cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017
Exécuté par hp (administrateur) sur HP-PC (19-12-2017 07:26:42)
Exécuté depuis C:\Users\hp\Downloads
Profils chargés: hp (Profils disponibles: hp & Administrateur & Invité)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avpsus.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Smadsoft) C:\Program Files (x86)\SMADAV\SMΔRTP.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(KYOCERA Document Solutions Inc.) C:\Program Files\KDService\bin\KDService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\hp\Downloads\FRST64 (1).exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [hdirfbsher] => wscript.exe //B "C:\Users\hp\AppData\Roaming\hdirfbsher.vbs"
HKLM\...\Run: [Autodesk Sync] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe [1241240 2017-06-27] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SMΔRT-Protection] => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1821808 2017-05-21] (Smadsoft)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3933392 2017-08-10] (Tonec Inc.)
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\Explorer: []
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {1bd6bc62-8869-11e6-be95-e8393551aaf1} - G:\AutoRun.exe
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {1c7a7e1b-bd38-11e7-a844-e8393551aaf1} - J:\Lenovo_Suite.exe
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {307d9024-9822-11e6-8b61-e8393551aaf1} - G:\AutoRun.exe
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {62edfb4f-28bb-11e7-a177-e8393551aaf1} - J:\AutoRun.exe
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {9daee8a3-a5a7-11e7-bab3-e8393551aaf1} - J:\Setup.exe /s
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {de9aef96-8495-11e6-b3a5-e8393551aaf1} - G:\AutoRun.exe
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {de9aefa5-8495-11e6-b3a5-e8393551aaf1} - J:\AutoRun.exe
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {fc9d22b8-2a89-11e4-aaa1-e8393551aaf1} - G:\autorun.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies toolbar\safetynut\x64\safetycrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies toolbar\safetynut\safetycrt.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-09-25]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Officejet 7110 series.lnk [2017-12-19]
ShortcutTarget: Alertes de surveillance de l'encre - HP Officejet 7110 series.lnk -> C:\Program Files\HP\HP Officejet 7110 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk /p \??\F:autocheck autochk *
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{0CB72F13-F011-4A59-A191-D03BB502FE1A}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{7F13A9CC-0AA3-41C2-914A-BB607D5966A2}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{9E113A7C-C28F-4F3C-A0B8-E0E70DF30B8F}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{A900CDF1-7F87-4D49-93C1-140993F22448}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131023927780522754&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131023927780562756&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH&q={searchTerms}
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131023927780602758&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-678433432-3804136958-3458289606-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH
URLSearchHook: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 - ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Glarysoft Toolbar\tbhelper.dll ()
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=104&systemid=473&v=a11465-131&apn_uid=5189321252584301&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=104&systemid=473&v=a11465-131&apn_uid=5189321252584301&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 -> {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKLM-x32 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm073^YY^dz&si=right&ptb=4B8E3B10-AF86-41F2-AE17-A1EE1CA120C6&ind=2013050113&n=77fcb501&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_def&mntrId=ECB8E8393551AAF1&affID=10588&tl=gcn61355&tsp=5006
SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH&q={searchTerms}
SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=104&systemid=473&v=a12331-131&apn_uid=5189321252584301&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm073^YY^dz&si=right&ptb=4B8E3B10-AF86-41F2-AE17-A1EE1CA120C6&ind=2013050113&n=77fcb501&psa=&st=sb&searchfor={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-12-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-12-21] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll => Pas de fichier
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12] (Adobe Systems Incorporated)
BHO-x32: Browse2save -> {1B63D888-A92F-0334-4BE7-3E18809DCB87} -> C:\ProgramData\Browse2save\5124fc080690f.dll [2013-02-20] ()
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Pas de nom -> {3444c3c5-6c56-4a16-a453-832b05bf6ea4} -> Pas de fichier
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: TBSB05810 Class -> {A7AF277D-1466-4A7B-93AF-B043984A5671} -> C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll [2012-12-05] ()
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-07-09] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-07-09] (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25] ()
Toolbar: HKLM-x32 - Glarysoft Toolbar - {32D47EA5-9473-4CAD-805D-9999F15D5AE2} - C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll [2012-12-05] ()
Toolbar: HKLM-x32 - Pas de nom - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - Pas de fichier
Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25] ()
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-07-09] (Adobe Systems Incorporated)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default [2017-10-14]
FF Homepage: Mozilla\Firefox\Profiles\kzcig7y3.default -> google.dz
FF Extension: (Browse2save) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\Extensions\5124fc080677d@5124fc08067b6.com [2016-02-01] [Legacy] [non signé]
FF Extension: (DAEMON Tools Toolbar) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\Extensions\DTToolbar@toolbarnet.com [2016-02-11] [Legacy] [non signé]
FF Extension: (Glarysoft Toolbar) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\Extensions\{55C81E27-A6E2-40AB-B96F-D7107755F451} [2012-12-11] [Legacy] [non signé]
FF Extension: (Ask New Tabs) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\Extensions\{9473F86A-8CD2-0C01-CF9E-946854F63D87} [2014-03-26] [Legacy] [non signé]
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\searchplugins\ask-web-search.xml [2013-08-31]
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\searchplugins\Ask.xml [2014-03-26]
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\searchplugins\bingp.xml [2015-06-02]
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\searchplugins\daemon-search.xml [2016-02-11]
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\searchplugins\my-web-search.xml [2013-05-02]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-09-25] [Legacy] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [5124fc080677d@5124fc08067b6.com] - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\extensions\5124fc080677d@5124fc08067b6.com
FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\extensions\searchffv2@gmail.com => non trouvé(e)
FF HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => non trouvé(e)
FF HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-03-10] [Legacy]
FF HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\hp\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\hp\AppData\Roaming\IDM\idmmzcc5 [2017-12-19] [Legacy] [non signé]
FF HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-12-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-12-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-17] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll [2011-02-16] (Zeon Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2013-03-06]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2013-03-06]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2013-03-06]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2013-03-06]

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR HomePage: Profile 2 -> msn.com
CHR StartupUrls: Profile 2 -> "hxxp://www.google.fr/"
CHR DefaultSearchURL: Profile 2 -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> bing.com
CHR DefaultSuggestURL: Profile 2 -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2017-07-16]
CHR Extension: (Movies App) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic [2015-04-28]
CHR Extension: (Musix) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahidimbgfemjmhhicghnkodhgbljklcp [2015-05-25]
CHR Extension: (tvnewtablambda) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkaibaglkkminpjaalgkeicgigblana [2016-02-01]
CHR Extension: (Google Docs) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-28]
CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-01]
CHR Extension: (Search By MusixLib) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\balimbofoedmklhpnchbgmlfipgpbjnl [2015-05-25]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-01]
CHR Extension: (McAfee Security Scan+) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-23]
CHR Extension: (Recherche Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-01]
CHR Extension: (Apps Hat Mini) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbibhpbpkppfpcgopfbkokifpfiacdok [2016-02-01]
CHR Extension: (Bing) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-02-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-01]
CHR Extension: (Skype) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-01]
CHR Extension: (Ask Search) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2015-05-24]
CHR Extension: (iLivid) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-05-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-01]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-28]
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-08-21]
CHR Extension: (FreeRadioCast) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc [2016-08-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-21]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-01]
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-12-19]
CHR Extension: (Slides) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-21]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-21]
CHR Extension: (Adblock Plus) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-27]
CHR Extension: (Adobe Acrobat) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Bing) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-11-07]
CHR Extension: (Sheets) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs hors connexion) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-22]
CHR Extension: (IDM Integration Module) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-12-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-21]
CHR Extension: (Chrome Media Router) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-17]
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-14]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-03-11]
CHR HKU\S-1-5-21-678433432-3804136958-3458289606-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-03-11]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Fichier non signé]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe [1241240 2017-06-27] (Kaspersky Lab ZAO)
R2 avpsus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avpsus.exe [2544192 2017-06-27] (Kaspersky Lab ZAO)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2017-07-11] (Macrovision Europe Ltd.) [Fichier non signé]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Fichier non signé]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 KDService; C:\Program Files\KDService\bin\KDService.exe [441856 2013-10-24] (KYOCERA Document Solutions Inc.) [Fichier non signé]
R2 msftesql$PRIMAVERA; C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe [91992 2010-03-26] (Microsoft Corporation)
R2 MSSQL$PRIMAVERA; C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-17] (Nitro PDF Software)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [138600 2011-08-13] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 SafetyNutManager; C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 cmusbser; C:\Windows\System32\DRIVERS\cmusbser.sys [118144 2008-08-29] (Mobile Connector)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [246272 2013-11-30] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
S3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [125400 2017-06-21] (Kaspersky Lab ZAO)
R1 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [44880 2016-06-29] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [711128 2017-06-21] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [56792 2017-06-05] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81608 2017-06-05] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199128 2017-06-14] (Kaspersky Lab ZAO)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2016-02-11] () [Fichier non signé]
U3 a5y1x127; C:\Windows\System32\Drivers\a5y1x127.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zéro octet Fichier/Dossier)
S3 RTL8192cu; system32\DRIVERS\RTL8192cu.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-12-19 07:25 - 2017-12-19 07:26 - 002392064 _____ (Farbar) C:\Users\hp\Downloads\FRST64 (1).exe
2017-12-14 07:37 - 2017-12-14 07:37 - 000372229 _____ C:\Users\hp\Downloads\CT-G11.49-56.pdf
2017-12-14 07:33 - 2017-12-14 07:33 - 002977510 _____ C:\Users\hp\Downloads\CT-G11.pdf
2017-12-05 13:37 - 2017-12-05 13:37 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-12-05 13:37 - 2017-12-05 13:37 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-12-05 11:27 - 2017-12-05 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-12-05 11:25 - 2017-12-05 11:25 - 000000000 ____D C:\Windows\PCHEALTH
2017-12-05 11:22 - 2017-12-05 11:22 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2017-12-05 11:22 - 2017-12-05 11:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2017-12-05 11:21 - 2017-12-05 11:21 - 000000000 __RHD C:\MSOCache
2017-12-05 10:59 - 2017-11-04 14:51 - 000002137 _____ C:\Users\hp\Desktop\15-Rapport Mensuel PV8 Novembre 2017 - Copie.lnk
2017-12-03 09:33 - 2017-12-03 15:12 - 000123455 _____ C:\Users\hp\Desktop\Fiche métré poutre02.xlsx
2017-12-03 08:46 - 2017-12-03 08:46 - 000466338 _____ C:\Users\hp\Downloads\33-Rapport d'inspection chantier PV09LB1B1-GCG-COS M28-3182-QT-33.pdf
2017-11-28 13:33 - 2017-11-28 13:33 - 000110224 _____ C:\Users\hp\Desktop\La liste du personnel de chantier Puits de Ventilation PV 08.pdf
2017-11-25 07:36 - 2017-11-25 14:47 - 000041901 _____ C:\Users\hp\Downloads\Model Perf jour.xlsx

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-12-19 07:28 - 2017-02-22 07:15 - 000036123 _____ C:\Users\hp\Downloads\FRST.txt
2017-12-19 07:26 - 2017-02-22 07:14 - 000000000 ____D C:\FRST
2017-12-19 07:20 - 2012-10-17 16:52 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-12-19 07:19 - 2014-01-28 01:52 - 000002672 _____ C:\Windows\Tasks\Apps Hat Mini-firefoxinstaller.job
2017-12-19 07:19 - 2014-01-28 01:52 - 000002162 _____ C:\Windows\Tasks\Apps Hat Mini-chromeinstaller.job
2017-12-19 07:19 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-18 16:48 - 2009-07-14 05:45 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-18 16:48 - 2009-07-14 05:45 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-17 16:38 - 2013-08-26 14:10 - 000000000 ____D C:\Users\hp\AppData\Roaming\DMCache
2017-12-17 15:59 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2017-12-17 15:46 - 2017-02-05 16:21 - 000000000 ____D C:\Users\hp\AppData\Local\CrashDumps
2017-12-17 15:46 - 2011-04-12 10:16 - 000835428 _____ C:\Windows\system32\perfh00C.dat
2017-12-17 15:46 - 2011-04-12 10:16 - 000179124 _____ C:\Windows\system32\perfc00C.dat
2017-12-17 15:46 - 2009-07-14 06:13 - 001903272 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-17 15:46 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-12-14 07:32 - 2013-03-06 16:24 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-14 07:32 - 2013-03-06 16:24 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-13 14:02 - 2013-04-10 11:53 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-12-13 14:02 - 2013-04-10 11:52 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-12-13 14:02 - 2013-04-10 11:52 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-13 14:02 - 2013-01-22 05:55 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-13 14:02 - 2012-09-25 15:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-12-13 13:04 - 2014-01-28 01:52 - 000000000 ____D C:\Program Files (x86)\Apps Hat Mini
2017-12-05 16:17 - 2016-10-31 07:43 - 000000000 ____D C:\Program Files (x86)\SMADAV
2017-12-05 16:16 - 2016-10-31 07:43 - 000000000 __SHD C:\[Smad-Cage]
2017-12-05 13:48 - 2012-09-16 17:12 - 000175144 _____ C:\Users\hp\AppData\Local\GDIPFONTCACHEV1.DAT
2017-12-05 13:45 - 2012-09-16 17:34 - 000629720 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-05 13:38 - 2011-04-12 10:28 - 000000000 ____D C:\Windows\ShellNew
2017-12-05 13:38 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-12-05 13:37 - 2013-03-05 18:08 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2017-12-05 13:37 - 2013-03-05 18:08 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-12-05 13:33 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System
2017-12-05 13:33 - 2009-07-14 03:34 - 000000478 _____ C:\Windows\win.ini
2017-12-05 11:25 - 2012-09-16 17:03 - 000000000 ____D C:\Program Files\Microsoft Office
2017-12-05 11:22 - 2012-09-16 17:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-12-03 15:39 - 2012-09-25 11:15 - 000000000 ____D C:\Users\hp\AppData\Local\cache
2017-12-02 11:10 - 2017-04-15 07:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-19 10:52 - 2012-09-25 10:11 - 000000000 ____D C:\Users\hp\AppData\Local\ElevatedDiagnostics

==================== Fichiers à la racine de certains dossiers =======

2014-03-25 05:36 - 2014-03-25 05:36 - 000002549 _____ () C:\Users\hp\AppData\Roaming\1E4F.exe
2014-03-25 03:21 - 2014-03-25 03:21 - 000002549 _____ () C:\Users\hp\AppData\Roaming\225F.exe
2014-03-24 13:10 - 2014-03-24 13:10 - 000002549 _____ () C:\Users\hp\AppData\Roaming\23D.exe
2014-03-25 05:36 - 2014-03-25 05:36 - 000002549 _____ () C:\Users\hp\AppData\Roaming\2514.exe
2014-03-25 04:57 - 2014-03-25 04:57 - 000002549 _____ () C:\Users\hp\AppData\Roaming\279F.exe
2014-03-25 04:57 - 2014-03-25 04:57 - 000002549 _____ () C:\Users\hp\AppData\Roaming\2E83.exe
2014-03-25 03:20 - 2014-03-25 03:20 - 000002549 _____ () C:\Users\hp\AppData\Roaming\2FE5.exe
2014-03-25 10:00 - 2014-03-25 10:00 - 000002549 _____ () C:\Users\hp\AppData\Roaming\3494.exe
2014-03-25 10:00 - 2014-03-25 10:00 - 000002549 _____ () C:\Users\hp\AppData\Roaming\4834.exe
2014-03-24 19:45 - 2014-03-24 19:45 - 000002549 _____ () C:\Users\hp\AppData\Roaming\5B05.exe
2014-03-24 19:45 - 2014-03-24 19:45 - 000002549 _____ () C:\Users\hp\AppData\Roaming\6237.exe
2014-03-24 21:08 - 2014-03-24 21:08 - 000002549 _____ () C:\Users\hp\AppData\Roaming\7ED0.exe
2014-03-24 21:08 - 2014-03-24 21:08 - 000002549 _____ () C:\Users\hp\AppData\Roaming\8595.exe
2014-03-24 23:04 - 2014-03-24 23:04 - 000002549 _____ () C:\Users\hp\AppData\Roaming\93FC.exe
2014-03-24 23:04 - 2014-03-24 23:04 - 000002549 _____ () C:\Users\hp\AppData\Roaming\9B3D.exe
2014-03-24 21:43 - 2014-03-24 21:43 - 000002549 _____ () C:\Users\hp\AppData\Roaming\9F9C.exe
2014-03-24 20:31 - 2014-03-24 20:31 - 000002549 _____ () C:\Users\hp\AppData\Roaming\A013.exe
2014-03-24 21:43 - 2014-03-24 21:43 - 000002549 _____ () C:\Users\hp\AppData\Roaming\A68F.exe
2014-03-24 20:31 - 2014-03-24 20:31 - 000002549 _____ () C:\Users\hp\AppData\Roaming\A755.exe
2014-03-25 00:58 - 2014-03-25 00:58 - 000002549 _____ () C:\Users\hp\AppData\Roaming\B507.exe
2014-03-24 19:10 - 2014-03-24 19:10 - 000002549 _____ () C:\Users\hp\AppData\Roaming\B929.exe
2014-03-25 00:58 - 2014-03-25 00:58 - 000002549 _____ () C:\Users\hp\AppData\Roaming\BC48.exe
2014-03-24 19:10 - 2014-03-24 19:10 - 000002549 _____ () C:\Users\hp\AppData\Roaming\C06A.exe
2014-03-24 18:00 - 2014-03-24 18:00 - 000002549 _____ () C:\Users\hp\AppData\Roaming\D241.exe
2014-03-24 15:32 - 2014-03-24 15:32 - 000002549 _____ () C:\Users\hp\AppData\Roaming\D69F.exe
2014-03-24 18:00 - 2014-03-24 18:00 - 000002549 _____ () C:\Users\hp\AppData\Roaming\D963.exe
2014-03-24 15:32 - 2014-03-24 15:32 - 000002549 _____ () C:\Users\hp\AppData\Roaming\DDD1.exe
2014-03-24 13:10 - 2014-03-24 13:10 - 000002549 _____ () C:\Users\hp\AppData\Roaming\FB79.exe
2017-09-30 14:57 - 2017-09-30 14:57 - 000000218 _____ () C:\Users\hp\AppData\Local\recently-used.xbel

Certains fichiers dans TEMP:
====================
2012-09-25 11:25 - 2012-09-25 11:25 - 001976656 _____ (Flexera Software, Inc.) C:\Users\Administrateur\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
2017-03-05 16:18 - 2015-01-08 17:36 - 000015752 _____ (Autodesk, Inc.) C:\Users\hp\AppData\Local\Temp\AcDeltree.exe
2012-05-31 01:51 - 2012-05-31 01:51 - 010224184 _____ () C:\Users\hp\AppData\Local\Temp\AVG.exe
2017-05-11 07:43 - 2017-05-11 07:43 - 000247808 _____ (AVG Technologies CZ, s.r.o.) C:\Users\hp\AppData\Local\Temp\avguidx.dll
2017-07-22 11:20 - 2017-07-22 11:21 - 003979896 _____ (Google) C:\Users\hp\AppData\Local\Temp\b7ecb7c0-0aa6-4735-9a83-d9dafffba0c2.exe
2017-10-16 10:59 - 2017-10-16 10:59 - 001962752 _____ (Flexera Software LLC) C:\Users\hp\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
2017-10-14 11:57 - 2017-10-14 11:57 - 001482301 _____ () C:\Users\hp\AppData\Local\Temp\ICReinstall_gcsoft_3827794772.exe
2017-07-17 09:25 - 1999-06-30 18:43 - 000477184 _____ (Wise Solutions, Inc.) C:\Users\hp\AppData\Local\Temp\InitBDE.exe
2017-05-11 07:43 - 2017-05-11 07:43 - 000163896 _____ () C:\Users\hp\AppData\Local\Temp\MachineIdCreator.exe
2017-05-11 07:43 - 2017-05-11 07:43 - 005474888 _____ (AVG Technologies) C:\Users\hp\AppData\Local\Temp\oi_{8DE1B206-C808-4E3E-AE02-D0212730D3A9}.exe
2017-07-22 13:08 - 2017-07-22 13:08 - 002146496 _____ (BitTorrent Inc.) C:\Users\hp\AppData\Local\Temp\uttEB4B.tmp.exe
2016-04-24 14:53 - 2016-04-24 14:53 - 001976656 _____ (Flexera Software, Inc.) C:\Users\NABIL HARROUS\AppData\Local\Temp\FNP_ACT_InstallerCA.dll

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
C:\Windows\system32\drivers\sptd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION

LastRegBack: 2017-12-09 08:22

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité