Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:18-01-2016
Exécuté par jean (administrateur) sur JEAN-PC (20-01-2016 14:38:39)
Exécuté depuis C:\Users\jean\Downloads
Profils chargés: jean & UpdatusUser (Profils disponibles: jean & UpdatusUser)
Platform: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Guillemot Corporation) C:\Windows\System32\HerculesWiFiService.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\hsswd.exe
(NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
() C:\Windows\System32\PnkBstrA.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Ralink Technology, Corp.) C:\Program Files\Hercules\WiFi Station DB\Service\x86\RaRegistry.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Yahoo Inc.) C:\Program Files\Yahoo!\yset\{B5E1A256-C0ED-674E-A0C9-20E1C0215B64}\YSearchUtilSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtKbd.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
(IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\ImApp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(BitTorrent Inc.) C:\Users\jean\AppData\Roaming\uTorrent\uTorrent.exe
(IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\IncMail.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\jean\Desktop\RogueKiller.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcfgex.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\jean\Downloads\FRST (1).exe
(Farbar) C:\Users\jean\Downloads\FRST (1).exe
(Farbar) C:\Users\jean\Downloads\FRST (1).exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2008-12-19] (TOSHIBA CORPORATION)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2014-12-15] (NETGEAR Inc.)
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\MountPoints2: {4720015d-cb43-11e4-a574-0009dd509000} - F:\.\Driver\DriverInstaller.exe -eject
AppInit_DLLs: c:\progra~1\suptab\search~1.dll => Pas de fichier
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices.
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{0C24C21B-CC58-4597-B2BA-F2E4B654848E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{52C760B2-3A71-47D5-A982-5F16AE7ED7F0}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{F2E7E049-1669-4A76-B4E5-806290039C44}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FA742BD0-183A-4912-87FE-562F73E7FE50}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.fr
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr
URLSearchHook: HKLM - IsoBuster FR Toolbar - {70430ea3-c27e-4e2e-9318-77c0d8b279a5} - Pas de fichier
URLSearchHook: HKLM - MicroApplication Toolbar - {6d94116c-03d4-4c6d-9f0f-6697a376d421} - Pas de fichier
URLSearchHook: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 - MicroApplication Toolbar - {6d94116c-03d4-4c6d-9f0f-6697a376d421} - Pas de fichier
SearchScopes: HKLM -> {3279DBB2-78D4-49B3-B646-03FEC0EF9FF8} URL =
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL =
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> DefaultScope {cf34d395-9ff1-49a0-98a5-8db1636431b1} URL =
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> A649BFEFDF6B49EA969CE62D3D3BB70B URL = hxxp://www.gnoosi.net/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {09a37ca6-8f28-4130-a323-235f5c7b151c} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {3279DBB2-78D4-49B3-B646-03FEC0EF9FF8} URL =
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {58D41C25-B9A0-44B2-B1BB-CCBE0AC0B454} URL = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL =
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs
BHO: MicroApplication Toolbar -> {6d94116c-03d4-4c6d-9f0f-6697a376d421} -> Pas de fichier
BHO: IsoBuster FR Toolbar -> {70430ea3-c27e-4e2e-9318-77c0d8b279a5} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-18] (Oracle Corporation)
Toolbar: HKLM - IsoBuster FR Toolbar - {70430ea3-c27e-4e2e-9318-77c0d8b279a5} - Pas de fichier
Toolbar: HKLM - MicroApplication Toolbar - {6d94116c-03d4-4c6d-9f0f-6697a376d421} - Pas de fichier
Toolbar: HKLM - Pas de nom - {4F13AB08-8328-4d87-A34D-1C7E8A8A9C83} - Pas de fichier
Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {A057A204-BACC-4D26-9990-79A187E2698E} - Pas de fichier
Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {F0381DBD-E018-4E07-AE40-D96AB15083F0} - Pas de fichier
Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {249D74A3-BD19-4657-B6CE-E62F480A20DE} - Pas de fichier
Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Pas de fichier
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.5.0\ViProtocol.dll [2015-12-13] (AVG Secure Search)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-27] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Extension: Pas de nom - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-12-24] [non signé]
FF Extension: FTdownloader - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader@ftdownloader.com.xpi [2012-11-29] [non signé]
FF Extension: OneClickDownloader - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2012-09-01] [non signé]
FF Extension: Pas de nom - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2014-05-02] [non signé]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-03]
CHR Extension: (Google Docs) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-03]
CHR Extension: (Google Drive) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-03]
CHR Extension: (YouTube) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-03]
CHR Extension: (Recherche Google) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-03]
CHR Extension: (Yahoo Web) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedgghdcpmmmilkmfpnklknlenbiolec [2016-01-03]
CHR Extension: (Google) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbohklmimoggfbgbgpogjmlaoiipopen [2016-01-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-03]
CHR Extension: (EasyReader) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\leninfpgimplcdddoonihcnjblmheije [2016-01-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-03]
CHR Extension: (AdBlock Pro) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-01-15]
CHR Extension: (Gmail) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-03]
CHR HKLM\...\Chrome\Extension: [bccldkoinakjmmgebambiaggjobhikfg] -
CHR HKLM\...\Chrome\Extension: [bnnikilnciagaocmjnnblagidkailein] -
CHR HKLM\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ehdmaehkiiampolokajdcelladmnopgp] -
CHR HKLM\...\Chrome\Extension: [feancjeaegfjpegiiingkpoidgojnogn] -
CHR HKLM\...\Chrome\Extension: [fmgpgnlopckfhokgklihdgpeiocjlgln] -
CHR HKLM\...\Chrome\Extension: [fojnkghiggpfagjciliabphpgnbmehjf] -
CHR HKLM\...\Chrome\Extension: [gkjoindjjcmbdpbfppabdgflnkgbbcli] -
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] -
CHR HKLM\...\Chrome\Extension: [lcjcipkegofkgcoacnlenijapjncllkj] -
CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehdmaehkiiampolokajdcelladmnopgp] -
CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [feancjeaegfjpegiiingkpoidgojnogn] -
CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fojnkghiggpfagjciliabphpgnbmehjf] -
CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lcjcipkegofkgcoacnlenijapjncllkj] -
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-12-16] (Freemake) [Fichier non signé]
R2 HerculesWiFi; C:\Windows\system32\HerculesWiFiService.exe [78744 2012-07-06] (Guillemot Corporation)
R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [2048720 2015-11-13] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-11-13] ()
R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [851152 2015-11-13] (AnchorFree Inc.)
R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2014-12-15] (NETGEAR)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-12-16] ()
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [65536 2009-10-29] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [Fichier non signé]
R2 RalinkRegistryWriter; C:\Program Files\Hercules\WiFi Station DB\Service\x86\RaRegistry.exe [372736 2012-01-12] (Ralink Technology, Corp.) [Fichier non signé]
R2 vToolbarUpdater3.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe [1829776 2015-12-13] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 YSearchUtilSvc; C:\Program Files\Yahoo!\yset\{B5E1A256-C0ED-674E-A0C9-20E1C0215B64}\YSearchUtilSvc.exe [160536 2015-12-04] (Yahoo Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [X]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [X]
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2012-09-14] ()
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [255920 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [231344 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [193968 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [36784 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 cdrombus; C:\Windows\System32\Drivers\cdrombus.sys [19968 2012-08-22] (Windows (R) Codename Longhorn DDK provider)
U0 cxkvnomm; C:\Windows\System32\drivers\txoktela.sys [52440 2016-01-20] (Malwarebytes)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-03-17] (EldoS Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-09-14] ()
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1317952 2012-04-17] (Ralink Technology Corp.)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2015-04-12] (CACE Technologies, Inc.)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [9968 2009-11-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Fichier non signé]
S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [7408 2009-11-23] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Fichier non signé]
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [74480 2009-11-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Fichier non signé]
S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [134144 2013-02-22] (Prolific Technology Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [36968 2015-11-13] (Anchorfree Inc.)
S3 tapwp01; C:\Windows\System32\DRIVERS\tapwp01.sys [35288 2014-12-11] (The OpenVPN Project)
S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [104576 2004-12-30] (Microsoft Corporation) [Fichier non signé]
S1 ASPI32; pas de ImagePath
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-01-20 14:38 - 2016-01-20 14:38 - 00024032 _____ C:\Users\jean\Downloads\FRST.txt
2016-01-20 14:38 - 2016-01-20 14:38 - 00000000 ____D C:\FRST
2016-01-20 14:37 - 2016-01-20 14:37 - 01721856 _____ (Farbar) C:\Users\jean\Downloads\FRST (1).exe
2016-01-20 14:34 - 2016-01-20 14:34 - 01721856 _____ (Farbar) C:\Users\jean\Downloads\FRST.exe
2016-01-20 14:08 - 2016-01-20 14:08 - 00052440 _____ (Malwarebytes) C:\Windows\system32\Drivers\txoktela.sys
2016-01-20 11:18 - 2016-01-20 11:18 - 00035195 _____ C:\Users\jean\Downloads\ANTIBES_NICE.pdf
2016-01-19 15:50 - 2016-01-19 18:21 - 29086561 _____ C:\Users\jean\Downloads\Hotspot Shield VPN Elite 5.20.2 Setup + Activator.zip
2016-01-15 15:20 - 2016-01-15 15:20 - 00001078 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2016-01-15 15:19 - 2016-01-15 15:20 - 00000000 ____D C:\Program Files\Hotspot Shield
2016-01-15 15:19 - 2016-01-15 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2016-01-15 15:18 - 2016-01-15 15:20 - 00000000 ____D C:\ProgramData\Hotspot Shield
2016-01-15 15:06 - 2016-01-15 15:12 - 00000000 ____D C:\Users\jean\Downloads\Hotspot Shield 5.20.9 Elite Edition + Patch (Sadeem World)
2016-01-15 15:06 - 2016-01-15 15:06 - 00000000 ____D C:\Users\jean\Downloads\HotSpot Shield VPN v.4.15.3 + Elite Edition Activator [danhuk]
2016-01-14 11:26 - 2016-01-14 11:26 - 00062840 _____ C:\Users\jean\Downloads\Lien+internet+-+recherche+manuelle+des+chaines.pdf
2016-01-13 17:02 - 2016-01-15 12:49 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-13 16:34 - 2016-01-13 16:34 - 00000000 ____D C:\Users\jean\Downloads\ANTIBES NICE_files
2016-01-13 16:32 - 2016-01-13 16:32 - 00031745 _____ C:\Users\jean\Downloads\Reçu.html
2016-01-13 15:11 - 2016-01-13 15:12 - 00000000 ____D C:\BILLETS SNCF 2016
2016-01-12 15:59 - 2016-01-12 15:59 - 00000000 ____D C:\Users\jean\AppData\Local\CrashRpt
2016-01-12 15:58 - 2016-01-12 15:58 - 00000000 ____D C:\Users\jean\AppData\Roaming\Hotspot Shield
2016-01-09 11:08 - 2016-01-09 11:08 - 00860160 _____ C:\Users\jean\Downloads\IM_fix.exe
2016-01-06 17:02 - 2016-01-20 11:19 - 00000000 ____D C:\Catherine
2016-01-05 09:49 - 2016-01-05 10:08 - 00027537 _____ C:\Users\jean\Documents\bayac 5 1 16.wlmp
2016-01-05 09:20 - 2016-01-05 09:21 - 00000000 ____D C:\Users\jean\AppData\Local\{7068B973-0F04-46B5-AEA0-4DDC692EF1D4}
2016-01-04 17:45 - 2016-01-04 17:45 - 00000000 ____D C:\Users\jean\AppData\Local\{69368D50-2E60-42F4-BFAD-1246F2F12045}
2016-01-03 14:56 - 2016-01-13 16:39 - 00000000 ____D C:\FILM
2016-01-03 12:16 - 2016-01-03 12:16 - 00000000 ____D C:\Users\jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2016-01-03 11:28 - 2016-01-03 11:44 - 00066028 _____ C:\Windows\ntbtlog.txt
2016-01-03 10:22 - 2016-01-03 11:30 - 00000000 ____D C:\Program Files\Probit Software
2016-01-02 19:05 - 2016-01-02 19:05 - 00000000 ____D C:\Users\jean\Documents\AVS4YOU
2016-01-02 13:26 - 2016-01-02 13:26 - 00000000 ____D C:\Users\jean\AppData\Local\{EC8301B4-9FF8-4AD9-AE86-34DD165E7B71}
2016-01-02 13:23 - 2016-01-02 13:23 - 00000000 ____D C:\Users\jean\AppData\Local\{DE5C257D-15F9-4AA3-A10F-7427655F1F28}
2016-01-02 13:12 - 2016-01-02 13:12 - 00194628 _____ C:\Users\jean\Documents\gege.pdf
2015-12-24 17:50 - 2016-01-14 12:17 - 00000000 ____D C:\eeeeeeeeeeeee
2015-12-24 17:47 - 2015-12-24 17:47 - 00000000 ____D C:\Users\jean\AppData\Local\{E4EF2E76-9FCC-4231-ADB8-9EFB679AB174}
2015-12-24 09:42 - 2016-01-14 17:25 - 00000000 ____D C:\ProgramData\UtilTool
2015-12-24 09:42 - 2015-12-24 09:42 - 00000000 ____D C:\ProgramData\clp
2015-12-24 09:42 - 2015-12-24 09:42 - 00000000 ____D C:\ProgramData\BSD
2015-12-21 18:50 - 2016-01-04 17:52 - 00000000 ____D C:\chansons pour eugene
2015-12-21 18:21 - 2015-12-21 18:21 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth
2015-12-21 18:21 - 2015-12-21 18:21 - 00000000 ____D C:\Program Files\Toshiba
2015-12-21 16:36 - 2016-01-15 11:43 - 00001272 _____ C:\Users\Public\Desktop\Freemake Audio Converter.lnk
2015-12-21 16:36 - 2015-12-21 16:37 - 00000000 ____D C:\Users\jean\Documents\Freemake
2015-12-21 16:36 - 2015-12-21 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-12-21 16:36 - 2015-12-21 16:36 - 00000000 ____D C:\Program Files\Freemake
2015-12-21 16:36 - 2015-12-21 16:36 - 00000000 ____D C:\Program Files\Common Files\Freemake Shared
2015-12-21 16:17 - 2015-12-21 16:17 - 00000098 _____ C:\Users\jean\Downloads\dc1d6706-8cfe-4709-aaba-5aeca58d00da (1).html
2015-12-21 15:56 - 2015-12-21 15:56 - 00000000 ____D C:\Users\jean\AppData\Roaming\dBpoweramp
2015-12-21 15:55 - 2015-12-21 15:55 - 05199808 _____ C:\Windows\system32\SpoonUninstall.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-01-20 14:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2016-01-20 14:37 - 2012-03-27 17:32 - 00000000 ____D C:\Users\jean\AppData\Roaming\uTorrent
2016-01-20 14:08 - 2013-08-14 19:57 - 00000000 ____D C:\Windows\PixArt
2016-01-20 13:47 - 2012-03-30 09:46 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-20 13:45 - 2015-04-11 12:19 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-20 12:11 - 2014-05-02 17:17 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-20 11:07 - 2013-04-07 09:24 - 00000000 ____D C:\ProgramData\MFAData
2016-01-19 18:00 - 2015-11-18 15:30 - 00000442 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2016-01-19 17:59 - 2014-09-30 17:47 - 00000000 ____D C:\FILMS
2016-01-19 15:45 - 2015-04-11 12:19 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-19 11:07 - 2015-12-04 13:37 - 00000000 ____D C:\Users\jean\AppData\LocalLow\uTorrent
2016-01-19 10:36 - 2009-07-14 05:34 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-19 10:36 - 2009-07-14 05:34 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-19 10:29 - 2015-11-18 15:30 - 00000468 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2016-01-19 10:29 - 2013-11-16 19:29 - 00000000 ____D C:\Users\jean\AppData\Local\CrashDumps
2016-01-19 10:28 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-18 18:57 - 2015-11-01 14:37 - 00000000 ____D C:\porsche
2016-01-16 18:36 - 2012-12-21 17:27 - 00000000 ____D C:\Users\jean\AppData\Roaming\vlc
2016-01-15 15:20 - 2013-01-25 16:54 - 00000000 ____D C:\Users\jean\AppData\Local\GHISLER
2016-01-15 15:19 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-15 11:52 - 2013-01-25 16:47 - 00000000 ____D C:\Users\jean\AppData\Local\LiveGBoost
2016-01-15 11:43 - 2015-11-16 18:21 - 00000800 _____ C:\Users\Public\Desktop\AVG.lnk
2016-01-15 11:43 - 2015-09-21 09:50 - 00001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2016-01-15 11:43 - 2015-09-21 09:50 - 00001977 _____ C:\Users\Public\Desktop\IncrediMail.lnk
2016-01-15 11:43 - 2015-04-11 10:04 - 00001996 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk
2016-01-15 11:43 - 2015-04-11 10:04 - 00001990 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk
2016-01-15 11:43 - 2015-03-19 16:05 - 00002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2016-01-15 11:43 - 2015-01-30 13:43 - 00002164 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-01-15 11:43 - 2015-01-27 10:47 - 00001028 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2016-01-15 11:43 - 2014-10-15 14:06 - 00000959 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-15 11:43 - 2014-10-02 17:36 - 00002012 _____ C:\Users\Public\Desktop\WiFi Station DB.lnk
2016-01-15 11:43 - 2014-08-26 18:01 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-01-15 11:43 - 2014-08-26 18:01 - 00001983 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-01-15 11:43 - 2014-02-11 15:03 - 00000838 _____ C:\Users\Public\Desktop\PC Booster.lnk
2016-01-15 11:43 - 2014-01-28 09:02 - 00001664 _____ C:\Users\Public\Desktop\WebMate.lnk
2016-01-15 11:43 - 2013-12-16 18:43 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-01-15 11:43 - 2013-04-08 12:42 - 00001966 _____ C:\Users\Public\Desktop\e-Carte Bleue Banque Populaire.lnk
2016-01-15 11:43 - 2013-02-02 11:56 - 00001855 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2016-01-15 11:43 - 2013-02-02 11:56 - 00001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Encore plus de jeux.lnk
2016-01-15 11:43 - 2013-01-21 15:57 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-15 11:43 - 2012-12-19 10:25 - 00001018 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-15 11:43 - 2012-11-12 16:21 - 00001809 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-01-15 11:43 - 2012-09-03 18:03 - 00001054 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-15 11:43 - 2012-06-21 08:07 - 00000883 _____ C:\Users\Public\Desktop\GBoost.lnk
2016-01-15 11:43 - 2012-05-08 08:42 - 00001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2016-01-15 11:43 - 2012-04-04 13:34 - 00002733 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2016-01-15 11:43 - 2012-03-27 18:06 - 00001308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-01-15 11:43 - 2012-03-27 18:06 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-01-15 11:43 - 2012-03-27 18:05 - 00001392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-01-15 11:43 - 2012-03-27 17:20 - 00000985 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-01-15 11:43 - 2012-03-27 16:24 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-01-15 11:43 - 2012-03-27 16:24 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-01-15 11:43 - 2009-07-14 05:46 - 00001479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-15 11:43 - 2009-07-14 05:42 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-01-15 11:43 - 2009-07-14 05:42 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-01-15 11:43 - 2009-07-14 05:42 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-01-15 11:43 - 2009-07-14 05:42 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-01-15 11:42 - 2015-05-19 16:51 - 00002221 _____ C:\Users\jean\Desktop\Kindle.lnk
2016-01-15 11:42 - 2015-03-20 18:52 - 00000928 _____ C:\Users\jean\Desktop\Gestionnaire pour appareils Windows Mobile.lnk
2016-01-15 11:42 - 2013-09-14 09:28 - 00000849 _____ C:\Users\jean\Desktop\µTorrent.lnk
2016-01-15 11:42 - 2013-09-14 09:28 - 00000829 _____ C:\Users\jean\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-01-15 11:42 - 2013-08-31 17:01 - 00001831 _____ C:\Users\jean\Desktop\Piratrax.lnk
2016-01-15 11:42 - 2013-04-08 12:42 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\e-Carte Bleue Banque Populaire.lnk
2016-01-15 11:42 - 2013-01-02 11:14 - 00001195 _____ C:\Users\jean\Desktop\AVS Video Converter.lnk
2016-01-15 11:42 - 2012-04-13 14:12 - 00001940 _____ C:\Users\jean\Desktop\AlerteGPS G300.lnk
2016-01-15 11:42 - 2012-03-27 17:23 - 00001197 _____ C:\Users\jean\Desktop\Magic Speed.lnk
2016-01-15 11:42 - 2009-07-14 05:46 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-01-15 11:42 - 2009-07-14 05:37 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-01-13 17:46 - 2012-03-29 07:52 - 00058368 _____ C:\Users\jean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-10 10:19 - 2012-09-22 09:56 - 00000000 ____D C:\Users\jean\AppData\Local\NETGEARGenie
2016-01-07 12:26 - 2014-10-13 07:42 - 00000000 ____D C:\Users\jean\AppData\Local\ElevatedDiagnostics
2016-01-06 17:50 - 2010-11-21 01:30 - 00722064 _____ C:\Windows\system32\perfh00C.dat
2016-01-06 17:50 - 2010-11-21 01:30 - 00139204 _____ C:\Windows\system32\perfc00C.dat
2016-01-06 17:50 - 2010-11-20 22:01 - 01599210 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-06 17:45 - 2015-11-16 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-01-06 17:28 - 2012-03-27 17:23 - 00000000 ____D C:\ProgramData\TEMP
2016-01-06 11:38 - 2015-08-22 19:32 - 00000000 ____D C:\easy
2016-01-05 09:20 - 2015-11-18 15:30 - 00000416 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job
2016-01-04 19:51 - 2012-03-27 17:46 - 00000000 ____D C:\Users\jean\AppData\Local\Windows Live
2016-01-04 18:25 - 2013-01-01 14:52 - 00000000 ____D C:\Program Files\AVS4YOU
2016-01-03 10:53 - 2012-03-27 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-03 10:53 - 2012-03-27 17:29 - 00000000 ____D C:\Program Files\WinRAR
2016-01-03 10:49 - 2009-07-14 05:33 - 00301160 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-03 10:21 - 2009-07-14 03:04 - 00000904 _____ C:\Windows\win.ini
2016-01-02 12:56 - 2013-01-01 14:53 - 00000000 ____D C:\Users\jean\AppData\Roaming\AVS4YOU
2016-01-02 12:56 - 2012-03-27 16:47 - 00066368 _____ C:\Users\jean\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-02 12:52 - 2013-01-02 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-12-24 09:50 - 2012-03-27 16:30 - 00000000 ____D C:\Users\jean
2015-12-21 17:44 - 2013-12-25 12:27 - 00000000 ____D C:\ProgramData\TOSHIBA
2015-12-21 16:36 - 2014-03-16 18:56 - 00000000 ____D C:\ProgramData\Freemake
==================== Fichiers à la racine de certains dossiers =======
2015-05-08 15:07 - 2015-08-14 09:31 - 0000555 _____ () C:\Users\jean\AppData\Roaming\burnaware.ini
2012-03-29 07:52 - 2016-01-13 17:46 - 0058368 _____ () C:\Users\jean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-28 08:51 - 2014-01-28 08:51 - 0007606 _____ () C:\Users\jean\AppData\Local\Resmon.ResmonCfg
2015-11-19 15:04 - 2015-11-19 15:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-11-28 10:20 - 2013-11-28 10:20 - 0005033 _____ () C:\ProgramData\mtbjfghn.xbe
Certains fichiers dans TEMP:
====================
C:\Users\jean\AppData\Local\Temp\5KiHq9fvUA.exe
C:\Users\jean\AppData\Local\Temp\aEaeFgJXBS.exe
C:\Users\jean\AppData\Local\Temp\avguirn_081984414746.exe
C:\Users\jean\AppData\Local\Temp\hss_update.exe
C:\Users\jean\AppData\Local\Temp\nsbEC43.exe
C:\Users\jean\AppData\Local\Temp\nsg5C7.exe
C:\Users\jean\AppData\Local\Temp\ntdll_dump.dll
C:\Users\jean\AppData\Local\Temp\Temp1.exe
C:\Users\jean\AppData\Local\Temp\Uninstall.exe
C:\Users\jean\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-01-20 13:34
==================== Fin de FRST.txt ============================
Exécuté par jean (administrateur) sur JEAN-PC (20-01-2016 14:38:39)
Exécuté depuis C:\Users\jean\Downloads
Profils chargés: jean & UpdatusUser (Profils disponibles: jean & UpdatusUser)
Platform: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Guillemot Corporation) C:\Windows\System32\HerculesWiFiService.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\hsswd.exe
(NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
() C:\Windows\System32\PnkBstrA.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Ralink Technology, Corp.) C:\Program Files\Hercules\WiFi Station DB\Service\x86\RaRegistry.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Yahoo Inc.) C:\Program Files\Yahoo!\yset\{B5E1A256-C0ED-674E-A0C9-20E1C0215B64}\YSearchUtilSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtKbd.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
(IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\ImApp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(BitTorrent Inc.) C:\Users\jean\AppData\Roaming\uTorrent\uTorrent.exe
(IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\IncMail.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\jean\Desktop\RogueKiller.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcfgex.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\jean\Downloads\FRST (1).exe
(Farbar) C:\Users\jean\Downloads\FRST (1).exe
(Farbar) C:\Users\jean\Downloads\FRST (1).exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2008-12-19] (TOSHIBA CORPORATION)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2014-12-15] (NETGEAR Inc.)
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\MountPoints2: {4720015d-cb43-11e4-a574-0009dd509000} - F:\.\Driver\DriverInstaller.exe -eject
AppInit_DLLs: c:\progra~1\suptab\search~1.dll => Pas de fichier
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices.
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{0C24C21B-CC58-4597-B2BA-F2E4B654848E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{52C760B2-3A71-47D5-A982-5F16AE7ED7F0}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{F2E7E049-1669-4A76-B4E5-806290039C44}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FA742BD0-183A-4912-87FE-562F73E7FE50}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.fr
HKU\S-1-5-21-2322457574-4222280960-816390384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr
URLSearchHook: HKLM - IsoBuster FR Toolbar - {70430ea3-c27e-4e2e-9318-77c0d8b279a5} - Pas de fichier
URLSearchHook: HKLM - MicroApplication Toolbar - {6d94116c-03d4-4c6d-9f0f-6697a376d421} - Pas de fichier
URLSearchHook: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 - MicroApplication Toolbar - {6d94116c-03d4-4c6d-9f0f-6697a376d421} - Pas de fichier
SearchScopes: HKLM -> {3279DBB2-78D4-49B3-B646-03FEC0EF9FF8} URL =
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL =
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> DefaultScope {cf34d395-9ff1-49a0-98a5-8db1636431b1} URL =
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> A649BFEFDF6B49EA969CE62D3D3BB70B URL = hxxp://www.gnoosi.net/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {09a37ca6-8f28-4130-a323-235f5c7b151c} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {3279DBB2-78D4-49B3-B646-03FEC0EF9FF8} URL =
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {58D41C25-B9A0-44B2-B1BB-CCBE0AC0B454} URL = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL =
SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs
BHO: MicroApplication Toolbar -> {6d94116c-03d4-4c6d-9f0f-6697a376d421} -> Pas de fichier
BHO: IsoBuster FR Toolbar -> {70430ea3-c27e-4e2e-9318-77c0d8b279a5} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-18] (Oracle Corporation)
Toolbar: HKLM - IsoBuster FR Toolbar - {70430ea3-c27e-4e2e-9318-77c0d8b279a5} - Pas de fichier
Toolbar: HKLM - MicroApplication Toolbar - {6d94116c-03d4-4c6d-9f0f-6697a376d421} - Pas de fichier
Toolbar: HKLM - Pas de nom - {4F13AB08-8328-4d87-A34D-1C7E8A8A9C83} - Pas de fichier
Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {A057A204-BACC-4D26-9990-79A187E2698E} - Pas de fichier
Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {F0381DBD-E018-4E07-AE40-D96AB15083F0} - Pas de fichier
Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {249D74A3-BD19-4657-B6CE-E62F480A20DE} - Pas de fichier
Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Pas de fichier
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.5.0\ViProtocol.dll [2015-12-13] (AVG Secure Search)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-27] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Extension: Pas de nom - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-12-24] [non signé]
FF Extension: FTdownloader - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader@ftdownloader.com.xpi [2012-11-29] [non signé]
FF Extension: OneClickDownloader - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2012-09-01] [non signé]
FF Extension: Pas de nom - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2014-05-02] [non signé]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-03]
CHR Extension: (Google Docs) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-03]
CHR Extension: (Google Drive) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-03]
CHR Extension: (YouTube) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-03]
CHR Extension: (Recherche Google) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-03]
CHR Extension: (Yahoo Web) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedgghdcpmmmilkmfpnklknlenbiolec [2016-01-03]
CHR Extension: (Google) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbohklmimoggfbgbgpogjmlaoiipopen [2016-01-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-03]
CHR Extension: (EasyReader) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\leninfpgimplcdddoonihcnjblmheije [2016-01-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-03]
CHR Extension: (AdBlock Pro) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-01-15]
CHR Extension: (Gmail) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-03]
CHR HKLM\...\Chrome\Extension: [bccldkoinakjmmgebambiaggjobhikfg] -
CHR HKLM\...\Chrome\Extension: [bnnikilnciagaocmjnnblagidkailein] -
CHR HKLM\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ehdmaehkiiampolokajdcelladmnopgp] -
CHR HKLM\...\Chrome\Extension: [feancjeaegfjpegiiingkpoidgojnogn] -
CHR HKLM\...\Chrome\Extension: [fmgpgnlopckfhokgklihdgpeiocjlgln] -
CHR HKLM\...\Chrome\Extension: [fojnkghiggpfagjciliabphpgnbmehjf] -
CHR HKLM\...\Chrome\Extension: [gkjoindjjcmbdpbfppabdgflnkgbbcli] -
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] -
CHR HKLM\...\Chrome\Extension: [lcjcipkegofkgcoacnlenijapjncllkj] -
CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehdmaehkiiampolokajdcelladmnopgp] -
CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [feancjeaegfjpegiiingkpoidgojnogn] -
CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fojnkghiggpfagjciliabphpgnbmehjf] -
CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lcjcipkegofkgcoacnlenijapjncllkj] -
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-12-16] (Freemake) [Fichier non signé]
R2 HerculesWiFi; C:\Windows\system32\HerculesWiFiService.exe [78744 2012-07-06] (Guillemot Corporation)
R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [2048720 2015-11-13] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-11-13] ()
R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [851152 2015-11-13] (AnchorFree Inc.)
R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2014-12-15] (NETGEAR)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-12-16] ()
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [65536 2009-10-29] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [Fichier non signé]
R2 RalinkRegistryWriter; C:\Program Files\Hercules\WiFi Station DB\Service\x86\RaRegistry.exe [372736 2012-01-12] (Ralink Technology, Corp.) [Fichier non signé]
R2 vToolbarUpdater3.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe [1829776 2015-12-13] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 YSearchUtilSvc; C:\Program Files\Yahoo!\yset\{B5E1A256-C0ED-674E-A0C9-20E1C0215B64}\YSearchUtilSvc.exe [160536 2015-12-04] (Yahoo Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [X]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [X]
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2012-09-14] ()
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [255920 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [231344 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [193968 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [36784 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 cdrombus; C:\Windows\System32\Drivers\cdrombus.sys [19968 2012-08-22] (Windows (R) Codename Longhorn DDK provider)
U0 cxkvnomm; C:\Windows\System32\drivers\txoktela.sys [52440 2016-01-20] (Malwarebytes)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-03-17] (EldoS Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-09-14] ()
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1317952 2012-04-17] (Ralink Technology Corp.)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2015-04-12] (CACE Technologies, Inc.)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [9968 2009-11-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Fichier non signé]
S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [7408 2009-11-23] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Fichier non signé]
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [74480 2009-11-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Fichier non signé]
S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [134144 2013-02-22] (Prolific Technology Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [36968 2015-11-13] (Anchorfree Inc.)
S3 tapwp01; C:\Windows\System32\DRIVERS\tapwp01.sys [35288 2014-12-11] (The OpenVPN Project)
S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [104576 2004-12-30] (Microsoft Corporation) [Fichier non signé]
S1 ASPI32; pas de ImagePath
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-01-20 14:38 - 2016-01-20 14:38 - 00024032 _____ C:\Users\jean\Downloads\FRST.txt
2016-01-20 14:38 - 2016-01-20 14:38 - 00000000 ____D C:\FRST
2016-01-20 14:37 - 2016-01-20 14:37 - 01721856 _____ (Farbar) C:\Users\jean\Downloads\FRST (1).exe
2016-01-20 14:34 - 2016-01-20 14:34 - 01721856 _____ (Farbar) C:\Users\jean\Downloads\FRST.exe
2016-01-20 14:08 - 2016-01-20 14:08 - 00052440 _____ (Malwarebytes) C:\Windows\system32\Drivers\txoktela.sys
2016-01-20 11:18 - 2016-01-20 11:18 - 00035195 _____ C:\Users\jean\Downloads\ANTIBES_NICE.pdf
2016-01-19 15:50 - 2016-01-19 18:21 - 29086561 _____ C:\Users\jean\Downloads\Hotspot Shield VPN Elite 5.20.2 Setup + Activator.zip
2016-01-15 15:20 - 2016-01-15 15:20 - 00001078 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2016-01-15 15:19 - 2016-01-15 15:20 - 00000000 ____D C:\Program Files\Hotspot Shield
2016-01-15 15:19 - 2016-01-15 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2016-01-15 15:18 - 2016-01-15 15:20 - 00000000 ____D C:\ProgramData\Hotspot Shield
2016-01-15 15:06 - 2016-01-15 15:12 - 00000000 ____D C:\Users\jean\Downloads\Hotspot Shield 5.20.9 Elite Edition + Patch (Sadeem World)
2016-01-15 15:06 - 2016-01-15 15:06 - 00000000 ____D C:\Users\jean\Downloads\HotSpot Shield VPN v.4.15.3 + Elite Edition Activator [danhuk]
2016-01-14 11:26 - 2016-01-14 11:26 - 00062840 _____ C:\Users\jean\Downloads\Lien+internet+-+recherche+manuelle+des+chaines.pdf
2016-01-13 17:02 - 2016-01-15 12:49 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-13 16:34 - 2016-01-13 16:34 - 00000000 ____D C:\Users\jean\Downloads\ANTIBES NICE_files
2016-01-13 16:32 - 2016-01-13 16:32 - 00031745 _____ C:\Users\jean\Downloads\Reçu.html
2016-01-13 15:11 - 2016-01-13 15:12 - 00000000 ____D C:\BILLETS SNCF 2016
2016-01-12 15:59 - 2016-01-12 15:59 - 00000000 ____D C:\Users\jean\AppData\Local\CrashRpt
2016-01-12 15:58 - 2016-01-12 15:58 - 00000000 ____D C:\Users\jean\AppData\Roaming\Hotspot Shield
2016-01-09 11:08 - 2016-01-09 11:08 - 00860160 _____ C:\Users\jean\Downloads\IM_fix.exe
2016-01-06 17:02 - 2016-01-20 11:19 - 00000000 ____D C:\Catherine
2016-01-05 09:49 - 2016-01-05 10:08 - 00027537 _____ C:\Users\jean\Documents\bayac 5 1 16.wlmp
2016-01-05 09:20 - 2016-01-05 09:21 - 00000000 ____D C:\Users\jean\AppData\Local\{7068B973-0F04-46B5-AEA0-4DDC692EF1D4}
2016-01-04 17:45 - 2016-01-04 17:45 - 00000000 ____D C:\Users\jean\AppData\Local\{69368D50-2E60-42F4-BFAD-1246F2F12045}
2016-01-03 14:56 - 2016-01-13 16:39 - 00000000 ____D C:\FILM
2016-01-03 12:16 - 2016-01-03 12:16 - 00000000 ____D C:\Users\jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2016-01-03 11:28 - 2016-01-03 11:44 - 00066028 _____ C:\Windows\ntbtlog.txt
2016-01-03 10:22 - 2016-01-03 11:30 - 00000000 ____D C:\Program Files\Probit Software
2016-01-02 19:05 - 2016-01-02 19:05 - 00000000 ____D C:\Users\jean\Documents\AVS4YOU
2016-01-02 13:26 - 2016-01-02 13:26 - 00000000 ____D C:\Users\jean\AppData\Local\{EC8301B4-9FF8-4AD9-AE86-34DD165E7B71}
2016-01-02 13:23 - 2016-01-02 13:23 - 00000000 ____D C:\Users\jean\AppData\Local\{DE5C257D-15F9-4AA3-A10F-7427655F1F28}
2016-01-02 13:12 - 2016-01-02 13:12 - 00194628 _____ C:\Users\jean\Documents\gege.pdf
2015-12-24 17:50 - 2016-01-14 12:17 - 00000000 ____D C:\eeeeeeeeeeeee
2015-12-24 17:47 - 2015-12-24 17:47 - 00000000 ____D C:\Users\jean\AppData\Local\{E4EF2E76-9FCC-4231-ADB8-9EFB679AB174}
2015-12-24 09:42 - 2016-01-14 17:25 - 00000000 ____D C:\ProgramData\UtilTool
2015-12-24 09:42 - 2015-12-24 09:42 - 00000000 ____D C:\ProgramData\clp
2015-12-24 09:42 - 2015-12-24 09:42 - 00000000 ____D C:\ProgramData\BSD
2015-12-21 18:50 - 2016-01-04 17:52 - 00000000 ____D C:\chansons pour eugene
2015-12-21 18:21 - 2015-12-21 18:21 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth
2015-12-21 18:21 - 2015-12-21 18:21 - 00000000 ____D C:\Program Files\Toshiba
2015-12-21 16:36 - 2016-01-15 11:43 - 00001272 _____ C:\Users\Public\Desktop\Freemake Audio Converter.lnk
2015-12-21 16:36 - 2015-12-21 16:37 - 00000000 ____D C:\Users\jean\Documents\Freemake
2015-12-21 16:36 - 2015-12-21 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-12-21 16:36 - 2015-12-21 16:36 - 00000000 ____D C:\Program Files\Freemake
2015-12-21 16:36 - 2015-12-21 16:36 - 00000000 ____D C:\Program Files\Common Files\Freemake Shared
2015-12-21 16:17 - 2015-12-21 16:17 - 00000098 _____ C:\Users\jean\Downloads\dc1d6706-8cfe-4709-aaba-5aeca58d00da (1).html
2015-12-21 15:56 - 2015-12-21 15:56 - 00000000 ____D C:\Users\jean\AppData\Roaming\dBpoweramp
2015-12-21 15:55 - 2015-12-21 15:55 - 05199808 _____ C:\Windows\system32\SpoonUninstall.exe
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-01-20 14:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2016-01-20 14:37 - 2012-03-27 17:32 - 00000000 ____D C:\Users\jean\AppData\Roaming\uTorrent
2016-01-20 14:08 - 2013-08-14 19:57 - 00000000 ____D C:\Windows\PixArt
2016-01-20 13:47 - 2012-03-30 09:46 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-20 13:45 - 2015-04-11 12:19 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-20 12:11 - 2014-05-02 17:17 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-20 11:07 - 2013-04-07 09:24 - 00000000 ____D C:\ProgramData\MFAData
2016-01-19 18:00 - 2015-11-18 15:30 - 00000442 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2016-01-19 17:59 - 2014-09-30 17:47 - 00000000 ____D C:\FILMS
2016-01-19 15:45 - 2015-04-11 12:19 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-19 11:07 - 2015-12-04 13:37 - 00000000 ____D C:\Users\jean\AppData\LocalLow\uTorrent
2016-01-19 10:36 - 2009-07-14 05:34 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-19 10:36 - 2009-07-14 05:34 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-19 10:29 - 2015-11-18 15:30 - 00000468 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2016-01-19 10:29 - 2013-11-16 19:29 - 00000000 ____D C:\Users\jean\AppData\Local\CrashDumps
2016-01-19 10:28 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-18 18:57 - 2015-11-01 14:37 - 00000000 ____D C:\porsche
2016-01-16 18:36 - 2012-12-21 17:27 - 00000000 ____D C:\Users\jean\AppData\Roaming\vlc
2016-01-15 15:20 - 2013-01-25 16:54 - 00000000 ____D C:\Users\jean\AppData\Local\GHISLER
2016-01-15 15:19 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-15 11:52 - 2013-01-25 16:47 - 00000000 ____D C:\Users\jean\AppData\Local\LiveGBoost
2016-01-15 11:43 - 2015-11-16 18:21 - 00000800 _____ C:\Users\Public\Desktop\AVG.lnk
2016-01-15 11:43 - 2015-09-21 09:50 - 00001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2016-01-15 11:43 - 2015-09-21 09:50 - 00001977 _____ C:\Users\Public\Desktop\IncrediMail.lnk
2016-01-15 11:43 - 2015-04-11 10:04 - 00001996 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk
2016-01-15 11:43 - 2015-04-11 10:04 - 00001990 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk
2016-01-15 11:43 - 2015-03-19 16:05 - 00002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2016-01-15 11:43 - 2015-01-30 13:43 - 00002164 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-01-15 11:43 - 2015-01-27 10:47 - 00001028 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2016-01-15 11:43 - 2014-10-15 14:06 - 00000959 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-15 11:43 - 2014-10-02 17:36 - 00002012 _____ C:\Users\Public\Desktop\WiFi Station DB.lnk
2016-01-15 11:43 - 2014-08-26 18:01 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-01-15 11:43 - 2014-08-26 18:01 - 00001983 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-01-15 11:43 - 2014-02-11 15:03 - 00000838 _____ C:\Users\Public\Desktop\PC Booster.lnk
2016-01-15 11:43 - 2014-01-28 09:02 - 00001664 _____ C:\Users\Public\Desktop\WebMate.lnk
2016-01-15 11:43 - 2013-12-16 18:43 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-01-15 11:43 - 2013-04-08 12:42 - 00001966 _____ C:\Users\Public\Desktop\e-Carte Bleue Banque Populaire.lnk
2016-01-15 11:43 - 2013-02-02 11:56 - 00001855 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2016-01-15 11:43 - 2013-02-02 11:56 - 00001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Encore plus de jeux.lnk
2016-01-15 11:43 - 2013-01-21 15:57 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-15 11:43 - 2012-12-19 10:25 - 00001018 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-15 11:43 - 2012-11-12 16:21 - 00001809 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-01-15 11:43 - 2012-09-03 18:03 - 00001054 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-15 11:43 - 2012-06-21 08:07 - 00000883 _____ C:\Users\Public\Desktop\GBoost.lnk
2016-01-15 11:43 - 2012-05-08 08:42 - 00001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2016-01-15 11:43 - 2012-04-04 13:34 - 00002733 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2016-01-15 11:43 - 2012-03-27 18:06 - 00001308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-01-15 11:43 - 2012-03-27 18:06 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-01-15 11:43 - 2012-03-27 18:05 - 00001392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-01-15 11:43 - 2012-03-27 17:20 - 00000985 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-01-15 11:43 - 2012-03-27 16:24 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-01-15 11:43 - 2012-03-27 16:24 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-01-15 11:43 - 2009-07-14 05:46 - 00001479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-15 11:43 - 2009-07-14 05:42 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-01-15 11:43 - 2009-07-14 05:42 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-01-15 11:43 - 2009-07-14 05:42 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-01-15 11:43 - 2009-07-14 05:42 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-01-15 11:42 - 2015-05-19 16:51 - 00002221 _____ C:\Users\jean\Desktop\Kindle.lnk
2016-01-15 11:42 - 2015-03-20 18:52 - 00000928 _____ C:\Users\jean\Desktop\Gestionnaire pour appareils Windows Mobile.lnk
2016-01-15 11:42 - 2013-09-14 09:28 - 00000849 _____ C:\Users\jean\Desktop\µTorrent.lnk
2016-01-15 11:42 - 2013-09-14 09:28 - 00000829 _____ C:\Users\jean\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-01-15 11:42 - 2013-08-31 17:01 - 00001831 _____ C:\Users\jean\Desktop\Piratrax.lnk
2016-01-15 11:42 - 2013-04-08 12:42 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\e-Carte Bleue Banque Populaire.lnk
2016-01-15 11:42 - 2013-01-02 11:14 - 00001195 _____ C:\Users\jean\Desktop\AVS Video Converter.lnk
2016-01-15 11:42 - 2012-04-13 14:12 - 00001940 _____ C:\Users\jean\Desktop\AlerteGPS G300.lnk
2016-01-15 11:42 - 2012-03-27 17:23 - 00001197 _____ C:\Users\jean\Desktop\Magic Speed.lnk
2016-01-15 11:42 - 2009-07-14 05:46 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-01-15 11:42 - 2009-07-14 05:37 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-01-13 17:46 - 2012-03-29 07:52 - 00058368 _____ C:\Users\jean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-10 10:19 - 2012-09-22 09:56 - 00000000 ____D C:\Users\jean\AppData\Local\NETGEARGenie
2016-01-07 12:26 - 2014-10-13 07:42 - 00000000 ____D C:\Users\jean\AppData\Local\ElevatedDiagnostics
2016-01-06 17:50 - 2010-11-21 01:30 - 00722064 _____ C:\Windows\system32\perfh00C.dat
2016-01-06 17:50 - 2010-11-21 01:30 - 00139204 _____ C:\Windows\system32\perfc00C.dat
2016-01-06 17:50 - 2010-11-20 22:01 - 01599210 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-06 17:45 - 2015-11-16 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-01-06 17:28 - 2012-03-27 17:23 - 00000000 ____D C:\ProgramData\TEMP
2016-01-06 11:38 - 2015-08-22 19:32 - 00000000 ____D C:\easy
2016-01-05 09:20 - 2015-11-18 15:30 - 00000416 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job
2016-01-04 19:51 - 2012-03-27 17:46 - 00000000 ____D C:\Users\jean\AppData\Local\Windows Live
2016-01-04 18:25 - 2013-01-01 14:52 - 00000000 ____D C:\Program Files\AVS4YOU
2016-01-03 10:53 - 2012-03-27 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-03 10:53 - 2012-03-27 17:29 - 00000000 ____D C:\Program Files\WinRAR
2016-01-03 10:49 - 2009-07-14 05:33 - 00301160 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-03 10:21 - 2009-07-14 03:04 - 00000904 _____ C:\Windows\win.ini
2016-01-02 12:56 - 2013-01-01 14:53 - 00000000 ____D C:\Users\jean\AppData\Roaming\AVS4YOU
2016-01-02 12:56 - 2012-03-27 16:47 - 00066368 _____ C:\Users\jean\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-02 12:52 - 2013-01-02 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-12-24 09:50 - 2012-03-27 16:30 - 00000000 ____D C:\Users\jean
2015-12-21 17:44 - 2013-12-25 12:27 - 00000000 ____D C:\ProgramData\TOSHIBA
2015-12-21 16:36 - 2014-03-16 18:56 - 00000000 ____D C:\ProgramData\Freemake
==================== Fichiers à la racine de certains dossiers =======
2015-05-08 15:07 - 2015-08-14 09:31 - 0000555 _____ () C:\Users\jean\AppData\Roaming\burnaware.ini
2012-03-29 07:52 - 2016-01-13 17:46 - 0058368 _____ () C:\Users\jean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-28 08:51 - 2014-01-28 08:51 - 0007606 _____ () C:\Users\jean\AppData\Local\Resmon.ResmonCfg
2015-11-19 15:04 - 2015-11-19 15:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-11-28 10:20 - 2013-11-28 10:20 - 0005033 _____ () C:\ProgramData\mtbjfghn.xbe
Certains fichiers dans TEMP:
====================
C:\Users\jean\AppData\Local\Temp\5KiHq9fvUA.exe
C:\Users\jean\AppData\Local\Temp\aEaeFgJXBS.exe
C:\Users\jean\AppData\Local\Temp\avguirn_081984414746.exe
C:\Users\jean\AppData\Local\Temp\hss_update.exe
C:\Users\jean\AppData\Local\Temp\nsbEC43.exe
C:\Users\jean\AppData\Local\Temp\nsg5C7.exe
C:\Users\jean\AppData\Local\Temp\ntdll_dump.dll
C:\Users\jean\AppData\Local\Temp\Temp1.exe
C:\Users\jean\AppData\Local\Temp\Uninstall.exe
C:\Users\jean\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-01-20 13:34
==================== Fin de FRST.txt ============================