Publicité
Publicité
Commentaire : FRST.txt
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:16-12-2015 01
Exécuté par François (administrateur) sur ADMIN-PC (16-12-2015 16:20:49)
Exécuté depuis C:\Users\Admin\Downloads
Profils chargés: François (Profils disponibles: François)
Platform: Windows 10 Pro (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\loggingserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4645\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6382\Battle.net.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
Impossible d'accéder au processus -> Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
Impossible d'accéder au processus -> nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Impossible d'accéder au processus -> nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\cleanmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [4193280 2015-12-12] (Vitzo)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3780008 2015-10-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2811792 2015-12-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.)
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.)
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\...\MountPoints2: {1245995d-a3eb-11e5-8d72-0862662613b7} - "D:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [583680 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\..\Interfaces\{e1ccfa47-6014-4a0b-99d9-30ccef9ccf74}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.atcomet.com/b/
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-2407023709-1011807550-9218861-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={554E9042-39E2-448E-97FD-8EA460C325EC}&mid=843b2bdeddf547cdbf62d92b20c2fa44-b60a315a245bfa4eadc19e1323b87d7c504543b8&lang=fr&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-04-26 10:41:57&v=4.1.6.294&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-26] (Oracle Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.3.128\AVG Web TuneUp.dll [2015-12-13] (AVG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-26] (Oracle Corporation)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.3.128\AVG Web TuneUp.dll [2015-12-13] (AVG)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-10] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.3\\npsitesafety.dll [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2407023709-1011807550-9218861-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2407023709-1011807550-9218861-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-10-31] ()
Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxps://www.google.fr/","hxxp://istart.webssearches.com/?type=hp&ts=1397842026&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1397842825&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398014827&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398065660&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398079919&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398268635&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398338833&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398529858&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398604541&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398615897&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398702750&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398770703&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398792978&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1399207925&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1399569228&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1399660453&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400050821&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400217787&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400326027&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400398653&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400498894&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400562324&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400874552&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400876671&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1401951500&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1403629220&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1404033827&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1404894255&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1404918666&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1405016821&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1405260211&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxps://www.google.fr/webhp?source=search_app&gws_rd=cr&ei=ZDZcUrLOEeao0AWF34HADQ"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Facebook) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-03-21]
CHR Extension: (AVG Secure Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-11-15]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (ZeratoR) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddjkdjlmooeobhagmmadigadffijpoio [2015-08-10]
CHR Extension: (Skyyart Live Extension) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioibekcejncfgenmkgopcbmbolmgmocm [2015-10-30]
CHR Extension: (Jiraya) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmmmcnfbcinhmphcbadgbfkalkmagiog [2015-08-10]
CHR Extension: (DominGo Live Extension) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkbkaknlncjiplhgcaomjkcnhbpkiek [2015-05-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [dhigneefebkcagnpnpbibganpmfgebnk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3642280 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-10-30] (AVG Technologies CZ, s.r.o.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-05-01] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [Fichier non signé]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 vToolbarUpdater40.2.3; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\ToolbarUpdater.exe [1923984 2015-12-13] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-13] ()
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-10-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-05-02] (BitRaider)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 SaiK1705; C:\Windows\system32\DRIVERS\SaiK1705.sys [180584 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU1705; C:\Windows\System32\drivers\SaiU1705.sys [47208 2012-09-20] (Saitek)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; pas de ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2015-12-16 16:20 - 2015-12-16 16:21 - 00023758 _____ C:\Users\Admin\Downloads\FRST.txt
2015-12-16 16:20 - 2015-12-16 16:20 - 00000000 ____D C:\FRST
2015-12-16 16:18 - 2015-12-16 16:20 - 02370048 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2015-12-16 13:01 - 2015-12-16 13:01 - 00026880 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\Drivers\wdcsam64.sys
2015-12-16 13:00 - 2015-12-16 13:00 - 00000000 ___HD C:\OneDriveTemp
2015-12-16 12:48 - 2015-12-16 12:48 - 00016148 _____ C:\WINDOWS\system32\ADMIN-PC_François_HistoryPrediction.bin
2015-12-15 19:23 - 2015-12-15 19:25 - 00001939 _____ C:\Users\Public\Desktop\VDownloader.lnk
2015-12-15 19:20 - 2015-12-15 19:22 - 49833320 _____ (Vitzo Limited ) C:\Users\Admin\Downloads\VDownloaderSetup.exe
2015-12-15 18:22 - 2015-12-15 18:22 - 00000000 ____D C:\Users\Admin\AppData\Roaming\JAM Software
2015-12-15 18:22 - 2015-12-15 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2015-12-15 18:22 - 2015-12-15 18:22 - 00000000 ____D C:\Program Files (x86)\JAM Software
2015-12-15 18:14 - 2015-12-15 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-12-14 21:00 - 2015-12-14 21:00 - 02732211 _____ () C:\Users\Admin\Desktop\Test_EditeurDeTirs.exe
2015-12-13 13:44 - 2015-12-14 21:06 - 02765336 _____ () C:\Users\Admin\Desktop\MiniGame.exe
2015-12-13 10:23 - 2015-12-13 10:23 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2015-12-13 10:23 - 2015-12-13 10:23 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2015-12-13 10:16 - 2015-12-13 10:16 - 00000000 ____D C:\Users\Admin\AppData\Local\Ubisoft
2015-12-12 11:01 - 2015-12-12 12:00 - 753075525 _____ C:\Users\Admin\Desktop\BBT_wtf.wmv
2015-12-07 18:36 - 2015-12-07 18:36 - 00000411 _____ C:\Users\Admin\Desktop\ESP.txt
2015-12-06 11:05 - 2015-12-06 11:06 - 00000000 ____D C:\Program Files (x86)\Heroes of Might and Magic III
2015-12-05 18:08 - 2015-12-05 18:09 - 00000000 ____D C:\Users\Admin\Desktop\Heroes of Might and Magic III Complete + Francois
2015-12-04 19:37 - 2015-12-04 19:37 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-04 13:27 - 2015-12-04 13:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-04 13:02 - 2015-12-04 13:02 - 00000000 ____D C:\ProgramData\Avg_Update_1215av
2015-12-01 19:30 - 2015-12-01 19:30 - 00000000 ____D C:\Users\Admin\AppData\Local\PeerDistRepub
2015-11-29 16:29 - 2015-11-29 16:29 - 00000000 ____D C:\Users\Admin\AppData\Roaming\com.freakinware.mitosis
2015-11-29 14:02 - 2015-11-29 14:02 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Space Wedgie LLC
2015-11-22 16:30 - 2015-11-22 16:30 - 00002050 _____ C:\Users\Admin\Unturned - Server - Survie.lnk
2015-11-21 22:19 - 2015-11-21 22:19 - 00001554 _____ C:\Users\Admin\Unturned - Raccourci.lnk
2015-11-21 21:34 - 2015-11-22 14:37 - 00002044 _____ C:\Users\Admin\Unturned - Server - PvP.lnk
2015-11-17 17:48 - 2015-12-15 18:14 - 00000000 ____D C:\Program Files\McAfee Security Scan
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2015-12-16 16:21 - 2015-03-27 18:04 - 00000000 ____D C:\Users\Admin\AppData\Local\Battle.net
2015-12-16 16:20 - 2015-07-10 10:47 - 00000000 ____D C:\Windows
2015-12-16 16:17 - 2015-03-21 12:56 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2015-12-16 16:02 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-16 15:57 - 2015-04-22 14:27 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2015-12-16 15:56 - 2015-03-27 18:06 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-12-16 15:54 - 2015-03-21 19:09 - 00000000 ____D C:\Fraps
2015-12-16 15:53 - 2015-10-15 17:19 - 00000000 ____D C:\Users\Admin
2015-12-16 15:44 - 2015-07-30 23:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-16 15:34 - 2015-03-21 12:47 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-16 15:31 - 2015-04-19 09:01 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-16 14:28 - 2015-06-07 16:32 - 00000000 ____D C:\Users\Admin\Action Film
2015-12-16 14:10 - 2015-03-21 12:58 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-16 14:09 - 2015-03-27 18:04 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-16 13:02 - 2015-10-15 17:18 - 02124368 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-16 13:02 - 2015-09-10 06:08 - 00928434 _____ C:\WINDOWS\system32\perfh00C.dat
2015-12-16 13:02 - 2015-09-10 06:08 - 00197194 _____ C:\WINDOWS\system32\perfc00C.dat
2015-12-16 13:02 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2015-12-16 13:00 - 2015-10-15 17:55 - 00000000 ___RD C:\Users\Admin\OneDrive
2015-12-16 12:50 - 2015-03-21 12:47 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-16 12:47 - 2015-04-26 09:29 - 00000000 ____D C:\ProgramData\MFAData
2015-12-15 19:27 - 2015-04-07 15:07 - 00000000 ____D C:\Program Files\VDownloader
2015-12-15 19:23 - 2015-04-07 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader
2015-12-15 18:34 - 2015-04-25 18:32 - 00000000 ____D C:\Users\Admin\Game of Thrones
2015-12-15 18:17 - 2015-03-21 18:59 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2015-12-15 18:13 - 2015-06-07 15:47 - 00000000 ____D C:\Users\Admin\Documents\Action!
2015-12-15 18:02 - 2015-07-20 12:30 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-15 17:56 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-13 10:23 - 2015-04-26 09:41 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-12-12 18:58 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-12 14:58 - 2015-04-30 16:11 - 00000000 ____D C:\Users\Admin\AppData\Local\osu!
2015-12-09 18:19 - 2015-10-15 17:55 - 00002441 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-09 12:14 - 2015-03-21 12:56 - 00000000 ____D C:\ProgramData\Skype
2015-12-07 18:46 - 2015-10-28 12:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mumble
2015-12-04 19:39 - 2015-10-15 18:11 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-04 18:29 - 2015-03-21 12:47 - 00004152 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 18:29 - 2015-03-21 12:47 - 00003920 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 13:28 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-12-03 21:19 - 2015-03-21 14:05 - 00000000 ____D C:\Users\Admin\Wallpaper
2015-12-01 19:35 - 2015-10-15 18:09 - 00000000 ____D C:\Windows.old
2015-11-30 18:22 - 2015-10-15 17:43 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2015-11-30 18:19 - 2015-01-23 11:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-30 18:10 - 2015-01-23 11:10 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-30 18:08 - 2015-03-22 03:40 - 00000000 ____D C:\Users\Public\Documents\SmartTechnology Profiles
2015-11-28 10:28 - 2015-05-31 14:12 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-19 19:42 - 2015-11-08 19:32 - 00000000 ____D C:\Users\Admin\Desktop\Undertale Screenshots
2015-11-18 19:14 - 2015-04-07 15:08 - 00000000 ____D C:\Users\Admin\AppData\Roaming\VDownloader
2015-11-18 18:03 - 2015-04-06 15:00 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
==================== Fichiers à la racine de certains dossiers =======
2015-04-07 15:07 - 2010-01-26 10:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2015-03-09 22:30 - 2015-03-09 22:30 - 0005487 _____ () C:\Users\Admin\AppData\Roaming\AEVRWI
2015-10-03 14:09 - 2015-10-23 21:47 - 0002151 _____ () C:\Users\Admin\AppData\Roaming\SpeedRunnersLog.txt
2015-10-04 14:18 - 2015-10-04 14:18 - 0003292 _____ () C:\Users\Admin\AppData\Roaming\TargetInvocationLog.txt
2015-03-09 22:30 - 2015-03-09 22:30 - 0005487 _____ () C:\Users\Admin\AppData\Roaming\XMZQQO
2015-07-04 21:15 - 2015-07-04 21:15 - 0000000 _____ () C:\Users\Admin\AppData\Local\{E79D52A8-9E1A-4D71-A91F-582F380B98D0}
Fichiers à déplacer ou supprimer:
====================
C:\Users\Admin\Die&ReDie_v1.6.exe
C:\Users\Admin\FlappyBurger.exe
C:\Users\Admin\frout.exe
C:\Users\Admin\ONAF2-V_1.0.exe
C:\Users\Admin\SPOOKY.exe
C:\Users\Admin\SuperBaston_été.exe
Certains fichiers dans TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Admin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
C:\Users\Admin\AppData\Local\Temp\tmpA445.tmp.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2015-12-01 19:29
==================== Fin de FRST.txt ============================
Exécuté par François (administrateur) sur ADMIN-PC (16-12-2015 16:20:49)
Exécuté depuis C:\Users\Admin\Downloads
Profils chargés: François (Profils disponibles: François)
Platform: Windows 10 Pro (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\loggingserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4645\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6382\Battle.net.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
Impossible d'accéder au processus -> Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
Impossible d'accéder au processus -> nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Impossible d'accéder au processus -> nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\cleanmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [4193280 2015-12-12] (Vitzo)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3780008 2015-10-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2811792 2015-12-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.)
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.)
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\...\MountPoints2: {1245995d-a3eb-11e5-8d72-0862662613b7} - "D:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [583680 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\..\Interfaces\{e1ccfa47-6014-4a0b-99d9-30ccef9ccf74}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.atcomet.com/b/
HKU\S-1-5-21-2407023709-1011807550-9218861-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-2407023709-1011807550-9218861-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={554E9042-39E2-448E-97FD-8EA460C325EC}&mid=843b2bdeddf547cdbf62d92b20c2fa44-b60a315a245bfa4eadc19e1323b87d7c504543b8&lang=fr&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-04-26 10:41:57&v=4.1.6.294&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-26] (Oracle Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.3.128\AVG Web TuneUp.dll [2015-12-13] (AVG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-26] (Oracle Corporation)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.3.128\AVG Web TuneUp.dll [2015-12-13] (AVG)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-10] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.3\\npsitesafety.dll [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2407023709-1011807550-9218861-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2407023709-1011807550-9218861-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-10-31] ()
Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxps://www.google.fr/","hxxp://istart.webssearches.com/?type=hp&ts=1397842026&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1397842825&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398014827&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398065660&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398079919&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398268635&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398338833&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398529858&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398604541&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398615897&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398702750&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398770703&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1398792978&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1399207925&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1399569228&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1399660453&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400050821&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400217787&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400326027&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400398653&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400498894&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400562324&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400874552&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1400876671&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1401951500&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1403629220&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1404033827&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1404894255&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1404918666&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1405016821&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxp://istart.webssearches.com/?type=hppp&ts=1405260211&from=tugs&uid=ST320LT007-9ZV142_W0Q95CFNXXXXW0Q95CFN","hxxps://www.google.fr/webhp?source=search_app&gws_rd=cr&ei=ZDZcUrLOEeao0AWF34HADQ"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Facebook) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-03-21]
CHR Extension: (AVG Secure Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-11-15]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (ZeratoR) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddjkdjlmooeobhagmmadigadffijpoio [2015-08-10]
CHR Extension: (Skyyart Live Extension) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioibekcejncfgenmkgopcbmbolmgmocm [2015-10-30]
CHR Extension: (Jiraya) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmmmcnfbcinhmphcbadgbfkalkmagiog [2015-08-10]
CHR Extension: (DominGo Live Extension) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkbkaknlncjiplhgcaomjkcnhbpkiek [2015-05-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [dhigneefebkcagnpnpbibganpmfgebnk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3642280 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-10-30] (AVG Technologies CZ, s.r.o.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-05-01] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [Fichier non signé]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 vToolbarUpdater40.2.3; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\ToolbarUpdater.exe [1923984 2015-12-13] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-13] ()
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-10-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-05-02] (BitRaider)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 SaiK1705; C:\Windows\system32\DRIVERS\SaiK1705.sys [180584 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU1705; C:\Windows\System32\drivers\SaiU1705.sys [47208 2012-09-20] (Saitek)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; pas de ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2015-12-16 16:20 - 2015-12-16 16:21 - 00023758 _____ C:\Users\Admin\Downloads\FRST.txt
2015-12-16 16:20 - 2015-12-16 16:20 - 00000000 ____D C:\FRST
2015-12-16 16:18 - 2015-12-16 16:20 - 02370048 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2015-12-16 13:01 - 2015-12-16 13:01 - 00026880 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\Drivers\wdcsam64.sys
2015-12-16 13:00 - 2015-12-16 13:00 - 00000000 ___HD C:\OneDriveTemp
2015-12-16 12:48 - 2015-12-16 12:48 - 00016148 _____ C:\WINDOWS\system32\ADMIN-PC_François_HistoryPrediction.bin
2015-12-15 19:23 - 2015-12-15 19:25 - 00001939 _____ C:\Users\Public\Desktop\VDownloader.lnk
2015-12-15 19:20 - 2015-12-15 19:22 - 49833320 _____ (Vitzo Limited ) C:\Users\Admin\Downloads\VDownloaderSetup.exe
2015-12-15 18:22 - 2015-12-15 18:22 - 00000000 ____D C:\Users\Admin\AppData\Roaming\JAM Software
2015-12-15 18:22 - 2015-12-15 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2015-12-15 18:22 - 2015-12-15 18:22 - 00000000 ____D C:\Program Files (x86)\JAM Software
2015-12-15 18:14 - 2015-12-15 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-12-14 21:00 - 2015-12-14 21:00 - 02732211 _____ () C:\Users\Admin\Desktop\Test_EditeurDeTirs.exe
2015-12-13 13:44 - 2015-12-14 21:06 - 02765336 _____ () C:\Users\Admin\Desktop\MiniGame.exe
2015-12-13 10:23 - 2015-12-13 10:23 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2015-12-13 10:23 - 2015-12-13 10:23 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2015-12-13 10:16 - 2015-12-13 10:16 - 00000000 ____D C:\Users\Admin\AppData\Local\Ubisoft
2015-12-12 11:01 - 2015-12-12 12:00 - 753075525 _____ C:\Users\Admin\Desktop\BBT_wtf.wmv
2015-12-07 18:36 - 2015-12-07 18:36 - 00000411 _____ C:\Users\Admin\Desktop\ESP.txt
2015-12-06 11:05 - 2015-12-06 11:06 - 00000000 ____D C:\Program Files (x86)\Heroes of Might and Magic III
2015-12-05 18:08 - 2015-12-05 18:09 - 00000000 ____D C:\Users\Admin\Desktop\Heroes of Might and Magic III Complete + Francois
2015-12-04 19:37 - 2015-12-04 19:37 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-04 13:27 - 2015-12-04 13:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-04 13:02 - 2015-12-04 13:02 - 00000000 ____D C:\ProgramData\Avg_Update_1215av
2015-12-01 19:30 - 2015-12-01 19:30 - 00000000 ____D C:\Users\Admin\AppData\Local\PeerDistRepub
2015-11-29 16:29 - 2015-11-29 16:29 - 00000000 ____D C:\Users\Admin\AppData\Roaming\com.freakinware.mitosis
2015-11-29 14:02 - 2015-11-29 14:02 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Space Wedgie LLC
2015-11-22 16:30 - 2015-11-22 16:30 - 00002050 _____ C:\Users\Admin\Unturned - Server - Survie.lnk
2015-11-21 22:19 - 2015-11-21 22:19 - 00001554 _____ C:\Users\Admin\Unturned - Raccourci.lnk
2015-11-21 21:34 - 2015-11-22 14:37 - 00002044 _____ C:\Users\Admin\Unturned - Server - PvP.lnk
2015-11-17 17:48 - 2015-12-15 18:14 - 00000000 ____D C:\Program Files\McAfee Security Scan
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2015-12-16 16:21 - 2015-03-27 18:04 - 00000000 ____D C:\Users\Admin\AppData\Local\Battle.net
2015-12-16 16:20 - 2015-07-10 10:47 - 00000000 ____D C:\Windows
2015-12-16 16:17 - 2015-03-21 12:56 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2015-12-16 16:02 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-16 15:57 - 2015-04-22 14:27 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2015-12-16 15:56 - 2015-03-27 18:06 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-12-16 15:54 - 2015-03-21 19:09 - 00000000 ____D C:\Fraps
2015-12-16 15:53 - 2015-10-15 17:19 - 00000000 ____D C:\Users\Admin
2015-12-16 15:44 - 2015-07-30 23:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-16 15:34 - 2015-03-21 12:47 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-16 15:31 - 2015-04-19 09:01 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-16 14:28 - 2015-06-07 16:32 - 00000000 ____D C:\Users\Admin\Action Film
2015-12-16 14:10 - 2015-03-21 12:58 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-16 14:09 - 2015-03-27 18:04 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-16 13:02 - 2015-10-15 17:18 - 02124368 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-16 13:02 - 2015-09-10 06:08 - 00928434 _____ C:\WINDOWS\system32\perfh00C.dat
2015-12-16 13:02 - 2015-09-10 06:08 - 00197194 _____ C:\WINDOWS\system32\perfc00C.dat
2015-12-16 13:02 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2015-12-16 13:00 - 2015-10-15 17:55 - 00000000 ___RD C:\Users\Admin\OneDrive
2015-12-16 12:50 - 2015-03-21 12:47 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-16 12:47 - 2015-04-26 09:29 - 00000000 ____D C:\ProgramData\MFAData
2015-12-15 19:27 - 2015-04-07 15:07 - 00000000 ____D C:\Program Files\VDownloader
2015-12-15 19:23 - 2015-04-07 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader
2015-12-15 18:34 - 2015-04-25 18:32 - 00000000 ____D C:\Users\Admin\Game of Thrones
2015-12-15 18:17 - 2015-03-21 18:59 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2015-12-15 18:13 - 2015-06-07 15:47 - 00000000 ____D C:\Users\Admin\Documents\Action!
2015-12-15 18:02 - 2015-07-20 12:30 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-15 17:56 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-13 10:23 - 2015-04-26 09:41 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-12-12 18:58 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-12 14:58 - 2015-04-30 16:11 - 00000000 ____D C:\Users\Admin\AppData\Local\osu!
2015-12-09 18:19 - 2015-10-15 17:55 - 00002441 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-09 12:14 - 2015-03-21 12:56 - 00000000 ____D C:\ProgramData\Skype
2015-12-07 18:46 - 2015-10-28 12:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mumble
2015-12-04 19:39 - 2015-10-15 18:11 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-04 18:29 - 2015-03-21 12:47 - 00004152 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 18:29 - 2015-03-21 12:47 - 00003920 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 13:28 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-12-03 21:19 - 2015-03-21 14:05 - 00000000 ____D C:\Users\Admin\Wallpaper
2015-12-01 19:35 - 2015-10-15 18:09 - 00000000 ____D C:\Windows.old
2015-11-30 18:22 - 2015-10-15 17:43 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2015-11-30 18:19 - 2015-01-23 11:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-30 18:10 - 2015-01-23 11:10 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-30 18:08 - 2015-03-22 03:40 - 00000000 ____D C:\Users\Public\Documents\SmartTechnology Profiles
2015-11-28 10:28 - 2015-05-31 14:12 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-19 19:42 - 2015-11-08 19:32 - 00000000 ____D C:\Users\Admin\Desktop\Undertale Screenshots
2015-11-18 19:14 - 2015-04-07 15:08 - 00000000 ____D C:\Users\Admin\AppData\Roaming\VDownloader
2015-11-18 18:03 - 2015-04-06 15:00 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
==================== Fichiers à la racine de certains dossiers =======
2015-04-07 15:07 - 2010-01-26 10:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2015-03-09 22:30 - 2015-03-09 22:30 - 0005487 _____ () C:\Users\Admin\AppData\Roaming\AEVRWI
2015-10-03 14:09 - 2015-10-23 21:47 - 0002151 _____ () C:\Users\Admin\AppData\Roaming\SpeedRunnersLog.txt
2015-10-04 14:18 - 2015-10-04 14:18 - 0003292 _____ () C:\Users\Admin\AppData\Roaming\TargetInvocationLog.txt
2015-03-09 22:30 - 2015-03-09 22:30 - 0005487 _____ () C:\Users\Admin\AppData\Roaming\XMZQQO
2015-07-04 21:15 - 2015-07-04 21:15 - 0000000 _____ () C:\Users\Admin\AppData\Local\{E79D52A8-9E1A-4D71-A91F-582F380B98D0}
Fichiers à déplacer ou supprimer:
====================
C:\Users\Admin\Die&ReDie_v1.6.exe
C:\Users\Admin\FlappyBurger.exe
C:\Users\Admin\frout.exe
C:\Users\Admin\ONAF2-V_1.0.exe
C:\Users\Admin\SPOOKY.exe
C:\Users\Admin\SuperBaston_été.exe
Certains fichiers dans TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Admin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
C:\Users\Admin\AppData\Local\Temp\tmpA445.tmp.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2015-12-01 19:29
==================== Fin de FRST.txt ============================