cjoint

Publicité


Publicité

Commentaire : Bonjour, voici le lien vers les 2 fichiers txt évoqués dans mon mail d'hier soir. Cordialement. M. Harry

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:25-11-2015 02
Exécuté par HP_Administrateur (administrateur) sur NOM-FB9B15D2723 (26-11-2015 16:04:52)
Exécuté depuis C:\Documents and Settings\HP_Administrateur\Bureau
Profils chargés: HP_Administrateur & danie & Administrateur (Profils disponibles: HP_Administrateur & danie & Administrateur & Invité)
Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
() C:\Documents and Settings\All Users\Application Data\Avg_Update_1015tb\AVG-Secure-Search-Update_1015tb.exe
(Microsoft) C:\WINDOWS\arservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(MediaStreaming OU) C:\Documents and Settings\All Users\Application Data\Boxore\LSP\MediaStreamingService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(Boxore OU) C:\Program Files\MediaStreamingAgent\MediaStreamingAgent\MediaStreamingAgent.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Boxore OU) C:\Program Files\MediaStreamingAgent\MediaStreamingAgent\MediaStreamingAgent.exe
(AVG Secure Search) C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\40.1.8\ToolbarUpdater.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
() C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\40.1.8\loggingserver.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Joyent, Inc) C:\Program Files\MediaStreamingAgent\MediaStreamingAgent\node.exe
(AVG Secure Search) C:\Program Files\AVG Web TuneUp\avgcefrend.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4430824 2015-07-10] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [3177360 2015-10-28] ()
HKLM\...\Run: [MediaStreamingAgent] => C:\Program Files\MediaStreamingAgent\MediaStreamingAgent\MediaStreamingAgent.exe [1204736 2015-10-18] (Boxore OU)
HKLM\...\Policies\Explorer\Run: [1796266866] => C:\Documents and Settings\All Users\msiczvg.exe [80384 2008-04-14] ()
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1537137582-1004478551-3397864912-1007\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1537137582-1004478551-3397864912-1007\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-1537137582-1004478551-3397864912-1007\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1537137582-1004478551-3397864912-1008\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1537137582-1004478551-3397864912-500\...\Run: [GUDelayStartup] => J:\Apps\GlaryUtilities\App\GlaryUtilities\StartupManager.exe -delayrun
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect"
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\HELP_DECRYPT.HTML [2015-11-08] ()
Startup: C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\HELP_DECRYPT.PNG [2015-11-08] ()
Startup: C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\HELP_DECRYPT.TXT [2015-11-08] ()
InternetURL: C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\HELP_DECRYPT.URL -> hxxp://ayh2m57ruxjtwyd5.abctopayforwin.com/1d2i29g
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog9 01 C:\WINDOWS\system32\MediaStreamingService.dll [304208 2015-10-16] (MediaStreaming OU)
Winsock: Catalog9 02 C:\WINDOWS\system32\MediaStreamingService.dll [304208 2015-10-16] (MediaStreaming OU)
Winsock: Catalog9 20 C:\WINDOWS\system32\MediaStreamingService.dll [304208 2015-10-16] (MediaStreaming OU)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: [DhcpNameServer] 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
Tcpip\..\Interfaces\{990F602F-11F0-4943-B280-182E69BD26D0}: [DhcpNameServer] 212.27.40.240 212.27.40.241

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1537137582-1004478551-3397864912-1007\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=64&bd=PAVILION&pf=desktop
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=64&bd=PAVILION&pf=desktop
HKU\S-1-5-21-1537137582-1004478551-3397864912-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={EFDA403F-C9AD-46CC-A418-9731B36CA3D1}&mid=4ea93ee2958947d3a9a1d151b5d2e80f-953cbc3838e70ba0619da43b00e7dbed76f69717&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-12-10 23:00:33&v=4.1.4.948&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1537137582-1004478551-3397864912-1007\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1537137582-1004478551-3397864912-1007\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=64&bd=PAVILION&pf=desktop
HKU\S-1-5-21-1537137582-1004478551-3397864912-1007\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.holasearch.com/?affID=121962&babsrc=HP_ss&mntrId=1CDA0018F33601FC
HKU\S-1-5-21-1537137582-1004478551-3397864912-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=64&bd=PAVILION&pf=desktop
HKU\S-1-5-21-1537137582-1004478551-3397864912-1008\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=64&bd=PAVILION&pf=desktop
HKU\S-1-5-21-1537137582-1004478551-3397864912-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=64&bd=PAVILION&pf=desktop
HKU\S-1-5-21-1537137582-1004478551-3397864912-1008\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=64&bd=PAVILION&pf=desktop
HKU\S-1-5-21-1537137582-1004478551-3397864912-1008\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=64&bd=PAVILION&pf=desktop
HKU\S-1-5-21-1537137582-1004478551-3397864912-1008\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://trouve.info/accueil.htm
hxxp://trouve.info/accueil.htm
HKU\S-1-5-21-1537137582-1004478551-3397864912-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-1537137582-1004478551-3397864912-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {7DCAD6D1-CC98-4C61-8F3F-8B53ED9EDD54} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {C87A977E-8679-4D2B-960B-373F37913C4B} URL = hxxp://www.trovi.com/Results.aspx?q={searchTerms}&GD=SY1000167&SearchSource=56&UM=2
SearchScopes: HKU\.DEFAULT -> {C87A977E-8679-4D2B-960B-373F37913C4B} URL = hxxp://www.trovi.com/Results.aspx?q={searchTerms}&GD=SY1000167&SearchSource=56&UM=2
SearchScopes: HKU\S-1-5-21-1537137582-1004478551-3397864912-1007 -> DefaultScope {5DE5A394-FD8A-4626-B4CA-EE4E1319B85C} URL = hxxp://www.trovi.com/Results.aspx?q={searchTerms}&GD=SY1000167&SearchSource=56&UM=2
SearchScopes: HKU\S-1-5-21-1537137582-1004478551-3397864912-1007 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1537137582-1004478551-3397864912-1007 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.iminent.com/?appId=631EE659-6B29-4E66-A0A5-15DED76613CD&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1537137582-1004478551-3397864912-1007 -> {5DE5A394-FD8A-4626-B4CA-EE4E1319B85C} URL = hxxp://www.trovi.com/Results.aspx?q={searchTerms}&GD=SY1000167&SearchSource=56&UM=2
SearchScopes: HKU\S-1-5-21-1537137582-1004478551-3397864912-1007 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={EFDA403F-C9AD-46CC-A418-9731B36CA3D1}&mid=4ea93ee2958947d3a9a1d151b5d2e80f-953cbc3838e70ba0619da43b00e7dbed76f69717&lang=en&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2014-12-10 23:00:33&v=4.1.4.948&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1537137582-1004478551-3397864912-1007 -> {EB0212E0-694B-48D8-8A72-BDA817CFA40E} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24] (Adobe Systems Incorporated)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10] (Sun Microsystems, Inc.)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.8.599\AVG Web TuneUp.dll [2015-10-28] (AVG)
BHO: Pas de nom -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> Pas de fichier
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKU\S-1-5-21-1537137582-1004478551-3397864912-1007 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKU\S-1-5-21-1537137582-1004478551-3397864912-1007 -> Pas de nom - {C4069E3A-68F1-403E-B40E-20066696354B} - Pas de fichier
Toolbar: HKU\S-1-5-21-1537137582-1004478551-3397864912-1008 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKU\S-1-5-21-1537137582-1004478551-3397864912-1008 -> Pas de nom - {C4069E3A-68F1-403E-B40E-20066696354B} - Pas de fichier
Toolbar: HKU\S-1-5-21-1537137582-1004478551-3397864912-500 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Fichiers communs\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll [2014-12-10] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\gfdbuqcq.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxps://mysearch.avg.com/?cid={EFDA403F-C9AD-46CC-A418-9731B36CA3D1}&mid=4ea93ee2958947d3a9a1d151b5d2e80f-953cbc3838e70ba0619da43b00e7dbed76f69717&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-12-10 23:00:33&v=4.1.8.599&pid=wtu&sg=&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll [2014-05-08] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Fichiers communs\AVG Secure Search\SiteSafetyInstaller\40.1.8\\npsitesafety.dll [Pas de fichier]
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=3 -> C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=9 -> C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin: @tools.Software.com/Software Update;version=3 -> C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll [2014-05-08] (The Software Group)
FF Plugin: @tools.Software.com/Software Update;version=9 -> C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll [2014-05-08] (The Software Group)
FF Plugin: @www.duuqu.com/omaha/tools//Duuqu Update;version=3 -> C:\Program Files\Duuqu\Update\1.3.37.0\npDuuquUpdate3.dll [Pas de fichier]
FF Plugin: @www.duuqu.com/omaha/tools//Duuqu Update;version=9 -> C:\Program Files\Duuqu\Update\1.3.37.0\npDuuquUpdate3.dll [Pas de fichier]
FF SearchPlugin: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\gfdbuqcq.default\searchplugins\avg-secure-search.xml [2015-10-28]
FF SearchPlugin: C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\gfdbuqcq.default\searchplugins\bingcom.xml [2015-08-02]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\SearchTheWeb.xml [2012-12-14]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-10-28]
FF Extension: Smart Display - C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\gfdbuqcq.default\Extensions\jid1-FCM5fDwCW5M3AQ@jetpack.xpi [2014-04-09] [non signé]
FF Extension: Adblock Plus - C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\gfdbuqcq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-07] [non signé]
FF Extension: BasicServe - C:\Program Files\Mozilla Firefox\browser\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04} [2014-06-18] [non signé]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-08-11] [non signé]
FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files\Better-Surf\ff => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha933.net] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha933\ff => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [ext@VideoPlayerV3beta63.net] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta63\ff => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [ext@MediaPlayerV1alpha4638.net] - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha4638\ff => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha5209.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha5209\ff => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [ext@MediaWatchV1home5395.net] - C:\Program Files\MediaWatchV1\MediaWatchV1home5395\ff => non trouvé(e)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\all-iminent.js [2013-07-09]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cgmnmokemmnehdlpldjllddllhlhmdfp] - C:\Program Files\MediaViewV1\MediaViewV1alpha5209\ch\MediaViewV1alpha5209.crx
CHR HKLM\...\Chrome\Extension: [dbodkonffmjnfkamhfebcnpkhhfckcjm] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha933\ch\WebexpEnhancedV1alpha933.crx
CHR HKLM\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files\BetterSurf\ch\Chrome.crx
CHR HKLM\...\Chrome\Extension: [ekojhlphehbhmcejaiacobdabpfichda] - C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\CRE\ekojhlphehbhmcejaiacobdabpfichda.crx [2013-04-14]
CHR HKLM\...\Chrome\Extension: [hfikdpojhgckaejifppccjeedkjcndpp] - C:\Documents and Settings\HP_Administrateur\Application Data\BabSolution\CR\hola.crx [2013-03-14]
CHR HKLM\...\Chrome\Extension: [ijkpnnhngefppibodkkpbpfebniiihkn] - C:\Program Files\MediaWatchV1\MediaWatchV1home5395\ch\MediaWatchV1home5395.crx
CHR HKLM\...\Chrome\Extension: [pfekkhdmhmddhjhfmkmfhojbjlihbopc] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta63\ch\VideoPlayerV3beta63.crx
CHR HKLM\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files\Better-Surf\ch\Chrome.crx
CHR HKU\S-1-5-21-1537137582-1004478551-3397864912-1007\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ekojhlphehbhmcejaiacobdabpfichda] - C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\CRE\ekojhlphehbhmcejaiacobdabpfichda.crx [2013-04-14]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ARSVC; C:\WINDOWS\arservice.exe [58880 2005-08-03] (Microsoft)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4948456 2015-05-26] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
S4 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
S4 LightScribeService; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [49152 2006-06-21] (Hewlett-Packard Company) [Fichier non signé]
S4 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2117960 2014-04-01] (CybelSoft)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
R2 MediaStreamingService; C:\Documents and Settings\All Users\Application Data\Boxore\LSP\MediaStreamingService.exe [1705928 2015-10-16] (MediaStreaming OU) [Fichier non signé]
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [Fichier non signé]
S4 Software_update_m; C:\Program Files\Software\Update\SoftwareUpdate.exe [119408 2014-05-08] (The Software Group)
S4 SProtection; C:\Program Files\Fichiers communs\Umbrella\umbrella.exe [3052864 2014-04-28] (Iminent)
R2 vToolbarUpdater40.1.8; C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\40.1.8\ToolbarUpdater.exe [1875856 2015-10-04] (AVG Secure Search)
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-10-28] ()
S4 dealplylive; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe /svc [X]
S4 dealplylivem; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe /medsvc [X]
S4 dqupdate; C:\Program Files\Duuqu\Update\DuuquUpdate.exe /svc [X]
S4 dqupdatem; C:\Program Files\Duuqu\Update\DuuquUpdate.exe /medsvc [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2005-03-09] (Advanced Micro Devices)
R3 aracpi; C:\WINDOWS\System32\DRIVERS\aracpi.sys [22784 2005-08-03] (Microsoft Corporation)
S3 arhidfltr; C:\WINDOWS\System32\DRIVERS\arhidfltr.sys [19200 2005-08-03] (Microsoft Corporation)
R3 arkbcfltr; C:\WINDOWS\System32\DRIVERS\arkbcfltr.sys [5376 2005-08-03] (Microsoft Corporation)
R3 armoucfltr; C:\WINDOWS\System32\DRIVERS\armoucfltr.sys [4992 2005-08-03] (Microsoft Corporation)
R3 ARPolicy; C:\WINDOWS\System32\DRIVERS\arpolicy.sys [10112 2005-08-03] (Microsoft Corporation)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [122320 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [30672 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [172856 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [278992 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [159648 2015-07-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [191440 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 bb-run; C:\WINDOWS\System32\DRIVERS\bb-run.sys [17408 2003-11-05] (Promise Technology, Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R0 ftsata2; C:\WINDOWS\System32\DRIVERS\ftsata2.sys [175104 2005-06-29] (Promise Technology, Inc.)
S3 ma-config_x86; C:\Program Files\ma-config.com\Drivers\ma-config_x86.sys [16160 2014-02-24] (CybelSoft)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [Fichier non signé]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [34176 2006-03-03] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13056 2006-03-03] (NVIDIA Corporation)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [46080 2006-03-09] (Sonic Solutions) [Fichier non signé]
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 ZSMC301b; C:\WINDOWS\System32\Drivers\usbVM31b.sys [93351 2004-11-10] (VM)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 Pml Driver HPZ12; pas de ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-11-26 16:04 - 2015-11-26 16:05 - 00025614 _____ C:\Documents and Settings\HP_Administrateur\Bureau\FRST.txt
2015-11-26 16:04 - 2015-11-26 16:04 - 00000000 ____D C:\FRST
2015-11-26 16:03 - 2015-11-26 16:03 - 01719296 _____ (Farbar) C:\Documents and Settings\HP_Administrateur\Bureau\FRST.exe
2015-11-17 21:26 - 2015-11-17 21:26 - 00480096 ____T C:\Documents and Settings\HP_Administrateur\Mes documents\5
2015-11-08 09:30 - 2015-11-08 09:31 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Deployment
2015-11-08 09:08 - 2015-11-08 09:08 - 00009130 _____ C:\HELP_DECRYPT.HTML
2015-11-08 09:08 - 2015-11-08 09:08 - 00004756 _____ C:\HELP_DECRYPT.TXT
2015-11-08 09:08 - 2015-11-08 09:08 - 00000300 _____ C:\HELP_DECRYPT.URL
2015-11-08 09:02 - 2015-11-08 09:02 - 00009130 _____ C:\Documents and Settings\NetworkService\Local Settings\HELP_DECRYPT.HTML
2015-11-08 09:02 - 2015-11-08 09:02 - 00009130 _____ C:\Documents and Settings\NetworkService\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-11-08 09:02 - 2015-11-08 09:02 - 00009130 _____ C:\Documents and Settings\NetworkService\HELP_DECRYPT.HTML
2015-11-08 09:02 - 2015-11-08 09:02 - 00009130 _____ C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.HTML
2015-11-08 09:02 - 2015-11-08 09:02 - 00009130 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-11-08 09:02 - 2015-11-08 09:02 - 00009130 _____ C:\Documents and Settings\LocalService\HELP_DECRYPT.HTML
2015-11-08 09:02 - 2015-11-08 09:02 - 00009130 _____ C:\Documents and Settings\Invité\Mes documents\HELP_DECRYPT.HTML
2015-11-08 09:02 - 2015-11-08 09:02 - 00009130 _____ C:\Documents and Settings\Invité\HELP_DECRYPT.HTML
2015-11-08 09:02 - 2015-11-08 09:02 - 00009130 _____ C:\Documents and Settings\HELP_DECRYPT.HTML
2015-11-08 09:02 - 2015-11-08 09:02 - 00004756 _____ C:\Documents and Settings\NetworkService\Local Settings\HELP_DECRYPT.TXT
2015-11-08 09:02 - 2015-11-08 09:02 - 00004756 _____ C:\Documents and Settings\NetworkService\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-11-08 09:02 - 2015-11-08 09:02 - 00004756 _____ C:\Documents and Settings\NetworkService\HELP_DECRYPT.TXT
2015-11-08 09:02 - 2015-11-08 09:02 - 00004756 _____ C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.TXT
2015-11-08 09:02 - 2015-11-08 09:02 - 00004756 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-11-08 09:02 - 2015-11-08 09:02 - 00004756 _____ C:\Documents and Settings\LocalService\HELP_DECRYPT.TXT
2015-11-08 09:02 - 2015-11-08 09:02 - 00004756 _____ C:\Documents and Settings\Invité\Mes documents\HELP_DECRYPT.TXT
2015-11-08 09:02 - 2015-11-08 09:02 - 00004756 _____ C:\Documents and Settings\Invité\HELP_DECRYPT.TXT
2015-11-08 09:02 - 2015-11-08 09:02 - 00004756 _____ C:\Documents and Settings\HELP_DECRYPT.TXT
2015-11-08 09:02 - 2015-11-08 09:02 - 00000300 _____ C:\Documents and Settings\NetworkService\Local Settings\HELP_DECRYPT.URL
2015-11-08 09:02 - 2015-11-08 09:02 - 00000300 _____ C:\Documents and Settings\NetworkService\Local Settings\Application Data\HELP_DECRYPT.URL
2015-11-08 09:02 - 2015-11-08 09:02 - 00000300 _____ C:\Documents and Settings\NetworkService\HELP_DECRYPT.URL
2015-11-08 09:02 - 2015-11-08 09:02 - 00000300 _____ C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.URL
2015-11-08 09:02 - 2015-11-08 09:02 - 00000300 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.URL
2015-11-08 09:02 - 2015-11-08 09:02 - 00000300 _____ C:\Documents and Settings\LocalService\HELP_DECRYPT.URL
2015-11-08 09:02 - 2015-11-08 09:02 - 00000300 _____ C:\Documents and Settings\Invité\Mes documents\HELP_DECRYPT.URL
2015-11-08 09:02 - 2015-11-08 09:02 - 00000300 _____ C:\Documents and Settings\Invité\HELP_DECRYPT.URL
2015-11-08 09:02 - 2015-11-08 09:02 - 00000300 _____ C:\Documents and Settings\HELP_DECRYPT.URL
2015-11-08 09:01 - 2015-11-08 09:01 - 00009130 _____ C:\Documents and Settings\Invité\Local Settings\HELP_DECRYPT.HTML
2015-11-08 09:01 - 2015-11-08 09:01 - 00009130 _____ C:\Documents and Settings\Invité\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-11-08 09:01 - 2015-11-08 09:01 - 00004756 _____ C:\Documents and Settings\Invité\Local Settings\HELP_DECRYPT.TXT
2015-11-08 09:01 - 2015-11-08 09:01 - 00004756 _____ C:\Documents and Settings\Invité\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-11-08 09:01 - 2015-11-08 09:01 - 00000300 _____ C:\Documents and Settings\Invité\Local Settings\HELP_DECRYPT.URL
2015-11-08 09:01 - 2015-11-08 09:01 - 00000300 _____ C:\Documents and Settings\Invité\Local Settings\Application Data\HELP_DECRYPT.URL
2015-11-08 08:54 - 2015-11-08 08:54 - 00009130 _____ C:\Documents and Settings\Invité\Application Data\HELP_DECRYPT.HTML
2015-11-08 08:54 - 2015-11-08 08:54 - 00004756 _____ C:\Documents and Settings\Invité\Application Data\HELP_DECRYPT.TXT
2015-11-08 08:54 - 2015-11-08 08:54 - 00000300 _____ C:\Documents and Settings\Invité\Application Data\HELP_DECRYPT.URL
2015-11-08 08:53 - 2015-11-08 08:53 - 00009130 _____ C:\Documents and Settings\HP_Administrateur\Mes documents\HELP_DECRYPT.HTML
2015-11-08 08:53 - 2015-11-08 08:53 - 00009130 _____ C:\Documents and Settings\HP_Administrateur\HELP_DECRYPT.HTML
2015-11-08 08:53 - 2015-11-08 08:53 - 00004756 _____ C:\Documents and Settings\HP_Administrateur\Mes documents\HELP_DECRYPT.TXT
2015-11-08 08:53 - 2015-11-08 08:53 - 00004756 _____ C:\Documents and Settings\HP_Administrateur\HELP_DECRYPT.TXT
2015-11-08 08:53 - 2015-11-08 08:53 - 00000300 _____ C:\Documents and Settings\HP_Administrateur\Mes documents\HELP_DECRYPT.URL
2015-11-08 08:53 - 2015-11-08 08:53 - 00000300 _____ C:\Documents and Settings\HP_Administrateur\HELP_DECRYPT.URL
2015-11-08 08:42 - 2015-11-08 08:42 - 00009130 _____ C:\Documents and Settings\HP_Administrateur\Local Settings\HELP_DECRYPT.HTML
2015-11-08 08:42 - 2015-11-08 08:42 - 00009130 _____ C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-11-08 08:42 - 2015-11-08 08:42 - 00004756 _____ C:\Documents and Settings\HP_Administrateur\Local Settings\HELP_DECRYPT.TXT
2015-11-08 08:42 - 2015-11-08 08:42 - 00004756 _____ C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-11-08 08:42 - 2015-11-08 08:42 - 00000300 _____ C:\Documents and Settings\HP_Administrateur\Local Settings\HELP_DECRYPT.URL
2015-11-08 08:42 - 2015-11-08 08:42 - 00000300 _____ C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\HELP_DECRYPT.URL
2015-11-08 08:14 - 2015-11-08 09:08 - 00009130 _____ C:\Documents and Settings\HP_Administrateur\Bureau\HELP_DECRYPT.HTML
2015-11-08 08:14 - 2015-11-08 09:08 - 00004756 _____ C:\Documents and Settings\HP_Administrateur\Bureau\HELP_DECRYPT.TXT
2015-11-08 08:14 - 2015-11-08 09:08 - 00000300 _____ C:\Documents and Settings\HP_Administrateur\Bureau\HELP_DECRYPT.URL
2015-11-08 08:14 - 2015-11-08 08:14 - 00009130 _____ C:\Documents and Settings\HP_Administrateur\Application Data\HELP_DECRYPT.HTML
2015-11-08 08:14 - 2015-11-08 08:14 - 00009130 _____ C:\Documents and Settings\Default User\Mes documents\HELP_DECRYPT.HTML
2015-11-08 08:14 - 2015-11-08 08:14 - 00009130 _____ C:\Documents and Settings\Default User\HELP_DECRYPT.HTML
2015-11-08 08:14 - 2015-11-08 08:14 - 00004756 _____ C:\Documents and Settings\HP_Administrateur\Application Data\HELP_DECRYPT.TXT
2015-11-08 08:14 - 2015-11-08 08:14 - 00004756 _____ C:\Documents and Settings\Default User\Mes documents\HELP_DECRYPT.TXT
2015-11-08 08:14 - 2015-11-08 08:14 - 00004756 _____ C:\Documents and Settings\Default User\HELP_DECRYPT.TXT
2015-11-08 08:14 - 2015-11-08 08:14 - 00000300 _____ C:\Documents and Settings\HP_Administrateur\Application Data\HELP_DECRYPT.URL
2015-11-08 08:14 - 2015-11-08 08:14 - 00000300 _____ C:\Documents and Settings\Default User\Mes documents\HELP_DECRYPT.URL
2015-11-08 08:14 - 2015-11-08 08:14 - 00000300 _____ C:\Documents and Settings\Default User\HELP_DECRYPT.URL
2015-11-08 08:13 - 2015-11-08 08:13 - 00009130 _____ C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.HTML
2015-11-08 08:13 - 2015-11-08 08:13 - 00009130 _____ C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-11-08 08:13 - 2015-11-08 08:13 - 00009130 _____ C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.HTML
2015-11-08 08:13 - 2015-11-08 08:13 - 00009130 _____ C:\Documents and Settings\danie\Mes documents\HELP_DECRYPT.HTML
2015-11-08 08:13 - 2015-11-08 08:13 - 00009130 _____ C:\Documents and Settings\danie\Local Settings\HELP_DECRYPT.HTML
2015-11-08 08:13 - 2015-11-08 08:13 - 00009130 _____ C:\Documents and Settings\danie\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-11-08 08:13 - 2015-11-08 08:13 - 00009130 _____ C:\Documents and Settings\danie\HELP_DECRYPT.HTML
2015-11-08 08:13 - 2015-11-08 08:13 - 00004756 _____ C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.TXT
2015-11-08 08:13 - 2015-11-08 08:13 - 00004756 _____ C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-11-08 08:13 - 2015-11-08 08:13 - 00004756 _____ C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.TXT
2015-11-08 08:13 - 2015-11-08 08:13 - 00004756 _____ C:\Documents and Settings\danie\Mes documents\HELP_DECRYPT.TXT
2015-11-08 08:13 - 2015-11-08 08:13 - 00004756 _____ C:\Documents and Settings\danie\Local Settings\HELP_DECRYPT.TXT
2015-11-08 08:13 - 2015-11-08 08:13 - 00004756 _____ C:\Documents and Settings\danie\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-11-08 08:13 - 2015-11-08 08:13 - 00004756 _____ C:\Documents and Settings\danie\HELP_DECRYPT.TXT
2015-11-08 08:13 - 2015-11-08 08:13 - 00000300 _____ C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.URL
2015-11-08 08:13 - 2015-11-08 08:13 - 00000300 _____ C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.URL
2015-11-08 08:13 - 2015-11-08 08:13 - 00000300 _____ C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.URL
2015-11-08 08:13 - 2015-11-08 08:13 - 00000300 _____ C:\Documents and Settings\danie\Mes documents\HELP_DECRYPT.URL
2015-11-08 08:13 - 2015-11-08 08:13 - 00000300 _____ C:\Documents and Settings\danie\Local Settings\HELP_DECRYPT.URL
2015-11-08 08:13 - 2015-11-08 08:13 - 00000300 _____ C:\Documents and Settings\danie\Local Settings\Application Data\HELP_DECRYPT.URL
2015-11-08 08:13 - 2015-11-08 08:13 - 00000300 _____ C:\Documents and Settings\danie\HELP_DECRYPT.URL
2015-11-07 21:12 - 2015-11-07 21:12 - 00009130 _____ C:\Documents and Settings\danie\Application Data\HELP_DECRYPT.HTML
2015-11-07 21:12 - 2015-11-07 21:12 - 00009130 _____ C:\Documents and Settings\All Users\HELP_DECRYPT.HTML
2015-11-07 21:12 - 2015-11-07 21:12 - 00004756 _____ C:\Documents and Settings\danie\Application Data\HELP_DECRYPT.TXT
2015-11-07 21:12 - 2015-11-07 21:12 - 00004756 _____ C:\Documents and Settings\All Users\HELP_DECRYPT.TXT
2015-11-07 21:12 - 2015-11-07 21:12 - 00000300 _____ C:\Documents and Settings\danie\Application Data\HELP_DECRYPT.URL
2015-11-07 21:12 - 2015-11-07 21:12 - 00000300 _____ C:\Documents and Settings\All Users\HELP_DECRYPT.URL
2015-11-07 21:10 - 2015-11-07 21:10 - 00009130 _____ C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.HTML
2015-11-07 21:10 - 2015-11-07 21:10 - 00009130 _____ C:\Documents and Settings\Administrateur\Mes documents\HELP_DECRYPT.HTML
2015-11-07 21:10 - 2015-11-07 21:10 - 00009130 _____ C:\Documents and Settings\Administrateur\Local Settings\HELP_DECRYPT.HTML
2015-11-07 21:10 - 2015-11-07 21:10 - 00009130 _____ C:\Documents and Settings\Administrateur\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-11-07 21:10 - 2015-11-07 21:10 - 00009130 _____ C:\Documents and Settings\Administrateur\HELP_DECRYPT.HTML
2015-11-07 21:10 - 2015-11-07 21:10 - 00004756 _____ C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.TXT
2015-11-07 21:10 - 2015-11-07 21:10 - 00004756 _____ C:\Documents and Settings\Administrateur\Mes documents\HELP_DECRYPT.TXT
2015-11-07 21:10 - 2015-11-07 21:10 - 00004756 _____ C:\Documents and Settings\Administrateur\Local Settings\HELP_DECRYPT.TXT
2015-11-07 21:10 - 2015-11-07 21:10 - 00004756 _____ C:\Documents and Settings\Administrateur\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-11-07 21:10 - 2015-11-07 21:10 - 00004756 _____ C:\Documents and Settings\Administrateur\HELP_DECRYPT.TXT
2015-11-07 21:10 - 2015-11-07 21:10 - 00000300 _____ C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.URL
2015-11-07 21:10 - 2015-11-07 21:10 - 00000300 _____ C:\Documents and Settings\Administrateur\Mes documents\HELP_DECRYPT.URL
2015-11-07 21:10 - 2015-11-07 21:10 - 00000300 _____ C:\Documents and Settings\Administrateur\Local Settings\HELP_DECRYPT.URL
2015-11-07 21:10 - 2015-11-07 21:10 - 00000300 _____ C:\Documents and Settings\Administrateur\Local Settings\Application Data\HELP_DECRYPT.URL
2015-11-07 21:10 - 2015-11-07 21:10 - 00000300 _____ C:\Documents and Settings\Administrateur\HELP_DECRYPT.URL
2015-11-07 21:09 - 2015-11-07 21:09 - 00009130 _____ C:\Documents and Settings\Administrateur\Application Data\HELP_DECRYPT.HTML
2015-11-07 21:09 - 2015-11-07 21:09 - 00004756 _____ C:\Documents and Settings\Administrateur\Application Data\HELP_DECRYPT.TXT
2015-11-07 21:09 - 2015-11-07 21:09 - 00000300 _____ C:\Documents and Settings\Administrateur\Application Data\HELP_DECRYPT.URL
2015-10-28 08:22 - 2015-11-26 15:00 - 00000588 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_1015tb_rel.job
2015-10-28 08:22 - 2015-11-26 15:00 - 00000502 _____ C:\WINDOWS\Tasks\AVG_SYS_TASK_1015tb_DELETE.job

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-11-26 16:05 - 2014-05-08 18:40 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Local Settings\temp
2015-11-26 16:04 - 2011-03-29 19:59 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Bureau
2015-11-26 16:04 - 2005-11-15 04:16 - 00000000 ____D C:\WINDOWS
2015-11-26 16:01 - 2015-01-11 10:00 - 00000434 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{F93CB43A-C62C-4EF2-97BB-1B11B01C5FEA}.job
2015-11-26 15:48 - 2005-10-10 12:38 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-26 15:41 - 2014-05-08 17:36 - 00000928 _____ C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineUA.job
2015-11-26 15:07 - 2014-05-08 18:06 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Adblock Plus for IE
2015-11-26 15:01 - 2005-11-15 03:58 - 00000000 ____D C:\WINDOWS\Registration
2015-11-26 15:00 - 2014-05-08 17:36 - 00000924 _____ C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineCore.job
2015-11-26 15:00 - 2014-05-08 16:46 - 00000348 _____ C:\WINDOWS\Tasks\GlaryInitialize 4.job
2015-11-26 15:00 - 2014-04-19 15:38 - 00000246 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2015-11-26 15:00 - 2005-10-10 13:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-26 12:07 - 2014-05-08 17:23 - 00032512 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-26 12:07 - 2011-03-29 19:59 - 00000184 ___SH C:\Documents and Settings\HP_Administrateur\ntuser.ini
2015-11-26 09:25 - 2013-04-12 15:13 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2015-11-25 18:40 - 2011-03-29 19:59 - 00000000 ____D C:\Documents and Settings\HP_Administrateur
2015-11-18 16:04 - 2011-11-16 19:00 - 00000000 ___RD C:\Documents and Settings\danie\Mes documents
2015-11-17 21:26 - 2011-03-29 19:59 - 00000000 ___RD C:\Documents and Settings\HP_Administrateur\Mes documents
2015-11-15 09:25 - 2015-10-26 09:42 - 00009792 _____ C:\WINDOWS\system32\MediaStreamingServiceOff.ini
2015-11-08 09:08 - 2011-03-29 19:59 - 00000000 ___RD C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage
2015-11-08 09:02 - 2014-05-08 18:25 - 00000000 ____D C:\Qoobox
2015-11-08 09:02 - 2014-03-03 10:27 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
2015-11-08 09:02 - 2011-12-07 11:33 - 00000000 ___RD C:\Documents and Settings\Invité\Mes documents\Mes images
2015-11-08 09:02 - 2011-12-07 11:33 - 00000000 ___RD C:\Documents and Settings\Invité\Mes documents
2015-11-08 09:02 - 2011-12-07 11:33 - 00000000 ___HD C:\Documents and Settings\Invité\Modèles
2015-11-08 09:02 - 2011-12-07 11:33 - 00000000 ____D C:\Documents and Settings\Invité
2015-11-08 09:02 - 2006-08-12 01:37 - 00000000 __SHD C:\Documents and Settings\NetworkService
2015-11-08 09:02 - 2006-08-12 01:37 - 00000000 __SHD C:\Documents and Settings\LocalService
2015-11-08 09:02 - 2005-11-15 03:24 - 00000000 ____D C:\hp
2015-11-08 09:02 - 2005-11-15 03:23 - 00000000 ____D C:\Documents and Settings
2015-11-08 09:01 - 2013-05-13 10:27 - 00000000 ____D C:\Documents and Settings\Invité\Local Settings\Application Data\Conduit
2015-11-08 09:01 - 2013-05-13 10:27 - 00000000 ____D C:\Documents and Settings\Invité\Local Settings\Application Data\Bubble_Dock_Toolbar_B
2015-11-08 08:54 - 2013-05-13 10:27 - 00000000 ____D C:\Documents and Settings\Invité\Application Data\PriceGong
2015-11-08 08:53 - 2015-07-31 09:08 - 00000000 ____D C:\Documents and Settings\Invité\Application Data\Mozilla
2015-11-08 08:53 - 2015-07-08 14:48 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Mes documents\Photos Baptême Gabin
2015-11-08 08:53 - 2013-06-21 22:43 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Mes documents\photos gabin
2015-11-08 08:53 - 2011-12-07 11:34 - 00000000 ____D C:\Documents and Settings\Invité\Application Data\Adobe
2015-11-08 08:53 - 2011-10-06 18:14 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Mes documents\Symantec
2015-11-08 08:53 - 2011-10-06 16:44 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Mes documents\Téléchargements
2015-11-08 08:53 - 2011-03-29 19:59 - 00000000 ___HD C:\Documents and Settings\HP_Administrateur\Modèles
2015-11-08 08:51 - 2015-07-10 15:10 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Mes documents\Nouveau dossier
2015-11-08 08:51 - 2013-12-12 10:52 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Mes documents\PC Speed Maximizer
2015-11-08 08:51 - 2013-06-21 22:45 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Mes documents\Nouveau dossier (2)
2015-11-08 08:51 - 2011-03-29 19:59 - 00000000 ___RD C:\Documents and Settings\HP_Administrateur\Mes documents\Mes images
2015-11-08 08:42 - 2013-12-20 10:05 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Mobogenie
2015-11-08 08:41 - 2015-04-29 17:49 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\HP
2015-11-08 08:41 - 2013-04-15 16:49 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Conduit
2015-11-08 08:40 - 2014-04-28 17:58 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\AVG Secure Search
2015-11-08 08:40 - 2013-04-15 16:49 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Bubble_Dock_Toolbar_B
2015-11-08 08:14 - 2015-01-11 18:00 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Bureau\Photos appartement
2015-11-08 08:14 - 2013-10-10 18:29 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Application Data\Uniblue
2015-11-08 08:14 - 2013-04-12 15:14 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Application Data\Babylon
2015-11-08 08:14 - 2011-10-06 16:28 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla
2015-11-08 08:14 - 2011-03-29 19:58 - 00000000 ____D C:\Documents and Settings\Default User\Mes documents\Mes images
2015-11-08 08:14 - 2011-03-29 16:43 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Application Data\Adobe
2015-11-08 08:14 - 2005-11-15 03:23 - 00000000 ___HD C:\Documents and Settings\Default User\Modèles
2015-11-08 08:14 - 2005-11-15 03:23 - 00000000 ___HD C:\Documents and Settings\Default User
2015-11-08 08:14 - 2005-11-12 01:08 - 00000000 ___RD C:\Documents and Settings\Default User\Mes documents
2015-11-08 08:13 - 2011-11-16 19:00 - 00000000 ___RD C:\Documents and Settings\danie\Mes documents\Mes images
2015-11-08 08:13 - 2011-11-16 19:00 - 00000000 ___HD C:\Documents and Settings\danie\Modèles
2015-11-08 08:13 - 2011-11-16 19:00 - 00000000 ____D C:\Documents and Settings\danie
2015-11-07 21:12 - 2011-11-16 19:10 - 00000000 ____D C:\Documents and Settings\danie\Application Data\Adobe
2015-11-07 21:12 - 2006-08-12 02:55 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2015-11-07 21:12 - 2005-11-15 03:23 - 00000000 ____D C:\Documents and Settings\All Users
2015-11-07 21:10 - 2014-12-10 23:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Web TuneUp
2015-11-07 21:10 - 2014-12-10 23:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2015-11-07 21:10 - 2014-05-08 17:30 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ma-config.com
2015-11-07 21:10 - 2013-04-12 15:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2013
2015-11-07 21:10 - 2011-03-30 04:44 - 00000000 ___RD C:\Documents and Settings\Administrateur\Mes documents
2015-11-07 21:10 - 2006-08-12 01:48 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SBSI
2015-11-07 21:10 - 2005-11-15 03:23 - 00000000 ___HD C:\Documents and Settings\Administrateur\Modèles
2015-11-07 21:10 - 2005-11-15 03:23 - 00000000 ____D C:\Documents and Settings\Administrateur
2015-11-07 21:10 - 2005-11-15 03:22 - 00000000 ____D C:\Documents and Settings\Administrateur\Mes documents\Mes images
2015-11-07 21:09 - 2014-05-08 17:06 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Mozilla
2015-11-07 21:09 - 2014-05-08 16:39 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google
2015-11-07 21:09 - 2013-04-12 15:20 - 00000000 ___HD C:\$AVG
2015-10-28 08:23 - 2015-06-10 19:09 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2015-10-28 08:22 - 2015-10-26 09:05 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avg_Update_1015tb
2015-10-27 08:57 - 2014-11-17 09:24 - 00000000 ____D C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Boxore

==================== Fichiers à la racine de certains dossiers =======

2014-02-10 19:39 - 2014-02-10 19:40 - 0000567 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\aps.scan.quick.results
2013-04-12 15:15 - 2013-04-12 15:18 - 0001262 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\Bubble Dock.boostrap.log
2013-04-12 15:15 - 2014-05-08 17:38 - 0029662 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\Bubble Dock.installation.log
2015-11-08 08:14 - 2015-11-08 08:14 - 0009130 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\HELP_DECRYPT.HTML
2015-11-08 08:14 - 2015-11-08 08:14 - 0048045 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\HELP_DECRYPT.PNG
2015-11-08 08:14 - 2015-11-08 08:14 - 0004756 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\HELP_DECRYPT.TXT
2015-11-08 08:14 - 2015-11-08 08:14 - 0000300 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\HELP_DECRYPT.URL
2011-04-01 13:06 - 2011-04-01 13:06 - 0003584 _____ () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-29 19:59 - 2013-04-12 15:35 - 0000140 _____ () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\fusioncache.dat
2015-11-08 08:42 - 2015-11-08 08:42 - 0009130 _____ () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-11-08 08:42 - 2015-11-08 08:42 - 0048045 _____ () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\HELP_DECRYPT.PNG
2015-11-08 08:42 - 2015-11-08 08:42 - 0004756 _____ () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-11-08 08:42 - 2015-11-08 08:42 - 0000300 _____ () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\HELP_DECRYPT.URL
2013-10-23 15:13 - 2013-10-23 15:13 - 20480000 _____ () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\store-pp.jbs
2015-11-07 21:12 - 2015-11-07 21:12 - 0009130 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.HTML
2015-11-07 21:12 - 2015-11-07 21:12 - 0047948 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.PNG
2015-11-07 21:12 - 2015-11-07 21:12 - 0004756 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.TXT
2015-11-07 21:12 - 2015-11-07 21:12 - 0000300 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.URL
2004-08-10 12:00 - 2008-04-14 03:34 - 0080384 ___SH () C:\Documents and Settings\All Users\msiczvg.exe

Fichiers à déplacer ou supprimer:
====================
C:\Documents and Settings\All Users\msiczvg.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité