Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-10-2017
Exécuté par hp (administrateur) sur USER (10-10-2017 12:26:51)
Exécuté depuis C:\Users\hp\Desktop
Profils chargés: hp (Profils disponibles: hp)
Platform: Windows 8.1 Pro (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.7\EMP_UDSA.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Smadsoft) C:\Program Files (x86)\SMADAV\SMΔRTP.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SFX TEAM) C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(BitTorrent Inc.) C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\Antirun\antirun.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(BitTorrent Inc.) C:\Users\hp\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
(BitTorrent Inc.) C:\Users\hp\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Enigma Software Group USA, LLC.) C:\Users\hp\Downloads\Programs\sh-remover.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-20] (Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-03-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [Antirun] => C:\Program Files (x86)\Antirun\antirun.exe [2521600 2014-02-06] ()
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [664848 2016-04-26] (HP Inc.)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.7\EMP_UD.exe [538728 2014-04-23] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-27590461-573054244-864319968-1001\...\Run: [SuperCopier2.exe] => C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKU\S-1-5-21-27590461-573054244-864319968-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30876768 2014-12-03] (Skype Technologies S.A.)
HKU\S-1-5-21-27590461-573054244-864319968-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4001848 2016-12-16] (Tonec Inc.)
HKU\S-1-5-21-27590461-573054244-864319968-1001\...\Run: [uTorrent] => C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe [1982144 2017-09-30] (BitTorrent Inc.)
HKU\S-1-5-21-27590461-573054244-864319968-1001\...\MountPoints2: {3ca1e06c-5f02-11e7-825e-a02bb83ad0c4} - "F:\EMP_UDSe.exe" /autorun
HKU\S-1-5-21-27590461-573054244-864319968-1001\...\MountPoints2: {3f3079fe-24fd-11e7-8253-a02bb83ad0c4} - "G:\AutoRun.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{744F4C84-56D8-427E-8910-D9024759EC7D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A385AF91-46CA-4872-9490-86EC1F96CD0D}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKU\S-1-5-21-27590461-573054244-864319968-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\61w60hje.default [2017-06-14]
FF Extension: (Feedback) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\61w60hje.default\Extensions\testpilot@labs.mozilla.com.xpi [2017-04-26] [non signé]
FF HKU\S-1-5-21-27590461-573054244-864319968-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\hp\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\hp\AppData\Roaming\IDM\idmmzcc5 [2017-10-09] [non signé]
FF HKU\S-1-5-21-27590461-573054244-864319968-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\hp\AppData\Roaming\IDM\idmmzcc5
FF HKU\S-1-5-21-27590461-573054244-864319968-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Aurora\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2017-10-10]
CHR Extension: (Google Slides) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-10]
CHR Extension: (Google Docs) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-10]
CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-10]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-10]
CHR Extension: (Chrome Cleaner Pro) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccjleegmemocfpghkhpjmiccjcacackp [2017-10-10]
CHR Extension: (Adblock Plus) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-10]
CHR Extension: (Google Sheets) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-10]
CHR Extension: (Google Docs hors connexion) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-10]
CHR Extension: (Skype) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-10-10]
CHR Extension: (IDM Integration Module) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-10-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-10]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-10]
CHR Extension: (Chrome Media Router) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-10]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.7\EMP_UDSA.exe [166504 2014-04-23] (SEIKO EPSON CORPORATION)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-04-18] (HP Inc.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2015-09-23] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-03-30] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-03-07] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
R3 eppvad_simple; C:\Windows\system32\drivers\EMP_UDAU.sys [23040 2014-04-23] (SEIKO EPSON CORPORATION)
R3 HpqKbFiltr; C:\Windows\System32\drivers\HpqKbFiltr64.sys [28376 2014-05-15] (Hewlett-Packard Company)
S3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [45504 2017-10-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-10-10] (Malwarebytes)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [329184 2016-08-15] (Realtek Semiconductor Corp.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-08-12] (HP)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-10-10 12:26 - 2017-10-10 12:27 - 000017604 _____ C:\Users\hp\Desktop\FRST.txt
2017-10-10 12:26 - 2017-10-10 12:26 - 000000000 ____D C:\FRST
2017-10-10 12:03 - 2017-10-10 12:03 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-10-10 12:03 - 2017-10-10 12:03 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-10-10 11:53 - 2017-10-10 11:53 - 002401792 _____ (Farbar) C:\Users\hp\Desktop\FRST64.exe
2017-10-10 10:08 - 2017-10-10 10:08 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-10 10:08 - 2017-10-10 10:08 - 000002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-10-10 10:04 - 2017-10-10 10:04 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-10-10 10:04 - 2017-10-10 10:04 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-10-09 22:50 - 2017-10-09 22:50 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E13.FASTSUB.VOSTFR.HDTV.XviD-Xtrem
2017-10-09 22:48 - 2017-10-09 22:48 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E02.FRENCH.LD.HDTV.XviD-DesTroY
2017-10-09 22:46 - 2017-10-09 22:46 - 000030375 _____ C:\Users\hp\Downloads\touch-s01e02-french-hdtv.torrent
2017-10-09 15:24 - 2017-10-09 15:24 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E09.FRENCH.LD.HDTV.XviD-MiND
2017-10-09 15:23 - 2017-10-09 16:48 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E10.FRENCH.LD.HDTV.XviD-MiND
2017-10-09 15:17 - 2017-10-09 15:17 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E08.FRENCH.LD.HDTV.XVID-TheGreadevil
2017-10-09 15:17 - 2017-10-09 15:17 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E07.FRENCH.LD.HDTV.XVID-TheGreadevil
2017-10-09 15:15 - 2017-10-09 16:46 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E06.FRENCH.LD.HDTV.XVID-TheGreadevil
2017-10-09 15:14 - 2017-10-09 15:14 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E11.FRENCH.LD.HDTV.XviD-MiND
2017-10-09 15:08 - 2017-10-09 15:08 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E12.FiNAL.FRENCH.HDTV.XVID
2017-10-09 13:21 - 2017-10-09 13:21 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E05.FRENCH.LD.HDTV.XviD-MiND
2017-10-09 13:10 - 2017-10-09 13:10 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E04.FRENCH.LD.HDTV.XviD-MiND
2017-10-09 12:57 - 2017-10-09 12:57 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E03.FRENCH.LD.HDTV.XviD-MiND
2017-10-09 11:53 - 2017-10-09 11:53 - 000030813 _____ C:\Users\hp\Downloads\touch-s01e13-vostfr-hdtv-episode-bonus.torrent
2017-10-09 11:52 - 2017-10-09 11:52 - 000031753 _____ C:\Users\hp\Downloads\touch-s01e12-final-french-hdtv.torrent
2017-10-09 11:52 - 2017-10-09 11:52 - 000030737 _____ C:\Users\hp\Downloads\touch-s01e11-french-hdtv.torrent
2017-10-09 11:52 - 2017-10-09 11:52 - 000030737 _____ C:\Users\hp\Downloads\touch-s01e10-french-hdtv.torrent
2017-10-09 11:52 - 2017-10-09 11:52 - 000030737 _____ C:\Users\hp\Downloads\touch-s01e09-french-hdtv.torrent
2017-10-09 11:52 - 2017-10-09 11:52 - 000030353 _____ C:\Users\hp\Downloads\touch-s01e08-french-hdtv.torrent
2017-10-09 11:50 - 2017-10-09 11:50 - 000030573 _____ C:\Users\hp\Downloads\touch-s01e06-french-hdtv.torrent
2017-10-09 11:50 - 2017-10-09 11:50 - 000030333 _____ C:\Users\hp\Downloads\touch-s01e07-french-hdtv.torrent
2017-10-09 11:49 - 2017-10-09 11:49 - 000030857 _____ C:\Users\hp\Downloads\touch-s01e05-french-hdtv.torrent
2017-10-09 11:43 - 2017-10-09 11:43 - 000030757 _____ C:\Users\hp\Downloads\touch-s01e04-french-hdtv.torrent
2017-10-09 11:25 - 2017-10-09 11:31 - 000110488 _____ C:\Users\hp\Desktop\katoh_lettre motivation.pdf
2017-10-09 10:06 - 2017-10-09 11:35 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.me] Touch.S02E02.FRENCH.LD.HDTV.XviD-MiND
2017-10-09 09:34 - 2017-10-09 09:34 - 000030797 _____ C:\Users\hp\Downloads\touch-s01e03-french-hdtv.torrent
2017-10-09 09:32 - 2017-10-09 09:32 - 000030565 _____ C:\Users\hp\Downloads\touch-s02e02-french-hdtv.torrent
2017-10-09 09:30 - 2017-10-09 09:30 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.com] Touch.S01E01.FRENCH.LD.HDTV.XviD-NoNaME
2017-10-09 09:29 - 2017-10-09 09:29 - 000030741 _____ C:\Users\hp\Downloads\touch-s01e01-french-hdtv.torrent
2017-10-05 12:10 - 2017-10-05 12:11 - 000000000 ____D C:\Users\hp\Desktop\porte clés
2017-10-05 09:11 - 2017-10-09 09:23 - 000000000 ____D C:\Users\hp\AppData\LocalLow\uTorrent
2017-10-04 16:33 - 2017-10-04 16:34 - 000000000 ____D C:\sh4ldr
2017-10-04 14:00 - 2017-10-10 07:54 - 000000000 ____D C:\Program Files\Enigma Software Group
2017-10-04 13:25 - 2017-10-10 12:02 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-10-04 13:25 - 2017-10-04 13:25 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-04 13:25 - 2017-10-04 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-04 13:24 - 2017-10-04 13:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-04 13:24 - 2017-10-04 13:24 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-04 13:23 - 2017-10-04 11:15 - 071089112 _____ (Malwarebytes ) C:\Users\hp\Desktop\mb3-setup-35891.35891-3.2.2.2029-1.0.207-1.0.2899.exe
2017-10-04 12:32 - 2017-10-04 10:10 - 008250832 _____ (Malwarebytes) C:\Users\hp\Desktop\adwcleaner_7.0.3.1_2.exe
2017-09-30 22:45 - 2017-09-30 22:45 - 001130328 _____ (Google Inc.) C:\Users\hp\Downloads\ChromeSetup (1).exe
2017-09-30 22:31 - 2017-09-30 22:31 - 000008744 _____ C:\Users\hp\Desktop\ZHPCleaneraym.txt
2017-09-30 22:16 - 2017-09-30 22:28 - 000008741 _____ C:\Users\hp\Desktop\ZHPCleaner.txt
2017-09-30 21:55 - 2017-09-30 22:28 - 000000000 ____D C:\Users\hp\AppData\Roaming\ZHP
2017-09-30 21:55 - 2017-09-30 21:55 - 000000900 _____ C:\Users\hp\Desktop\ZHPCleaner.lnk
2017-09-30 21:54 - 2017-09-30 19:49 - 002513920 _____ C:\Users\hp\Desktop\ZHPCleaner-2017.exe
2017-09-30 21:14 - 2017-10-04 12:40 - 000000000 ____D C:\AdwCleaner
2017-09-30 19:45 - 2017-09-30 19:45 - 000001720 __RSH C:\ProgramData\ntuser.pol

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-10-10 12:28 - 2017-08-30 21:33 - 000000000 ____D C:\Users\hp\AppData\Roaming\uTorrent
2017-10-10 12:26 - 2017-04-26 15:51 - 000000000 ____D C:\Users\hp\AppData\Roaming\vlc
2017-10-10 12:18 - 2017-04-26 15:25 - 000003908 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{475B99E9-F308-4123-8AFB-4BE8B10C04E2}
2017-10-10 10:14 - 2017-04-14 14:36 - 000003590 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-27590461-573054244-864319968-1001
2017-10-10 10:07 - 2017-05-03 16:49 - 000000000 ____D C:\Program Files (x86)\Google
2017-10-10 09:54 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-10-10 07:51 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2017-10-09 11:14 - 2014-03-18 12:12 - 001824010 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-09 11:14 - 2014-03-18 11:27 - 000812350 _____ C:\Windows\system32\perfh00C.dat
2017-10-09 11:14 - 2014-03-18 11:27 - 000159412 _____ C:\Windows\system32\perfc00C.dat
2017-10-09 09:24 - 2017-05-04 11:55 - 000000000 ____D C:\Program Files (x86)\SMADAV
2017-10-09 00:18 - 2017-06-14 14:49 - 000000000 ____D C:\Users\hp\AppData\Roaming\DMCache
2017-10-04 15:29 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-04 15:29 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2017-10-04 12:45 - 2017-05-09 10:43 - 000000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-10-04 12:45 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-04 12:44 - 2017-04-26 15:31 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2017-09-30 22:29 - 2017-08-30 22:11 - 000000000 ____D C:\Users\hp\Downloads\[www.Cpasbien.pe] Microsoft Office Professional Plus 2013 VL Edition x86 x64 FR
2017-09-30 22:28 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2017-09-30 21:17 - 2017-06-14 14:49 - 000000000 ____D C:\Users\hp\AppData\Roaming\IDM
2017-09-30 21:05 - 2017-04-26 15:24 - 000000000 ____D C:\Users\hp\AppData\Local\Google
2017-09-30 19:45 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-09-30 16:34 - 2013-08-22 16:44 - 000556240 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-29 12:04 - 2017-04-26 15:40 - 000000000 ____D C:\Users\hp\AppData\Roaming\AIMP3

Certains fichiers dans TEMP:
====================
2009-10-30 06:37 - 2009-10-30 06:37 - 000217088 _____ (Gretech Corporation) C:\Users\hp\AppData\Local\Temp\GomEncDnInstaller.exe
2017-08-31 22:17 - 2017-08-31 01:17 - 000178824 ____R (Microsoft Corporation) C:\Users\hp\AppData\Local\Temp\ose00000.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-10-08 22:04

==================== Fin de FRST.txt ============================