Publicité
Publicité
Commentaire : http://www.cjoint.com/c/FBuj0HKIUIT
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:17-02-2016
Exécuté par Vista (administrateur) sur PC-DE-VISTA (20-02-2016 10:41:51)
Exécuté depuis C:\Users\Vista\Desktop
Profils chargés: Vista (Profils disponibles: Vista)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
() C:\Program Files\60C22968-1455304971-DE11-84AD-F560C3F98A21\knscE702.tmp
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\MyEpson Portal\mepService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Users\Vista\AppData\Local\TECHP-BrowserAir\prtsvc.exe
() C:\Program Files\ScreenSnapshotTool\1.1.0.11188\ScreenShotServ.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\MyEpson Portal\mep.exe
() C:\Program Files\ScreenSnapshotTool\1.1.0.11188\ScreenSnapshot.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Windows\PLFSetI.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Acer Corp.) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Realtek Semiconductor Corp.) C:\Users\Vista\AppData\Local\Temp\RtkBtMnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\mbot_en_037050236\mbot_en_037050236.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIJE.EXE
(SFR) C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(The Chromium Authors) C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe
() C:\Users\Vista\AppData\Roaming\cacaoweb\cacaoweb.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(The Chromium Authors) C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(The Chromium Authors) C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe
() C:\Program Files\SearchesToYesbnd\bugreport.exe
(The Chromium Authors) C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968 2009-01-21] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024 2009-01-21] (CyberLink)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-01-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2008-10-24] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6957600 2009-03-11] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics, Inc.)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [870920 2009-02-24] (Dritek System Inc.)
HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [249600 2009-04-11] (NewTech Infosystems, Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [440864 2009-04-15] (Acer Incorporated)
HKLM\...\Run: [PlayMovie] => C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288 2008-12-26] (Acer Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-16] (AVAST Software)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [mbot_en_037050236] => C:\Program Files\mbot_en_037050236\mbot_en_037050236.exe [3956400 2016-02-12] ()
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [GoogleChromeAutoLaunch_1E8486B37041916B23BA8FB04FE136B8] => C:\Program Files\Google\Chrome\Application\chrome.exe [748872 2016-02-09] (Google Inc.)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIJE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [SFR Mediacenter] => C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe [2688368 2013-02-26] (SFR)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50385536 2015-12-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [GoogleChromeAutoLaunch_90E533DD6D1FAAF6677AEB8AC85BA44B] => C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [cacaoweb] => C:\Users\Vista\AppData\Roaming\cacaoweb\cacaoweb.exe [564016 2016-02-15] ()
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-12] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk [2016-02-12]
ShortcutTarget: WebBrowserMixVideoPlayer.lnk -> C:\Program Files\MixVideoPlayer\BrowserWeb.exe ()
Startup: C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk [2014-05-04]
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyEnable: [.DEFAULT] => Proxy est activé.
ProxyServer: [.DEFAULT] => http=127.0.0.1:57691;https=127.0.0.1:57691
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:57691;https=127.0.0.1:57691
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A5A44448-9EB1-4553-A172-B34F1219A728}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fr.hao123.com/?tn=sdks_inner_hp_01_hao123_fr&guid=bdf0057016b8d8051fa90e0c5f065cc4
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_mdaffmarmarie_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0FtCyC0A0D0A0Azz0CyD0D0FyEtN0D0Tzu0StCyEzyyBtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyEtBtB0AyB0D0BtGtDzytD0CtG0D0EtDyEtGtD0Bzz0EtG0FyBtA0DtC0BtAyC0C0CtAyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtC0EtD0A0C0ByBtGzz0EzzyDtGyEtBzztAtGzytB0ByEtGyD0E0E0DzzyE0A0AzytC0ByC2QtN0A0LzuyE%26cr%3D1442335724%26a%3Dwncy_mdaffmarmarie_16_05%26os_ver%3D6%26os%3DWindows%2BVista%2B(TM)%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2423295380-1716049718-3069747846-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_mdaffmarmarie_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0FtCyC0A0D0A0Azz0CyD0D0FyEtN0D0Tzu0StCyEzyyBtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyEtBtB0AyB0D0BtGtDzytD0CtG0D0EtDyEtGtD0Bzz0EtG0FyBtA0DtC0BtAyC0C0CtAyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtC0EtD0A0C0ByBtGzz0EzzyDtGyEtBzztAtGzytB0ByEtGyD0E0E0DzzyE0A0AzytC0ByC2QtN0A0LzuyE%26cr%3D1442335724%26a%3Dwncy_mdaffmarmarie_16_05%26os_ver%3D6%26os%3DWindows%2BVista%2B(TM)%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2423295380-1716049718-3069747846-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-2423295380-1716049718-3069747846-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-2423295380-1716049718-3069747846-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files\Iminent\Minibar.InternetExplorer.BHOx86.dll [2015-06-10] (SIEN)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-02] [non signé]
FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2015-06-13] [non signé]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.yessearches.com/?mode=nnnb&ptid=tuu&uid=987F95DCF99DDEF1AD8E35ACA0489B44&v=20160202&ts=AHEpBHAkB3QrC0..
CHR StartupUrls: Default -> "hxxp://www.yessearches.com/?mode=nnnb&ptid=tuu&uid=987F95DCF99DDEF1AD8E35ACA0489B44&v=20160202&ts=AHEpBHAkB3QrC0.."
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEpBHAkB3QrC0..&v=20160202&uid=987F95DCF99DDEF1AD8E35ACA0489B44&ptid=tuu&mode=nnnb
CHR DefaultSearchKeyword: Default -> yessearches
CHR Profile: C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (Iminent NewTab) - C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn [2014-05-05]
CHR Extension: (Iminent Emoticons) - C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\olghjjajidfdflkafeekiojnfmiolccp [2016-02-13]
CHR HKLM\...\Chrome\Extension: [ehhlaekjfiiojlddgndcnefflngfmhen] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nociobghckdhokecfeajdpimjeapnopn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [olghjjajidfdflkafeekiojnfmiolccp] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.istartpageing.com/?type=sc&ts=1455884488&z=5e0e1052502968bc93bd9a0gdzbw3web2b7zdzfb4c&from=cmi&uid=HitachiXHTS545050B9A300_090619PB4400Q7H37WZGX
StartMenuInternet: Google Chrome.BRRR3TIJNZUTQE2NYPAF3QUCX4 - C:\PROGRA~1\Google\Chrome\APPLIC~1\chrome.exe hxxp://www.istartpageing.com/?type=sc&ts=1455884488&z=5e0e1052502968bc93bd9a0gdzbw3web2b7zdzfb4c&from=cmi&uid=HitachiXHTS545050B9A300_090619PB4400Q7H37WZGX
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-12] (AVAST Software)
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2008-12-18] ()
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [703008 2009-04-15] (Acer Incorporated)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-11] (Seiko Epson Corporation)
S2 ggbugreport; C:\Program Files\SearchesToYesbnd\bugreport.exe [1588408 2016-02-05] ()
R2 kyfewodyzbt; C:\Program Files\60C22968-1455304971-DE11-84AD-F560C3F98A21\knscE702.tmp [202240 2016-02-13] () [Fichier non signé]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 MPCProtectService; C:\Program Files\MPC Cleaner\MPCProtectService.exe [348640 2016-02-06] () [Fichier non signé]
R2 MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [61184 2009-04-11] (NewTech Infosystems, Inc.)
R2 prtsvc; C:\Users\Vista\AppData\Local\TECHP-BrowserAir\prtsvc.exe [360960 2016-02-11] () [Fichier non signé]
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 TheScreenSnapshotService; C:\Program Files\ScreenSnapshotTool\1.1.0.11188\ScreenShotServ.exe [141984 2015-12-24] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S2 Winsere; C:\Program Files\Winsere\Winsere\Winsere.exe [302776 2016-02-03] ()
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-02-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-02-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-02-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-02-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [812720 2016-02-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-02-12] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [171608 2016-02-12] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67088 2016-02-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-02-12] (AVAST Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-19] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [153952 2009-02-21] (Realtek Semiconductor Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-20 10:41 - 2016-02-20 10:42 - 00021747 _____ C:\Users\Vista\Desktop\FRST.txt
2016-02-20 10:40 - 2016-02-20 10:41 - 00000000 ____D C:\FRST
2016-02-20 10:38 - 2016-02-20 10:38 - 01931328 _____ (Avanquest Software ) C:\Users\Vista\Desktop\OneSafe_PC_Cleaner_B.exe
2016-02-20 10:29 - 2016-02-20 10:29 - 00143880 _____ C:\Windows\Minidump\Mini022016-01.dmp
2016-02-20 10:28 - 2016-02-20 10:28 - 289718248 _____ C:\Windows\MEMORY.DMP
2016-02-19 13:33 - 2016-02-19 13:34 - 01722368 _____ (Farbar) C:\Users\Vista\Desktop\FRST.exe
2016-02-19 13:28 - 2016-02-20 09:52 - 00000254 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2016-02-19 13:28 - 2016-02-20 09:52 - 00000246 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2016-02-19 13:27 - 2016-02-19 13:27 - 00000742 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2016-02-19 13:27 - 2016-02-19 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2016-02-19 13:22 - 2016-02-19 13:22 - 00000000 ____D C:\ProgramData\QWdMQ
2016-02-18 14:06 - 2016-02-19 13:27 - 00000000 ____D C:\Program Files\RCP
2016-02-18 14:06 - 2015-11-20 19:27 - 00017840 _____ () C:\Windows\system32\roboot.exe
2016-02-16 18:16 - 2016-02-16 18:17 - 00772016 _____ (Reimage®) C:\Users\Vista\Downloads\ReimageRepair (2).exe
2016-02-16 18:14 - 2016-02-16 18:14 - 00987728 _____ (Google Inc.) C:\Users\Vista\Downloads\ChromeSetup.exe
2016-02-15 17:13 - 2016-02-19 13:22 - 00000000 ____D C:\Users\Vista\AppData\Roaming\istartpageing
2016-02-14 03:01 - 2016-02-14 03:01 - 00000000 __SHD C:\Windows\system32\%APPDATA%
2016-02-13 08:49 - 2016-02-14 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-13 08:48 - 2016-02-15 16:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-13 08:48 - 2016-02-13 08:48 - 00000000 ____D C:\Program Files\60C22968-1455349726-DE11-84AD-F560C3F98A21
2016-02-13 08:47 - 2016-02-18 23:10 - 00000000 ____D C:\Users\Vista\AppData\Roaming\ScreenSnapshotTool
2016-02-13 08:47 - 2016-02-13 11:02 - 00000000 ____D C:\ProgramData\ZWdMZ
2016-02-13 08:47 - 2016-02-13 08:47 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-02-13 08:47 - 2016-02-13 08:47 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-02-13 08:47 - 2016-02-13 08:47 - 00000000 ____D C:\Program Files\ScreenSnapshotTool
2016-02-13 08:46 - 2016-02-13 08:49 - 00000000 ____D C:\54e74813ad1a1876c4cc99aa62
2016-02-13 08:46 - 2016-02-13 08:46 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-02-13 08:19 - 2016-02-13 08:43 - 00000000 ____D C:\Users\Vista\AppData\Local\BrowserAir
2016-02-13 08:18 - 2016-02-19 13:22 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-02-13 08:18 - 2016-02-13 13:24 - 00000000 ____D C:\Users\Vista\AppData\Roaming\yoursearching
2016-02-13 08:18 - 2016-02-13 13:14 - 00000000 ____D C:\Users\Vista\AppData\Local\TECHP-BrowserAir
2016-02-13 08:18 - 2016-02-13 08:20 - 00000000 ____D C:\ProgramData\aWdMa
2016-02-13 08:18 - 2016-02-11 18:32 - 00022760 _____ (Corporation) C:\Windows\system32\Drivers\sdfhgdf.sys
2016-02-13 05:30 - 2016-02-13 05:30 - 00000000 ____D C:\Program Files\Iminent
2016-02-13 05:27 - 2016-02-13 08:18 - 00001095 _____ C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-12 20:35 - 2016-02-15 16:41 - 00000000 ____D C:\Users\Vista\AppData\Local\mbot_en_037050236
2016-02-12 20:35 - 2016-02-12 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2016-02-12 20:35 - 2016-02-12 20:35 - 00000000 ____D C:\Program Files\mbot_en_037050236
2016-02-12 20:35 - 2016-02-12 20:35 - 00000000 ____D C:\Program Files\Max Driver Updater
2016-02-12 20:25 - 2016-02-12 20:25 - 00000000 ____D C:\Users\Vista\AppData\Local\60C22968-1455308714-DE11-84AD-F560C3F98A21
2016-02-12 20:22 - 2016-02-16 16:24 - 00000000 ____D C:\Program Files\60C22968-1455304971-DE11-84AD-F560C3F98A21
2016-02-12 20:20 - 2016-02-12 20:22 - 00000000 ____D C:\Users\Vista\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-02-12 20:20 - 2016-02-12 20:20 - 00000000 ____D C:\Program Files\WinTaske
2016-02-12 20:20 - 2016-02-12 20:20 - 00000000 ____D C:\Program Files\Winsere
2016-02-12 20:20 - 2016-02-12 20:20 - 00000000 ____D C:\extensions
2016-02-12 20:19 - 2016-02-20 10:29 - 00000260 _____ C:\Windows\Tasks\System HealerStartUp.job
2016-02-12 20:19 - 2016-02-13 08:38 - 00000000 ____D C:\Program Files\SearchesToYesbnd
2016-02-12 20:19 - 2016-02-12 22:16 - 00000260 _____ C:\Windows\Tasks\System HealerPeriod.job
2016-02-12 20:19 - 2016-02-12 21:02 - 00000000 ____D C:\Users\Vista\Downloads\Setup
2016-02-12 20:19 - 2016-02-12 20:20 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-02-12 20:19 - 2016-02-12 20:19 - 00000000 ____D C:\ProgramData\1e6a904c-7c71-1
2016-02-12 20:19 - 2016-02-12 20:19 - 00000000 ____D C:\ProgramData\1e6a904c-1f23-0
2016-02-12 19:37 - 2016-02-12 19:37 - 00610691 _____ ( ) C:\Users\Vista\Downloads\installer (2).exe
2016-02-12 19:35 - 2016-02-12 19:35 - 00610691 _____ ( ) C:\Users\Vista\Downloads\installer (3).exe
2016-02-12 17:31 - 2016-02-20 10:31 - 00000000 ____D C:\Users\Vista\AppData\Roaming\cacaoweb
2016-02-12 17:31 - 2016-02-12 17:31 - 00554288 _____ C:\Users\Vista\Downloads\cacaoweb.exe
2016-02-12 16:55 - 2016-02-20 10:13 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-12 16:55 - 2016-02-15 17:05 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-12 16:55 - 2016-02-15 17:05 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-12 16:50 - 2016-02-12 16:50 - 00586271 _____ ( ) C:\Users\Vista\Downloads\installer (1).exe
2016-02-12 16:23 - 2016-02-12 16:23 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-12 16:23 - 2016-02-12 16:23 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-11 07:36 - 2016-02-11 07:36 - 00000000 ____D C:\Users\Vista\AppData\Roaming\Sun
2016-02-11 07:36 - 2016-02-11 07:36 - 00000000 ____D C:\Users\Vista\AppData\LocalLow\Sun
2016-02-11 07:36 - 2016-02-11 07:36 - 00000000 ____D C:\Users\Vista\.oracle_jre_usage
2016-02-11 07:34 - 2016-02-11 07:34 - 00000000 ____D C:\ProgramData\Oracle
2016-02-11 07:27 - 2016-02-11 07:27 - 00735328 _____ (Oracle Corporation) C:\Users\Vista\Downloads\chromeinstall-8u73 (1).exe
2016-02-11 07:27 - 2016-02-11 07:27 - 00000000 ____D C:\Users\Vista\AppData\LocalLow\Oracle
2016-02-11 07:25 - 2016-02-11 07:26 - 00735328 _____ (Oracle Corporation) C:\Users\Vista\Downloads\chromeinstall-8u73.exe
2016-02-11 07:24 - 2016-02-11 07:26 - 00586228 _____ (Application software ) C:\Users\Vista\Downloads\installer.exe
2016-02-11 03:49 - 2016-01-30 04:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-11 03:49 - 2016-01-30 04:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-02-11 03:49 - 2016-01-30 04:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-02-11 03:49 - 2016-01-30 04:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-02-11 03:49 - 2016-01-30 04:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-02-11 03:49 - 2016-01-30 04:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-02-11 03:49 - 2016-01-30 04:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-11 03:49 - 2016-01-30 04:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-02-11 03:49 - 2016-01-30 04:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-11 03:49 - 2016-01-30 04:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-02-11 03:49 - 2016-01-30 04:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-02-11 03:49 - 2016-01-30 04:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-02-11 03:49 - 2016-01-30 04:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-02-11 03:49 - 2016-01-30 04:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-02-11 03:49 - 2016-01-30 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-02-11 03:47 - 2016-02-01 18:21 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-11 03:47 - 2016-01-30 04:15 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-11 03:47 - 2016-01-30 04:15 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-11 03:47 - 2016-01-30 04:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-11 03:47 - 2016-01-30 04:09 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-11 03:47 - 2016-01-30 04:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-11 03:47 - 2016-01-30 04:07 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-11 03:47 - 2016-01-30 04:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-11 03:47 - 2016-01-30 02:24 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-11 03:45 - 2016-01-07 16:21 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-11 03:12 - 2016-01-07 16:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-11 03:05 - 2016-01-09 18:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 07:07 - 2016-01-25 05:59 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 07:07 - 2016-01-25 05:57 - 12391424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 07:07 - 2016-01-25 05:55 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 07:07 - 2016-01-25 05:54 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 07:07 - 2016-01-25 05:54 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 07:07 - 2016-01-25 05:53 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 07:07 - 2016-01-25 05:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 07:07 - 2016-01-25 05:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 07:07 - 2016-01-25 05:51 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-02-10 07:07 - 2016-01-25 05:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-02-10 05:49 - 2016-02-10 05:49 - 00000000 ____D C:\ProgramData\WindowsSearch
2016-02-06 18:19 - 2016-02-06 18:19 - 00000000 ____D C:\Users\Vista\AppData\Local\Systweak
2016-02-06 12:26 - 2016-02-15 17:13 - 00002276 _____ C:\Users\Vista\Desktop\Chromium.lnk
2016-02-06 12:26 - 2016-02-06 12:26 - 00000000 ____D C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
2016-02-06 12:24 - 2016-02-06 12:26 - 00000000 ____D C:\Users\Vista\AppData\Local\Chromium
2016-02-06 12:22 - 2016-02-06 12:22 - 00002265 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-02-06 12:21 - 2016-02-06 12:21 - 00000000 ____D C:\ProgramData\ByteFence
2016-02-06 12:20 - 2016-02-06 21:25 - 00000000 ____D C:\Users\Vista\AppData\Roaming\Nico Mak Computing
2016-02-06 12:20 - 2016-02-06 12:20 - 23052120 _____ C:\Users\Vista\Downloads\VideoPlayerSetup.msi
2016-02-06 12:19 - 2016-02-06 12:23 - 00000000 ____D C:\Users\Vista\AppData\Local\{E920DF7C-CD88-B3C4-A010-962C84786AB4}
2016-02-06 10:05 - 2016-02-06 10:06 - 00000000 ____D C:\ProgramData\Uniblue
2016-02-06 09:15 - 2016-02-06 09:19 - 00000000 _____ C:\Windows\mahu.exe
2016-02-06 08:55 - 2016-02-06 08:55 - 00772016 _____ (Reimage®) C:\Users\Vista\Downloads\ReimageRepair (1).exe
2016-02-06 08:54 - 2016-02-06 09:14 - 00000000 _____ C:\Windows\ahu.exe
2016-02-06 08:54 - 2016-02-06 08:55 - 00772016 _____ (Reimage®) C:\Users\Vista\Downloads\ReimageRepair.exe
2016-02-06 08:34 - 2016-02-06 10:00 - 00000000 ____D C:\Users\Vista\AppData\Local\WebShield
2016-02-06 08:24 - 2016-02-06 10:00 - 00000000 ____D C:\ProgramData\WebShield
2016-02-06 08:23 - 2016-02-06 10:01 - 00000000 ____D C:\Program Files\SunnyDay7
2016-02-06 08:23 - 2016-02-06 08:44 - 00000000 ____D C:\Users\Vista\AppData\LocalLow\mystarttb
2016-02-06 08:23 - 2016-02-06 08:24 - 00000000 ____D C:\Users\Vista\AppData\Local\SunnyDay7
2016-02-06 08:23 - 2016-02-06 08:24 - 00000000 ____D C:\ProgramData\tcTlPAR
2016-02-06 08:23 - 2016-02-06 08:23 - 00000000 ____D C:\ProgramData\6d691afe-5c41-1
2016-02-06 08:23 - 2016-02-06 08:23 - 00000000 ____D C:\ProgramData\6d691afe-0d83-0
2016-02-06 08:22 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files\mystarttb
2016-02-06 08:18 - 2016-02-06 08:18 - 00631808 _____ C:\Windows\ahu.dat
2016-02-06 08:16 - 2016-02-06 08:16 - 00000000 ____D C:\Users\Vista\AppData\Local\com
2016-02-06 08:10 - 2016-02-12 20:23 - 00000000 ____D C:\Users\Vista\AppData\Local\mixvideoplayer
2016-02-06 08:10 - 2016-02-12 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer
2016-02-06 08:10 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files\MPC Cleaner
2016-02-06 08:10 - 2016-02-06 08:10 - 00000000 ____D C:\Users\Vista\AppData\Local\BrowserWeb
2016-02-06 08:08 - 2016-02-13 08:44 - 00000000 ____D C:\Program Files\MixVideoPlayer
2016-02-06 08:08 - 2016-02-06 10:00 - 00000000 ____D C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RinoReader
2016-02-06 08:08 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files\RinoReader
2016-02-06 08:08 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files\Primary Color
2016-02-06 08:07 - 2016-02-12 20:18 - 00000000 ____D C:\Users\Vista\AppData\Local\Setup Wizard
2016-02-04 18:32 - 2016-02-04 18:32 - 00000000 ____D C:\Users\Vista\Downloads\ludocar-jeu-pc (5)
2016-02-04 18:26 - 2016-02-04 18:43 - 15648170 _____ C:\Users\Vista\Downloads\ludocar-jeu-pc.zip
2016-02-04 11:20 - 2016-02-04 11:20 - 00040542 _____ C:\Users\Vista\Downloads\fiche_1005589290686860977773209805.pdf
2016-02-03 09:40 - 2016-02-03 09:40 - 00011576 _____ C:\Users\Vista\Downloads\USF - Salaire Janvier 2016 - Hugues BEAURIEUX.pdf
2016-01-31 12:50 - 2016-01-31 12:50 - 00170611 _____ C:\Users\Vista\Downloads\NS2 (2015-2016).pdf
2016-01-31 12:49 - 2016-01-31 12:49 - 00034143 _____ C:\Users\Vista\Downloads\OM_0451558Z_15D0458013_8506_01_22-01-2016_15-06-40.pdf
2016-01-31 11:45 - 2016-01-31 11:46 - 00034143 _____ C:\Users\Vista\Downloads\OM_0451558Z_15D0458013_8506_01_22-01-2016_12-36-17.pdf
2016-01-31 11:45 - 2016-01-31 11:46 - 00034143 _____ C:\Users\Vista\Downloads\OM_0451558Z_15D0458013_8506_01_22-01-2016_12-36-17 (2).pdf
2016-01-31 11:45 - 2016-01-31 11:46 - 00034143 _____ C:\Users\Vista\Downloads\OM_0451558Z_15D0458013_8506_01_22-01-2016_12-36-17 (1).pdf
2016-01-28 07:53 - 2016-01-28 07:54 - 00039035 _____ C:\Users\Vista\Downloads\RelevePrestations_27_01_2016.pdf
2016-01-26 08:56 - 2016-01-26 08:56 - 00024630 _____ C:\Users\Vista\Downloads\Attestation_MGEN_Emmanuelle_BEAURIEUX_05011970 (3).pdf
2016-01-26 08:55 - 2016-01-26 08:55 - 00024304 _____ C:\Users\Vista\Downloads\Attestation_MGEN_LOUIS_BEAURIEUX_30041999.pdf
2016-01-21 09:11 - 2016-01-21 09:11 - 00288536 _____ C:\Users\Vista\Downloads\docapost_070540011522690701312013-01-232040966301523831569.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-20 10:33 - 2015-08-07 17:12 - 00000000 ____D C:\Users\Vista\AppData\Roaming\Skype
2016-02-20 10:30 - 2014-05-02 09:16 - 00000312 _____ C:\Windows\Tasks\GlaryInitialize.job
2016-02-20 10:29 - 2014-09-13 07:38 - 00000000 ____D C:\Windows\Minidump
2016-02-20 10:29 - 2014-05-03 10:05 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-20 10:29 - 2014-05-03 10:05 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-20 10:29 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-20 10:29 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-20 10:29 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-20 10:10 - 2009-03-03 10:20 - 00722148 _____ C:\Windows\system32\perfh00C.dat
2016-02-20 10:10 - 2009-03-03 10:20 - 00145950 _____ C:\Windows\system32\perfc00C.dat
2016-02-20 10:10 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2016-02-20 10:10 - 2006-11-02 11:33 - 01614504 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-19 13:31 - 2014-07-04 18:27 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-19 13:27 - 2014-05-04 14:14 - 00000000 ____D C:\Users\Vista\AppData\Roaming\systweak
2016-02-18 23:32 - 2006-11-02 14:01 - 00032494 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-18 14:01 - 2014-05-03 10:06 - 00002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-18 14:01 - 2014-05-03 10:06 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-15 17:15 - 2014-05-02 09:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-15 17:06 - 2014-09-09 19:04 - 00000000 ____D C:\Users\Vista\AppData\Local\Adobe
2016-02-13 08:43 - 2014-10-02 20:02 - 00006836 _____ C:\Users\Vista\AppData\Local\d3d9caps.dat
2016-02-13 05:26 - 2014-04-30 14:51 - 00000908 _____ C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-13 05:26 - 2014-04-30 14:51 - 00000879 _____ C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2016-02-12 20:25 - 2015-08-08 10:46 - 00000000 ____D C:\Users\Vista\AppData\Roaming\DVDVideoSoft
2016-02-12 16:24 - 2014-05-02 09:12 - 00221240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-12 16:23 - 2015-08-06 08:00 - 00171608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-02-12 16:23 - 2014-05-07 13:38 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00812720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00447848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00067088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-11 07:36 - 2014-04-30 14:49 - 00000000 ____D C:\Users\Vista
2016-02-11 04:32 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2016-02-11 04:11 - 2006-11-02 13:47 - 00352192 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 04:08 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-11 04:08 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-02-11 03:42 - 2014-05-02 10:19 - 00000000 ____D C:\Windows\system32\MRT
2016-02-11 03:15 - 2006-11-02 11:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-02-06 12:20 - 2014-05-04 07:51 - 00000290 __RSH C:\ProgramData\ntuser.pol
2016-02-02 16:16 - 2014-04-30 14:50 - 00000000 ____D C:\Program Files\Google
2016-02-02 15:50 - 2009-03-03 03:00 - 00000000 ____D C:\ProgramData\Adobe
2016-02-02 15:50 - 2009-03-03 02:19 - 00000000 ____D C:\ProgramData\McAfee
2016-02-02 15:50 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-01-31 15:55 - 2015-03-08 20:35 - 00111566 _____ C:\Users\Vista\Documents\CV Clément.odt
==================== Fichiers à la racine de certains dossiers =======
2015-12-05 09:30 - 2015-12-05 09:30 - 6420480 _____ () C:\Program Files\GUT10B6.tmp
2016-02-13 08:48 - 2016-02-13 08:48 - 0001231 _____ () C:\Users\Vista\AppData\Roaming\Bubble Dock.boostrap.log
2014-10-06 19:10 - 2014-11-13 00:22 - 0000133 _____ () C:\Users\Vista\AppData\Roaming\WB.CFG
2016-02-13 08:48 - 2016-02-13 08:48 - 0000097 _____ () C:\Users\Vista\AppData\Roaming\WindApp.boostrap.log
2014-05-04 13:59 - 2014-05-04 13:59 - 0000000 _____ () C:\Users\Vista\AppData\Roaming\wklnhst.dat
2014-10-02 20:02 - 2016-02-13 08:43 - 0006836 _____ () C:\Users\Vista\AppData\Local\d3d9caps.dat
2015-09-29 17:51 - 2015-09-29 17:54 - 0018432 _____ () C:\Users\Vista\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-11 07:32 - 2014-10-11 07:32 - 0000010 _____ () C:\Users\Vista\AppData\Local\DSI.DAT
2014-04-30 14:59 - 2014-04-30 16:17 - 0008156 _____ () C:\Users\Vista\AppData\Local\MyWinLockerInstaller.txt-20140430.log
2009-03-03 03:00 - 2014-04-30 15:03 - 0004533 _____ () C:\ProgramData\ArcadeDeluxe2.log
2016-02-13 08:18 - 2016-02-19 13:22 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Certains fichiers dans TEMP:
====================
C:\Users\Vista\AppData\Local\Temp\2884.tmp.exe
C:\Users\Vista\AppData\Local\Temp\3EC3.tmp.exe
C:\Users\Vista\AppData\Local\Temp\650D.tmp.exe
C:\Users\Vista\AppData\Local\Temp\752A.tmp.exe
C:\Users\Vista\AppData\Local\Temp\825A.tmp.exe
C:\Users\Vista\AppData\Local\Temp\9799.tmp.exe
C:\Users\Vista\AppData\Local\Temp\9D7C.tmp.exe
C:\Users\Vista\AppData\Local\Temp\AB1D.tmp.exe
C:\Users\Vista\AppData\Local\Temp\D29.tmp.exe
C:\Users\Vista\AppData\Local\Temp\D98E.tmp.exe
C:\Users\Vista\AppData\Local\Temp\E25.tmp.exe
C:\Users\Vista\AppData\Local\Temp\EDDA.tmp.exe
C:\Users\Vista\AppData\Local\Temp\FB30.tmp.exe
C:\Users\Vista\AppData\Local\Temp\fsd6670.exe
C:\Users\Vista\AppData\Local\Temp\fsd7657.exe
C:\Users\Vista\AppData\Local\Temp\ICReinstall_825A.tmp.exe
C:\Users\Vista\AppData\Local\Temp\ICReinstall_D29.tmp.exe
C:\Users\Vista\AppData\Local\Temp\RtkBtMnt.exe
Certains de taille zéro octet fichiers/dossiers:
==========================
C:\Windows\ahu.exe
C:\Windows\mahu.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-02-20 10:35
==================== Fin de FRST.txt ============================
Exécuté par Vista (administrateur) sur PC-DE-VISTA (20-02-2016 10:41:51)
Exécuté depuis C:\Users\Vista\Desktop
Profils chargés: Vista (Profils disponibles: Vista)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
() C:\Program Files\60C22968-1455304971-DE11-84AD-F560C3F98A21\knscE702.tmp
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\MyEpson Portal\mepService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Users\Vista\AppData\Local\TECHP-BrowserAir\prtsvc.exe
() C:\Program Files\ScreenSnapshotTool\1.1.0.11188\ScreenShotServ.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\MyEpson Portal\mep.exe
() C:\Program Files\ScreenSnapshotTool\1.1.0.11188\ScreenSnapshot.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Windows\PLFSetI.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Acer Corp.) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Realtek Semiconductor Corp.) C:\Users\Vista\AppData\Local\Temp\RtkBtMnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\mbot_en_037050236\mbot_en_037050236.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIJE.EXE
(SFR) C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(The Chromium Authors) C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe
() C:\Users\Vista\AppData\Roaming\cacaoweb\cacaoweb.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(The Chromium Authors) C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(The Chromium Authors) C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe
() C:\Program Files\SearchesToYesbnd\bugreport.exe
(The Chromium Authors) C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968 2009-01-21] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024 2009-01-21] (CyberLink)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-01-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2008-10-24] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6957600 2009-03-11] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics, Inc.)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [870920 2009-02-24] (Dritek System Inc.)
HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [249600 2009-04-11] (NewTech Infosystems, Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [440864 2009-04-15] (Acer Incorporated)
HKLM\...\Run: [PlayMovie] => C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288 2008-12-26] (Acer Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-16] (AVAST Software)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [mbot_en_037050236] => C:\Program Files\mbot_en_037050236\mbot_en_037050236.exe [3956400 2016-02-12] ()
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [GoogleChromeAutoLaunch_1E8486B37041916B23BA8FB04FE136B8] => C:\Program Files\Google\Chrome\Application\chrome.exe [748872 2016-02-09] (Google Inc.)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIJE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [SFR Mediacenter] => C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe [2688368 2013-02-26] (SFR)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50385536 2015-12-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [GoogleChromeAutoLaunch_90E533DD6D1FAAF6677AEB8AC85BA44B] => C:\Users\Vista\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\...\Run: [cacaoweb] => C:\Users\Vista\AppData\Roaming\cacaoweb\cacaoweb.exe [564016 2016-02-15] ()
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-12] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk [2016-02-12]
ShortcutTarget: WebBrowserMixVideoPlayer.lnk -> C:\Program Files\MixVideoPlayer\BrowserWeb.exe ()
Startup: C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk [2014-05-04]
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyEnable: [.DEFAULT] => Proxy est activé.
ProxyServer: [.DEFAULT] => http=127.0.0.1:57691;https=127.0.0.1:57691
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:57691;https=127.0.0.1:57691
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A5A44448-9EB1-4553-A172-B34F1219A728}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fr.hao123.com/?tn=sdks_inner_hp_01_hao123_fr&guid=bdf0057016b8d8051fa90e0c5f065cc4
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2423295380-1716049718-3069747846-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_mdaffmarmarie_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0FtCyC0A0D0A0Azz0CyD0D0FyEtN0D0Tzu0StCyEzyyBtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyEtBtB0AyB0D0BtGtDzytD0CtG0D0EtDyEtGtD0Bzz0EtG0FyBtA0DtC0BtAyC0C0CtAyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtC0EtD0A0C0ByBtGzz0EzzyDtGyEtBzztAtGzytB0ByEtGyD0E0E0DzzyE0A0AzytC0ByC2QtN0A0LzuyE%26cr%3D1442335724%26a%3Dwncy_mdaffmarmarie_16_05%26os_ver%3D6%26os%3DWindows%2BVista%2B(TM)%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2423295380-1716049718-3069747846-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_mdaffmarmarie_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0FtCyC0A0D0A0Azz0CyD0D0FyEtN0D0Tzu0StCyEzyyBtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyEtBtB0AyB0D0BtGtDzytD0CtG0D0EtDyEtGtD0Bzz0EtG0FyBtA0DtC0BtAyC0C0CtAyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtC0EtD0A0C0ByBtGzz0EzzyDtGyEtBzztAtGzytB0ByEtGyD0E0E0DzzyE0A0AzytC0ByC2QtN0A0LzuyE%26cr%3D1442335724%26a%3Dwncy_mdaffmarmarie_16_05%26os_ver%3D6%26os%3DWindows%2BVista%2B(TM)%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2423295380-1716049718-3069747846-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-2423295380-1716049718-3069747846-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-2423295380-1716049718-3069747846-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files\Iminent\Minibar.InternetExplorer.BHOx86.dll [2015-06-10] (SIEN)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-02] [non signé]
FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2015-06-13] [non signé]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.yessearches.com/?mode=nnnb&ptid=tuu&uid=987F95DCF99DDEF1AD8E35ACA0489B44&v=20160202&ts=AHEpBHAkB3QrC0..
CHR StartupUrls: Default -> "hxxp://www.yessearches.com/?mode=nnnb&ptid=tuu&uid=987F95DCF99DDEF1AD8E35ACA0489B44&v=20160202&ts=AHEpBHAkB3QrC0.."
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEpBHAkB3QrC0..&v=20160202&uid=987F95DCF99DDEF1AD8E35ACA0489B44&ptid=tuu&mode=nnnb
CHR DefaultSearchKeyword: Default -> yessearches
CHR Profile: C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (Iminent NewTab) - C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn [2014-05-05]
CHR Extension: (Iminent Emoticons) - C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\olghjjajidfdflkafeekiojnfmiolccp [2016-02-13]
CHR HKLM\...\Chrome\Extension: [ehhlaekjfiiojlddgndcnefflngfmhen] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nociobghckdhokecfeajdpimjeapnopn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [olghjjajidfdflkafeekiojnfmiolccp] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.istartpageing.com/?type=sc&ts=1455884488&z=5e0e1052502968bc93bd9a0gdzbw3web2b7zdzfb4c&from=cmi&uid=HitachiXHTS545050B9A300_090619PB4400Q7H37WZGX
StartMenuInternet: Google Chrome.BRRR3TIJNZUTQE2NYPAF3QUCX4 - C:\PROGRA~1\Google\Chrome\APPLIC~1\chrome.exe hxxp://www.istartpageing.com/?type=sc&ts=1455884488&z=5e0e1052502968bc93bd9a0gdzbw3web2b7zdzfb4c&from=cmi&uid=HitachiXHTS545050B9A300_090619PB4400Q7H37WZGX
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-12] (AVAST Software)
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2008-12-18] ()
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [703008 2009-04-15] (Acer Incorporated)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-11] (Seiko Epson Corporation)
S2 ggbugreport; C:\Program Files\SearchesToYesbnd\bugreport.exe [1588408 2016-02-05] ()
R2 kyfewodyzbt; C:\Program Files\60C22968-1455304971-DE11-84AD-F560C3F98A21\knscE702.tmp [202240 2016-02-13] () [Fichier non signé]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 MPCProtectService; C:\Program Files\MPC Cleaner\MPCProtectService.exe [348640 2016-02-06] () [Fichier non signé]
R2 MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [61184 2009-04-11] (NewTech Infosystems, Inc.)
R2 prtsvc; C:\Users\Vista\AppData\Local\TECHP-BrowserAir\prtsvc.exe [360960 2016-02-11] () [Fichier non signé]
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 TheScreenSnapshotService; C:\Program Files\ScreenSnapshotTool\1.1.0.11188\ScreenShotServ.exe [141984 2015-12-24] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S2 Winsere; C:\Program Files\Winsere\Winsere\Winsere.exe [302776 2016-02-03] ()
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-02-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-02-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-02-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-02-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [812720 2016-02-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-02-12] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [171608 2016-02-12] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67088 2016-02-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-02-12] (AVAST Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-19] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [153952 2009-02-21] (Realtek Semiconductor Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-20 10:41 - 2016-02-20 10:42 - 00021747 _____ C:\Users\Vista\Desktop\FRST.txt
2016-02-20 10:40 - 2016-02-20 10:41 - 00000000 ____D C:\FRST
2016-02-20 10:38 - 2016-02-20 10:38 - 01931328 _____ (Avanquest Software ) C:\Users\Vista\Desktop\OneSafe_PC_Cleaner_B.exe
2016-02-20 10:29 - 2016-02-20 10:29 - 00143880 _____ C:\Windows\Minidump\Mini022016-01.dmp
2016-02-20 10:28 - 2016-02-20 10:28 - 289718248 _____ C:\Windows\MEMORY.DMP
2016-02-19 13:33 - 2016-02-19 13:34 - 01722368 _____ (Farbar) C:\Users\Vista\Desktop\FRST.exe
2016-02-19 13:28 - 2016-02-20 09:52 - 00000254 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2016-02-19 13:28 - 2016-02-20 09:52 - 00000246 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2016-02-19 13:27 - 2016-02-19 13:27 - 00000742 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2016-02-19 13:27 - 2016-02-19 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2016-02-19 13:22 - 2016-02-19 13:22 - 00000000 ____D C:\ProgramData\QWdMQ
2016-02-18 14:06 - 2016-02-19 13:27 - 00000000 ____D C:\Program Files\RCP
2016-02-18 14:06 - 2015-11-20 19:27 - 00017840 _____ () C:\Windows\system32\roboot.exe
2016-02-16 18:16 - 2016-02-16 18:17 - 00772016 _____ (Reimage®) C:\Users\Vista\Downloads\ReimageRepair (2).exe
2016-02-16 18:14 - 2016-02-16 18:14 - 00987728 _____ (Google Inc.) C:\Users\Vista\Downloads\ChromeSetup.exe
2016-02-15 17:13 - 2016-02-19 13:22 - 00000000 ____D C:\Users\Vista\AppData\Roaming\istartpageing
2016-02-14 03:01 - 2016-02-14 03:01 - 00000000 __SHD C:\Windows\system32\%APPDATA%
2016-02-13 08:49 - 2016-02-14 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-13 08:48 - 2016-02-15 16:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-13 08:48 - 2016-02-13 08:48 - 00000000 ____D C:\Program Files\60C22968-1455349726-DE11-84AD-F560C3F98A21
2016-02-13 08:47 - 2016-02-18 23:10 - 00000000 ____D C:\Users\Vista\AppData\Roaming\ScreenSnapshotTool
2016-02-13 08:47 - 2016-02-13 11:02 - 00000000 ____D C:\ProgramData\ZWdMZ
2016-02-13 08:47 - 2016-02-13 08:47 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-02-13 08:47 - 2016-02-13 08:47 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-02-13 08:47 - 2016-02-13 08:47 - 00000000 ____D C:\Program Files\ScreenSnapshotTool
2016-02-13 08:46 - 2016-02-13 08:49 - 00000000 ____D C:\54e74813ad1a1876c4cc99aa62
2016-02-13 08:46 - 2016-02-13 08:46 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-02-13 08:19 - 2016-02-13 08:43 - 00000000 ____D C:\Users\Vista\AppData\Local\BrowserAir
2016-02-13 08:18 - 2016-02-19 13:22 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-02-13 08:18 - 2016-02-13 13:24 - 00000000 ____D C:\Users\Vista\AppData\Roaming\yoursearching
2016-02-13 08:18 - 2016-02-13 13:14 - 00000000 ____D C:\Users\Vista\AppData\Local\TECHP-BrowserAir
2016-02-13 08:18 - 2016-02-13 08:20 - 00000000 ____D C:\ProgramData\aWdMa
2016-02-13 08:18 - 2016-02-11 18:32 - 00022760 _____ (Corporation) C:\Windows\system32\Drivers\sdfhgdf.sys
2016-02-13 05:30 - 2016-02-13 05:30 - 00000000 ____D C:\Program Files\Iminent
2016-02-13 05:27 - 2016-02-13 08:18 - 00001095 _____ C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-12 20:35 - 2016-02-15 16:41 - 00000000 ____D C:\Users\Vista\AppData\Local\mbot_en_037050236
2016-02-12 20:35 - 2016-02-12 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2016-02-12 20:35 - 2016-02-12 20:35 - 00000000 ____D C:\Program Files\mbot_en_037050236
2016-02-12 20:35 - 2016-02-12 20:35 - 00000000 ____D C:\Program Files\Max Driver Updater
2016-02-12 20:25 - 2016-02-12 20:25 - 00000000 ____D C:\Users\Vista\AppData\Local\60C22968-1455308714-DE11-84AD-F560C3F98A21
2016-02-12 20:22 - 2016-02-16 16:24 - 00000000 ____D C:\Program Files\60C22968-1455304971-DE11-84AD-F560C3F98A21
2016-02-12 20:20 - 2016-02-12 20:22 - 00000000 ____D C:\Users\Vista\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-02-12 20:20 - 2016-02-12 20:20 - 00000000 ____D C:\Program Files\WinTaske
2016-02-12 20:20 - 2016-02-12 20:20 - 00000000 ____D C:\Program Files\Winsere
2016-02-12 20:20 - 2016-02-12 20:20 - 00000000 ____D C:\extensions
2016-02-12 20:19 - 2016-02-20 10:29 - 00000260 _____ C:\Windows\Tasks\System HealerStartUp.job
2016-02-12 20:19 - 2016-02-13 08:38 - 00000000 ____D C:\Program Files\SearchesToYesbnd
2016-02-12 20:19 - 2016-02-12 22:16 - 00000260 _____ C:\Windows\Tasks\System HealerPeriod.job
2016-02-12 20:19 - 2016-02-12 21:02 - 00000000 ____D C:\Users\Vista\Downloads\Setup
2016-02-12 20:19 - 2016-02-12 20:20 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-02-12 20:19 - 2016-02-12 20:19 - 00000000 ____D C:\ProgramData\1e6a904c-7c71-1
2016-02-12 20:19 - 2016-02-12 20:19 - 00000000 ____D C:\ProgramData\1e6a904c-1f23-0
2016-02-12 19:37 - 2016-02-12 19:37 - 00610691 _____ ( ) C:\Users\Vista\Downloads\installer (2).exe
2016-02-12 19:35 - 2016-02-12 19:35 - 00610691 _____ ( ) C:\Users\Vista\Downloads\installer (3).exe
2016-02-12 17:31 - 2016-02-20 10:31 - 00000000 ____D C:\Users\Vista\AppData\Roaming\cacaoweb
2016-02-12 17:31 - 2016-02-12 17:31 - 00554288 _____ C:\Users\Vista\Downloads\cacaoweb.exe
2016-02-12 16:55 - 2016-02-20 10:13 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-12 16:55 - 2016-02-15 17:05 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-12 16:55 - 2016-02-15 17:05 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-12 16:50 - 2016-02-12 16:50 - 00586271 _____ ( ) C:\Users\Vista\Downloads\installer (1).exe
2016-02-12 16:23 - 2016-02-12 16:23 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-12 16:23 - 2016-02-12 16:23 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-11 07:36 - 2016-02-11 07:36 - 00000000 ____D C:\Users\Vista\AppData\Roaming\Sun
2016-02-11 07:36 - 2016-02-11 07:36 - 00000000 ____D C:\Users\Vista\AppData\LocalLow\Sun
2016-02-11 07:36 - 2016-02-11 07:36 - 00000000 ____D C:\Users\Vista\.oracle_jre_usage
2016-02-11 07:34 - 2016-02-11 07:34 - 00000000 ____D C:\ProgramData\Oracle
2016-02-11 07:27 - 2016-02-11 07:27 - 00735328 _____ (Oracle Corporation) C:\Users\Vista\Downloads\chromeinstall-8u73 (1).exe
2016-02-11 07:27 - 2016-02-11 07:27 - 00000000 ____D C:\Users\Vista\AppData\LocalLow\Oracle
2016-02-11 07:25 - 2016-02-11 07:26 - 00735328 _____ (Oracle Corporation) C:\Users\Vista\Downloads\chromeinstall-8u73.exe
2016-02-11 07:24 - 2016-02-11 07:26 - 00586228 _____ (Application software ) C:\Users\Vista\Downloads\installer.exe
2016-02-11 03:49 - 2016-01-30 04:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-11 03:49 - 2016-01-30 04:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-02-11 03:49 - 2016-01-30 04:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-02-11 03:49 - 2016-01-30 04:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-02-11 03:49 - 2016-01-30 04:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-02-11 03:49 - 2016-01-30 04:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-02-11 03:49 - 2016-01-30 04:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-11 03:49 - 2016-01-30 04:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-02-11 03:49 - 2016-01-30 04:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-11 03:49 - 2016-01-30 04:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-02-11 03:49 - 2016-01-30 04:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-02-11 03:49 - 2016-01-30 04:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-02-11 03:49 - 2016-01-30 04:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-02-11 03:49 - 2016-01-30 04:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-02-11 03:49 - 2016-01-30 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-02-11 03:47 - 2016-02-01 18:21 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-11 03:47 - 2016-01-30 04:15 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-11 03:47 - 2016-01-30 04:15 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-11 03:47 - 2016-01-30 04:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-11 03:47 - 2016-01-30 04:09 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-11 03:47 - 2016-01-30 04:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-11 03:47 - 2016-01-30 04:07 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-11 03:47 - 2016-01-30 04:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-11 03:47 - 2016-01-30 02:24 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-11 03:45 - 2016-01-07 16:21 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-11 03:12 - 2016-01-07 16:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-11 03:05 - 2016-01-09 18:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 07:07 - 2016-01-25 05:59 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 07:07 - 2016-01-25 05:57 - 12391424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 07:07 - 2016-01-25 05:55 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 07:07 - 2016-01-25 05:54 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 07:07 - 2016-01-25 05:54 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 07:07 - 2016-01-25 05:53 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 07:07 - 2016-01-25 05:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-02-10 07:07 - 2016-01-25 05:52 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 07:07 - 2016-01-25 05:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 07:07 - 2016-01-25 05:51 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-02-10 07:07 - 2016-01-25 05:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-02-10 07:07 - 2016-01-25 05:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-02-10 05:49 - 2016-02-10 05:49 - 00000000 ____D C:\ProgramData\WindowsSearch
2016-02-06 18:19 - 2016-02-06 18:19 - 00000000 ____D C:\Users\Vista\AppData\Local\Systweak
2016-02-06 12:26 - 2016-02-15 17:13 - 00002276 _____ C:\Users\Vista\Desktop\Chromium.lnk
2016-02-06 12:26 - 2016-02-06 12:26 - 00000000 ____D C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
2016-02-06 12:24 - 2016-02-06 12:26 - 00000000 ____D C:\Users\Vista\AppData\Local\Chromium
2016-02-06 12:22 - 2016-02-06 12:22 - 00002265 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-02-06 12:21 - 2016-02-06 12:21 - 00000000 ____D C:\ProgramData\ByteFence
2016-02-06 12:20 - 2016-02-06 21:25 - 00000000 ____D C:\Users\Vista\AppData\Roaming\Nico Mak Computing
2016-02-06 12:20 - 2016-02-06 12:20 - 23052120 _____ C:\Users\Vista\Downloads\VideoPlayerSetup.msi
2016-02-06 12:19 - 2016-02-06 12:23 - 00000000 ____D C:\Users\Vista\AppData\Local\{E920DF7C-CD88-B3C4-A010-962C84786AB4}
2016-02-06 10:05 - 2016-02-06 10:06 - 00000000 ____D C:\ProgramData\Uniblue
2016-02-06 09:15 - 2016-02-06 09:19 - 00000000 _____ C:\Windows\mahu.exe
2016-02-06 08:55 - 2016-02-06 08:55 - 00772016 _____ (Reimage®) C:\Users\Vista\Downloads\ReimageRepair (1).exe
2016-02-06 08:54 - 2016-02-06 09:14 - 00000000 _____ C:\Windows\ahu.exe
2016-02-06 08:54 - 2016-02-06 08:55 - 00772016 _____ (Reimage®) C:\Users\Vista\Downloads\ReimageRepair.exe
2016-02-06 08:34 - 2016-02-06 10:00 - 00000000 ____D C:\Users\Vista\AppData\Local\WebShield
2016-02-06 08:24 - 2016-02-06 10:00 - 00000000 ____D C:\ProgramData\WebShield
2016-02-06 08:23 - 2016-02-06 10:01 - 00000000 ____D C:\Program Files\SunnyDay7
2016-02-06 08:23 - 2016-02-06 08:44 - 00000000 ____D C:\Users\Vista\AppData\LocalLow\mystarttb
2016-02-06 08:23 - 2016-02-06 08:24 - 00000000 ____D C:\Users\Vista\AppData\Local\SunnyDay7
2016-02-06 08:23 - 2016-02-06 08:24 - 00000000 ____D C:\ProgramData\tcTlPAR
2016-02-06 08:23 - 2016-02-06 08:23 - 00000000 ____D C:\ProgramData\6d691afe-5c41-1
2016-02-06 08:23 - 2016-02-06 08:23 - 00000000 ____D C:\ProgramData\6d691afe-0d83-0
2016-02-06 08:22 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files\mystarttb
2016-02-06 08:18 - 2016-02-06 08:18 - 00631808 _____ C:\Windows\ahu.dat
2016-02-06 08:16 - 2016-02-06 08:16 - 00000000 ____D C:\Users\Vista\AppData\Local\com
2016-02-06 08:10 - 2016-02-12 20:23 - 00000000 ____D C:\Users\Vista\AppData\Local\mixvideoplayer
2016-02-06 08:10 - 2016-02-12 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer
2016-02-06 08:10 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files\MPC Cleaner
2016-02-06 08:10 - 2016-02-06 08:10 - 00000000 ____D C:\Users\Vista\AppData\Local\BrowserWeb
2016-02-06 08:08 - 2016-02-13 08:44 - 00000000 ____D C:\Program Files\MixVideoPlayer
2016-02-06 08:08 - 2016-02-06 10:00 - 00000000 ____D C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RinoReader
2016-02-06 08:08 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files\RinoReader
2016-02-06 08:08 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files\Primary Color
2016-02-06 08:07 - 2016-02-12 20:18 - 00000000 ____D C:\Users\Vista\AppData\Local\Setup Wizard
2016-02-04 18:32 - 2016-02-04 18:32 - 00000000 ____D C:\Users\Vista\Downloads\ludocar-jeu-pc (5)
2016-02-04 18:26 - 2016-02-04 18:43 - 15648170 _____ C:\Users\Vista\Downloads\ludocar-jeu-pc.zip
2016-02-04 11:20 - 2016-02-04 11:20 - 00040542 _____ C:\Users\Vista\Downloads\fiche_1005589290686860977773209805.pdf
2016-02-03 09:40 - 2016-02-03 09:40 - 00011576 _____ C:\Users\Vista\Downloads\USF - Salaire Janvier 2016 - Hugues BEAURIEUX.pdf
2016-01-31 12:50 - 2016-01-31 12:50 - 00170611 _____ C:\Users\Vista\Downloads\NS2 (2015-2016).pdf
2016-01-31 12:49 - 2016-01-31 12:49 - 00034143 _____ C:\Users\Vista\Downloads\OM_0451558Z_15D0458013_8506_01_22-01-2016_15-06-40.pdf
2016-01-31 11:45 - 2016-01-31 11:46 - 00034143 _____ C:\Users\Vista\Downloads\OM_0451558Z_15D0458013_8506_01_22-01-2016_12-36-17.pdf
2016-01-31 11:45 - 2016-01-31 11:46 - 00034143 _____ C:\Users\Vista\Downloads\OM_0451558Z_15D0458013_8506_01_22-01-2016_12-36-17 (2).pdf
2016-01-31 11:45 - 2016-01-31 11:46 - 00034143 _____ C:\Users\Vista\Downloads\OM_0451558Z_15D0458013_8506_01_22-01-2016_12-36-17 (1).pdf
2016-01-28 07:53 - 2016-01-28 07:54 - 00039035 _____ C:\Users\Vista\Downloads\RelevePrestations_27_01_2016.pdf
2016-01-26 08:56 - 2016-01-26 08:56 - 00024630 _____ C:\Users\Vista\Downloads\Attestation_MGEN_Emmanuelle_BEAURIEUX_05011970 (3).pdf
2016-01-26 08:55 - 2016-01-26 08:55 - 00024304 _____ C:\Users\Vista\Downloads\Attestation_MGEN_LOUIS_BEAURIEUX_30041999.pdf
2016-01-21 09:11 - 2016-01-21 09:11 - 00288536 _____ C:\Users\Vista\Downloads\docapost_070540011522690701312013-01-232040966301523831569.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-02-20 10:33 - 2015-08-07 17:12 - 00000000 ____D C:\Users\Vista\AppData\Roaming\Skype
2016-02-20 10:30 - 2014-05-02 09:16 - 00000312 _____ C:\Windows\Tasks\GlaryInitialize.job
2016-02-20 10:29 - 2014-09-13 07:38 - 00000000 ____D C:\Windows\Minidump
2016-02-20 10:29 - 2014-05-03 10:05 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-20 10:29 - 2014-05-03 10:05 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-20 10:29 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-20 10:29 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-20 10:29 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-20 10:10 - 2009-03-03 10:20 - 00722148 _____ C:\Windows\system32\perfh00C.dat
2016-02-20 10:10 - 2009-03-03 10:20 - 00145950 _____ C:\Windows\system32\perfc00C.dat
2016-02-20 10:10 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2016-02-20 10:10 - 2006-11-02 11:33 - 01614504 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-19 13:31 - 2014-07-04 18:27 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-19 13:27 - 2014-05-04 14:14 - 00000000 ____D C:\Users\Vista\AppData\Roaming\systweak
2016-02-18 23:32 - 2006-11-02 14:01 - 00032494 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-18 14:01 - 2014-05-03 10:06 - 00002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-18 14:01 - 2014-05-03 10:06 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-15 17:15 - 2014-05-02 09:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-15 17:06 - 2014-09-09 19:04 - 00000000 ____D C:\Users\Vista\AppData\Local\Adobe
2016-02-13 08:43 - 2014-10-02 20:02 - 00006836 _____ C:\Users\Vista\AppData\Local\d3d9caps.dat
2016-02-13 05:26 - 2014-04-30 14:51 - 00000908 _____ C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-13 05:26 - 2014-04-30 14:51 - 00000879 _____ C:\Users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2016-02-12 20:25 - 2015-08-08 10:46 - 00000000 ____D C:\Users\Vista\AppData\Roaming\DVDVideoSoft
2016-02-12 16:24 - 2014-05-02 09:12 - 00221240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-12 16:23 - 2015-08-06 08:00 - 00171608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-02-12 16:23 - 2014-05-07 13:38 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00812720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00447848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00067088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-02-12 16:23 - 2014-05-02 09:12 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-11 07:36 - 2014-04-30 14:49 - 00000000 ____D C:\Users\Vista
2016-02-11 04:32 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2016-02-11 04:11 - 2006-11-02 13:47 - 00352192 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 04:08 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-11 04:08 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-02-11 03:42 - 2014-05-02 10:19 - 00000000 ____D C:\Windows\system32\MRT
2016-02-11 03:15 - 2006-11-02 11:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-02-06 12:20 - 2014-05-04 07:51 - 00000290 __RSH C:\ProgramData\ntuser.pol
2016-02-02 16:16 - 2014-04-30 14:50 - 00000000 ____D C:\Program Files\Google
2016-02-02 15:50 - 2009-03-03 03:00 - 00000000 ____D C:\ProgramData\Adobe
2016-02-02 15:50 - 2009-03-03 02:19 - 00000000 ____D C:\ProgramData\McAfee
2016-02-02 15:50 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-01-31 15:55 - 2015-03-08 20:35 - 00111566 _____ C:\Users\Vista\Documents\CV Clément.odt
==================== Fichiers à la racine de certains dossiers =======
2015-12-05 09:30 - 2015-12-05 09:30 - 6420480 _____ () C:\Program Files\GUT10B6.tmp
2016-02-13 08:48 - 2016-02-13 08:48 - 0001231 _____ () C:\Users\Vista\AppData\Roaming\Bubble Dock.boostrap.log
2014-10-06 19:10 - 2014-11-13 00:22 - 0000133 _____ () C:\Users\Vista\AppData\Roaming\WB.CFG
2016-02-13 08:48 - 2016-02-13 08:48 - 0000097 _____ () C:\Users\Vista\AppData\Roaming\WindApp.boostrap.log
2014-05-04 13:59 - 2014-05-04 13:59 - 0000000 _____ () C:\Users\Vista\AppData\Roaming\wklnhst.dat
2014-10-02 20:02 - 2016-02-13 08:43 - 0006836 _____ () C:\Users\Vista\AppData\Local\d3d9caps.dat
2015-09-29 17:51 - 2015-09-29 17:54 - 0018432 _____ () C:\Users\Vista\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-11 07:32 - 2014-10-11 07:32 - 0000010 _____ () C:\Users\Vista\AppData\Local\DSI.DAT
2014-04-30 14:59 - 2014-04-30 16:17 - 0008156 _____ () C:\Users\Vista\AppData\Local\MyWinLockerInstaller.txt-20140430.log
2009-03-03 03:00 - 2014-04-30 15:03 - 0004533 _____ () C:\ProgramData\ArcadeDeluxe2.log
2016-02-13 08:18 - 2016-02-19 13:22 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Certains fichiers dans TEMP:
====================
C:\Users\Vista\AppData\Local\Temp\2884.tmp.exe
C:\Users\Vista\AppData\Local\Temp\3EC3.tmp.exe
C:\Users\Vista\AppData\Local\Temp\650D.tmp.exe
C:\Users\Vista\AppData\Local\Temp\752A.tmp.exe
C:\Users\Vista\AppData\Local\Temp\825A.tmp.exe
C:\Users\Vista\AppData\Local\Temp\9799.tmp.exe
C:\Users\Vista\AppData\Local\Temp\9D7C.tmp.exe
C:\Users\Vista\AppData\Local\Temp\AB1D.tmp.exe
C:\Users\Vista\AppData\Local\Temp\D29.tmp.exe
C:\Users\Vista\AppData\Local\Temp\D98E.tmp.exe
C:\Users\Vista\AppData\Local\Temp\E25.tmp.exe
C:\Users\Vista\AppData\Local\Temp\EDDA.tmp.exe
C:\Users\Vista\AppData\Local\Temp\FB30.tmp.exe
C:\Users\Vista\AppData\Local\Temp\fsd6670.exe
C:\Users\Vista\AppData\Local\Temp\fsd7657.exe
C:\Users\Vista\AppData\Local\Temp\ICReinstall_825A.tmp.exe
C:\Users\Vista\AppData\Local\Temp\ICReinstall_D29.tmp.exe
C:\Users\Vista\AppData\Local\Temp\RtkBtMnt.exe
Certains de taille zéro octet fichiers/dossiers:
==========================
C:\Windows\ahu.exe
C:\Windows\mahu.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-02-20 10:35
==================== Fin de FRST.txt ============================