Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017 Exécuté par hp (administrateur) sur HP-PC (19-12-2017 07:26:42) Exécuté depuis C:\Users\hp\Downloads Profils chargés: hp (Profils disponibles: hp & Administrateur & Invité) Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avpsus.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Smadsoft) C:\Program Files (x86)\SMADAV\SMΔRTP.exe (Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (KYOCERA Document Solutions Inc.) C:\Program Files\KDService\bin\KDService.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Microsoft Corporation) C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\hp\Downloads\FRST64 (1).exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [hdirfbsher] => wscript.exe //B "C:\Users\hp\AppData\Roaming\hdirfbsher.vbs" HKLM\...\Run: [Autodesk Sync] => [X] HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe [1241240 2017-06-27] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [SMΔRT-Protection] => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1821808 2017-05-21] (Smadsoft) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3933392 2017-08-10] (Tonec Inc.) HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\Explorer: [] HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\Explorer\DisallowRun: [1] Mshta.exe HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\Explorer\DisallowRun: [2] powershell.exe HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {1bd6bc62-8869-11e6-be95-e8393551aaf1} - G:\AutoRun.exe HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {1c7a7e1b-bd38-11e7-a844-e8393551aaf1} - J:\Lenovo_Suite.exe HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {307d9024-9822-11e6-8b61-e8393551aaf1} - G:\AutoRun.exe HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {62edfb4f-28bb-11e7-a177-e8393551aaf1} - J:\AutoRun.exe HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {9daee8a3-a5a7-11e7-bab3-e8393551aaf1} - J:\Setup.exe /s HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {de9aef96-8495-11e6-b3a5-e8393551aaf1} - G:\AutoRun.exe HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {de9aefa5-8495-11e6-b3a5-e8393551aaf1} - J:\AutoRun.exe HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\MountPoints2: {fc9d22b8-2a89-11e4-aaa1-e8393551aaf1} - G:\autorun.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.) HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies toolbar\safetynut\x64\safetycrt.dll HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies toolbar\safetynut\safetycrt.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-09-25] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Officejet 7110 series.lnk [2017-12-19] ShortcutTarget: Alertes de surveillance de l'encre - HP Officejet 7110 series.lnk -> C:\Program Files\HP\HP Officejet 7110 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) BootExecute: autocheck autochk /p \??\F:autocheck autochk * GroupPolicy: Restriction - Chrome <==== ATTENTION GroupPolicy\User: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{0CB72F13-F011-4A59-A191-D03BB502FE1A}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{7F13A9CC-0AA3-41C2-914A-BB607D5966A2}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{9E113A7C-C28F-4F3C-A0B8-E0E70DF30B8F}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{A900CDF1-7F87-4D49-93C1-140993F22448}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131023927780522754&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131023927780562756&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH&q={searchTerms} HKU\S-1-5-21-678433432-3804136958-3458289606-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131023927780602758&GUID=00000000-0000-0000-0000-000000000000 HKU\S-1-5-21-678433432-3804136958-3458289606-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp HKU\S-1-5-21-678433432-3804136958-3458289606-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH URLSearchHook: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 - ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Glarysoft Toolbar\tbhelper.dll () SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=104&systemid=473&v=a11465-131&apn_uid=5189321252584301&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=104&systemid=473&v=a11465-131&apn_uid=5189321252584301&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKLM-x32 -> {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch SearchScopes: HKLM-x32 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm073^YY^dz&si=right&ptb=4B8E3B10-AF86-41F2-AE17-A1EE1CA120C6&ind=2013050113&n=77fcb501&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_def&mntrId=ECB8E8393551AAF1&affID=10588&tl=gcn61355&tsp=5006 SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1432457944&z=c41570922f2089404ae2fc9g8z3caocz4wcm8t3zfz&from=cor&uid=ST3500413AS_Z2AN7ECH&q={searchTerms} SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=104&systemid=473&v=a12331-131&apn_uid=5189321252584301&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch SearchScopes: HKU\S-1-5-21-678433432-3804136958-3458289606-1000 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm073^YY^dz&si=right&ptb=4B8E3B10-AF86-41F2-AE17-A1EE1CA120C6&ind=2013050113&n=77fcb501&psa=&st=sb&searchfor={searchTerms} BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-12-21] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-12-21] (Oracle Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll => Pas de fichier BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12] (Adobe Systems Incorporated) BHO-x32: Browse2save -> {1B63D888-A92F-0334-4BE7-3E18809DCB87} -> C:\ProgramData\Browse2save\5124fc080690f.dll [2013-02-20] () BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Pas de nom -> {3444c3c5-6c56-4a16-a453-832b05bf6ea4} -> Pas de fichier BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: TBSB05810 Class -> {A7AF277D-1466-4A7B-93AF-B043984A5671} -> C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll [2012-12-05] () BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-07-09] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-07-09] (Adobe Systems Incorporated) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.) Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25] () Toolbar: HKLM-x32 - Glarysoft Toolbar - {32D47EA5-9473-4CAD-805D-9999F15D5AE2} - C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll [2012-12-05] () Toolbar: HKLM-x32 - Pas de nom - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - Pas de fichier Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25] () Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-07-09] (Adobe Systems Incorporated) DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default [2017-10-14] FF Homepage: Mozilla\Firefox\Profiles\kzcig7y3.default -> google.dz FF Extension: (Browse2save) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\Extensions\5124fc080677d@5124fc08067b6.com [2016-02-01] [Legacy] [non signé] FF Extension: (DAEMON Tools Toolbar) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\Extensions\DTToolbar@toolbarnet.com [2016-02-11] [Legacy] [non signé] FF Extension: (Glarysoft Toolbar) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\Extensions\{55C81E27-A6E2-40AB-B96F-D7107755F451} [2012-12-11] [Legacy] [non signé] FF Extension: (Ask New Tabs) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\Extensions\{9473F86A-8CD2-0C01-CF9E-946854F63D87} [2014-03-26] [Legacy] [non signé] FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\searchplugins\ask-web-search.xml [2013-08-31] FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\searchplugins\Ask.xml [2014-03-26] FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\searchplugins\bingp.xml [2015-06-02] FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\searchplugins\daemon-search.xml [2016-02-11] FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\searchplugins\my-web-search.xml [2013-05-02] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-09-25] [Legacy] [non signé] FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [5124fc080677d@5124fc08067b6.com] - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\extensions\5124fc080677d@5124fc08067b6.com FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\kzcig7y3.default\extensions\searchffv2@gmail.com => non trouvé(e) FF HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => non trouvé(e) FF HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-03-10] [Legacy] FF HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\hp\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\hp\AppData\Roaming\IDM\idmmzcc5 [2017-12-19] [Legacy] [non signé] FF HKU\S-1-5-21-678433432-3804136958-3458289606-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] () FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-12-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-12-21] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-17] (Nitro PDF) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll [2011-02-16] (Zeon Corporation) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2013-03-06] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2013-03-06] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2013-03-06] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2013-03-06] Chrome: ======= CHR DefaultProfile: Profile 2 CHR HomePage: Profile 2 -> msn.com CHR StartupUrls: Profile 2 -> "hxxp://www.google.fr/" CHR DefaultSearchURL: Profile 2 -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Profile 2 -> bing.com CHR DefaultSuggestURL: Profile 2 -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2017-07-16] CHR Extension: (Movies App) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic [2015-04-28] CHR Extension: (Musix) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahidimbgfemjmhhicghnkodhgbljklcp [2015-05-25] CHR Extension: (tvnewtablambda) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkaibaglkkminpjaalgkeicgigblana [2016-02-01] CHR Extension: (Google Docs) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-28] CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-01] CHR Extension: (Search By MusixLib) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\balimbofoedmklhpnchbgmlfipgpbjnl [2015-05-25] CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-01] CHR Extension: (McAfee Security Scan+) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-23] CHR Extension: (Recherche Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-01] CHR Extension: (Apps Hat Mini) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbibhpbpkppfpcgopfbkokifpfiacdok [2016-02-01] CHR Extension: (Bing) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-02-01] CHR Extension: (Google Docs hors connexion) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-01] CHR Extension: (Skype) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-01] CHR Extension: (Ask Search) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2015-05-24] CHR Extension: (iLivid) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-05-24] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-01] CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-28] CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-08-21] CHR Extension: (FreeRadioCast) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc [2016-08-21] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-21] CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-01] CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-12-19] CHR Extension: (Slides) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14] CHR Extension: (Docs) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-21] CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-21] CHR Extension: (Adblock Plus) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-27] CHR Extension: (Adobe Acrobat) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05] CHR Extension: (Bing) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-11-07] CHR Extension: (Sheets) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14] CHR Extension: (Google Docs hors connexion) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-22] CHR Extension: (IDM Integration Module) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-12-16] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-21] CHR Extension: (Chrome Media Router) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-17] CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-14] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-03-11] CHR HKU\S-1-5-21-678433432-3804136958-3458289606-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-03-11] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Fichier non signé] R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe [1241240 2017-06-27] (Kaspersky Lab ZAO) R2 avpsus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avpsus.exe [2544192 2017-06-27] (Kaspersky Lab ZAO) S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2017-07-11] (Macrovision Europe Ltd.) [Fichier non signé] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Fichier non signé] R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] () R2 KDService; C:\Program Files\KDService\bin\KDService.exe [441856 2013-10-24] (KYOCERA Document Solutions Inc.) [Fichier non signé] R2 msftesql$PRIMAVERA; C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe [91992 2010-03-26] (Microsoft Corporation) R2 MSSQL$PRIMAVERA; C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-17] (Nitro PDF Software) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [138600 2011-08-13] (Nuance Communications, Inc.) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 SafetyNutManager; C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 cmusbser; C:\Windows\System32\DRIVERS\cmusbser.sys [118144 2008-08-29] (Mobile Connector) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [246272 2013-11-30] (Huawei Technologies Co., Ltd.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO) S3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [125400 2017-06-21] (Kaspersky Lab ZAO) R1 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [44880 2016-06-29] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [711128 2017-06-21] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [56792 2017-06-05] (AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81608 2017-06-05] (AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199128 2017-06-14] (Kaspersky Lab ZAO) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2016-02-11] () [Fichier non signé] U3 a5y1x127; C:\Windows\System32\Drivers\a5y1x127.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zéro octet Fichier/Dossier) S3 RTL8192cu; system32\DRIVERS\RTL8192cu.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-12-19 07:25 - 2017-12-19 07:26 - 002392064 _____ (Farbar) C:\Users\hp\Downloads\FRST64 (1).exe 2017-12-14 07:37 - 2017-12-14 07:37 - 000372229 _____ C:\Users\hp\Downloads\CT-G11.49-56.pdf 2017-12-14 07:33 - 2017-12-14 07:33 - 002977510 _____ C:\Users\hp\Downloads\CT-G11.pdf 2017-12-05 13:37 - 2017-12-05 13:37 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-12-05 13:37 - 2017-12-05 13:37 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2017-12-05 11:27 - 2017-12-05 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2017-12-05 11:25 - 2017-12-05 11:25 - 000000000 ____D C:\Windows\PCHEALTH 2017-12-05 11:22 - 2017-12-05 11:22 - 000000000 ____D C:\Program Files\Microsoft Analysis Services 2017-12-05 11:22 - 2017-12-05 11:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2017-12-05 11:21 - 2017-12-05 11:21 - 000000000 __RHD C:\MSOCache 2017-12-05 10:59 - 2017-11-04 14:51 - 000002137 _____ C:\Users\hp\Desktop\15-Rapport Mensuel PV8 Novembre 2017 - Copie.lnk 2017-12-03 09:33 - 2017-12-03 15:12 - 000123455 _____ C:\Users\hp\Desktop\Fiche métré poutre02.xlsx 2017-12-03 08:46 - 2017-12-03 08:46 - 000466338 _____ C:\Users\hp\Downloads\33-Rapport d'inspection chantier PV09LB1B1-GCG-COS M28-3182-QT-33.pdf 2017-11-28 13:33 - 2017-11-28 13:33 - 000110224 _____ C:\Users\hp\Desktop\La liste du personnel de chantier Puits de Ventilation PV 08.pdf 2017-11-25 07:36 - 2017-11-25 14:47 - 000041901 _____ C:\Users\hp\Downloads\Model Perf jour.xlsx ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-12-19 07:28 - 2017-02-22 07:15 - 000036123 _____ C:\Users\hp\Downloads\FRST.txt 2017-12-19 07:26 - 2017-02-22 07:14 - 000000000 ____D C:\FRST 2017-12-19 07:20 - 2012-10-17 16:52 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2017-12-19 07:19 - 2014-01-28 01:52 - 000002672 _____ C:\Windows\Tasks\Apps Hat Mini-firefoxinstaller.job 2017-12-19 07:19 - 2014-01-28 01:52 - 000002162 _____ C:\Windows\Tasks\Apps Hat Mini-chromeinstaller.job 2017-12-19 07:19 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-12-18 16:48 - 2009-07-14 05:45 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-12-18 16:48 - 2009-07-14 05:45 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-12-17 16:38 - 2013-08-26 14:10 - 000000000 ____D C:\Users\hp\AppData\Roaming\DMCache 2017-12-17 15:59 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF 2017-12-17 15:46 - 2017-02-05 16:21 - 000000000 ____D C:\Users\hp\AppData\Local\CrashDumps 2017-12-17 15:46 - 2011-04-12 10:16 - 000835428 _____ C:\Windows\system32\perfh00C.dat 2017-12-17 15:46 - 2011-04-12 10:16 - 000179124 _____ C:\Windows\system32\perfc00C.dat 2017-12-17 15:46 - 2009-07-14 06:13 - 001903272 _____ C:\Windows\system32\PerfStringBackup.INI 2017-12-17 15:46 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2017-12-14 07:32 - 2013-03-06 16:24 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-12-14 07:32 - 2013-03-06 16:24 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-12-13 14:02 - 2013-04-10 11:53 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-12-13 14:02 - 2013-04-10 11:52 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-12-13 14:02 - 2013-04-10 11:52 - 000000000 ____D C:\Windows\system32\Macromed 2017-12-13 14:02 - 2013-01-22 05:55 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-12-13 14:02 - 2012-09-25 15:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-12-13 13:04 - 2014-01-28 01:52 - 000000000 ____D C:\Program Files (x86)\Apps Hat Mini 2017-12-05 16:17 - 2016-10-31 07:43 - 000000000 ____D C:\Program Files (x86)\SMADAV 2017-12-05 16:16 - 2016-10-31 07:43 - 000000000 __SHD C:\[Smad-Cage] 2017-12-05 13:48 - 2012-09-16 17:12 - 000175144 _____ C:\Users\hp\AppData\Local\GDIPFONTCACHEV1.DAT 2017-12-05 13:45 - 2012-09-16 17:34 - 000629720 _____ C:\Windows\system32\FNTCACHE.DAT 2017-12-05 13:38 - 2011-04-12 10:28 - 000000000 ____D C:\Windows\ShellNew 2017-12-05 13:38 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2017-12-05 13:37 - 2013-03-05 18:08 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2017-12-05 13:37 - 2013-03-05 18:08 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2017-12-05 13:33 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System 2017-12-05 13:33 - 2009-07-14 03:34 - 000000478 _____ C:\Windows\win.ini 2017-12-05 11:25 - 2012-09-16 17:03 - 000000000 ____D C:\Program Files\Microsoft Office 2017-12-05 11:22 - 2012-09-16 17:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2017-12-03 15:39 - 2012-09-25 11:15 - 000000000 ____D C:\Users\hp\AppData\Local\cache 2017-12-02 11:10 - 2017-04-15 07:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-11-19 10:52 - 2012-09-25 10:11 - 000000000 ____D C:\Users\hp\AppData\Local\ElevatedDiagnostics ==================== Fichiers à la racine de certains dossiers ======= 2014-03-25 05:36 - 2014-03-25 05:36 - 000002549 _____ () C:\Users\hp\AppData\Roaming\1E4F.exe 2014-03-25 03:21 - 2014-03-25 03:21 - 000002549 _____ () C:\Users\hp\AppData\Roaming\225F.exe 2014-03-24 13:10 - 2014-03-24 13:10 - 000002549 _____ () C:\Users\hp\AppData\Roaming\23D.exe 2014-03-25 05:36 - 2014-03-25 05:36 - 000002549 _____ () C:\Users\hp\AppData\Roaming\2514.exe 2014-03-25 04:57 - 2014-03-25 04:57 - 000002549 _____ () C:\Users\hp\AppData\Roaming\279F.exe 2014-03-25 04:57 - 2014-03-25 04:57 - 000002549 _____ () C:\Users\hp\AppData\Roaming\2E83.exe 2014-03-25 03:20 - 2014-03-25 03:20 - 000002549 _____ () C:\Users\hp\AppData\Roaming\2FE5.exe 2014-03-25 10:00 - 2014-03-25 10:00 - 000002549 _____ () C:\Users\hp\AppData\Roaming\3494.exe 2014-03-25 10:00 - 2014-03-25 10:00 - 000002549 _____ () C:\Users\hp\AppData\Roaming\4834.exe 2014-03-24 19:45 - 2014-03-24 19:45 - 000002549 _____ () C:\Users\hp\AppData\Roaming\5B05.exe 2014-03-24 19:45 - 2014-03-24 19:45 - 000002549 _____ () C:\Users\hp\AppData\Roaming\6237.exe 2014-03-24 21:08 - 2014-03-24 21:08 - 000002549 _____ () C:\Users\hp\AppData\Roaming\7ED0.exe 2014-03-24 21:08 - 2014-03-24 21:08 - 000002549 _____ () C:\Users\hp\AppData\Roaming\8595.exe 2014-03-24 23:04 - 2014-03-24 23:04 - 000002549 _____ () C:\Users\hp\AppData\Roaming\93FC.exe 2014-03-24 23:04 - 2014-03-24 23:04 - 000002549 _____ () C:\Users\hp\AppData\Roaming\9B3D.exe 2014-03-24 21:43 - 2014-03-24 21:43 - 000002549 _____ () C:\Users\hp\AppData\Roaming\9F9C.exe 2014-03-24 20:31 - 2014-03-24 20:31 - 000002549 _____ () C:\Users\hp\AppData\Roaming\A013.exe 2014-03-24 21:43 - 2014-03-24 21:43 - 000002549 _____ () C:\Users\hp\AppData\Roaming\A68F.exe 2014-03-24 20:31 - 2014-03-24 20:31 - 000002549 _____ () C:\Users\hp\AppData\Roaming\A755.exe 2014-03-25 00:58 - 2014-03-25 00:58 - 000002549 _____ () C:\Users\hp\AppData\Roaming\B507.exe 2014-03-24 19:10 - 2014-03-24 19:10 - 000002549 _____ () C:\Users\hp\AppData\Roaming\B929.exe 2014-03-25 00:58 - 2014-03-25 00:58 - 000002549 _____ () C:\Users\hp\AppData\Roaming\BC48.exe 2014-03-24 19:10 - 2014-03-24 19:10 - 000002549 _____ () C:\Users\hp\AppData\Roaming\C06A.exe 2014-03-24 18:00 - 2014-03-24 18:00 - 000002549 _____ () C:\Users\hp\AppData\Roaming\D241.exe 2014-03-24 15:32 - 2014-03-24 15:32 - 000002549 _____ () C:\Users\hp\AppData\Roaming\D69F.exe 2014-03-24 18:00 - 2014-03-24 18:00 - 000002549 _____ () C:\Users\hp\AppData\Roaming\D963.exe 2014-03-24 15:32 - 2014-03-24 15:32 - 000002549 _____ () C:\Users\hp\AppData\Roaming\DDD1.exe 2014-03-24 13:10 - 2014-03-24 13:10 - 000002549 _____ () C:\Users\hp\AppData\Roaming\FB79.exe 2017-09-30 14:57 - 2017-09-30 14:57 - 000000218 _____ () C:\Users\hp\AppData\Local\recently-used.xbel Certains fichiers dans TEMP: ==================== 2012-09-25 11:25 - 2012-09-25 11:25 - 001976656 _____ (Flexera Software, Inc.) C:\Users\Administrateur\AppData\Local\Temp\FNP_ACT_InstallerCA.dll 2017-03-05 16:18 - 2015-01-08 17:36 - 000015752 _____ (Autodesk, Inc.) C:\Users\hp\AppData\Local\Temp\AcDeltree.exe 2012-05-31 01:51 - 2012-05-31 01:51 - 010224184 _____ () C:\Users\hp\AppData\Local\Temp\AVG.exe 2017-05-11 07:43 - 2017-05-11 07:43 - 000247808 _____ (AVG Technologies CZ, s.r.o.) C:\Users\hp\AppData\Local\Temp\avguidx.dll 2017-07-22 11:20 - 2017-07-22 11:21 - 003979896 _____ (Google) C:\Users\hp\AppData\Local\Temp\b7ecb7c0-0aa6-4735-9a83-d9dafffba0c2.exe 2017-10-16 10:59 - 2017-10-16 10:59 - 001962752 _____ (Flexera Software LLC) C:\Users\hp\AppData\Local\Temp\FNP_ACT_InstallerCA.dll 2017-10-14 11:57 - 2017-10-14 11:57 - 001482301 _____ () C:\Users\hp\AppData\Local\Temp\ICReinstall_gcsoft_3827794772.exe 2017-07-17 09:25 - 1999-06-30 18:43 - 000477184 _____ (Wise Solutions, Inc.) C:\Users\hp\AppData\Local\Temp\InitBDE.exe 2017-05-11 07:43 - 2017-05-11 07:43 - 000163896 _____ () C:\Users\hp\AppData\Local\Temp\MachineIdCreator.exe 2017-05-11 07:43 - 2017-05-11 07:43 - 005474888 _____ (AVG Technologies) C:\Users\hp\AppData\Local\Temp\oi_{8DE1B206-C808-4E3E-AE02-D0212730D3A9}.exe 2017-07-22 13:08 - 2017-07-22 13:08 - 002146496 _____ (BitTorrent Inc.) C:\Users\hp\AppData\Local\Temp\uttEB4B.tmp.exe 2016-04-24 14:53 - 2016-04-24 14:53 - 001976656 _____ (Flexera Software, Inc.) C:\Users\NABIL HARROUS\AppData\Local\Temp\FNP_ACT_InstallerCA.dll ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement C:\Windows\system32\drivers\sptd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION LastRegBack: 2017-12-09 08:22 ==================== Fin de FRST.txt ============================