Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:13-04-2016
Exécuté par Administrateur (administrateur) sur ADMIN-7E39C1EE9 (15-04-2016 20:26:52)
Exécuté depuis C:\Documents and Settings\Administrateur\Mes documents\Downloads
Profils chargés: Administrateur (Profils disponibles: Administrateur)
Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCD.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Nero AG) C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe
(Avanquest) C:\Documents and Settings\Administrateur\Local Settings\Application Data\Privacy Protector Plus\PPPSchedule.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
(Infineon Technologies AG) C:\WINDOWS\system32\IFXSPMGT.exe
(Infineon Technologies AG) C:\WINDOWS\system32\IFXTCS.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(Hewlett-Packard Company) C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
(AppVerifierService) C:\Documents and Settings\All Users\Application Data\ValidatorPC\PCValidatorService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(Infineon Technologies AG) C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(AVG Secure Search) C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\40.2.9\ToolbarUpdater.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Nero AG) C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Nero AG) C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
(Infineon Technologies AG) C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [872448 2007-01-05] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [729088 2006-07-13] (Analog Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1028096 2008-01-18] (Synaptics, Inc.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [177456 2007-10-19] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [PTHOSTTR] => C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [145184 2007-01-09] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5048488 2009-09-12] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [357384 2009-09-12] (Acronis)
HKLM\...\Run: [SecurDisc] => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [1629480 2007-06-25] (Nero AG)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2003-12-08] (Cyberlink Corp.)
HKLM\...\Run: [InCD] => C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057064 2007-06-25] (Nero AG)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3930384 2016-04-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2885704 2016-04-13] ()
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-03-23] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\IfxWlxEN: C:\WINDOWS\system32\IfxWlxEN.dll [2006-03-03] (Infineon Technologies AG)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [LightScribe Control Panel] => C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [455968 2007-10-18] (Hewlett-Packard Company)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [ByteFence] => C:\Program Files\ByteFence\ByteFence.exe [1376184 2015-12-31] (Byte Technologies LLC)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [Privacy Protector Plus] => C:\Documents and Settings\Administrateur\Local Settings\Application Data\Privacy Protector Plus\PPPSchedule.exe [445280 2015-04-23] (Avanquest)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [prsetup.exe] => C:\Documents and Settings\Administrateur\Local Settings\Temp\is-O4VBH.tmp\prsetup.exe [538772 2016-03-04] (Yandere Dev ) <===== ATTENTION
AppInit_DLLs: c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll => Pas de fichier
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk [2014-06-26]
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyEnable: [.DEFAULT] => Proxy est activé.
ProxyServer: [.DEFAULT] => http=127.0.0.1:1141;https=127.0.0.1:1141;
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:1141;https=127.0.0.1:1141;
ProxyServer: [S-1-5-21-57989841-2077806209-1177238915-500] => http=127.0.0.1:1141;https=127.0.0.1:1141
AutoConfigURL: [S-1-5-21-57989841-2077806209-1177238915-500] => http=127.0.0.1:1141;https=127.0.0.1:1141
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4D2F3F78-DFCE-4E65-80AC-4AFD6506467E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55549E43-A809-4538-9141-22A06176FA40}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=221&b=3&installkey=7hZmi8GhxbFjg64xzzQh
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-57989841-2077806209-1177238915-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie
HKU\S-1-5-21-57989841-2077806209-1177238915-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=221&b=3&installkey=7hZmi8GhxbFjg64xzzQh
URLSearchHook: HKU\S-1-5-21-57989841-2077806209-1177238915-500 - (Pas de nom) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Pas de fichier
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_d4w_16_09¶m1=1¶m2=f%3D2%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0AyBtA0A0Fzy0DyDzzzztA0CzytN0D0Tzu0StCyDtBtDtN1L2XzutAtFtCzytFtCtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2StD0C0EzzzytAzz0FtGyC0E0A0CtGyB0DtC0FtGyC0AtAtDtGzyzzyEtDyC0FzztD0B0FyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDyD0Fzz0B0CzytGtA0EtCtDtGyE0B0AtDtG0AtAtDzytGzz0B0F0DtCzz0CyE0EzytDyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyCyByC%26cr%3D880287902%26a%3Dwbf_d4w_16_09%26os_ver%3D5.1%26os%3DWindows%2BXP" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=221&installkey=7hZmi8GhxbFjg64xzzQh&b=3&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=221&installkey=7hZmi8GhxbFjg64xzzQh&b=3&q={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_d4w_16_09¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0AyBtA0A0Fzy0DyDzzzztA0CzytN0D0Tzu0StCyDtBtDtN1L2XzutAtFtCzytFtCtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2StD0C0EzzzytAzz0FtGyC0E0A0CtGyB0DtC0FtGyC0AtAtDtGzyzzyEtDyC0FzztD0B0FyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDyD0Fzz0B0CzytGtA0EtCtDtGyE0B0AtDtG0AtAtDzytGzz0B0F0DtCzz0CyE0EzytDyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyCyByC%26cr%3D880287902%26a%3Dwbf_d4w_16_09%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_d4w_16_09¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0AyBtA0A0Fzy0DyDzzzztA0CzytN0D0Tzu0StCyDtBtDtN1L2XzutAtFtCzytFtCtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2StD0C0EzzzytAzz0FtGyC0E0A0CtGyB0DtC0FtGyC0AtAtDtGzyzzyEtDyC0FzztD0B0FyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDyD0Fzz0B0CzytGtA0EtCtDtGyE0B0AtDtG0AtAtDzytGzz0B0F0DtCzz0CyE0EzytDyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyCyByC%26cr%3D880287902%26a%3Dwbf_d4w_16_09%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> DefaultScope {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://www.globasearch.com/?serie=221&installkey=7hZmi8GhxbFjg64xzzQh&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://fr.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://www.globasearch.com/?serie=221&installkey=7hZmi8GhxbFjg64xzzQh&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0CD3CFA8-82A2-4391-B963-897A878497EB}&mid=9ba220e86f1647cda255d15ee23e4b73-f7725d298434dbe3494ae7e066d9c38d8a9d7997&lang=fr&ds=AVG&coid=avgtbavg&cmpid=0316av&pr=fr&d=2016-03-19 11:44:44&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {990A0E88-1A44-47AB-BEC6-CF8961C01477} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {9F7FEBED-F524-422B-9CE8-1B799E9072C6} URL = hxxp://searchsimple-a.akamaihd.net/?affID=is&q={searchTerms}&r=856
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto24_14_41&cd=2XzuyEtN2Y1L1QzutDtDtC0AyBtA0A0Fzy0DyDzzzztA0CzytN0D0Tzu0StCtDtBzytN1L2XzutAtFyDtFtCtFtCtN1L1Czu1N1C2X1V2Z2Y2Z1FtByE1VtCyE1VyEtCtN1L1G1B1V1N2Y1L1Qzu2StD0FyEtByB0A0BtBtG0F0AyEyBtGtA0EtAyDtG0D0Czy0EtGyCyCzy0FyEtBtCyByD0FtBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0BtBtAyC0FyBzztGyCtDzzyBtGyEzzyCyDtGzytByCyDtGzytCyC0Fzy0DyBzzyD0FtBtA2Q&cr=982456527&ir=
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414145119&from=tugs&uid=ST96812AS_5PJBMJ3ZXXXX5PJBMJ3Z&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO: Pas de nom -> {51420F88-4D4A-4042-9509-8D4E1307910E} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-28] (Oracle Corporation)
BHO: Pas de nom -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> Pas de fichier
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.9.726\AVG Web TuneUp.dll [2016-04-13] (AVG)
BHO: Pas de nom -> {D9D6CFA3-2880-47D4-A001-FA4E6308C350} -> Pas de fichier
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-28] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> est activé.
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default
FF NewTab: hxxp://www.globasearch.com/?serie=221&b=2&installkey=7hZmi8GhxbFjg64xzzQh&newtab
FF DefaultSearchEngine: Google
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.globasearch.com/?serie=221&b=2&installkey=7hZmi8GhxbFjg64xzzQh
FF Keyword.URL: hxxp://fr.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bfr-is__alt__ddc_dss_bd_com&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Fichiers communs\AVG Secure Search\SiteSafetyInstaller\40.2.9\\npsitesafety.dll [Pas de fichier]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-28] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Pas de fichier]
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Pas de fichier]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-57989841-2077806209-1177238915-500: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-57989841-2077806209-1177238915-500: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Administrateur\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-11] (Unity Technologies ApS)
FF user.js: detected! => C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\user.js [2014-10-25]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\avg-secure-search.xml [2016-04-13]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\bingp.xml [2014-08-13]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\dsrlte.xml [2015-02-01]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\dsrlte1.xml [2015-07-28]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\Groovorio.xml [2014-11-03]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\search-simple.xml [2015-07-28]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\yahoo-avast.xml [2015-08-02]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\omiga-plus.xml [2014-10-24]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-04-13]
FF Extension: AVG Web TuneUp - C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\Extensions\avg@toolbar.xpi [2016-04-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-04-20] [non signé]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\extensions\faststartff@gmail.com => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}] - C:\Program Files\Mozilla Firefox\extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6} => non trouvé(e)
FF HKU\.DEFAULT\...\Firefox\Extensions: [{9514B099-23BF-9632-CED0-0FD778C903D8}] - C:\Program Files\ver0SpeeditUp\181.xpi
FF Extension: SpeeditUp - C:\Program Files\ver0SpeeditUp\181.xpi [2014-10-24] [non signé]
StartMenuInternet: FIREFOX.EXE - firefox.exe
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\!9FF1B1138AA00C5EDC33A1C1DBE5FA859FF1.js [2015-12-17] <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\9FF1B1138AA00C5EDC33A1C1DBE5FA859FF1 [2015-12-17] <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\BFC00A84EAE48C401E639837336A6601BFC0 [2015-09-08] <==== ATTENTION
Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR RestoreOnStartup: Default -> "hxxp://fr.search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-is__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxps://www.google.fr/webhp?sourceid=chrome-instant&rlz=1C1GGGE_frFR605FR607&ion=1&espv=2&ie=UTF-8","hxxp://navarre.ent27.fr/sg.do?PROC=PAGE_ACCUEIL","hxxps://www.facebook.com/","hxxps://www.youtube.com/?hl=fr&gl=FR"
CHR Profile: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Clash Of.Clans Black) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bdclhchjgdancnfmfembkeockklebhdc [2016-04-05]
CHR Extension: (AVG Secure Search) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-03-19]
CHR Extension: (GamingWonderland) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eeojlpepoljdpaoiplnlhcfkoigijimc [2016-04-06]
CHR Extension: (Test Quizz) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gfijhfebkjglfnlldfmggddcdijcakki [2016-03-29]
CHR Extension: (PConverter) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mpkhmmacbjndakceaikggpnnnddijeen [2016-04-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (ProductivityBoss) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\poickeeehimalfeceghopkmbjdbpbpie [2016-04-06]
CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx
CHR HKU\S-1-5-21-57989841-2077806209-1177238915-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-57989841-2077806209-1177238915-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1414145119&from=tugs&uid=ST96812AS_5PJBMJ3ZXXXX5PJBMJ3Z
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcrSch2Svc; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [660520 2009-09-12] (Acronis)
R2 afcdpsrv; C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe [2326920 2014-06-26] (Acronis)
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1615192 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3993088 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [886032 2016-03-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [593880 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 btwdins; C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [258103 2006-02-15] (Broadcom Corporation.) [Fichier non signé]
R2 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [Fichier non signé]
S3 IDriverT; c:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 IFXSpMgtSrv; C:\WINDOWS\system32\IFXSPMGT.exe [507904 2006-03-03] (Infineon Technologies AG) [Fichier non signé]
R2 IFXTCS; C:\WINDOWS\system32\IFXTCS.exe [741376 2006-03-03] (Infineon Technologies AG) [Fichier non signé]
R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1552680 2007-06-25] (Nero AG)
R2 LightScribeService; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [79136 2007-10-18] (Hewlett-Packard Company)
R3 NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 PCValidator; C:\Documents and Settings\All Users\Application Data\ValidatorPC\PCValidatorService.exe [29696 2015-11-04] (AppVerifierService) [Fichier non signé]
R2 PersonalSecureDriveService; C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE [99872 2005-11-29] (Infineon Technologies AG)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [254264 2016-03-23] ()
R2 vToolbarUpdater40.2.9; C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\40.2.9\ToolbarUpdater.exe [1964616 2016-04-13] (AVG Secure Search)
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1223752 2016-04-13] ()
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 ATSWPDRV; C:\WINDOWS\System32\DRIVERS\ATSwpDrv.sys [146560 2007-08-28] (AuthenTec, Inc.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134944 2016-02-16] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [235808 2016-03-07] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207792 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [189216 2016-03-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [61216 2016-03-08] (AVG Technologies CZ, s.r.o.)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1123328 2014-06-26] (Broadcom Corp.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [1342570 2006-02-15] (Broadcom Corporation.) [Fichier non signé]
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [57096 2006-02-15] (Broadcom Corporation.) [Fichier non signé]
R3 GTIPCI21; C:\WINDOWS\System32\DRIVERS\gtipci21.sys [88192 2006-09-14] (Texas Instruments)
R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [36352 2005-10-21] (Infineon Technologies AG)
R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [119080 2007-06-25] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [36776 2007-06-25] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16040 2007-06-25] (Nero AG)
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [38440 2007-06-25] (Nero AG)
S3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2236544 2007-10-31] (Intel Corporation)
R1 PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [36768 2005-11-29] (Infineon Technologies AG)
R0 tdrpman251; C:\WINDOWS\System32\DRIVERS\tdrpm251.sys [902432 2014-06-26] (Acronis)
S0 cerc6; pas de ImagePath
S3 cpuz134; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
U1 eabfiltr; pas de ImagePath
S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X]
U1 WS2IFSL; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-15 20:26 - 2016-04-15 20:26 - 00000000 ____D C:\FRST
2016-04-15 19:01 - 2016-04-15 19:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2016-04-14 21:19 - 2016-04-14 21:19 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2016-04-14 10:38 - 2016-04-14 10:38 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\AVG
2016-04-14 10:35 - 2016-04-14 10:35 - 00000673 _____ C:\Documents and Settings\All Users\Bureau\AVG Protection.lnk
2016-04-14 10:28 - 2016-04-14 10:33 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avg
2016-04-14 10:24 - 2016-04-14 10:28 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\AvgSetupLog
2016-04-08 19:50 - 2016-04-08 20:50 - 05934784 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2016-04-06 21:05 - 2016-04-15 19:43 - 00001130 _____ C:\appverifier.txt
2016-04-05 17:10 - 2016-04-05 17:10 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Unity
2016-03-27 14:53 - 2016-03-27 14:53 - 00000068 _____ C:\appmanager.txt
2016-03-27 14:52 - 2016-03-27 14:55 - 00000000 ____D C:\Program Files\PC-Speedup-Pro
2016-03-27 14:52 - 2016-03-27 14:55 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\appmanager
2016-03-27 14:52 - 2016-03-27 14:53 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ValidatorPC
2016-03-27 14:52 - 2016-03-27 14:52 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PC-Speedup-Pro
2016-03-27 14:52 - 2016-03-27 14:52 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PCSpeedupPro.net
2016-03-27 14:52 - 2016-03-27 14:52 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\pcspeeduppro.net
2016-03-27 14:52 - 2016-03-27 14:52 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\FileOpenerWindows
2016-03-27 14:44 - 2016-03-27 15:09 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WhosYourDaddyAlpha
2016-03-27 14:43 - 2016-04-13 20:29 - 00000000 ____D C:\Program Files\WhosYourDaddyAlpha
2016-03-27 01:15 - 2016-03-27 01:15 - 00000000 ____D C:\Program Files\Minecraft PC Gamer Demo
2016-03-27 01:15 - 2016-03-27 01:15 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Minecraft PC Gamer Demo
2016-03-27 01:14 - 2016-03-27 01:14 - 04186549 _____ (Mojang ) C:\Documents and Settings\Administrateur\Bureau\minecraft-en-win.exe
2016-03-26 21:55 - 2016-03-26 21:55 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau\vidéo
2016-03-19 12:45 - 2016-03-19 12:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2016-03-19 12:45 - 2016-03-19 12:45 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\AVG Web TuneUp
2016-03-19 12:44 - 2016-04-13 20:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Web TuneUp
2016-03-19 12:44 - 2016-04-13 20:25 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-03-19 12:44 - 2016-03-19 12:44 - 00000000 ____D C:\Program Files\Fichiers communs\AVG Secure Search
2016-03-19 12:44 - 2016-03-19 12:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Secure Search
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-15 20:27 - 2014-06-26 03:05 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Temp
2016-04-15 20:22 - 2015-08-02 13:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2016-04-15 20:14 - 2014-09-08 19:07 - 00001056 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-15 20:04 - 2014-09-22 19:57 - 00001034 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-57989841-2077806209-1177238915-500UA.job
2016-04-15 20:04 - 2014-09-22 19:57 - 00001012 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-57989841-2077806209-1177238915-500Core.job
2016-04-15 19:50 - 2014-04-06 13:45 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-15 19:45 - 2015-07-31 01:40 - 00000962 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2016-04-15 19:43 - 2015-07-31 01:42 - 00002444 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-5.job
2016-04-15 19:42 - 2015-07-31 01:42 - 00003136 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-1-6.job
2016-04-15 19:42 - 2015-07-31 01:41 - 00003472 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-1-7.job
2016-04-15 19:42 - 2008-04-14 14:00 - 00011936 _____ C:\WINDOWS\system32\wpa.dbl
2016-04-15 19:41 - 2015-07-31 01:41 - 00005516 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-6.job
2016-04-15 19:41 - 2015-07-31 01:41 - 00004492 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-4.job
2016-04-15 19:41 - 2015-07-31 01:40 - 00005180 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-7.job
2016-04-15 19:41 - 2014-08-03 20:30 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Skype
2016-04-15 19:40 - 2015-12-17 20:45 - 00000522 _____ C:\WINDOWS\Tasks\Image Call.job
2016-04-15 19:40 - 2015-12-17 20:45 - 00000518 _____ C:\WINDOWS\Tasks\Image Call2.job
2016-04-15 19:40 - 2015-09-08 19:45 - 00000472 _____ C:\WINDOWS\Tasks\Kingdom Builder.job
2016-04-15 19:40 - 2015-07-31 01:43 - 00001058 _____ C:\WINDOWS\Tasks\GOEBH11.job
2016-04-15 19:40 - 2015-07-31 01:40 - 00004492 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-3.job
2016-04-15 19:40 - 2015-07-31 01:40 - 00000958 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2016-04-15 19:40 - 2014-09-08 19:07 - 00001052 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-15 19:40 - 2014-06-26 03:05 - 00032610 _____ C:\WINDOWS\SchedLgU.Txt
2016-04-15 19:40 - 2014-06-26 03:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-15 19:40 - 2014-04-12 17:20 - 00000240 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2016-04-15 19:38 - 2014-06-26 03:05 - 00000184 ___SH C:\Documents and Settings\Administrateur\ntuser.ini
2016-04-15 19:38 - 2014-06-26 03:05 - 00000000 ____D C:\Documents and Settings\Administrateur
2016-04-15 19:01 - 2014-06-26 04:44 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-04-15 18:59 - 2014-06-26 04:44 - 00000000 ___HD C:\WINDOWS\inf
2016-04-14 10:53 - 2015-08-06 12:31 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Avg
2016-04-14 10:48 - 2016-03-01 21:26 - 00065536 _____ C:\WINDOWS\system32\config\Reason.evt
2016-04-14 10:38 - 2015-08-02 13:45 - 00000000 ____D C:\Program Files\AVG
2016-04-14 10:38 - 2015-08-02 13:40 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\MFAData
2016-04-14 10:37 - 2015-08-02 13:47 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG
2016-04-14 10:37 - 2015-08-02 13:46 - 00000000 ___HD C:\$AVG
2016-04-14 10:37 - 2015-08-02 13:46 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2015
2016-04-14 10:37 - 2014-06-26 04:52 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2016-04-14 10:23 - 2014-09-08 19:39 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-13 22:15 - 2016-02-28 20:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 22:15 - 2014-04-12 12:38 - 132539272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 20:31 - 2014-06-26 03:05 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau
2016-04-13 20:26 - 2014-06-26 04:53 - 01096006 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-13 20:26 - 2008-04-14 14:00 - 00501510 _____ C:\WINDOWS\system32\perfh00C.dat
2016-04-13 20:26 - 2008-04-14 14:00 - 00081318 _____ C:\WINDOWS\system32\perfc00C.dat
2016-04-13 20:24 - 2012-11-06 18:16 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Acronis
2016-04-13 20:22 - 2015-11-21 12:07 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau\Minecraft
2016-04-13 20:21 - 2016-02-29 19:36 - 00000000 ____D C:\Program Files\ByteFence
2016-04-09 18:15 - 2014-09-23 18:15 - 00000292 _____ C:\WINDOWS\Tasks\Reimage Reminder.job
2016-04-08 20:50 - 2014-04-06 13:45 - 00797376 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-04-08 20:50 - 2014-04-06 13:45 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-04-08 20:16 - 2014-09-08 19:10 - 00001817 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome.lnk
2016-04-06 21:25 - 2014-04-27 14:06 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\vlc
2016-04-05 17:09 - 2015-11-13 19:56 - 00000000 ____D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Applications Chrome
2016-03-27 15:24 - 2015-09-19 19:49 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\.minecraft
2016-03-27 15:19 - 2015-11-19 21:11 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\.ascentia
2016-03-27 14:52 - 2014-06-26 04:52 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2016-03-26 23:29 - 2014-04-26 12:35 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2016-03-26 22:17 - 2015-07-31 12:03 - 00007168 _____ C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-26 21:55 - 2014-06-26 03:05 - 00000000 ___RD C:\Documents and Settings\Administrateur\Mes documents
2016-03-24 20:55 - 2015-12-11 20:12 - 00001124 _____ C:\Documents and Settings\Administrateur\nativelog.txt
2016-03-24 20:55 - 2014-06-26 03:05 - 00000000 ___RD C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes
2016-03-24 20:14 - 2014-10-24 12:03 - 00000000 ____D C:\Program Files\PepperZip
2016-03-19 12:44 - 2014-09-21 08:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-19 12:44 - 2014-06-26 04:53 - 00000000 ____D C:\Program Files\Fichiers communs
==================== Fichiers à la racine de certains dossiers =======
2015-07-31 01:06 - 2015-07-31 01:06 - 0000024 _____ () C:\Documents and Settings\Administrateur\Application Data\appdataFr25.bin
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Documents and Settings\Administrateur\Application Data\ceuvcAhHjqquB1poH
2015-04-19 14:20 - 2015-07-31 06:59 - 0000626 _____ () C:\Documents and Settings\Administrateur\Application Data\GOEBH11
2015-11-19 21:15 - 2015-11-19 21:15 - 0000036 _____ () C:\Documents and Settings\Administrateur\Application Data\SuYZkvrV.tmp
2014-10-28 19:25 - 2014-12-04 21:24 - 0000130 _____ () C:\Documents and Settings\Administrateur\Application Data\WB.CFG
2015-07-31 08:35 - 2015-07-31 08:35 - 0000000 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\AtStart.txt
2015-07-31 12:03 - 2016-03-26 22:17 - 0007168 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-31 08:35 - 2015-07-31 08:35 - 0000000 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\DSwitch.txt
2015-07-31 08:35 - 2015-07-31 08:35 - 0000000 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\QSwitch.txt
Fichiers à déplacer ou supprimer:
====================
C:\Documents and Settings\Administrateur\Local Settings\Temp\is-O4VBH.tmp\prsetup.exe
Certains fichiers dans TEMP:
====================
C:\Documents and Settings\Administrateur\Local Settings\Temp\avg-eb241423-373a-4426-a102-cc6e5100a73b.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
==================== Fin de FRST.txt ============================
Exécuté par Administrateur (administrateur) sur ADMIN-7E39C1EE9 (15-04-2016 20:26:52)
Exécuté depuis C:\Documents and Settings\Administrateur\Mes documents\Downloads
Profils chargés: Administrateur (Profils disponibles: Administrateur)
Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCD.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Nero AG) C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Acronis) C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe
(Avanquest) C:\Documents and Settings\Administrateur\Local Settings\Application Data\Privacy Protector Plus\PPPSchedule.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
(Infineon Technologies AG) C:\WINDOWS\system32\IFXSPMGT.exe
(Infineon Technologies AG) C:\WINDOWS\system32\IFXTCS.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(Hewlett-Packard Company) C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
(AppVerifierService) C:\Documents and Settings\All Users\Application Data\ValidatorPC\PCValidatorService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(Infineon Technologies AG) C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(AVG Secure Search) C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\40.2.9\ToolbarUpdater.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Nero AG) C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Nero AG) C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
(Infineon Technologies AG) C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [872448 2007-01-05] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [729088 2006-07-13] (Analog Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1028096 2008-01-18] (Synaptics, Inc.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [177456 2007-10-19] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [PTHOSTTR] => C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [145184 2007-01-09] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5048488 2009-09-12] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [357384 2009-09-12] (Acronis)
HKLM\...\Run: [SecurDisc] => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [1629480 2007-06-25] (Nero AG)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2003-12-08] (Cyberlink Corp.)
HKLM\...\Run: [InCD] => C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057064 2007-06-25] (Nero AG)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3930384 2016-04-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2885704 2016-04-13] ()
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-03-23] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\IfxWlxEN: C:\WINDOWS\system32\IfxWlxEN.dll [2006-03-03] (Infineon Technologies AG)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [LightScribe Control Panel] => C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [455968 2007-10-18] (Hewlett-Packard Company)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [ByteFence] => C:\Program Files\ByteFence\ByteFence.exe [1376184 2015-12-31] (Byte Technologies LLC)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [Privacy Protector Plus] => C:\Documents and Settings\Administrateur\Local Settings\Application Data\Privacy Protector Plus\PPPSchedule.exe [445280 2015-04-23] (Avanquest)
HKU\S-1-5-21-57989841-2077806209-1177238915-500\...\Run: [prsetup.exe] => C:\Documents and Settings\Administrateur\Local Settings\Temp\is-O4VBH.tmp\prsetup.exe [538772 2016-03-04] (Yandere Dev ) <===== ATTENTION
AppInit_DLLs: c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll => Pas de fichier
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk [2014-06-26]
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyEnable: [.DEFAULT] => Proxy est activé.
ProxyServer: [.DEFAULT] => http=127.0.0.1:1141;https=127.0.0.1:1141;
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:1141;https=127.0.0.1:1141;
ProxyServer: [S-1-5-21-57989841-2077806209-1177238915-500] => http=127.0.0.1:1141;https=127.0.0.1:1141
AutoConfigURL: [S-1-5-21-57989841-2077806209-1177238915-500] => http=127.0.0.1:1141;https=127.0.0.1:1141
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4D2F3F78-DFCE-4E65-80AC-4AFD6506467E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55549E43-A809-4538-9141-22A06176FA40}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=221&b=3&installkey=7hZmi8GhxbFjg64xzzQh
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-57989841-2077806209-1177238915-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie
HKU\S-1-5-21-57989841-2077806209-1177238915-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=221&b=3&installkey=7hZmi8GhxbFjg64xzzQh
URLSearchHook: HKU\S-1-5-21-57989841-2077806209-1177238915-500 - (Pas de nom) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Pas de fichier
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_d4w_16_09¶m1=1¶m2=f%3D2%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0AyBtA0A0Fzy0DyDzzzztA0CzytN0D0Tzu0StCyDtBtDtN1L2XzutAtFtCzytFtCtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2StD0C0EzzzytAzz0FtGyC0E0A0CtGyB0DtC0FtGyC0AtAtDtGzyzzyEtDyC0FzztD0B0FyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDyD0Fzz0B0CzytGtA0EtCtDtGyE0B0AtDtG0AtAtDzytGzz0B0F0DtCzz0CyE0EzytDyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyCyByC%26cr%3D880287902%26a%3Dwbf_d4w_16_09%26os_ver%3D5.1%26os%3DWindows%2BXP" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=221&installkey=7hZmi8GhxbFjg64xzzQh&b=3&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=221&installkey=7hZmi8GhxbFjg64xzzQh&b=3&q={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_d4w_16_09¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0AyBtA0A0Fzy0DyDzzzztA0CzytN0D0Tzu0StCyDtBtDtN1L2XzutAtFtCzytFtCtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2StD0C0EzzzytAzz0FtGyC0E0A0CtGyB0DtC0FtGyC0AtAtDtGzyzzyEtDyC0FzztD0B0FyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDyD0Fzz0B0CzytGtA0EtCtDtGyE0B0AtDtG0AtAtDzytGzz0B0F0DtCzz0CyE0EzytDyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyCyByC%26cr%3D880287902%26a%3Dwbf_d4w_16_09%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_d4w_16_09¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0AyBtA0A0Fzy0DyDzzzztA0CzytN0D0Tzu0StCyDtBtDtN1L2XzutAtFtCzytFtCtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2StD0C0EzzzytAzz0FtGyC0E0A0CtGyB0DtC0FtGyC0AtAtDtGzyzzyEtDyC0FzztD0B0FyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDyD0Fzz0B0CzytGtA0EtCtDtGyE0B0AtDtG0AtAtDzytGzz0B0F0DtCzz0CyE0EzytDyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyCyByC%26cr%3D880287902%26a%3Dwbf_d4w_16_09%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> DefaultScope {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://www.globasearch.com/?serie=221&installkey=7hZmi8GhxbFjg64xzzQh&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://fr.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://www.globasearch.com/?serie=221&installkey=7hZmi8GhxbFjg64xzzQh&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0CD3CFA8-82A2-4391-B963-897A878497EB}&mid=9ba220e86f1647cda255d15ee23e4b73-f7725d298434dbe3494ae7e066d9c38d8a9d7997&lang=fr&ds=AVG&coid=avgtbavg&cmpid=0316av&pr=fr&d=2016-03-19 11:44:44&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {990A0E88-1A44-47AB-BEC6-CF8961C01477} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {9F7FEBED-F524-422B-9CE8-1B799E9072C6} URL = hxxp://searchsimple-a.akamaihd.net/?affID=is&q={searchTerms}&r=856
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto24_14_41&cd=2XzuyEtN2Y1L1QzutDtDtC0AyBtA0A0Fzy0DyDzzzztA0CzytN0D0Tzu0StCtDtBzytN1L2XzutAtFyDtFtCtFtCtN1L1Czu1N1C2X1V2Z2Y2Z1FtByE1VtCyE1VyEtCtN1L1G1B1V1N2Y1L1Qzu2StD0FyEtByB0A0BtBtG0F0AyEyBtGtA0EtAyDtG0D0Czy0EtGyCyCzy0FyEtBtCyByD0FtBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0BtBtAyC0FyBzztGyCtDzzyBtGyEzzyCyDtGzytByCyDtGzytCyC0Fzy0DyBzzyD0FtBtA2Q&cr=982456527&ir=
SearchScopes: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414145119&from=tugs&uid=ST96812AS_5PJBMJ3ZXXXX5PJBMJ3Z&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO: Pas de nom -> {51420F88-4D4A-4042-9509-8D4E1307910E} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-28] (Oracle Corporation)
BHO: Pas de nom -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> Pas de fichier
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.9.726\AVG Web TuneUp.dll [2016-04-13] (AVG)
BHO: Pas de nom -> {D9D6CFA3-2880-47D4-A001-FA4E6308C350} -> Pas de fichier
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-28] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-57989841-2077806209-1177238915-500 -> est activé.
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default
FF NewTab: hxxp://www.globasearch.com/?serie=221&b=2&installkey=7hZmi8GhxbFjg64xzzQh&newtab
FF DefaultSearchEngine: Google
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.globasearch.com/?serie=221&b=2&installkey=7hZmi8GhxbFjg64xzzQh
FF Keyword.URL: hxxp://fr.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bfr-is__alt__ddc_dss_bd_com&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Fichiers communs\AVG Secure Search\SiteSafetyInstaller\40.2.9\\npsitesafety.dll [Pas de fichier]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-28] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Pas de fichier]
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Pas de fichier]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-57989841-2077806209-1177238915-500: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-57989841-2077806209-1177238915-500: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Administrateur\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-11] (Unity Technologies ApS)
FF user.js: detected! => C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\user.js [2014-10-25]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\avg-secure-search.xml [2016-04-13]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\bingp.xml [2014-08-13]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\dsrlte.xml [2015-02-01]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\dsrlte1.xml [2015-07-28]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\Groovorio.xml [2014-11-03]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\search-simple.xml [2015-07-28]
FF SearchPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\searchplugins\yahoo-avast.xml [2015-08-02]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\omiga-plus.xml [2014-10-24]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-04-13]
FF Extension: AVG Web TuneUp - C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\Extensions\avg@toolbar.xpi [2016-04-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-04-20] [non signé]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\0652duyb.default\extensions\faststartff@gmail.com => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}] - C:\Program Files\Mozilla Firefox\extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6} => non trouvé(e)
FF HKU\.DEFAULT\...\Firefox\Extensions: [{9514B099-23BF-9632-CED0-0FD778C903D8}] - C:\Program Files\ver0SpeeditUp\181.xpi
FF Extension: SpeeditUp - C:\Program Files\ver0SpeeditUp\181.xpi [2014-10-24] [non signé]
StartMenuInternet: FIREFOX.EXE - firefox.exe
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\!9FF1B1138AA00C5EDC33A1C1DBE5FA859FF1.js [2015-12-17] <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\9FF1B1138AA00C5EDC33A1C1DBE5FA859FF1 [2015-12-17] <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\BFC00A84EAE48C401E639837336A6601BFC0 [2015-09-08] <==== ATTENTION
Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR RestoreOnStartup: Default -> "hxxp://fr.search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-is__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxps://www.google.fr/webhp?sourceid=chrome-instant&rlz=1C1GGGE_frFR605FR607&ion=1&espv=2&ie=UTF-8","hxxp://navarre.ent27.fr/sg.do?PROC=PAGE_ACCUEIL","hxxps://www.facebook.com/","hxxps://www.youtube.com/?hl=fr&gl=FR"
CHR Profile: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Clash Of.Clans Black) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bdclhchjgdancnfmfembkeockklebhdc [2016-04-05]
CHR Extension: (AVG Secure Search) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-03-19]
CHR Extension: (GamingWonderland) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eeojlpepoljdpaoiplnlhcfkoigijimc [2016-04-06]
CHR Extension: (Test Quizz) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gfijhfebkjglfnlldfmggddcdijcakki [2016-03-29]
CHR Extension: (PConverter) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mpkhmmacbjndakceaikggpnnnddijeen [2016-04-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (ProductivityBoss) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\poickeeehimalfeceghopkmbjdbpbpie [2016-04-06]
CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx
CHR HKU\S-1-5-21-57989841-2077806209-1177238915-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-57989841-2077806209-1177238915-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1414145119&from=tugs&uid=ST96812AS_5PJBMJ3ZXXXX5PJBMJ3Z
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcrSch2Svc; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [660520 2009-09-12] (Acronis)
R2 afcdpsrv; C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe [2326920 2014-06-26] (Acronis)
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1615192 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3993088 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [886032 2016-03-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [593880 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 btwdins; C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [258103 2006-02-15] (Broadcom Corporation.) [Fichier non signé]
R2 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [Fichier non signé]
S3 IDriverT; c:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 IFXSpMgtSrv; C:\WINDOWS\system32\IFXSPMGT.exe [507904 2006-03-03] (Infineon Technologies AG) [Fichier non signé]
R2 IFXTCS; C:\WINDOWS\system32\IFXTCS.exe [741376 2006-03-03] (Infineon Technologies AG) [Fichier non signé]
R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1552680 2007-06-25] (Nero AG)
R2 LightScribeService; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [79136 2007-10-18] (Hewlett-Packard Company)
R3 NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 PCValidator; C:\Documents and Settings\All Users\Application Data\ValidatorPC\PCValidatorService.exe [29696 2015-11-04] (AppVerifierService) [Fichier non signé]
R2 PersonalSecureDriveService; C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE [99872 2005-11-29] (Infineon Technologies AG)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [254264 2016-03-23] ()
R2 vToolbarUpdater40.2.9; C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\40.2.9\ToolbarUpdater.exe [1964616 2016-04-13] (AVG Secure Search)
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1223752 2016-04-13] ()
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 ATSWPDRV; C:\WINDOWS\System32\DRIVERS\ATSwpDrv.sys [146560 2007-08-28] (AuthenTec, Inc.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134944 2016-02-16] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [235808 2016-03-07] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207792 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [189216 2016-03-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [61216 2016-03-08] (AVG Technologies CZ, s.r.o.)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1123328 2014-06-26] (Broadcom Corp.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [1342570 2006-02-15] (Broadcom Corporation.) [Fichier non signé]
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [57096 2006-02-15] (Broadcom Corporation.) [Fichier non signé]
R3 GTIPCI21; C:\WINDOWS\System32\DRIVERS\gtipci21.sys [88192 2006-09-14] (Texas Instruments)
R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [36352 2005-10-21] (Infineon Technologies AG)
R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [119080 2007-06-25] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [36776 2007-06-25] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16040 2007-06-25] (Nero AG)
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [38440 2007-06-25] (Nero AG)
S3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2236544 2007-10-31] (Intel Corporation)
R1 PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [36768 2005-11-29] (Infineon Technologies AG)
R0 tdrpman251; C:\WINDOWS\System32\DRIVERS\tdrpm251.sys [902432 2014-06-26] (Acronis)
S0 cerc6; pas de ImagePath
S3 cpuz134; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
U1 eabfiltr; pas de ImagePath
S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X]
U1 WS2IFSL; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-15 20:26 - 2016-04-15 20:26 - 00000000 ____D C:\FRST
2016-04-15 19:01 - 2016-04-15 19:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2016-04-14 21:19 - 2016-04-14 21:19 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2016-04-14 10:38 - 2016-04-14 10:38 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\AVG
2016-04-14 10:35 - 2016-04-14 10:35 - 00000673 _____ C:\Documents and Settings\All Users\Bureau\AVG Protection.lnk
2016-04-14 10:28 - 2016-04-14 10:33 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avg
2016-04-14 10:24 - 2016-04-14 10:28 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\AvgSetupLog
2016-04-08 19:50 - 2016-04-08 20:50 - 05934784 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2016-04-06 21:05 - 2016-04-15 19:43 - 00001130 _____ C:\appverifier.txt
2016-04-05 17:10 - 2016-04-05 17:10 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Unity
2016-03-27 14:53 - 2016-03-27 14:53 - 00000068 _____ C:\appmanager.txt
2016-03-27 14:52 - 2016-03-27 14:55 - 00000000 ____D C:\Program Files\PC-Speedup-Pro
2016-03-27 14:52 - 2016-03-27 14:55 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\appmanager
2016-03-27 14:52 - 2016-03-27 14:53 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ValidatorPC
2016-03-27 14:52 - 2016-03-27 14:52 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PC-Speedup-Pro
2016-03-27 14:52 - 2016-03-27 14:52 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PCSpeedupPro.net
2016-03-27 14:52 - 2016-03-27 14:52 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\pcspeeduppro.net
2016-03-27 14:52 - 2016-03-27 14:52 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\FileOpenerWindows
2016-03-27 14:44 - 2016-03-27 15:09 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WhosYourDaddyAlpha
2016-03-27 14:43 - 2016-04-13 20:29 - 00000000 ____D C:\Program Files\WhosYourDaddyAlpha
2016-03-27 01:15 - 2016-03-27 01:15 - 00000000 ____D C:\Program Files\Minecraft PC Gamer Demo
2016-03-27 01:15 - 2016-03-27 01:15 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Minecraft PC Gamer Demo
2016-03-27 01:14 - 2016-03-27 01:14 - 04186549 _____ (Mojang ) C:\Documents and Settings\Administrateur\Bureau\minecraft-en-win.exe
2016-03-26 21:55 - 2016-03-26 21:55 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau\vidéo
2016-03-19 12:45 - 2016-03-19 12:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2016-03-19 12:45 - 2016-03-19 12:45 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\AVG Web TuneUp
2016-03-19 12:44 - 2016-04-13 20:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Web TuneUp
2016-03-19 12:44 - 2016-04-13 20:25 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-03-19 12:44 - 2016-03-19 12:44 - 00000000 ____D C:\Program Files\Fichiers communs\AVG Secure Search
2016-03-19 12:44 - 2016-03-19 12:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Secure Search
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-15 20:27 - 2014-06-26 03:05 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Temp
2016-04-15 20:22 - 2015-08-02 13:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2016-04-15 20:14 - 2014-09-08 19:07 - 00001056 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-15 20:04 - 2014-09-22 19:57 - 00001034 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-57989841-2077806209-1177238915-500UA.job
2016-04-15 20:04 - 2014-09-22 19:57 - 00001012 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-57989841-2077806209-1177238915-500Core.job
2016-04-15 19:50 - 2014-04-06 13:45 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-15 19:45 - 2015-07-31 01:40 - 00000962 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2016-04-15 19:43 - 2015-07-31 01:42 - 00002444 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-5.job
2016-04-15 19:42 - 2015-07-31 01:42 - 00003136 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-1-6.job
2016-04-15 19:42 - 2015-07-31 01:41 - 00003472 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-1-7.job
2016-04-15 19:42 - 2008-04-14 14:00 - 00011936 _____ C:\WINDOWS\system32\wpa.dbl
2016-04-15 19:41 - 2015-07-31 01:41 - 00005516 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-6.job
2016-04-15 19:41 - 2015-07-31 01:41 - 00004492 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-4.job
2016-04-15 19:41 - 2015-07-31 01:40 - 00005180 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-7.job
2016-04-15 19:41 - 2014-08-03 20:30 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Skype
2016-04-15 19:40 - 2015-12-17 20:45 - 00000522 _____ C:\WINDOWS\Tasks\Image Call.job
2016-04-15 19:40 - 2015-12-17 20:45 - 00000518 _____ C:\WINDOWS\Tasks\Image Call2.job
2016-04-15 19:40 - 2015-09-08 19:45 - 00000472 _____ C:\WINDOWS\Tasks\Kingdom Builder.job
2016-04-15 19:40 - 2015-07-31 01:43 - 00001058 _____ C:\WINDOWS\Tasks\GOEBH11.job
2016-04-15 19:40 - 2015-07-31 01:40 - 00004492 _____ C:\WINDOWS\Tasks\1b5d8e51-6a4c-4aa1-b3da-d8efe81b9b34-3.job
2016-04-15 19:40 - 2015-07-31 01:40 - 00000958 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2016-04-15 19:40 - 2014-09-08 19:07 - 00001052 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-15 19:40 - 2014-06-26 03:05 - 00032610 _____ C:\WINDOWS\SchedLgU.Txt
2016-04-15 19:40 - 2014-06-26 03:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-15 19:40 - 2014-04-12 17:20 - 00000240 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2016-04-15 19:38 - 2014-06-26 03:05 - 00000184 ___SH C:\Documents and Settings\Administrateur\ntuser.ini
2016-04-15 19:38 - 2014-06-26 03:05 - 00000000 ____D C:\Documents and Settings\Administrateur
2016-04-15 19:01 - 2014-06-26 04:44 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-04-15 18:59 - 2014-06-26 04:44 - 00000000 ___HD C:\WINDOWS\inf
2016-04-14 10:53 - 2015-08-06 12:31 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Avg
2016-04-14 10:48 - 2016-03-01 21:26 - 00065536 _____ C:\WINDOWS\system32\config\Reason.evt
2016-04-14 10:38 - 2015-08-02 13:45 - 00000000 ____D C:\Program Files\AVG
2016-04-14 10:38 - 2015-08-02 13:40 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\MFAData
2016-04-14 10:37 - 2015-08-02 13:47 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG
2016-04-14 10:37 - 2015-08-02 13:46 - 00000000 ___HD C:\$AVG
2016-04-14 10:37 - 2015-08-02 13:46 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2015
2016-04-14 10:37 - 2014-06-26 04:52 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2016-04-14 10:23 - 2014-09-08 19:39 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-13 22:15 - 2016-02-28 20:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 22:15 - 2014-04-12 12:38 - 132539272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 20:31 - 2014-06-26 03:05 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau
2016-04-13 20:26 - 2014-06-26 04:53 - 01096006 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-13 20:26 - 2008-04-14 14:00 - 00501510 _____ C:\WINDOWS\system32\perfh00C.dat
2016-04-13 20:26 - 2008-04-14 14:00 - 00081318 _____ C:\WINDOWS\system32\perfc00C.dat
2016-04-13 20:24 - 2012-11-06 18:16 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Acronis
2016-04-13 20:22 - 2015-11-21 12:07 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau\Minecraft
2016-04-13 20:21 - 2016-02-29 19:36 - 00000000 ____D C:\Program Files\ByteFence
2016-04-09 18:15 - 2014-09-23 18:15 - 00000292 _____ C:\WINDOWS\Tasks\Reimage Reminder.job
2016-04-08 20:50 - 2014-04-06 13:45 - 00797376 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-04-08 20:50 - 2014-04-06 13:45 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-04-08 20:16 - 2014-09-08 19:10 - 00001817 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome.lnk
2016-04-06 21:25 - 2014-04-27 14:06 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\vlc
2016-04-05 17:09 - 2015-11-13 19:56 - 00000000 ____D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Applications Chrome
2016-03-27 15:24 - 2015-09-19 19:49 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\.minecraft
2016-03-27 15:19 - 2015-11-19 21:11 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\.ascentia
2016-03-27 14:52 - 2014-06-26 04:52 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2016-03-26 23:29 - 2014-04-26 12:35 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2016-03-26 22:17 - 2015-07-31 12:03 - 00007168 _____ C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-26 21:55 - 2014-06-26 03:05 - 00000000 ___RD C:\Documents and Settings\Administrateur\Mes documents
2016-03-24 20:55 - 2015-12-11 20:12 - 00001124 _____ C:\Documents and Settings\Administrateur\nativelog.txt
2016-03-24 20:55 - 2014-06-26 03:05 - 00000000 ___RD C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes
2016-03-24 20:14 - 2014-10-24 12:03 - 00000000 ____D C:\Program Files\PepperZip
2016-03-19 12:44 - 2014-09-21 08:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-19 12:44 - 2014-06-26 04:53 - 00000000 ____D C:\Program Files\Fichiers communs
==================== Fichiers à la racine de certains dossiers =======
2015-07-31 01:06 - 2015-07-31 01:06 - 0000024 _____ () C:\Documents and Settings\Administrateur\Application Data\appdataFr25.bin
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Documents and Settings\Administrateur\Application Data\ceuvcAhHjqquB1poH
2015-04-19 14:20 - 2015-07-31 06:59 - 0000626 _____ () C:\Documents and Settings\Administrateur\Application Data\GOEBH11
2015-11-19 21:15 - 2015-11-19 21:15 - 0000036 _____ () C:\Documents and Settings\Administrateur\Application Data\SuYZkvrV.tmp
2014-10-28 19:25 - 2014-12-04 21:24 - 0000130 _____ () C:\Documents and Settings\Administrateur\Application Data\WB.CFG
2015-07-31 08:35 - 2015-07-31 08:35 - 0000000 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\AtStart.txt
2015-07-31 12:03 - 2016-03-26 22:17 - 0007168 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-31 08:35 - 2015-07-31 08:35 - 0000000 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\DSwitch.txt
2015-07-31 08:35 - 2015-07-31 08:35 - 0000000 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\QSwitch.txt
Fichiers à déplacer ou supprimer:
====================
C:\Documents and Settings\Administrateur\Local Settings\Temp\is-O4VBH.tmp\prsetup.exe
Certains fichiers dans TEMP:
====================
C:\Documents and Settings\Administrateur\Local Settings\Temp\avg-eb241423-373a-4426-a102-cc6e5100a73b.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
==================== Fin de FRST.txt ============================