] (Oracle Corporation)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-08-07] (Hewlett-Packard)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-10] (Hewlett-Packard)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: xqm8f7c8.default
FF DefaultProfile: ywcnbywg.default
FF ProfilePath: C:\Users\Eva\AppData\Roaming\Zotero\Zotero\Profiles\xqm8f7c8.default [2017-11-03]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2016-04-01] [non signé]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2016-04-01] [non signé]
FF ProfilePath: C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default [2017-11-06]
FF NetworkProxy: Mozilla\Firefox\Profiles\ywcnbywg.default -> autoconfig_url", "hxxp://cache.wifi.univ-nantes.fr/"
FF NetworkProxy: Mozilla\Firefox\Profiles\ywcnbywg.default -> http", "cache.wifi.univ-nantes.fr"
FF NetworkProxy: Mozilla\Firefox\Profiles\ywcnbywg.default -> http_port", 3128
FF NetworkProxy: Mozilla\Firefox\Profiles\ywcnbywg.default -> socks_remote_dns", true
FF NetworkProxy: Mozilla\Firefox\Profiles\ywcnbywg.default -> type", 4
FF Extension: (adblockgmail) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\jid1-dswFGkUjb2SIHv@jetpack.xpi [2017-03-30]
FF Extension: (AdBlocker for Facebook™) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\jid1-dwtGBwQjx3SUQc@jetpack.xpi [2017-03-30]
FF Extension: (AdBlocker for YouTube™) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2017-09-13]
FF Extension: (youtubetmadblock) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\jid1-w4wG5nJhx4LJZr@jetpack.xpi [2017-03-30]
FF Extension: (Qwant for Firefox) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\qwantcomforfirefox@jetpack.xpi [2017-03-30]
FF Extension: (Simple Mail) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\simplemail@telega.phpnet.us [2016-10-25]
FF Extension: (Zotero Bibliography Locale Switcher) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\zotbiblioswitchlocal@somwhere.org.xpi [2016-04-28]
FF Extension: (Zotero) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\zotero@chnm.gmu.edu.xpi [2017-10-05]
FF Extension: (ZotFile) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\zotfile@columbia.edu.xpi [2017-03-31]
FF Extension: (Zutilo Utility for Zotero) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\zutilo@www.wesailatdawn.com.xpi [2017-07-17]
FF Extension: (Adblock Plus) - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\ywcnbywg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-06]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (DPChrome) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-02-29] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-11-01] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-11-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-08] (Google Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2013-09-14] (DigitalPersona, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default [2017-11-09]
CHR Extension: (Bitmotion - New Tab) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\iinglghmhcgdgjjlafobajghjamdchik [2017-11-09]
CHR Extension: (Extension DigitalPersona) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2017-11-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-09]
CHR Extension: (Chrome Media Router) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-09]
CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2013-09-14]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe [2106664 2017-03-13] (AO Kaspersky Lab)
R2 avpsus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avpsus.exe [2692512 2017-03-13] (AO Kaspersky Lab)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2013-08-14] () [Fichier non signé]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-18] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-18] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-23] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-11-01] (Dropbox, Inc.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2013-09-14] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [567608 2013-09-06] (Hewlett-Packard Company)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-06-08] (Hewlett-Packard Company) [Fichier non signé]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-08-01] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 klnagent; C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe [166288 2017-01-19] (AO Kaspersky Lab)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [Fichier non signé]
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [416904 2017-10-26] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719552 2017-02-15] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [Fichier non signé]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-26] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2016-02-29] (Broadcom Corporation) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2012-09-24] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
S2 cvintdrv; C:\Windows\SysWow64\Drivers\cvintdrv.sys [4096 2006-04-10] () [Fichier non signé]
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-06-13] (Hewlett-Packard Company)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-07-13] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [197344 2017-03-11] (AO Kaspersky Lab)
R1 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [53528 2016-12-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [310256 2017-03-11] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1077984 2017-03-11] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50008 2016-10-01] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-10-01] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [73112 2016-10-12] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [135904 2017-02-01] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [200784 2016-10-09] (AO Kaspersky Lab)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-08-22] (WinMagic Inc.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [228544 2013-08-22] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131264 2013-08-22] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-04] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [34544 2013-09-04] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1512952 2013-08-20] (Sunplus)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2016-10-17] (The OpenVPN Project)
R3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [75088 2017-03-29] (The OpenVPN Project)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [121248 2016-08-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [195936 2016-08-16] (Oracle Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-09 07:20 - 2017-11-09 07:21 - 002929024 _____ C:\Users\Eva\Desktop\ZHPDiag3.exe
2017-11-09 07:14 - 2017-11-09 07:28 - 000000000 ____D C:\Users\Eva\Desktop\virus
2017-11-08 23:23 - 2017-11-08 23:23 - 000002200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-08 23:23 - 2017-11-08 23:23 - 000002188 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-08 23:22 - 2017-11-08 23:22 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-08 23:22 - 2017-11-08 23:22 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-08 23:15 - 2017-11-08 23:18 - 000055793 _____ C:\Users\Eva\Desktop\Addition.txt
2017-11-08 23:15 - 2017-11-08 23:15 - 001622528 _____ C:\Users\Eva\Desktop\ResetBrowser.exe
2017-11-08 23:14 - 2017-11-09 09:25 - 000027689 _____ C:\Users\Eva\Desktop\FRST.txt
2017-11-08 23:13 - 2017-11-09 09:25 - 000000000 ____D C:\FRST
2017-11-08 23:13 - 2017-11-08 23:13 - 002403328 _____ (Farbar) C:\Users\Eva\Desktop\FRST64.exe
2017-11-08 23:13 - 2017-11-08 23:13 - 000000000 ____D C:\Users\Eva\Desktop\FRST-OlderVersion
2017-11-08 22:50 - 2017-11-08 22:50 - 000000834 _____ C:\Users\Eva\Desktop\ZHPCleaner.lnk
2017-11-08 22:41 - 2017-11-09 07:22 - 000000000 ____D C:\Users\Eva\AppData\Roaming\ZHP
2017-11-08 22:41 - 2017-11-09 07:21 - 000000824 _____ C:\Users\Eva\Desktop\ZHPDiag.lnk
2017-11-08 22:41 - 2017-11-08 22:50 - 000000000 ____D C:\Users\Eva\AppData\Local\ZHP
2017-11-08 22:41 - 2017-11-08 22:41 - 002900480 _____ C:\Users\Eva\Downloads\zhpdiag_v2017.10.9.179.exe
2017-11-06 18:36 - 2017-11-06 18:37 - 000000000 ____D C:\ProgramData\NordVpn
2017-11-06 18:36 - 2017-11-06 18:36 - 000001920 _____ C:\Users\Public\Desktop\NordVPN.lnk
2017-11-06 18:36 - 2017-11-06 18:36 - 000000000 ____D C:\ProgramData\Caphyon
2017-11-06 18:35 - 2017-11-06 18:36 - 000000000 ____D C:\Users\Eva\AppData\Local\NordVPN
2017-11-06 18:35 - 2017-11-06 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2017-11-06 18:35 - 2017-11-06 18:35 - 000000000 ____D C:\Program Files (x86)\NordVPN
2017-11-06 18:34 - 2017-11-06 18:36 - 000000000 ____D C:\Users\Eva\AppData\Roaming\NordVPN
2017-11-06 18:34 - 2017-11-06 18:35 - 000000000 ____D C:\Program Files\TAP-NordVPN
2017-11-06 18:33 - 2017-11-06 18:34 - 024328176 _____ (NordVPN) C:\Users\Eva\Downloads\NordVPNSetup.exe
2017-11-06 09:28 - 2017-11-06 09:28 - 000079215 _____ C:\Users\Eva\Desktop\Eva COINTET_201711060922.pdf
2017-11-05 22:11 - 2017-11-05 22:11 - 000108447 _____ C:\Users\Eva\Downloads\telereglement_THCAP_20171105_221135.pdf
2017-11-03 20:55 - 2017-11-03 20:55 - 000073153 _____ C:\Users\Eva\Downloads\valerian.and.the.city.of.a.thousandanets.2017.720p.torrent
2017-11-03 20:17 - 2017-11-03 20:52 - 3043898810 _____ C:\Users\Eva\Downloads\Valérian.Et.La.Cité.Des.Mille.Planètes.2017.720p.TRUEFRENCH.HC.HDRip.MD.x264-SKRiN.WwW.Zone-Telechargement.Ws.mkv
2017-11-03 20:05 - 2017-11-03 20:07 - 183780216 _____ C:\Users\Eva\Downloads\Modern.Family.S09E06.VOSTFR.HDTV.XviD-ZT.WwW.Zone-Telechargement.Ws.avi
2017-11-03 19:44 - 2017-11-03 20:09 - 367031046 _____ C:\Users\Eva\Downloads\Greys.Anatomy.S14E06.SUBFRENCH.WEB-DL.XviD-ZT.WwW.Zone-Telechargement.Ws.avi
2017-11-03 09:05 - 2017-11-03 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-02 17:46 - 2017-11-02 17:46 - 000065230 _____ C:\Users\Eva\Downloads\Notion heure equivalent TD.pdf
2017-11-02 13:56 - 2017-11-02 13:56 - 000134969 _____ C:\Users\Eva\Downloads\Annexe 1- Questionnaire gracieux- version septembre 2016 (2).pdf
2017-11-01 12:58 - 2017-11-01 12:58 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-11-01 12:58 - 2017-11-01 12:58 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-11-01 10:55 - 2017-11-01 10:57 - 000000000 ____D C:\Users\Eva\Downloads\Blue.Planet.II.S01E01.One.Ocean.1080p.AMZN.WEBRip.DDP5.1.x264-NTb[rarbg]
2017-11-01 10:54 - 2017-11-01 19:43 - 000000000 ____D C:\Users\Eva\AppData\LocalLow\uTorrent
2017-10-30 19:20 - 2017-10-30 19:20 - 000000000 ____D C:\Users\Eva\Downloads\Brads.Status.2017.720p.KORSUB.HDRip.x264.AAC2.0-STUTTERSHIT
2017-10-30 19:19 - 2017-10-30 19:21 - 000000000 ____D C:\Users\Eva\Downloads\Ingrid.Goes.West.2017.1080p.BluRay.x264-GECKOS[rarbg]
2017-10-30 19:19 - 2017-10-30 19:19 - 000000000 ____D C:\Users\Eva\Downloads\OtherLife.2017.1080p.NF.WEBRip.DD5.1.x264-QOQ
2017-10-30 16:55 - 2017-10-30 16:56 - 000000000 ____D C:\Users\Eva\Desktop\primer
2017-10-30 16:53 - 2017-10-30 16:53 - 000000000 ____D C:\Users\Eva\Desktop\paper
2017-10-29 20:15 - 2017-10-29 20:15 - 000000000 ____D C:\Users\Eva\Desktop\projet film
2017-10-29 19:05 - 2017-10-29 19:07 - 000000000 ____D C:\ProgramData\Wondershare
2017-10-29 19:01 - 2017-10-29 19:01 - 000000955 _____ C:\Users\Public\Desktop\Wondershare Filmora.lnk
2017-10-29 19:01 - 2017-10-29 19:01 - 000000000 ____D C:\Users\Eva\AppData\Local\Wondershare
2017-10-29 19:01 - 2017-10-29 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-10-29 19:00 - 2017-10-29 20:15 - 000000000 ____D C:\Users\Eva\Documents\Wondershare Filmora
2017-10-29 19:00 - 2017-10-29 19:00 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2017-10-29 19:00 - 2017-10-29 19:00 - 000000000 ____D C:\Program Files\Wondershare
2017-10-29 19:00 - 2017-03-17 11:43 - 001250304 _____ (CineForm Inc.) C:\Windows\system32\CFDecode64.ax
2017-10-29 18:52 - 2017-10-29 18:54 - 000000000 ____D C:\Users\Eva\Downloads\Wondershare Filmora 8.4.0.1 (x64) + Keygen [CracksMind]
2017-10-29 18:46 - 2017-10-29 18:46 - 008249808 _____ (Malwarebytes) C:\Users\Eva\Downloads\adwcleaner_7-0-3-0_fr_430277.exe
2017-10-29 18:38 - 2017-10-29 18:38 - 000001734 __RSH C:\ProgramData\ntuser.pol
2017-10-29 17:39 - 2017-10-29 17:39 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2017-10-29 13:42 - 2017-10-29 13:42 - 000000000 ____D C:\Users\Eva\Downloads\The.Heyday.of.the.Insensitive.Bastards.2017.WEB-DL.x264-FGT
2017-10-29 13:29 - 2017-10-30 15:04 - 729167300 _____ C:\Users\Eva\Downloads\[ Torrent9.tv ] Un.Profil.Pour.Deux.2017.FRENCH.HDRip.XviD-EXTREME.avi
2017-10-29 13:28 - 2017-10-29 13:29 - 000000000 ____D C:\Users\Eva\Downloads\The.Shack.2017.1080p.BluRay.H264.AAC-RARBG
2017-10-29 13:28 - 2017-10-29 13:28 - 000030641 _____ C:\Users\Eva\Downloads\un-profil-pour-deux-french-webrip-2017.torrent
2017-10-29 13:27 - 2017-10-30 19:37 - 734355256 _____ C:\Users\Eva\Downloads\[ Torrent9.tv ] Les.Ex.2017.FRENCH.HDRip.XviD-GZR.avi
2017-10-29 13:27 - 2017-10-30 19:33 - 727802802 _____ C:\Users\Eva\Downloads\[ Torrent9.tv ] Comment.J.Ai.Rencontre.Mon.Pere.2017.FRENCH.HDRip.XviD-CR4ZYTiME.avi
2017-10-29 13:27 - 2017-10-29 13:27 - 000030824 _____ C:\Users\Eva\Downloads\les-ex-french-webrip-2017.torrent
2017-10-29 13:27 - 2017-10-29 13:27 - 000030615 _____ C:\Users\Eva\Downloads\comment-j-ai-rencontre-mon-pere-french-webrip-2017.torrent
2017-10-29 13:26 - 2017-10-29 13:26 - 000058934 _____ C:\Users\Eva\Downloads\ce-qui-nous-lie-french-dvdrip-2017.torrent
2017-10-18 19:30 - 2017-10-18 19:34 - 742438700 _____ C:\Users\Eva\Downloads\[ Torrent9.tv ] The.Other.Side.of.Hope.2017.FRENCH.BDRip.XviD.ACOOL.avi
2017-10-18 19:30 - 2017-10-18 19:30 - 000031018 _____ C:\Users\Eva\Downloads\l-autre-cote-de-l-espoir-french-dvdrip-2017.torrent
2017-10-16 14:47 - 2017-10-16 14:47 - 012742670 _____ C:\Users\Eva\Downloads\get.pdf
2017-10-15 15:54 - 2017-10-15 15:55 - 000000000 ____D C:\Users\Eva\Downloads\Modern.Family.S09E03.720p.HDTV.x264-AVS[rarbg]
2017-10-13 18:55 - 2017-10-13 18:55 - 000030492 _____ C:\Users\Eva\Downloads\marie-francine-french-dvdrip-2017.torrent
2017-10-13 18:46 - 2017-10-15 15:22 - 000000000 ____D C:\Users\Eva\Downloads\6.Below.Miracle.on.the.Mountain.2017.1080p.WEB-DL.DD5.1.H264-FGT
2017-10-13 18:39 - 2017-10-13 18:55 - 000000000 ____D C:\Users\Eva\Downloads\American.Made.2017.720p.KORSUB.HDRip.x264.AAC2.0-STUTTERSHIT
2017-10-12 22:24 - 2017-10-12 22:24 - 000017501 _____ C:\Users\Eva\Downloads\point compta date inventaire.odt
2017-10-10 19:40 - 2017-10-10 19:41 - 000000000 ____D C:\Users\Eva\Downloads\The.Big.Bang.Theory.S11E03.HDTV.x264-LOL[rarbg]
2017-10-10 19:39 - 2017-10-10 19:40 - 000011106 _____ C:\Users\Eva\Downloads\The.Big.Bang.Theory.S11E03.HDTV.x264-LOL[rartv]-[rarbg.to] (3).torrent
2017-10-10 19:39 - 2017-10-10 19:39 - 000011106 _____ C:\Users\Eva\Downloads\The.Big.Bang.Theory.S11E03.HDTV.x264-LOL[rartv]-[rarbg.to].torrent
2017-10-10 19:39 - 2017-10-10 19:39 - 000011106 _____ C:\Users\Eva\Downloads\The.Big.Bang.Theory.S11E03.HDTV.x264-LOL[rartv]-[rarbg.to] (2).torrent
2017-10-10 19:39 - 2017-10-10 19:39 - 000011106 _____ C:\Users\Eva\Downloads\The.Big.Bang.Theory.S11E03.HDTV.x264-LOL[rartv]-[rarbg.to] (1).torrent
2017-10-10 17:19 - 2017-10-10 17:19 - 000147302 _____ C:\Users\Eva\Downloads\Questionnaire gracieux (1).pdf
2017-10-10 17:16 - 2017-10-10 17:16 - 000134969 _____ C:\Users\Eva\Downloads\Annexe 1- Questionnaire gracieux- version septembre 2016 (1).pdf
2017-10-10 10:33 - 2017-10-10 10:33 - 000777345 _____ C:\Users\Eva\Downloads\gumbi2016.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-11-09 09:21 - 2016-03-11 09:32 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-11-09 09:21 - 2013-10-26 23:44 - 000000000 ____D C:\ProgramData\PDFC
2017-11-09 09:20 - 2016-06-23 10:01 - 000001186 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-09 09:20 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-09 07:26 - 2016-02-29 19:54 - 000748608 _____ C:\Windows\system32\perfh00C.dat
2017-11-09 07:26 - 2016-02-29 19:54 - 000150598 _____ C:\Windows\system32\perfc00C.dat
2017-11-09 07:26 - 2009-07-14 06:13 - 001671678 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-09 07:26 - 2009-07-14 05:45 - 000037408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-09 07:26 - 2009-07-14 05:45 - 000037408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-09 07:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-09 07:16 - 2017-03-01 18:49 - 000000000 ____D C:\AdwCleaner
2017-11-09 07:03 - 2016-06-23 10:01 - 000001190 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-08 23:23 - 2016-03-10 10:02 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-08 23:18 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-11-08 22:34 - 2017-10-03 20:52 - 000000000 ____D C:\Users\Eva\AppData\LocalLow\MyMusicTeacher
2017-11-08 17:14 - 2016-03-14 14:57 - 000000000 ____D C:\Users\Eva\Desktop\Thèse 2016
2017-11-07 18:11 - 2016-04-06 09:08 - 000000000 ____D C:\Users\Eva\AppData\Roaming\RStudio
2017-11-07 18:11 - 2016-04-06 09:06 - 000000000 ____D C:\Users\Eva\AppData\Local\RStudio-Desktop
2017-11-07 18:03 - 2016-11-29 14:25 - 000000000 ____D C:\Users\Eva\Desktop\R_FTIR
2017-11-07 17:51 - 2016-05-11 09:13 - 000000204 _____ C:\Windows\SysWOW64\eigldqw.dll
2017-11-07 17:51 - 2016-05-11 09:13 - 000000100 _____ C:\Windows\SysWOW64\prsgrc.dll
2017-11-07 17:49 - 2017-02-16 10:09 - 000144384 _____ C:\Users\Eva\AppData\Local\WebpageIcons.db
2017-11-07 17:40 - 2016-03-10 10:01 - 000000000 ____D C:\Users\Eva\AppData\Local\Deployment
2017-11-04 21:09 - 2016-03-21 17:59 - 000000000 ____D C:\Users\Eva\AppData\Roaming\vlc
2017-11-03 09:05 - 2016-06-23 10:01 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-11-02 13:57 - 2016-08-22 09:05 - 000000000 ____D C:\Users\Eva\Desktop\doc perso
2017-11-01 20:25 - 2016-09-29 09:54 - 000004624 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-01 20:25 - 2016-05-11 10:21 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-01 20:25 - 2013-10-26 23:44 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-01 20:25 - 2013-10-26 23:44 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-01 20:25 - 2013-10-26 23:44 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-01 20:25 - 2013-10-26 23:44 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-01 10:36 - 2017-09-29 14:25 - 000000000 ____D C:\Users\Eva\Desktop\doc formation
2017-11-01 10:31 - 2017-01-16 12:07 - 000000000 ____D C:\Users\Eva\Desktop\dossier vacation
2017-10-30 16:56 - 2016-08-22 09:05 - 000000000 ____D C:\Users\Eva\Desktop\doc these
2017-10-30 16:47 - 2017-03-30 14:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-30 16:47 - 2009-07-14 05:45 - 000453272 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-29 19:04 - 2016-03-10 08:43 - 000112304 _____ C:\Users\Eva\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-29 19:01 - 2017-07-03 09:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-10 13:38 - 2016-05-18 09:44 - 000000000 ____D C:\Users\Eva\Documents\MATLAB
==================== Fichiers à la racine de certains dossiers =======
2016-03-10 15:31 - 2016-03-10 15:59 - 006871040 _____ () C:\Program Files (x86)\GUT2ECF.tmp
2016-03-14 19:15 - 2016-03-14 19:15 - 000000038 ___SH () C:\Users\Eva\AppData\Local\16296312794fa2e97660bc35.82888684
2017-02-16 10:09 - 2017-11-07 17:49 - 000144384 _____ () C:\Users\Eva\AppData\Local\WebpageIcons.db
Certains fichiers dans TEMP:
====================
2017-08-03 11:26 - 2017-08-03 11:52 - 000000000 _____ () C:\Users\Eva\AppData\Local\Temp\{440B0E67-8DF0-49D4-96D2-F8308A26FB94}-DropboxClient_31.4.24.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-11-01 20:49
==================== Fin de FRST.txt ============================