Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Simon (administrator) on SIMON-PC on 23-03-2015 00:26:05
Running from C:\Users\Simon\Desktop
Loaded Profiles: Simon (Available profiles: Simon & Invité)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\ProgramData\LolliScan\LolliScan.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Users\Simon\AppData\Roaming\135AA2F5-1426715103-E011-AB14-B870F4B2EB07\jnsd8AA6.tmp
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
() C:\Program Files (x86)\Mozilla Firefox\updated\firefox.exe
() C:\Program Files (x86)\Mozilla Firefox\updated\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-02-15] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1092688 2011-03-31] (Dritek System Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.lnk [1378 2013-07-20] ()
HKLM-x32\...\Run: [Intel AppUp(SM) center_Nagware] => C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.lnk [2255 2013-07-20] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-07-04] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center Systray] => C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe [928992 2013-07-04] (Intel Corporation)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013536 2014-05-10] (Wondershare)
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\MountPoints2: {50bf459d-e810-11e3-848b-b870f4b2eb07} - E:\Autorun.exe
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
URLSearchHook: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ir_15_09&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzztDtA0EtC0AtByEtD0EtN0D0Tzu0StCtCyDtDtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StBtD0D0DtBzzyEzztGyCyC0ByDtGyC0DtDyDtGtDyB0DyCtGyEyB0EtD0E0DyE0DzztDyCzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0FtAtB0F0D0AtAtG0C0AyEzztGyE0EyBzytG0AtD0C0FtG0Ezy0AtC0Ezz0F0FyD0FtDyC2Q&cr=273602133&ir=
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ir_15_09&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzztDtA0EtC0AtByEtD0EtN0D0Tzu0StCtCyDtDtN1L2XzutAtFyBtFyBtFtCtAtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StCtC0EtDyE0EtA0DtG0CyByDtBtGtD0BtAyBtGtC0B0EyDtGtBzzyD0DzytC0A0B0E0C0AtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0FtAtB0F0D0AtAtG0C0AyEzztGyE0EyBzytG0AtD0C0FtG0Ezy0AtC0Ezz0F0FyD0FtDyC2Q&cr=2061323824&ir=
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-13] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-19] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-13] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-13] (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-03-10] (Thinknice Co. Limited)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-13] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-19] (Kaspersky Lab ZAO)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-13] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-13] (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fztjcmi9.default
FF NewTab: chrome://quick_start/content/index.html
FF SelectedSearchEngine: mystartsearch
FF Homepage: google.fr
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-02-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin HKU\S-1-5-21-4154725961-1206704745-2141618368-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-07-04] (Intel)
FF Plugin HKU\S-1-5-21-4154725961-1206704745-2141618368-1000: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-07-04] (Intel)
FF Extension: Bitdefender QuickScan - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fztjcmi9.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-12-25]
FF Extension: Adblock Plus - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fztjcmi9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-21]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-22]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Kaspersky виртуелна тастатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fztjcmi9.default\extensions\searchengine@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [istart_ffnt@gmail.com] - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fztjcmi9.default\extensions\istart_ffnt@gmail.com
FF HKU\.DEFAULT\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-04]
Chrome:
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Simon\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Simon\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Simon\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File
CHR Plugin: (Babylon Chrome Plugin) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll No File
CHR Plugin: (Battlefield Play4Free Updater) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll No File
CHR Plugin: (Battlefield Play4Free Updater) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe No File
CHR Plugin: (Iminent) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\4.43.0_0\npIminent.dll No File
CHR Plugin: (2YourFace Util) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmblfngognklgemafekefcdjcnkdhmdm\1.0_0\2YourFace_Util.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AppUp) - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
CHR Plugin: (Software Update) - C:\Program Files (x86)\Software\Update\1.2.195.0\npSoftwareOneClick8.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Simon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Google Update) - C:\Users\Simon\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Vivienne Westwood) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhehaklopgggapefjdijagkgbgeapkb [2013-03-30]
CHR Extension: (Angry Birds) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-12-18]
CHR Extension: (YouTube) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-22]
CHR Extension: (Google Search) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-22]
CHR Extension: (Driver Parking) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmaeboihbeibkafjoincpcggpmalopac [2012-12-18]
CHR Extension: (Fruit Ninja) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\eddkcnmacooajcimjfbkfkgfffaimeoo [2012-12-18]
CHR Extension: (Motocross Nitro) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\flahdonnjgelioknbffdbcicikbnmmmn [2012-12-18]
CHR Extension: (Talking Tom Cat 2) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gichfnllaocbofjffemncaajppdipjmh [2012-12-18]
CHR Extension: (Content Blocker) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-06-29]
CHR Extension: (Gmail) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-22]
CHR HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nlndmljfcnlkbcbbneenigbpikmdfcdh] - C:\Users\Simon\AppData\Local\CRE\nlndmljfcnlkbcbbneenigbpikmdfcdh.crx [2012-12-31]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\urladvisor.crx [2013-03-01]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\content_blocker_chrome.crx [2013-03-01]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\virtkbd.crx [2013-03-01]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nlndmljfcnlkbcbbneenigbpikmdfcdh] - C:\Users\Simon\AppData\Local\CRE\nlndmljfcnlkbcbbneenigbpikmdfcdh.crx [2012-12-31]
StartMenuInternet: Google Chrome.Mario - C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-03-10] (XTab system)
R2 LolliScan; C:\ProgramData\LolliScan\LolliScan.exe [379904 2015-03-18] () [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
R2 setijudi; C:\Users\Simon\AppData\Roaming\135AA2F5-1426715103-E011-AB14-B870F4B2EB07\jnsd8AA6.tmp [113664 2015-03-18] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [493712 2015-03-18] (SysTool PasSame LIMITED)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-13] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-05-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-05-19] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-13] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-29] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177864 2015-02-17] (Kaspersky Lab ZAO)
S3 cpuz134; \??\C:\Users\Simon\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]
S1 pfnfd_1_10_0_9; system32\drivers\pfnfd_1_10_0_9.sys [X]
S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-23 00:26 - 2015-03-23 00:26 - 00033789 _____ () C:\Users\Simon\Desktop\FRST.txt
2015-03-23 00:24 - 2015-03-23 00:26 - 00000000 ____D () C:\FRST
2015-03-23 00:24 - 2015-03-23 00:24 - 02095616 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe
2015-03-22 20:37 - 2015-03-22 20:37 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gramblr
2015-03-22 19:13 - 2015-03-22 19:13 - 00000000 ____D () C:\Users\Simon\AppData\Local\{D652AF68-C3A8-4CE4-BCBF-AEAF1663A5FF}
2015-03-22 13:47 - 2015-03-22 13:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2015-03-22 13:47 - 2015-03-22 13:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\ASPackage
2015-03-22 13:24 - 2015-03-22 13:24 - 00641823 _____ () C:\Users\Simon\Documents\Alicia Blin.htm
2015-03-22 13:24 - 2015-03-22 13:24 - 00000000 ____D () C:\Users\Simon\Documents\Alicia Blin_fichiers
2015-03-22 12:13 - 2015-03-22 12:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-19 13:56 - 2015-03-19 13:56 - 00003152 _____ () C:\Windows\System32\Tasks\{4F983094-8FA7-400A-BB57-50612C1DCFBB}
2015-03-19 13:54 - 2015-03-19 13:54 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\ehhjmvtq
2015-03-18 22:49 - 2015-03-22 23:49 - 00003140 _____ () C:\Windows\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-1-6.job
2015-03-18 22:49 - 2015-03-22 23:49 - 00002114 _____ () C:\Windows\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-10_user.job
2015-03-18 22:49 - 2015-03-22 22:54 - 00000974 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-03-18 22:49 - 2015-03-22 22:54 - 00000970 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-03-18 22:49 - 2015-03-22 22:49 - 00004496 _____ () C:\Windows\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-4.job
2015-03-18 22:49 - 2015-03-22 22:49 - 00003476 _____ () C:\Windows\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-1-7.job
2015-03-18 22:49 - 2015-03-22 22:49 - 00001334 _____ () C:\Windows\Tasks\TAYB.job
2015-03-18 22:49 - 2015-03-22 22:49 - 00001332 _____ () C:\Windows\Tasks\MUF.job
2015-03-18 22:49 - 2015-03-18 22:52 - 00000000 ____D () C:\Program Files (x86)\Cinema-Plus-1.7cV16.03
2015-03-18 22:49 - 2015-03-18 22:49 - 00007526 _____ () C:\Windows\System32\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-4
2015-03-18 22:49 - 2015-03-18 22:49 - 00006506 _____ () C:\Windows\System32\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-1-7
2015-03-18 22:49 - 2015-03-18 22:49 - 00006168 _____ () C:\Windows\System32\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-1-6
2015-03-18 22:49 - 2015-03-18 22:49 - 00000000 ____D () C:\Users\Simon\AppData\Local\globalUpdate
2015-03-18 22:49 - 2015-03-18 22:49 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-03-18 22:48 - 2015-03-18 22:48 - 00004388 _____ () C:\Windows\System32\Tasks\Installer_shopperpro
2015-03-18 22:47 - 2015-03-18 22:47 - 00000000 ____D () C:\Users\Simon\AppData\Local\CrashRpt
2015-03-18 22:46 - 2015-03-18 22:46 - 00003558 _____ () C:\Windows\System32\Tasks\ZWNGYWZ
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\ProgramData\LolliScan
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\ProgramData\91ed0d7b9138406a9c87d99f975059ef
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\ProgramData\33161960e37349ed92e1bb78ad34e025
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\Program Files (x86)\system app
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\Program Files (x86)\SpeedChecker
2015-03-18 22:45 - 2015-03-19 11:12 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\135AA2F5-1426715103-E011-AB14-B870F4B2EB07
2015-03-18 22:45 - 2015-03-18 22:45 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-03-18 22:42 - 2015-03-22 11:42 - 00000000 ____D () C:\Program Files (x86)\TabNav
2015-03-18 22:42 - 2015-03-19 14:00 - 00000011 _____ () C:\END
2015-03-18 22:42 - 2015-03-18 22:42 - 00003086 _____ () C:\Windows\System32\Tasks\trik3004
2015-03-12 20:59 - 2015-03-12 20:59 - 00181783 _____ () C:\Users\Simon\Documents\Journal Nelson Mandela.odg
2015-03-11 22:25 - 2015-03-11 22:25 - 00088497 _____ () C:\Users\Simon\Documents\anglais nelson.odt
2015-03-09 22:30 - 2015-03-09 22:30 - 00005487 _____ () C:\Users\Simon\AppData\Roaming\TAYB
2015-03-08 14:59 - 2015-03-08 15:15 - 00015276 _____ () C:\Users\Simon\Documents\synthese.odt
2015-03-05 17:55 - 2015-03-05 17:55 - 00000017 _____ () C:\Windows\SysWOW64\shortcut_ex.dat
2015-03-05 10:57 - 2015-03-05 10:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-03-03 21:21 - 2015-03-03 21:21 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-03 21:20 - 2015-03-03 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-03 21:20 - 2015-03-03 21:20 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-03 21:20 - 2015-03-03 21:20 - 00000000 ____D () C:\Program Files\iTunes
2015-03-03 21:20 - 2015-03-03 21:20 - 00000000 ____D () C:\Program Files\iPod
2015-03-03 21:20 - 2015-03-03 21:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-03 21:08 - 2015-02-13 06:52 - 34521088 _____ () C:\Users\Simon\Desktop\AppleApplicationSupport.msi
2015-03-03 21:01 - 2015-03-03 21:01 - 01182190 _____ () C:\Users\Simon\Downloads\7z938.exe
2015-03-03 21:01 - 2015-03-03 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-03-03 20:42 - 2015-03-03 21:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-03-03 20:42 - 2015-03-03 20:45 - 121355568 _____ (Apple Inc.) C:\Users\Simon\Documents\iTunes64Setup(1).exe
2015-03-03 20:36 - 2015-03-03 20:40 - 111992144 _____ (Apple Inc.) C:\Users\Simon\Documents\iTunesSetup.exe
2015-03-02 16:16 - 2015-03-02 16:16 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-03-02 16:16 - 2015-03-02 16:16 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-03-02 16:16 - 2015-03-02 16:16 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-03-02 16:14 - 2015-03-03 21:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-03-02 16:14 - 2015-03-02 16:14 - 00000000 ____D () C:\Program Files\Bonjour
2015-03-02 16:14 - 2015-03-02 16:14 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-02-25 00:05 - 2015-02-25 00:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\Sparta
2015-02-25 00:05 - 2015-02-25 00:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\Soldiers
2015-02-24 23:50 - 2015-02-24 23:50 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieBrowserModeList
2015-02-24 23:47 - 2015-02-24 23:47 - 00000000 ___HD () C:\Users\Simon\AppData\Roaming\GoldenGate
2015-02-24 23:47 - 2015-02-24 23:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Opera Software
2015-02-24 23:47 - 2015-02-24 23:47 - 00000000 ____D () C:\Users\Simon\AppData\Local\Opera Software
2015-02-24 23:46 - 2015-02-25 11:00 - 00000000 ____D () C:\Users\Simon\AppData\Local\Gameo
2015-02-24 23:46 - 2015-02-24 23:48 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Gameo
2015-02-24 23:46 - 2015-02-24 23:46 - 00000173 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2015-02-24 23:44 - 2015-02-25 00:05 - 100415824 _____ (Apple Inc.) C:\Users\Simon\Documents\iTunes64Setup.exe
2015-02-24 23:44 - 2015-02-24 23:53 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\StormFall
2015-02-24 23:44 - 2015-02-24 23:50 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-24 23:44 - 2015-02-24 23:44 - 00000000 ____D () C:\Users\Simon\AppData\Local\StormFall
2015-02-24 23:38 - 2015-02-24 23:38 - 00763280 _____ (Generic software ) C:\Users\Simon\Downloads\apple-mobile-device-support.exe
2015-02-24 23:24 - 2015-02-24 23:24 - 00784872 _____ (Reimage®) C:\Users\Simon\Downloads\ReimageRepair(1).exe
2015-02-24 21:24 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-24 21:24 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 21:23 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-24 20:40 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-24 20:40 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-24 20:40 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-02-24 20:40 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-24 19:07 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-02-24 19:07 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-24 19:07 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-24 19:07 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-02-24 19:07 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-02-24 19:07 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-02-24 19:07 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-24 19:07 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-02-24 19:07 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-02-24 19:07 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-02-24 19:07 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-02-24 19:07 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-02-24 19:07 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-02-24 19:07 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-02-24 19:07 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-02-24 18:56 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-02-24 18:56 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-02-24 18:56 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-02-24 18:56 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-02-24 18:56 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-02-24 17:25 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-24 17:25 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-24 17:25 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-24 17:25 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-24 17:25 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-24 17:25 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-24 17:25 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-24 17:25 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-24 17:25 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-02-24 17:25 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-02-24 17:25 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-02-24 17:25 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-02-24 17:25 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-02-24 17:25 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-02-24 17:25 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-02-24 17:25 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-02-24 17:25 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-02-24 17:25 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-02-24 17:17 - 2015-02-24 17:17 - 00889416 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\dotNetFx40_Full_setup.exe
2015-02-24 12:05 - 2015-02-24 12:05 - 00018024 _____ () C:\Users\Simon\Documents\Sans nom 3.odt
2015-02-23 14:01 - 2015-02-24 11:50 - 00026784 _____ () C:\Users\Simon\Documents\histoire gaz.odt
2015-02-23 12:38 - 2015-03-02 13:57 - 07868367 _____ () C:\Users\Simon\Documents\TPE Evolution moteur.odp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-23 00:19 - 2012-07-04 16:32 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-23 00:13 - 2015-01-25 17:12 - 00000935 _____ () C:\Users\Simon\AppData\Roaming\MUF
2015-03-22 23:45 - 2013-06-30 21:22 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-22 23:45 - 2012-03-05 09:56 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4154725961-1206704745-2141618368-1003UA.job
2015-03-22 23:45 - 2011-08-03 21:59 - 02015708 _____ () C:\Windows\WindowsUpdate.log
2015-03-22 20:56 - 2011-08-04 07:48 - 00751008 _____ () C:\Windows\system32\perfh00C.dat
2015-03-22 20:56 - 2011-08-04 07:48 - 00151840 _____ () C:\Windows\system32\perfc00C.dat
2015-03-22 20:56 - 2009-07-14 06:13 - 01679220 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-22 19:14 - 2014-08-20 22:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-22 11:52 - 2011-11-13 21:26 - 00000000 ____D () C:\Users\Simon\AppData\Local\Adobe
2015-03-22 11:50 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-22 11:50 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-22 11:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-22 11:42 - 2009-07-14 05:51 - 00178992 _____ () C:\Windows\setupact.log
2015-03-22 11:41 - 2010-11-21 04:47 - 00419328 _____ () C:\Windows\PFRO.log
2015-03-22 11:33 - 2011-11-23 18:10 - 06421504 ___SH () C:\Users\Simon\Downloads\Thumbs.db
2015-03-19 17:41 - 2012-03-05 09:56 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4154725961-1206704745-2141618368-1003Core.job
2015-03-19 14:00 - 2015-02-01 17:18 - 00000000 ____D () C:\Users\Simon\AppData\Local\CrashDumps
2015-03-19 13:59 - 2014-08-20 22:50 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-19 13:59 - 2014-08-20 22:50 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-19 13:59 - 2014-05-30 16:35 - 00002510 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro Search.lnk
2015-03-19 13:59 - 2014-05-30 16:35 - 00001419 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-19 13:59 - 2012-12-18 16:17 - 00002490 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Claro Search.lnk
2015-03-19 13:59 - 2011-11-13 21:26 - 00001437 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-18 22:49 - 2012-09-25 20:44 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-18 22:46 - 2012-01-21 19:14 - 00002695 _____ () C:\Windows\wininit.ini
2015-03-17 19:39 - 2013-12-06 20:42 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-10 19:29 - 2014-12-25 21:25 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan
2015-03-05 17:54 - 2012-02-04 22:39 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\SoftGrid Client
2015-03-03 21:01 - 2013-08-07 23:27 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2015-03-02 16:13 - 2011-12-05 19:25 - 00000000 ____D () C:\ProgramData\Apple
2015-02-24 23:26 - 2015-02-17 22:12 - 00000165 _____ () C:\Windows\Reimage.ini
2015-02-24 22:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-24 20:46 - 2014-02-10 21:50 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2015-02-24 20:43 - 2011-12-29 19:13 - 01654288 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-24 19:19 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-24 19:18 - 2009-07-14 05:45 - 05068040 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-24 19:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-24 18:59 - 2011-04-07 10:26 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-24 17:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2012-03-05 17:40 - 2012-11-05 23:03 - 0000006 _____ () C:\Program Files (x86)\Common Files\WPVersion.txt
2012-10-25 20:00 - 2012-10-27 19:48 - 0000173 _____ () C:\Users\Simon\AppData\Roaming\D2Info0
2012-10-25 20:00 - 2012-10-25 20:13 - 0000008 _____ () C:\Users\Simon\AppData\Roaming\DofusAppId0_1
2012-10-27 19:48 - 2012-10-27 20:42 - 0000008 _____ () C:\Users\Simon\AppData\Roaming\DofusAppId0_2
2015-01-25 17:12 - 2015-03-23 00:13 - 0000935 _____ () C:\Users\Simon\AppData\Roaming\MUF
2013-02-17 12:54 - 2013-02-21 18:23 - 0000132 _____ () C:\Users\Simon\AppData\Roaming\Préfs Format PNG Adobe CS6
2015-03-09 22:30 - 2015-03-09 22:30 - 0005487 _____ () C:\Users\Simon\AppData\Roaming\TAYB
2014-06-01 00:18 - 2014-07-19 00:19 - 0000087 _____ () C:\Users\Simon\AppData\Roaming\WB.CFG
2014-04-09 12:56 - 2014-04-09 16:57 - 0000600 _____ () C:\Users\Simon\AppData\Roaming\winscp.rnd
2013-04-01 15:14 - 2013-04-01 15:21 - 64330619 _____ () C:\Users\Simon\AppData\Local\AdobeSetupUtility.zip
2011-11-25 20:06 - 2015-02-16 20:00 - 0023040 _____ () C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-09 12:55 - 2014-04-09 17:52 - 0000600 _____ () C:\Users\Simon\AppData\Local\PUTTY.RND
2012-07-04 16:38 - 2012-07-04 16:38 - 0017408 _____ () C:\Users\Simon\AppData\Local\WebpageIcons.db
2011-08-03 22:14 - 2011-08-03 22:17 - 0015218 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-04-07 10:47 - 2010-03-02 22:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2014-04-09 14:17 - 2014-04-09 14:17 - 0054784 _____ () C:\ProgramData\irecovery.exe
2012-08-30 11:46 - 2012-08-30 11:46 - 0000097 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-09-03 20:19 - 2014-09-03 20:20 - 0000032 _____ () C:\ProgramData\PS.log
Files to move or delete:
====================
C:\ProgramData\irecovery.exe
Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\Temp\7049.exe
C:\Users\Simon\AppData\Local\Temp\AAMHelper.exe
C:\Users\Simon\AppData\Local\Temp\AdobeAIRInstaller.exe
C:\Users\Simon\AppData\Local\Temp\AskSLib.dll
C:\Users\Simon\AppData\Local\Temp\autorun.dll
C:\Users\Simon\AppData\Local\Temp\AutoRun.exe
C:\Users\Simon\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Simon\AppData\Local\Temp\avguidx.dll
C:\Users\Simon\AppData\Local\Temp\BearShare_setup.exe
C:\Users\Simon\AppData\Local\Temp\bitool.dll
C:\Users\Simon\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Simon\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Simon\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Simon\AppData\Local\Temp\CSOLauncher.exe
C:\Users\Simon\AppData\Local\Temp\drl3dzcd.dll
C:\Users\Simon\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Simon\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Simon\AppData\Local\Temp\dvh0-nin.dll
C:\Users\Simon\AppData\Local\Temp\EASOUNInstaller.exe
C:\Users\Simon\AppData\Local\Temp\eauninstall.exe
C:\Users\Simon\AppData\Local\Temp\eiuwzbbd.dll
C:\Users\Simon\AppData\Local\Temp\FIFA 2005_uninst.exe
C:\Users\Simon\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Simon\AppData\Local\Temp\fsprod.dll
C:\Users\Simon\AppData\Local\Temp\fssfm.dll
C:\Users\Simon\AppData\Local\Temp\gghelp.exe
C:\Users\Simon\AppData\Local\Temp\GUR8C37.exe
C:\Users\Simon\AppData\Local\Temp\gw895wzh.dll
C:\Users\Simon\AppData\Local\Temp\i4jdel0.exe
C:\Users\Simon\AppData\Local\Temp\i4jdel1.exe
C:\Users\Simon\AppData\Local\Temp\ICReinstall_setup.exe
C:\Users\Simon\AppData\Local\Temp\InstallerBT.exe
C:\Users\Simon\AppData\Local\Temp\Installhelper.dll
C:\Users\Simon\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\Kreapixel_addonAcPro.exe
C:\Users\Simon\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Simon\AppData\Local\Temp\Messenger-full-installer.exe
C:\Users\Simon\AppData\Local\Temp\MyBabylonTB.exe
C:\Users\Simon\AppData\Local\Temp\nsiFE85.exe
C:\Users\Simon\AppData\Local\Temp\nsnBF8C.exe
C:\Users\Simon\AppData\Local\Temp\nsnC5A5.exe
C:\Users\Simon\AppData\Local\Temp\Nss.exe
C:\Users\Simon\AppData\Local\Temp\nss884.exe
C:\Users\Simon\AppData\Local\Temp\nssF8F8.exe
C:\Users\Simon\AppData\Local\Temp\nsxB9FF.exe
C:\Users\Simon\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Simon\AppData\Local\Temp\ogqa5x5h.dll
C:\Users\Simon\AppData\Local\Temp\oi_{4FA11C70-FD7F-4873-B28B-E597652796A8}.exe
C:\Users\Simon\AppData\Local\Temp\PCSpeedMaximizer_new.exe
C:\Users\Simon\AppData\Local\Temp\PingMe.exe
C:\Users\Simon\AppData\Local\Temp\preconfig.exe
C:\Users\Simon\AppData\Local\Temp\propsys.dll
C:\Users\Simon\AppData\Local\Temp\push.exe
C:\Users\Simon\AppData\Local\Temp\pushgame.exe
C:\Users\Simon\AppData\Local\Temp\Quarantine.exe
C:\Users\Simon\AppData\Local\Temp\QuickTimeInstaller.exe
C:\Users\Simon\AppData\Local\Temp\ReimageExpressPackage.exe
C:\Users\Simon\AppData\Local\Temp\ReimageExpressSetup.exe
C:\Users\Simon\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Simon\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Simon\AppData\Local\Temp\rpidity.exe
C:\Users\Simon\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Simon\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Simon\AppData\Local\Temp\SendMsg.dll
C:\Users\Simon\AppData\Local\Temp\setup_607.exe
C:\Users\Simon\AppData\Local\Temp\Shockwave_Installer_Slim.exe
C:\Users\Simon\AppData\Local\Temp\SimBundD.exe
C:\Users\Simon\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Simon\AppData\Local\Temp\smt_qone8.exe
C:\Users\Simon\AppData\Local\Temp\SpOrder.dll
C:\Users\Simon\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Simon\AppData\Local\Temp\sttfto_u.dll
C:\Users\Simon\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Simon\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Simon\AppData\Local\Temp\u-6rrb-f.dll
C:\Users\Simon\AppData\Local\Temp\uninst1.exe
C:\Users\Simon\AppData\Local\Temp\UnityWebPlayer8927150442717599319.exe
C:\Users\Simon\AppData\Local\Temp\utt4E90.tmp.exe
C:\Users\Simon\AppData\Local\Temp\utt5944.tmp.exe
C:\Users\Simon\AppData\Local\Temp\v42088.exe
C:\Users\Simon\AppData\Local\Temp\vbmz2.exe
C:\Users\Simon\AppData\Local\Temp\VidSaver_4.exe
C:\Users\Simon\AppData\Local\Temp\WarThunderLauncher_1.0.1.199_updVTBCGSCE.exe
C:\Users\Simon\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\Simon\AppData\Local\Temp\_isE531.exe
C:\Users\Simon\AppData\Local\Temp\_isF23B.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-15 15:38
==================== End Of Log ============================
Ran by Simon (administrator) on SIMON-PC on 23-03-2015 00:26:05
Running from C:\Users\Simon\Desktop
Loaded Profiles: Simon (Available profiles: Simon & Invité)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\ProgramData\LolliScan\LolliScan.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Users\Simon\AppData\Roaming\135AA2F5-1426715103-E011-AB14-B870F4B2EB07\jnsd8AA6.tmp
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
() C:\Program Files (x86)\Mozilla Firefox\updated\firefox.exe
() C:\Program Files (x86)\Mozilla Firefox\updated\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-02-15] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1092688 2011-03-31] (Dritek System Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.lnk [1378 2013-07-20] ()
HKLM-x32\...\Run: [Intel AppUp(SM) center_Nagware] => C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.lnk [2255 2013-07-20] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-07-04] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center Systray] => C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe [928992 2013-07-04] (Intel Corporation)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013536 2014-05-10] (Wondershare)
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\MountPoints2: {50bf459d-e810-11e3-848b-b870f4b2eb07} - E:\Autorun.exe
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
URLSearchHook: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ir_15_09&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzztDtA0EtC0AtByEtD0EtN0D0Tzu0StCtCyDtDtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StBtD0D0DtBzzyEzztGyCyC0ByDtGyC0DtDyDtGtDyB0DyCtGyEyB0EtD0E0DyE0DzztDyCzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0FtAtB0F0D0AtAtG0C0AyEzztGyE0EyBzytG0AtD0C0FtG0Ezy0AtC0Ezz0F0FyD0FtDyC2Q&cr=273602133&ir=
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ir_15_09&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzztDtA0EtC0AtByEtD0EtN0D0Tzu0StCtCyDtDtN1L2XzutAtFyBtFyBtFtCtAtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StCtC0EtDyE0EtA0DtG0CyByDtBtGtD0BtAyBtGtC0B0EyDtGtBzzyD0DzytC0A0B0E0C0AtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0FtAtB0F0D0AtAtG0C0AyEzztGyE0EyBzytG0AtD0C0FtG0Ezy0AtC0Ezz0F0FyD0FtDyC2Q&cr=2061323824&ir=
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1426715117&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4154725961-1206704745-2141618368-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD5000BPVT-22HXZT1_WD-WXE1A61P0256P0256&ts=1426715167&type=default&q={searchTerms}
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-13] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-19] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-13] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-13] (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-03-10] (Thinknice Co. Limited)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-13] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-19] (Kaspersky Lab ZAO)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-13] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-13] (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fztjcmi9.default
FF NewTab: chrome://quick_start/content/index.html
FF SelectedSearchEngine: mystartsearch
FF Homepage: google.fr
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-02-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin HKU\S-1-5-21-4154725961-1206704745-2141618368-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-07-04] (Intel)
FF Plugin HKU\S-1-5-21-4154725961-1206704745-2141618368-1000: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-07-04] (Intel)
FF Extension: Bitdefender QuickScan - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fztjcmi9.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-12-25]
FF Extension: Adblock Plus - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fztjcmi9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-21]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-22]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Kaspersky виртуелна тастатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fztjcmi9.default\extensions\searchengine@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [istart_ffnt@gmail.com] - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fztjcmi9.default\extensions\istart_ffnt@gmail.com
FF HKU\.DEFAULT\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-04]
Chrome:
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Simon\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Simon\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Simon\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File
CHR Plugin: (Babylon Chrome Plugin) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll No File
CHR Plugin: (Battlefield Play4Free Updater) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll No File
CHR Plugin: (Battlefield Play4Free Updater) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe No File
CHR Plugin: (Iminent) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\4.43.0_0\npIminent.dll No File
CHR Plugin: (2YourFace Util) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmblfngognklgemafekefcdjcnkdhmdm\1.0_0\2YourFace_Util.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AppUp) - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
CHR Plugin: (Software Update) - C:\Program Files (x86)\Software\Update\1.2.195.0\npSoftwareOneClick8.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Simon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Google Update) - C:\Users\Simon\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Vivienne Westwood) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhehaklopgggapefjdijagkgbgeapkb [2013-03-30]
CHR Extension: (Angry Birds) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-12-18]
CHR Extension: (YouTube) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-22]
CHR Extension: (Google Search) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-22]
CHR Extension: (Driver Parking) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmaeboihbeibkafjoincpcggpmalopac [2012-12-18]
CHR Extension: (Fruit Ninja) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\eddkcnmacooajcimjfbkfkgfffaimeoo [2012-12-18]
CHR Extension: (Motocross Nitro) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\flahdonnjgelioknbffdbcicikbnmmmn [2012-12-18]
CHR Extension: (Talking Tom Cat 2) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gichfnllaocbofjffemncaajppdipjmh [2012-12-18]
CHR Extension: (Content Blocker) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-06-29]
CHR Extension: (Gmail) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-22]
CHR HKU\S-1-5-21-4154725961-1206704745-2141618368-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nlndmljfcnlkbcbbneenigbpikmdfcdh] - C:\Users\Simon\AppData\Local\CRE\nlndmljfcnlkbcbbneenigbpikmdfcdh.crx [2012-12-31]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\urladvisor.crx [2013-03-01]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\content_blocker_chrome.crx [2013-03-01]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\virtkbd.crx [2013-03-01]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nlndmljfcnlkbcbbneenigbpikmdfcdh] - C:\Users\Simon\AppData\Local\CRE\nlndmljfcnlkbcbbneenigbpikmdfcdh.crx [2012-12-31]
StartMenuInternet: Google Chrome.Mario - C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-03-10] (XTab system)
R2 LolliScan; C:\ProgramData\LolliScan\LolliScan.exe [379904 2015-03-18] () [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
R2 setijudi; C:\Users\Simon\AppData\Roaming\135AA2F5-1426715103-E011-AB14-B870F4B2EB07\jnsd8AA6.tmp [113664 2015-03-18] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [493712 2015-03-18] (SysTool PasSame LIMITED)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-13] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-05-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-05-19] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-13] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-29] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177864 2015-02-17] (Kaspersky Lab ZAO)
S3 cpuz134; \??\C:\Users\Simon\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]
S1 pfnfd_1_10_0_9; system32\drivers\pfnfd_1_10_0_9.sys [X]
S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-23 00:26 - 2015-03-23 00:26 - 00033789 _____ () C:\Users\Simon\Desktop\FRST.txt
2015-03-23 00:24 - 2015-03-23 00:26 - 00000000 ____D () C:\FRST
2015-03-23 00:24 - 2015-03-23 00:24 - 02095616 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe
2015-03-22 20:37 - 2015-03-22 20:37 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gramblr
2015-03-22 19:13 - 2015-03-22 19:13 - 00000000 ____D () C:\Users\Simon\AppData\Local\{D652AF68-C3A8-4CE4-BCBF-AEAF1663A5FF}
2015-03-22 13:47 - 2015-03-22 13:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2015-03-22 13:47 - 2015-03-22 13:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\ASPackage
2015-03-22 13:24 - 2015-03-22 13:24 - 00641823 _____ () C:\Users\Simon\Documents\Alicia Blin.htm
2015-03-22 13:24 - 2015-03-22 13:24 - 00000000 ____D () C:\Users\Simon\Documents\Alicia Blin_fichiers
2015-03-22 12:13 - 2015-03-22 12:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-19 13:56 - 2015-03-19 13:56 - 00003152 _____ () C:\Windows\System32\Tasks\{4F983094-8FA7-400A-BB57-50612C1DCFBB}
2015-03-19 13:54 - 2015-03-19 13:54 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\ehhjmvtq
2015-03-18 22:49 - 2015-03-22 23:49 - 00003140 _____ () C:\Windows\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-1-6.job
2015-03-18 22:49 - 2015-03-22 23:49 - 00002114 _____ () C:\Windows\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-10_user.job
2015-03-18 22:49 - 2015-03-22 22:54 - 00000974 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-03-18 22:49 - 2015-03-22 22:54 - 00000970 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-03-18 22:49 - 2015-03-22 22:49 - 00004496 _____ () C:\Windows\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-4.job
2015-03-18 22:49 - 2015-03-22 22:49 - 00003476 _____ () C:\Windows\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-1-7.job
2015-03-18 22:49 - 2015-03-22 22:49 - 00001334 _____ () C:\Windows\Tasks\TAYB.job
2015-03-18 22:49 - 2015-03-22 22:49 - 00001332 _____ () C:\Windows\Tasks\MUF.job
2015-03-18 22:49 - 2015-03-18 22:52 - 00000000 ____D () C:\Program Files (x86)\Cinema-Plus-1.7cV16.03
2015-03-18 22:49 - 2015-03-18 22:49 - 00007526 _____ () C:\Windows\System32\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-4
2015-03-18 22:49 - 2015-03-18 22:49 - 00006506 _____ () C:\Windows\System32\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-1-7
2015-03-18 22:49 - 2015-03-18 22:49 - 00006168 _____ () C:\Windows\System32\Tasks\b1dd6d7c-cf38-4328-adf7-1601118a1cbe-1-6
2015-03-18 22:49 - 2015-03-18 22:49 - 00000000 ____D () C:\Users\Simon\AppData\Local\globalUpdate
2015-03-18 22:49 - 2015-03-18 22:49 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-03-18 22:48 - 2015-03-18 22:48 - 00004388 _____ () C:\Windows\System32\Tasks\Installer_shopperpro
2015-03-18 22:47 - 2015-03-18 22:47 - 00000000 ____D () C:\Users\Simon\AppData\Local\CrashRpt
2015-03-18 22:46 - 2015-03-18 22:46 - 00003558 _____ () C:\Windows\System32\Tasks\ZWNGYWZ
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\ProgramData\LolliScan
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\ProgramData\91ed0d7b9138406a9c87d99f975059ef
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\ProgramData\33161960e37349ed92e1bb78ad34e025
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\Program Files (x86)\system app
2015-03-18 22:46 - 2015-03-18 22:46 - 00000000 ____D () C:\Program Files (x86)\SpeedChecker
2015-03-18 22:45 - 2015-03-19 11:12 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\135AA2F5-1426715103-E011-AB14-B870F4B2EB07
2015-03-18 22:45 - 2015-03-18 22:45 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-03-18 22:42 - 2015-03-22 11:42 - 00000000 ____D () C:\Program Files (x86)\TabNav
2015-03-18 22:42 - 2015-03-19 14:00 - 00000011 _____ () C:\END
2015-03-18 22:42 - 2015-03-18 22:42 - 00003086 _____ () C:\Windows\System32\Tasks\trik3004
2015-03-12 20:59 - 2015-03-12 20:59 - 00181783 _____ () C:\Users\Simon\Documents\Journal Nelson Mandela.odg
2015-03-11 22:25 - 2015-03-11 22:25 - 00088497 _____ () C:\Users\Simon\Documents\anglais nelson.odt
2015-03-09 22:30 - 2015-03-09 22:30 - 00005487 _____ () C:\Users\Simon\AppData\Roaming\TAYB
2015-03-08 14:59 - 2015-03-08 15:15 - 00015276 _____ () C:\Users\Simon\Documents\synthese.odt
2015-03-05 17:55 - 2015-03-05 17:55 - 00000017 _____ () C:\Windows\SysWOW64\shortcut_ex.dat
2015-03-05 10:57 - 2015-03-05 10:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-03-03 21:21 - 2015-03-03 21:21 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-03 21:20 - 2015-03-03 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-03 21:20 - 2015-03-03 21:20 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-03 21:20 - 2015-03-03 21:20 - 00000000 ____D () C:\Program Files\iTunes
2015-03-03 21:20 - 2015-03-03 21:20 - 00000000 ____D () C:\Program Files\iPod
2015-03-03 21:20 - 2015-03-03 21:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-03 21:08 - 2015-02-13 06:52 - 34521088 _____ () C:\Users\Simon\Desktop\AppleApplicationSupport.msi
2015-03-03 21:01 - 2015-03-03 21:01 - 01182190 _____ () C:\Users\Simon\Downloads\7z938.exe
2015-03-03 21:01 - 2015-03-03 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-03-03 20:42 - 2015-03-03 21:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-03-03 20:42 - 2015-03-03 20:45 - 121355568 _____ (Apple Inc.) C:\Users\Simon\Documents\iTunes64Setup(1).exe
2015-03-03 20:36 - 2015-03-03 20:40 - 111992144 _____ (Apple Inc.) C:\Users\Simon\Documents\iTunesSetup.exe
2015-03-02 16:16 - 2015-03-02 16:16 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-03-02 16:16 - 2015-03-02 16:16 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-03-02 16:16 - 2015-03-02 16:16 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-03-02 16:14 - 2015-03-03 21:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-03-02 16:14 - 2015-03-02 16:14 - 00000000 ____D () C:\Program Files\Bonjour
2015-03-02 16:14 - 2015-03-02 16:14 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-02-25 00:05 - 2015-02-25 00:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\Sparta
2015-02-25 00:05 - 2015-02-25 00:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\Soldiers
2015-02-24 23:50 - 2015-02-24 23:50 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieBrowserModeList
2015-02-24 23:47 - 2015-02-24 23:47 - 00000000 ___HD () C:\Users\Simon\AppData\Roaming\GoldenGate
2015-02-24 23:47 - 2015-02-24 23:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Opera Software
2015-02-24 23:47 - 2015-02-24 23:47 - 00000000 ____D () C:\Users\Simon\AppData\Local\Opera Software
2015-02-24 23:46 - 2015-02-25 11:00 - 00000000 ____D () C:\Users\Simon\AppData\Local\Gameo
2015-02-24 23:46 - 2015-02-24 23:48 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Gameo
2015-02-24 23:46 - 2015-02-24 23:46 - 00000173 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2015-02-24 23:44 - 2015-02-25 00:05 - 100415824 _____ (Apple Inc.) C:\Users\Simon\Documents\iTunes64Setup.exe
2015-02-24 23:44 - 2015-02-24 23:53 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\StormFall
2015-02-24 23:44 - 2015-02-24 23:50 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-24 23:44 - 2015-02-24 23:44 - 00000000 ____D () C:\Users\Simon\AppData\Local\StormFall
2015-02-24 23:38 - 2015-02-24 23:38 - 00763280 _____ (Generic software ) C:\Users\Simon\Downloads\apple-mobile-device-support.exe
2015-02-24 23:24 - 2015-02-24 23:24 - 00784872 _____ (Reimage®) C:\Users\Simon\Downloads\ReimageRepair(1).exe
2015-02-24 21:24 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-24 21:24 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 21:23 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-24 20:40 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-24 20:40 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-24 20:40 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-02-24 20:40 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-24 19:07 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-02-24 19:07 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-24 19:07 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-24 19:07 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-02-24 19:07 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-02-24 19:07 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-02-24 19:07 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-24 19:07 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-02-24 19:07 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-02-24 19:07 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-02-24 19:07 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-02-24 19:07 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-02-24 19:07 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-02-24 19:07 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-02-24 19:07 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-02-24 18:56 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-02-24 18:56 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-02-24 18:56 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-02-24 18:56 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-02-24 18:56 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-02-24 17:25 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-24 17:25 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-24 17:25 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-24 17:25 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-24 17:25 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-24 17:25 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-24 17:25 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-24 17:25 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-24 17:25 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-02-24 17:25 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-02-24 17:25 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-02-24 17:25 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-02-24 17:25 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-02-24 17:25 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-02-24 17:25 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-02-24 17:25 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-02-24 17:25 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-02-24 17:25 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-02-24 17:17 - 2015-02-24 17:17 - 00889416 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\dotNetFx40_Full_setup.exe
2015-02-24 12:05 - 2015-02-24 12:05 - 00018024 _____ () C:\Users\Simon\Documents\Sans nom 3.odt
2015-02-23 14:01 - 2015-02-24 11:50 - 00026784 _____ () C:\Users\Simon\Documents\histoire gaz.odt
2015-02-23 12:38 - 2015-03-02 13:57 - 07868367 _____ () C:\Users\Simon\Documents\TPE Evolution moteur.odp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-23 00:19 - 2012-07-04 16:32 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-23 00:13 - 2015-01-25 17:12 - 00000935 _____ () C:\Users\Simon\AppData\Roaming\MUF
2015-03-22 23:45 - 2013-06-30 21:22 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-22 23:45 - 2012-03-05 09:56 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4154725961-1206704745-2141618368-1003UA.job
2015-03-22 23:45 - 2011-08-03 21:59 - 02015708 _____ () C:\Windows\WindowsUpdate.log
2015-03-22 20:56 - 2011-08-04 07:48 - 00751008 _____ () C:\Windows\system32\perfh00C.dat
2015-03-22 20:56 - 2011-08-04 07:48 - 00151840 _____ () C:\Windows\system32\perfc00C.dat
2015-03-22 20:56 - 2009-07-14 06:13 - 01679220 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-22 19:14 - 2014-08-20 22:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-22 11:52 - 2011-11-13 21:26 - 00000000 ____D () C:\Users\Simon\AppData\Local\Adobe
2015-03-22 11:50 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-22 11:50 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-22 11:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-22 11:42 - 2009-07-14 05:51 - 00178992 _____ () C:\Windows\setupact.log
2015-03-22 11:41 - 2010-11-21 04:47 - 00419328 _____ () C:\Windows\PFRO.log
2015-03-22 11:33 - 2011-11-23 18:10 - 06421504 ___SH () C:\Users\Simon\Downloads\Thumbs.db
2015-03-19 17:41 - 2012-03-05 09:56 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4154725961-1206704745-2141618368-1003Core.job
2015-03-19 14:00 - 2015-02-01 17:18 - 00000000 ____D () C:\Users\Simon\AppData\Local\CrashDumps
2015-03-19 13:59 - 2014-08-20 22:50 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-19 13:59 - 2014-08-20 22:50 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-19 13:59 - 2014-05-30 16:35 - 00002510 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro Search.lnk
2015-03-19 13:59 - 2014-05-30 16:35 - 00001419 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-19 13:59 - 2012-12-18 16:17 - 00002490 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Claro Search.lnk
2015-03-19 13:59 - 2011-11-13 21:26 - 00001437 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-18 22:49 - 2012-09-25 20:44 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-18 22:46 - 2012-01-21 19:14 - 00002695 _____ () C:\Windows\wininit.ini
2015-03-17 19:39 - 2013-12-06 20:42 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-10 19:29 - 2014-12-25 21:25 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan
2015-03-05 17:54 - 2012-02-04 22:39 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\SoftGrid Client
2015-03-03 21:01 - 2013-08-07 23:27 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2015-03-02 16:13 - 2011-12-05 19:25 - 00000000 ____D () C:\ProgramData\Apple
2015-02-24 23:26 - 2015-02-17 22:12 - 00000165 _____ () C:\Windows\Reimage.ini
2015-02-24 22:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-24 20:46 - 2014-02-10 21:50 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2015-02-24 20:43 - 2011-12-29 19:13 - 01654288 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-24 19:19 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-24 19:18 - 2009-07-14 05:45 - 05068040 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-24 19:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-24 18:59 - 2011-04-07 10:26 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-24 17:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2012-03-05 17:40 - 2012-11-05 23:03 - 0000006 _____ () C:\Program Files (x86)\Common Files\WPVersion.txt
2012-10-25 20:00 - 2012-10-27 19:48 - 0000173 _____ () C:\Users\Simon\AppData\Roaming\D2Info0
2012-10-25 20:00 - 2012-10-25 20:13 - 0000008 _____ () C:\Users\Simon\AppData\Roaming\DofusAppId0_1
2012-10-27 19:48 - 2012-10-27 20:42 - 0000008 _____ () C:\Users\Simon\AppData\Roaming\DofusAppId0_2
2015-01-25 17:12 - 2015-03-23 00:13 - 0000935 _____ () C:\Users\Simon\AppData\Roaming\MUF
2013-02-17 12:54 - 2013-02-21 18:23 - 0000132 _____ () C:\Users\Simon\AppData\Roaming\Préfs Format PNG Adobe CS6
2015-03-09 22:30 - 2015-03-09 22:30 - 0005487 _____ () C:\Users\Simon\AppData\Roaming\TAYB
2014-06-01 00:18 - 2014-07-19 00:19 - 0000087 _____ () C:\Users\Simon\AppData\Roaming\WB.CFG
2014-04-09 12:56 - 2014-04-09 16:57 - 0000600 _____ () C:\Users\Simon\AppData\Roaming\winscp.rnd
2013-04-01 15:14 - 2013-04-01 15:21 - 64330619 _____ () C:\Users\Simon\AppData\Local\AdobeSetupUtility.zip
2011-11-25 20:06 - 2015-02-16 20:00 - 0023040 _____ () C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-09 12:55 - 2014-04-09 17:52 - 0000600 _____ () C:\Users\Simon\AppData\Local\PUTTY.RND
2012-07-04 16:38 - 2012-07-04 16:38 - 0017408 _____ () C:\Users\Simon\AppData\Local\WebpageIcons.db
2011-08-03 22:14 - 2011-08-03 22:17 - 0015218 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-04-07 10:47 - 2010-03-02 22:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2014-04-09 14:17 - 2014-04-09 14:17 - 0054784 _____ () C:\ProgramData\irecovery.exe
2012-08-30 11:46 - 2012-08-30 11:46 - 0000097 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-09-03 20:19 - 2014-09-03 20:20 - 0000032 _____ () C:\ProgramData\PS.log
Files to move or delete:
====================
C:\ProgramData\irecovery.exe
Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\Temp\7049.exe
C:\Users\Simon\AppData\Local\Temp\AAMHelper.exe
C:\Users\Simon\AppData\Local\Temp\AdobeAIRInstaller.exe
C:\Users\Simon\AppData\Local\Temp\AskSLib.dll
C:\Users\Simon\AppData\Local\Temp\autorun.dll
C:\Users\Simon\AppData\Local\Temp\AutoRun.exe
C:\Users\Simon\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Simon\AppData\Local\Temp\avguidx.dll
C:\Users\Simon\AppData\Local\Temp\BearShare_setup.exe
C:\Users\Simon\AppData\Local\Temp\bitool.dll
C:\Users\Simon\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Simon\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Simon\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Simon\AppData\Local\Temp\CSOLauncher.exe
C:\Users\Simon\AppData\Local\Temp\drl3dzcd.dll
C:\Users\Simon\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Simon\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Simon\AppData\Local\Temp\dvh0-nin.dll
C:\Users\Simon\AppData\Local\Temp\EASOUNInstaller.exe
C:\Users\Simon\AppData\Local\Temp\eauninstall.exe
C:\Users\Simon\AppData\Local\Temp\eiuwzbbd.dll
C:\Users\Simon\AppData\Local\Temp\FIFA 2005_uninst.exe
C:\Users\Simon\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Simon\AppData\Local\Temp\fsprod.dll
C:\Users\Simon\AppData\Local\Temp\fssfm.dll
C:\Users\Simon\AppData\Local\Temp\gghelp.exe
C:\Users\Simon\AppData\Local\Temp\GUR8C37.exe
C:\Users\Simon\AppData\Local\Temp\gw895wzh.dll
C:\Users\Simon\AppData\Local\Temp\i4jdel0.exe
C:\Users\Simon\AppData\Local\Temp\i4jdel1.exe
C:\Users\Simon\AppData\Local\Temp\ICReinstall_setup.exe
C:\Users\Simon\AppData\Local\Temp\InstallerBT.exe
C:\Users\Simon\AppData\Local\Temp\Installhelper.dll
C:\Users\Simon\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Simon\AppData\Local\Temp\Kreapixel_addonAcPro.exe
C:\Users\Simon\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Simon\AppData\Local\Temp\Messenger-full-installer.exe
C:\Users\Simon\AppData\Local\Temp\MyBabylonTB.exe
C:\Users\Simon\AppData\Local\Temp\nsiFE85.exe
C:\Users\Simon\AppData\Local\Temp\nsnBF8C.exe
C:\Users\Simon\AppData\Local\Temp\nsnC5A5.exe
C:\Users\Simon\AppData\Local\Temp\Nss.exe
C:\Users\Simon\AppData\Local\Temp\nss884.exe
C:\Users\Simon\AppData\Local\Temp\nssF8F8.exe
C:\Users\Simon\AppData\Local\Temp\nsxB9FF.exe
C:\Users\Simon\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Simon\AppData\Local\Temp\ogqa5x5h.dll
C:\Users\Simon\AppData\Local\Temp\oi_{4FA11C70-FD7F-4873-B28B-E597652796A8}.exe
C:\Users\Simon\AppData\Local\Temp\PCSpeedMaximizer_new.exe
C:\Users\Simon\AppData\Local\Temp\PingMe.exe
C:\Users\Simon\AppData\Local\Temp\preconfig.exe
C:\Users\Simon\AppData\Local\Temp\propsys.dll
C:\Users\Simon\AppData\Local\Temp\push.exe
C:\Users\Simon\AppData\Local\Temp\pushgame.exe
C:\Users\Simon\AppData\Local\Temp\Quarantine.exe
C:\Users\Simon\AppData\Local\Temp\QuickTimeInstaller.exe
C:\Users\Simon\AppData\Local\Temp\ReimageExpressPackage.exe
C:\Users\Simon\AppData\Local\Temp\ReimageExpressSetup.exe
C:\Users\Simon\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Simon\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Simon\AppData\Local\Temp\rpidity.exe
C:\Users\Simon\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Simon\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Simon\AppData\Local\Temp\SendMsg.dll
C:\Users\Simon\AppData\Local\Temp\setup_607.exe
C:\Users\Simon\AppData\Local\Temp\Shockwave_Installer_Slim.exe
C:\Users\Simon\AppData\Local\Temp\SimBundD.exe
C:\Users\Simon\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Simon\AppData\Local\Temp\smt_qone8.exe
C:\Users\Simon\AppData\Local\Temp\SpOrder.dll
C:\Users\Simon\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Simon\AppData\Local\Temp\sttfto_u.dll
C:\Users\Simon\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Simon\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Simon\AppData\Local\Temp\u-6rrb-f.dll
C:\Users\Simon\AppData\Local\Temp\uninst1.exe
C:\Users\Simon\AppData\Local\Temp\UnityWebPlayer8927150442717599319.exe
C:\Users\Simon\AppData\Local\Temp\utt4E90.tmp.exe
C:\Users\Simon\AppData\Local\Temp\utt5944.tmp.exe
C:\Users\Simon\AppData\Local\Temp\v42088.exe
C:\Users\Simon\AppData\Local\Temp\vbmz2.exe
C:\Users\Simon\AppData\Local\Temp\VidSaver_4.exe
C:\Users\Simon\AppData\Local\Temp\WarThunderLauncher_1.0.1.199_updVTBCGSCE.exe
C:\Users\Simon\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\Simon\AppData\Local\Temp\_isE531.exe
C:\Users\Simon\AppData\Local\Temp\_isF23B.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-15 15:38
==================== End Of Log ============================