Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Exécuté par Poste1 (administrateur) sur DELL (21-03-2016 19:53:24)
Exécuté depuis D:\Mes documents\Downloads\Programs
Profils chargés: Poste1 (Profils disponibles: Poste1)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: French (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
(LULU software) C:\Program Files\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO Service.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10.exe
() C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(Realtek) C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
() C:\Program Files\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO Alert.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxcrnmh.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1918176 2015-02-28] (Bitdefender)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [273528 2011-12-18] (RealNetworks, Inc.)
HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [288040 2010-04-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [CHROME~1] => wscript.exe //B "C:\Users\Poste1\AppData\Roaming\CHROME~1.VBS"
HKLM\...\Policies\Explorer\Run: [Java Update] => C:\Users\Poste1\AppData\Roaming\Java\svhost.exe [32072 2010-11-20] (Microsoft Corporation)
HKLM\...\Policies\Explorer\Run: [Updates] => C:\system32\SystemProtection.exe [141824 2013-10-12] (Microsoft Corporation)
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [482392 2015-02-28] (Bitdefender)
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [901608 2014-08-15] (Bitdefender)
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [615256 2014-08-16] (Bitdefender)
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3837520 2014-06-05] (Tonec Inc.)
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Run: [CHROME~1] => wscript.exe //B "C:\Users\Poste1\AppData\Roaming\CHROME~1.VBS"
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {8c9c1a2e-9663-11e3-8203-001644a5b872} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {906d19a7-e71a-11e1-9803-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {906d19b4-e71a-11e1-9803-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {92ef67f8-f21a-11e1-98a0-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {92ef6814-f21a-11e1-98a0-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {ba8490ca-0812-11e2-8222-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {ba849118-0812-11e2-8222-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [482392 2015-02-28] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [901608 2014-08-15] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [615256 2014-08-16] (Bitdefender)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2014-06-23]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D40D485-20BC-4B4C-A097-F449CAEF08A3}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4CC8C7EA-97D8-4135-A83C-1F55377B1117}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{63B1A954-609D-442B-8502-2012D2102626}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{6B107E0C-0748-4366-BC94-4A8B691C5ECA}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{988D061D-CE00-40D4-90EA-149BABA7A20F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AA7E50A3-384A-4EF2-84DC-C27FF402E7F3}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{FDAB7901-A25C-4A4A-BE02-53F402B0A2CB}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://search.conduit.com?SearchSource=10&ctid=CT2481032&SSPV=IESB10
URLSearchHook: HKLM - (Pas de nom) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - Pas de fichier
URLSearchHook: HKLM - Ashampoo_US Toolbar - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Users\Poste1\AppData\LocalLow\CT2481032\ldrtbAsha.dll ()
URLSearchHook: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 - (Pas de nom) - {04b84c46-5abb-476b-a7d7-40435d9ae611} - Pas de fichier
URLSearchHook: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 - Ashampoo_US Toolbar - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Users\Poste1\AppData\LocalLow\CT2481032\ldrtbAsha.dll ()
SearchScopes: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> DefaultScope {767396E4-A850-4AE2-8450-8B9404188263} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481032&SSPV=IESB10
SearchScopes: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> {767396E4-A850-4AE2-8450-8B9404188263} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481032&SSPV=IESB10
SearchScopes: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> {E4E012DC-1925-48E9-8010-2D195574642A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-06-05] (Internet Download Manager, Tonec Inc.)
BHO: Pas de nom -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> Pas de fichier
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO: Ashampoo_US Toolbar -> {124d001a-bdcb-472f-aa59-bbe7e4bc3204} -> C:\Users\Poste1\AppData\LocalLow\CT2481032\ldrtbAsha.dll [2012-10-15] ()
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll [2014-08-16] (Bitdefender)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-18] (RealPlayer)
BHO: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO: Pas de nom -> {8984B388-A5BB-4DF7-B274-77B879E179DB} -> Pas de fichier
BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Babylon IE plugin -> {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} -> Pas de fichier
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
BHO: Improved search toolbar -> {E4E012DC-1925-48E9-8010-2D195574642A} -> Pas de fichier
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - Pas de fichier
Toolbar: HKLM - Ashampoo_US Toolbar - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Users\Poste1\AppData\LocalLow\CT2481032\ldrtbAsha.dll [2012-10-15] ()
Toolbar: HKLM - Improved search toolbar - {E4E012DC-1925-48E9-8010-2D195574642A} - Pas de fichier
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {09900DE8-1DCA-443F-9243-26FF581438AF} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {D4027C7F-154A-4066-A1AD-4243D8127440} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {C34BFB11-EFF0-4123-A7A5-79051EF24CF5} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {04B84C46-5ABB-476B-A7D7-40435D9AE611} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Ashampoo_US Toolbar - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - C:\Users\Poste1\AppData\LocalLow\CT2481032\ldrtbAsha.dll [2012-10-15] ()
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Improved search toolbar - {E4E012DC-1925-48E9-8010-2D195574642A} - Pas de fichier
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
FireFox:
========
FF ProfilePath: C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User
FF DefaultSearchEngine: Search the web (Babylon)
FF DefaultSearchUrl: hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF SearchEngineOrder.1: Search the web (Babylon)
FF SelectedSearchEngine: Search the web (Babylon)
FF Homepage: hxxp://search.babylon.com/home
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Pro 10\npnitromozilla.dll [2015-05-06] (Nitro PDF)
FF Plugin: @real.com/nppl3260;version=12.0.1.666 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2011-12-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.666 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2011-12-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.666 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-12-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.666 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-12-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.666 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2011-12-18] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1655880554-1590236670-1070646973-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Poste1\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1655880554-1590236670-1070646973-1000: facebook.com/fbDesktopPlugin -> C:\Users\Poste1\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.)
FF Extension: Platinum Hide IP - C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User\extensions\support@platinumhideip.com.xpi [2011-09-14] [non signé]
FF Extension: I Want This - C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User\extensions\crossriderapp2258@crossrider.com [2012-06-07] [non signé]
FF Extension: HotSpot International Community Toolbar - C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User\extensions\{0002ee26-8c11-49eb-9cdf-56eeffef664f} [2012-06-07] [non signé]
FF Extension: myBabylon EnglishBB Community Toolbar - C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} [2012-06-07] [non signé]
FF Extension: Conduit Engine - C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User\Extensions\engine@conduit.com [2011-09-15] [non signé]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-09-08] [non signé]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-12-18] [non signé]
FF HKLM\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\ffpwdman [2016-01-17]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-02-24] [non signé]
FF HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Poste1\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Poste1\AppData\Roaming\IDM\idmmzcc5 [2014-06-10] [non signé]
FF HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Poste1\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR Session Restore: Default -> est activé.
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\49.0.2623.87\ppGoogleNaClPluginChrome.dll => Pas de fichier
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\49.0.2623.87\pdf.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\49.0.2623.87\gcswf32.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll => Pas de fichier
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Pas de fichier
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll => Pas de fichier
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll => Pas de fichier
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Facebook Desktop) - C:\Users\Poste1\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => Pas de fichier
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Poste1\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Profile: C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bitdefender Wallet) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2015-03-21]
CHR Extension: (20-20 3D Viewer for Virtual Studio) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbhljkhbideandpbhpinhedfgdhkpdc [2014-03-13]
CHR Extension: (Social Fixer for Facebook) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2015-03-21]
CHR Extension: (Store) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-06-10]
CHR Extension: (Store) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-18]
CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\pmbxcr.crx [2015-02-28]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] -
CHR HKLM\...\Chrome\Extension: [jdncmkimkailkhilodjfpbcdaiikbfbo] -
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2014-06-04]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-12-18]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [69880 2014-08-15] (Bitdefender)
R2 FIXIO Service; C:\Program Files\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO Service.exe [191600 2010-09-22] (LULU software) [Fichier non signé]
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2014-03-14] (Flexera Software LLC)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Fichier non signé]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Fichier non signé]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Fichier non signé]
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [Fichier non signé]
R2 NitroDriverReadSpool; C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [188736 2009-12-16] (Nitro PDF Software)
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10.exe [279704 2015-05-06] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [400536 2015-05-06] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [Fichier non signé]
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [185632 2009-11-26] (Ralink Technology, Corp.)
R2 Realtek87B; C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [Fichier non signé]
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2449624 2015-08-04] (AVG Technologies)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [54424 2014-08-15] (Bitdefender)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1302784 2015-02-28] (Bitdefender)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1073160 2015-02-28] (BitDefender)
S3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [528248 2014-08-14] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77632 2015-02-28] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [90704 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [108008 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-11-04] (BitDefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC)
S1 eusk2par; C:\Windows\system32\Drivers\eusk2par.sys [24786 2004-11-18] (EUTRON) [Fichier non signé]
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-08-23] (BitDefender LLC)
S3 hspa_zi_cdc_acm; C:\Windows\System32\DRIVERS\hspa_zi_cdc_acm.sys [67968 2012-02-14] (HSPA) [Fichier non signé]
S3 hspa_zi_cdc_ecm; C:\Windows\System32\DRIVERS\hspa_zi_cdc_ecm.sys [52224 2012-02-14] (HSPA) [Fichier non signé]
S3 hspa_zi_ecm_enum; C:\Windows\System32\DRIVERS\hspa_zi_ecm_enum.sys [47488 2012-02-14] (HSPA) [Fichier non signé]
S3 hspa_zi_ecm_enum_filter; C:\Windows\System32\DRIVERS\hspa_zi_ecm_enum_filter.sys [47488 2012-02-14] (HSPA) [Fichier non signé]
S3 hspa_zi_wcpo; C:\Windows\System32\DRIVERS\hspa_zi_wcpo.sys [9344 2012-02-14] (HSPA) [Fichier non signé]
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [35560 2012-08-01] (AnchorFree Inc.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [827904 2009-11-26] (Ralink Technology Corp.)
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [408280 2015-02-28] (BitDefender S.R.L.)
S3 ewusbmbb; pas de ImagePath
S3 ew_hwusbdev; pas de ImagePath
S3 ew_usbenumfilter; pas de ImagePath
S3 flpydisk; pas de ImagePath
S3 huawei_enumerator; pas de ImagePath
S3 hwdatacard; pas de ImagePath
S3 TuneUpUtilitiesDrv; pas de ImagePath
S3 VGPU; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-03-21 19:52 - 2016-03-21 19:53 - 00000000 ____D C:\FRST
2016-03-19 13:30 - 2016-03-20 01:13 - 00000000 ____D C:\Users\Poste1\Desktop\entertainment
2016-03-13 11:43 - 2016-03-20 10:13 - 00000000 ____D C:\Users\Poste1\Desktop\let's keep fit
2016-03-12 21:55 - 2016-03-12 21:55 - 11035328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2016-03-09 18:55 - 2016-03-19 01:40 - 00000000 ____D C:\Users\Poste1\Desktop\you must be careful
2016-03-08 16:23 - 2016-03-20 10:12 - 00000000 ____D C:\Users\Poste1\Desktop\what`s the matter
2016-03-06 22:54 - 2016-03-20 10:12 - 00000000 ____D C:\Users\Poste1\Desktop\transport
2016-03-03 21:41 - 2016-03-04 19:10 - 00000000 __SHD C:\system32
2016-03-03 21:41 - 2016-03-04 19:10 - 00000000 __SHD C:\Kernel
2016-03-03 21:41 - 2016-03-04 13:39 - 00000956 ____R C:\Users\Photos.lnk
2016-03-02 10:32 - 2016-03-02 11:36 - 00000000 ____D C:\Users\Poste1\Desktop\body parts
2016-02-28 17:51 - 2016-03-11 17:39 - 00000000 ____D C:\Users\Poste1\Desktop\28-02-2016
2016-02-28 11:41 - 2016-03-17 13:33 - 00000000 ____D C:\Users\Poste1\Desktop\happy birthday
2016-02-28 10:20 - 2016-03-11 17:29 - 00000000 ____D C:\Users\Poste1\Desktop\module 4
2016-02-28 10:11 - 2016-03-04 15:23 - 00000000 ____D C:\Users\Poste1\Desktop\zouhour flash drive
2016-02-26 22:17 - 2016-03-12 21:51 - 00000000 ____D C:\Users\Poste1\Desktop\tourism and transport
2016-02-24 16:01 - 2016-03-04 16:39 - 00000000 ____D C:\Users\Poste1\Desktop\clothes
2016-02-22 18:06 - 2016-03-04 21:06 - 00000000 ____D C:\Users\Poste1\Desktop\22-2-2016
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-03-21 19:52 - 2014-05-21 21:46 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\IDM
2016-03-21 19:50 - 2012-03-30 20:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-21 19:47 - 2014-03-27 18:00 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf49dee745e12.job
2016-03-21 19:47 - 2013-06-02 00:35 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce5f20a758c21f.job
2016-03-21 19:47 - 2012-10-07 10:33 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-03-21 19:47 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-21 19:35 - 2014-03-27 18:00 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf49de1a15fc3c.job
2016-03-21 19:32 - 2009-07-14 05:34 - 00023904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-21 19:32 - 2009-07-14 05:34 - 00023904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-21 19:28 - 2013-06-02 00:35 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce5f20a8550021.job
2016-03-20 10:19 - 2014-03-21 10:44 - 00174868 _____ C:\bdlog.txt
2016-03-20 10:19 - 2011-03-26 07:45 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\DMCache
2016-03-20 10:17 - 2013-10-08 23:30 - 00000000 ____D C:\Users\Poste1\Desktop\powerpoint templates
2016-03-20 10:01 - 2015-10-12 17:41 - 00000258 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2016-03-20 01:08 - 2013-04-28 22:50 - 00000000 ____D C:\Users\Poste1\Desktop\communication
2016-03-20 00:46 - 2011-07-21 01:38 - 00041984 _____ C:\Users\Poste1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-20 00:12 - 2012-02-27 18:37 - 11548160 ___SH C:\Users\Poste1\Thumbs.db
2016-03-19 23:15 - 2011-11-10 21:19 - 00000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1655880554-1590236670-1070646973-1000UA.job
2016-03-19 23:11 - 2016-02-04 00:15 - 00000000 ____D C:\Users\Poste1\Desktop\books
2016-03-19 22:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2016-03-19 12:31 - 2011-10-02 21:42 - 00002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-19 12:31 - 2011-10-02 21:42 - 00002087 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-19 01:04 - 2014-02-18 19:12 - 00000000 ____D C:\Users\Poste1\AppData\Local\CrashDumps
2016-03-19 00:22 - 2011-03-25 19:42 - 00000000 ____D C:\Users\Poste1
2016-03-17 23:28 - 2015-10-12 17:40 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\HpUpdate
2016-03-17 23:12 - 2011-10-14 12:14 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\Media Player Classic
2016-03-12 21:55 - 2012-03-30 20:08 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-03-12 21:55 - 2011-07-19 18:38 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-12 20:15 - 2011-11-10 21:19 - 00000908 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1655880554-1590236670-1070646973-1000Core.job
2016-03-11 21:26 - 2012-12-10 21:25 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\Nitro
2016-03-11 17:36 - 2016-02-19 23:16 - 00000000 ____D C:\Users\Poste1\Desktop\internet shopping
2016-03-11 11:53 - 2011-10-15 10:53 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2016-03-10 22:48 - 2016-02-17 10:50 - 00000000 ____D C:\Users\Poste1\Desktop\at the airport
2016-03-09 19:01 - 2016-02-05 14:50 - 00000000 ____D C:\Users\Poste1\Desktop\let everyday be an eath day
2016-03-09 19:01 - 2016-02-03 22:48 - 00000000 ____D C:\Users\Poste1\Desktop\save the earth
2016-03-09 18:59 - 2013-01-04 19:35 - 00000000 ____D C:\Users\Poste1\Desktop\time for lunch
2016-03-09 18:57 - 2015-10-15 15:37 - 00000000 ____D C:\Users\Poste1\Desktop\DCIM
2016-03-08 15:52 - 2016-01-27 22:11 - 00000000 ____D C:\Users\Poste1\Desktop\Aly`s house
2016-03-04 22:11 - 2016-02-19 23:57 - 00000000 ____D C:\Users\Poste1\Desktop\lesson plans
2016-03-04 20:48 - 2011-09-03 20:35 - 03940798 _____ C:\Windows\system32\perfh001.dat
2016-03-04 20:48 - 2011-09-03 20:35 - 01254458 _____ C:\Windows\system32\perfc001.dat
2016-03-04 20:48 - 2011-01-26 11:03 - 04207036 _____ C:\Windows\system32\perfh00C.dat
2016-03-04 20:48 - 2011-01-26 11:03 - 01308960 _____ C:\Windows\system32\perfc00C.dat
2016-03-04 20:48 - 2010-11-20 22:01 - 00006314 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-03 23:09 - 2014-03-21 01:01 - 00253404 ____H C:\bdr-ld01
2016-03-03 23:09 - 2014-03-21 01:01 - 00009216 ____H C:\bdr-ld01.mbr
2016-03-03 23:09 - 2014-03-21 00:29 - 00000307 ____H C:\bdr-cf01
2016-03-03 22:19 - 2016-02-18 14:46 - 00000000 ____D C:\Users\Poste1\Desktop\market day
2016-03-03 21:41 - 2011-03-25 20:15 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\Skype
2016-03-01 20:08 - 2015-11-15 22:19 - 00000000 ____D C:\Users\Poste1\Desktop\sandisk drive
2016-03-01 20:03 - 2012-06-29 12:57 - 00000000 ____D C:\Program Files\AllMedia Grabber
2016-02-28 16:24 - 2015-12-02 20:58 - 00000000 ____D C:\Users\Poste1\Desktop\7 TH FORM LISTENING
2016-02-26 12:05 - 2012-06-20 12:23 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\vlc
2016-02-24 14:01 - 2016-02-03 22:47 - 00000000 ____D C:\Users\Poste1\Desktop\uncle Hedy`s farm
==================== Fichiers à la racine de certains dossiers =======
2014-06-10 03:44 - 2014-06-10 03:44 - 0001708 _____ () C:\Program Files\Internet Download Manager.pem
2011-10-15 10:53 - 2013-03-30 23:11 - 0000268 ___RH () C:\Users\Poste1\AppData\Roaming\Distortion
2011-10-15 10:53 - 2013-03-30 23:11 - 0000268 ___RH () C:\Users\Poste1\AppData\Roaming\Documentation
2013-03-30 23:11 - 2013-03-30 23:11 - 0000268 ___RH () C:\Users\Poste1\AppData\Roaming\Documents
2012-04-18 21:54 - 2012-04-24 21:34 - 0087608 _____ () C:\Users\Poste1\AppData\Roaming\inst.exe
2012-04-18 21:54 - 2012-04-24 21:34 - 0007887 _____ () C:\Users\Poste1\AppData\Roaming\pcouffin.cat
2012-04-18 21:54 - 2012-04-24 21:34 - 0001144 _____ () C:\Users\Poste1\AppData\Roaming\pcouffin.inf
2012-04-18 21:54 - 2012-04-24 21:34 - 0047360 _____ (VSO Software) C:\Users\Poste1\AppData\Roaming\pcouffin.sys
2013-01-27 21:13 - 2013-01-27 21:13 - 0005327 _____ () C:\Users\Poste1\AppData\Roaming\source.dll
2012-04-18 21:56 - 2012-04-19 14:10 - 0001041 _____ () C:\Users\Poste1\AppData\Roaming\vso_ts_preview.xml
2012-10-15 12:47 - 2013-08-18 11:13 - 0010866 _____ () C:\Users\Poste1\AppData\Roaming\website.dll
2011-05-27 18:16 - 2011-05-27 18:16 - 0000000 _____ () C:\Users\Poste1\AppData\Local\AtStart.txt
2011-07-21 01:38 - 2016-03-20 00:46 - 0041984 _____ () C:\Users\Poste1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-27 18:16 - 2011-05-27 18:16 - 0000000 _____ () C:\Users\Poste1\AppData\Local\DSwitch.txt
2011-05-27 18:16 - 2011-05-27 18:16 - 0000000 _____ () C:\Users\Poste1\AppData\Local\QSwitch.txt
2012-01-29 15:17 - 2012-02-09 12:42 - 0271737 _____ () C:\Users\Poste1\AppData\Local\rtmpdump.exe
2011-12-20 17:07 - 2011-12-20 17:07 - 0000000 _____ () C:\Users\Poste1\AppData\Local\{54B2C290-7EF6-4524-A044-A5429B14ECD9}
2014-03-21 00:20 - 2014-03-21 00:20 - 0000000 _____ () C:\ProgramData\1395357569.3200.bin
2014-03-21 00:30 - 2014-03-21 00:30 - 2171803 _____ () C:\ProgramData\1395357569.bdinstall.bin
2015-10-12 17:32 - 2015-10-12 17:32 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-04-16 10:33 - 2012-04-16 10:33 - 0000000 _____ () C:\ProgramData\Distortion
2013-03-30 23:11 - 2013-03-30 23:11 - 0000268 ___RH () C:\ProgramData\Drums
2013-03-30 23:11 - 2013-03-30 23:11 - 0000268 ___RH () C:\ProgramData\Dynamic Library
2013-03-30 23:11 - 2013-03-30 23:11 - 0000268 ___RH () C:\ProgramData\Echo
2014-03-14 22:36 - 2014-03-14 22:36 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2011-10-15 10:53 - 2013-03-30 23:11 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2011-10-15 10:53 - 2016-03-11 11:53 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2011-10-15 10:53 - 2013-03-30 23:11 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\C__Program Files_PlatinumHideIP_Cracked-casper03_PlatinumHideIP.exe
C:\ProgramData\C__Users_Poste1_AppData_Local_Temp_Rar$EX00.021_Platinum.Hide.IP.v3.1.1.6.Cracked-casper03_Cracked-casper03_PlatinumHideIP.exe
C:\ProgramData\C__Users_Poste1_AppData_Local_Temp_Rar$EX13.704_Platinum.Hide.IP.v3.1.1.6.Cracked-casper03_Cracked-casper03_PlatinumHideIP.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-03-19 05:29
==================== Fin de FRST.txt ============================
Exécuté par Poste1 (administrateur) sur DELL (21-03-2016 19:53:24)
Exécuté depuis D:\Mes documents\Downloads\Programs
Profils chargés: Poste1 (Profils disponibles: Poste1)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: French (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
(LULU software) C:\Program Files\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO Service.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10.exe
() C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(Realtek) C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
() C:\Program Files\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO Alert.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxcrnmh.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1918176 2015-02-28] (Bitdefender)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [273528 2011-12-18] (RealNetworks, Inc.)
HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [288040 2010-04-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [CHROME~1] => wscript.exe //B "C:\Users\Poste1\AppData\Roaming\CHROME~1.VBS"
HKLM\...\Policies\Explorer\Run: [Java Update] => C:\Users\Poste1\AppData\Roaming\Java\svhost.exe [32072 2010-11-20] (Microsoft Corporation)
HKLM\...\Policies\Explorer\Run: [Updates] => C:\system32\SystemProtection.exe [141824 2013-10-12] (Microsoft Corporation)
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [482392 2015-02-28] (Bitdefender)
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [901608 2014-08-15] (Bitdefender)
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [615256 2014-08-16] (Bitdefender)
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3837520 2014-06-05] (Tonec Inc.)
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Run: [CHROME~1] => wscript.exe //B "C:\Users\Poste1\AppData\Roaming\CHROME~1.VBS"
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {8c9c1a2e-9663-11e3-8203-001644a5b872} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {906d19a7-e71a-11e1-9803-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {906d19b4-e71a-11e1-9803-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {92ef67f8-f21a-11e1-98a0-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {92ef6814-f21a-11e1-98a0-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {ba8490ca-0812-11e2-8222-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\MountPoints2: {ba849118-0812-11e2-8222-001e4ce5ce15} - G:\AutoRun.exe
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [482392 2015-02-28] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [901608 2014-08-15] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [615256 2014-08-16] (Bitdefender)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2014-06-23]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D40D485-20BC-4B4C-A097-F449CAEF08A3}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4CC8C7EA-97D8-4135-A83C-1F55377B1117}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{63B1A954-609D-442B-8502-2012D2102626}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{6B107E0C-0748-4366-BC94-4A8B691C5ECA}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{988D061D-CE00-40D4-90EA-149BABA7A20F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AA7E50A3-384A-4EF2-84DC-C27FF402E7F3}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{FDAB7901-A25C-4A4A-BE02-53F402B0A2CB}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://search.conduit.com?SearchSource=10&ctid=CT2481032&SSPV=IESB10
URLSearchHook: HKLM - (Pas de nom) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - Pas de fichier
URLSearchHook: HKLM - Ashampoo_US Toolbar - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Users\Poste1\AppData\LocalLow\CT2481032\ldrtbAsha.dll ()
URLSearchHook: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 - (Pas de nom) - {04b84c46-5abb-476b-a7d7-40435d9ae611} - Pas de fichier
URLSearchHook: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 - Ashampoo_US Toolbar - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Users\Poste1\AppData\LocalLow\CT2481032\ldrtbAsha.dll ()
SearchScopes: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> DefaultScope {767396E4-A850-4AE2-8450-8B9404188263} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481032&SSPV=IESB10
SearchScopes: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> {767396E4-A850-4AE2-8450-8B9404188263} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481032&SSPV=IESB10
SearchScopes: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> {E4E012DC-1925-48E9-8010-2D195574642A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-06-05] (Internet Download Manager, Tonec Inc.)
BHO: Pas de nom -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> Pas de fichier
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO: Ashampoo_US Toolbar -> {124d001a-bdcb-472f-aa59-bbe7e4bc3204} -> C:\Users\Poste1\AppData\LocalLow\CT2481032\ldrtbAsha.dll [2012-10-15] ()
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll [2014-08-16] (Bitdefender)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-18] (RealPlayer)
BHO: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO: Pas de nom -> {8984B388-A5BB-4DF7-B274-77B879E179DB} -> Pas de fichier
BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Babylon IE plugin -> {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} -> Pas de fichier
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
BHO: Improved search toolbar -> {E4E012DC-1925-48E9-8010-2D195574642A} -> Pas de fichier
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - Pas de fichier
Toolbar: HKLM - Ashampoo_US Toolbar - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Users\Poste1\AppData\LocalLow\CT2481032\ldrtbAsha.dll [2012-10-15] ()
Toolbar: HKLM - Improved search toolbar - {E4E012DC-1925-48E9-8010-2D195574642A} - Pas de fichier
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {09900DE8-1DCA-443F-9243-26FF581438AF} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {D4027C7F-154A-4066-A1AD-4243D8127440} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {C34BFB11-EFF0-4123-A7A5-79051EF24CF5} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Pas de nom - {04B84C46-5ABB-476B-A7D7-40435D9AE611} - Pas de fichier
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Ashampoo_US Toolbar - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - C:\Users\Poste1\AppData\LocalLow\CT2481032\ldrtbAsha.dll [2012-10-15] ()
Toolbar: HKU\S-1-5-21-1655880554-1590236670-1070646973-1000 -> Improved search toolbar - {E4E012DC-1925-48E9-8010-2D195574642A} - Pas de fichier
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
FireFox:
========
FF ProfilePath: C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User
FF DefaultSearchEngine: Search the web (Babylon)
FF DefaultSearchUrl: hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF SearchEngineOrder.1: Search the web (Babylon)
FF SelectedSearchEngine: Search the web (Babylon)
FF Homepage: hxxp://search.babylon.com/home
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Pro 10\npnitromozilla.dll [2015-05-06] (Nitro PDF)
FF Plugin: @real.com/nppl3260;version=12.0.1.666 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2011-12-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.666 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2011-12-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.666 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-12-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.666 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-12-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.666 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2011-12-18] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1655880554-1590236670-1070646973-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Poste1\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1655880554-1590236670-1070646973-1000: facebook.com/fbDesktopPlugin -> C:\Users\Poste1\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.)
FF Extension: Platinum Hide IP - C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User\extensions\support@platinumhideip.com.xpi [2011-09-14] [non signé]
FF Extension: I Want This - C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User\extensions\crossriderapp2258@crossrider.com [2012-06-07] [non signé]
FF Extension: HotSpot International Community Toolbar - C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User\extensions\{0002ee26-8c11-49eb-9cdf-56eeffef664f} [2012-06-07] [non signé]
FF Extension: myBabylon EnglishBB Community Toolbar - C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} [2012-06-07] [non signé]
FF Extension: Conduit Engine - C:\Users\Poste1\AppData\Roaming\Mozilla\Profiles\p9cnla6c.Default User\Extensions\engine@conduit.com [2011-09-15] [non signé]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-09-08] [non signé]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-12-18] [non signé]
FF HKLM\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\ffpwdman [2016-01-17]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-02-24] [non signé]
FF HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Poste1\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Poste1\AppData\Roaming\IDM\idmmzcc5 [2014-06-10] [non signé]
FF HKU\S-1-5-21-1655880554-1590236670-1070646973-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Poste1\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR Session Restore: Default -> est activé.
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\49.0.2623.87\ppGoogleNaClPluginChrome.dll => Pas de fichier
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\49.0.2623.87\pdf.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\49.0.2623.87\gcswf32.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll => Pas de fichier
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Pas de fichier
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll => Pas de fichier
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll => Pas de fichier
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Facebook Desktop) - C:\Users\Poste1\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => Pas de fichier
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Poste1\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Profile: C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bitdefender Wallet) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2015-03-21]
CHR Extension: (20-20 3D Viewer for Virtual Studio) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbhljkhbideandpbhpinhedfgdhkpdc [2014-03-13]
CHR Extension: (Social Fixer for Facebook) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2015-03-21]
CHR Extension: (Store) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-06-10]
CHR Extension: (Store) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-18]
CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\pmbxcr.crx [2015-02-28]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] -
CHR HKLM\...\Chrome\Extension: [jdncmkimkailkhilodjfpbcdaiikbfbo] -
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2014-06-04]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-12-18]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [69880 2014-08-15] (Bitdefender)
R2 FIXIO Service; C:\Program Files\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO Service.exe [191600 2010-09-22] (LULU software) [Fichier non signé]
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2014-03-14] (Flexera Software LLC)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Fichier non signé]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Fichier non signé]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Fichier non signé]
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [Fichier non signé]
R2 NitroDriverReadSpool; C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [188736 2009-12-16] (Nitro PDF Software)
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10.exe [279704 2015-05-06] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [400536 2015-05-06] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [Fichier non signé]
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [185632 2009-11-26] (Ralink Technology, Corp.)
R2 Realtek87B; C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [Fichier non signé]
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2449624 2015-08-04] (AVG Technologies)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [54424 2014-08-15] (Bitdefender)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1302784 2015-02-28] (Bitdefender)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1073160 2015-02-28] (BitDefender)
S3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [528248 2014-08-14] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77632 2015-02-28] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [90704 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [108008 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-11-04] (BitDefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC)
S1 eusk2par; C:\Windows\system32\Drivers\eusk2par.sys [24786 2004-11-18] (EUTRON) [Fichier non signé]
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-08-23] (BitDefender LLC)
S3 hspa_zi_cdc_acm; C:\Windows\System32\DRIVERS\hspa_zi_cdc_acm.sys [67968 2012-02-14] (HSPA) [Fichier non signé]
S3 hspa_zi_cdc_ecm; C:\Windows\System32\DRIVERS\hspa_zi_cdc_ecm.sys [52224 2012-02-14] (HSPA) [Fichier non signé]
S3 hspa_zi_ecm_enum; C:\Windows\System32\DRIVERS\hspa_zi_ecm_enum.sys [47488 2012-02-14] (HSPA) [Fichier non signé]
S3 hspa_zi_ecm_enum_filter; C:\Windows\System32\DRIVERS\hspa_zi_ecm_enum_filter.sys [47488 2012-02-14] (HSPA) [Fichier non signé]
S3 hspa_zi_wcpo; C:\Windows\System32\DRIVERS\hspa_zi_wcpo.sys [9344 2012-02-14] (HSPA) [Fichier non signé]
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [35560 2012-08-01] (AnchorFree Inc.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [827904 2009-11-26] (Ralink Technology Corp.)
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [408280 2015-02-28] (BitDefender S.R.L.)
S3 ewusbmbb; pas de ImagePath
S3 ew_hwusbdev; pas de ImagePath
S3 ew_usbenumfilter; pas de ImagePath
S3 flpydisk; pas de ImagePath
S3 huawei_enumerator; pas de ImagePath
S3 hwdatacard; pas de ImagePath
S3 TuneUpUtilitiesDrv; pas de ImagePath
S3 VGPU; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-03-21 19:52 - 2016-03-21 19:53 - 00000000 ____D C:\FRST
2016-03-19 13:30 - 2016-03-20 01:13 - 00000000 ____D C:\Users\Poste1\Desktop\entertainment
2016-03-13 11:43 - 2016-03-20 10:13 - 00000000 ____D C:\Users\Poste1\Desktop\let's keep fit
2016-03-12 21:55 - 2016-03-12 21:55 - 11035328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2016-03-09 18:55 - 2016-03-19 01:40 - 00000000 ____D C:\Users\Poste1\Desktop\you must be careful
2016-03-08 16:23 - 2016-03-20 10:12 - 00000000 ____D C:\Users\Poste1\Desktop\what`s the matter
2016-03-06 22:54 - 2016-03-20 10:12 - 00000000 ____D C:\Users\Poste1\Desktop\transport
2016-03-03 21:41 - 2016-03-04 19:10 - 00000000 __SHD C:\system32
2016-03-03 21:41 - 2016-03-04 19:10 - 00000000 __SHD C:\Kernel
2016-03-03 21:41 - 2016-03-04 13:39 - 00000956 ____R C:\Users\Photos.lnk
2016-03-02 10:32 - 2016-03-02 11:36 - 00000000 ____D C:\Users\Poste1\Desktop\body parts
2016-02-28 17:51 - 2016-03-11 17:39 - 00000000 ____D C:\Users\Poste1\Desktop\28-02-2016
2016-02-28 11:41 - 2016-03-17 13:33 - 00000000 ____D C:\Users\Poste1\Desktop\happy birthday
2016-02-28 10:20 - 2016-03-11 17:29 - 00000000 ____D C:\Users\Poste1\Desktop\module 4
2016-02-28 10:11 - 2016-03-04 15:23 - 00000000 ____D C:\Users\Poste1\Desktop\zouhour flash drive
2016-02-26 22:17 - 2016-03-12 21:51 - 00000000 ____D C:\Users\Poste1\Desktop\tourism and transport
2016-02-24 16:01 - 2016-03-04 16:39 - 00000000 ____D C:\Users\Poste1\Desktop\clothes
2016-02-22 18:06 - 2016-03-04 21:06 - 00000000 ____D C:\Users\Poste1\Desktop\22-2-2016
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-03-21 19:52 - 2014-05-21 21:46 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\IDM
2016-03-21 19:50 - 2012-03-30 20:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-21 19:47 - 2014-03-27 18:00 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf49dee745e12.job
2016-03-21 19:47 - 2013-06-02 00:35 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce5f20a758c21f.job
2016-03-21 19:47 - 2012-10-07 10:33 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-03-21 19:47 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-21 19:35 - 2014-03-27 18:00 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf49de1a15fc3c.job
2016-03-21 19:32 - 2009-07-14 05:34 - 00023904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-21 19:32 - 2009-07-14 05:34 - 00023904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-21 19:28 - 2013-06-02 00:35 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce5f20a8550021.job
2016-03-20 10:19 - 2014-03-21 10:44 - 00174868 _____ C:\bdlog.txt
2016-03-20 10:19 - 2011-03-26 07:45 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\DMCache
2016-03-20 10:17 - 2013-10-08 23:30 - 00000000 ____D C:\Users\Poste1\Desktop\powerpoint templates
2016-03-20 10:01 - 2015-10-12 17:41 - 00000258 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2016-03-20 01:08 - 2013-04-28 22:50 - 00000000 ____D C:\Users\Poste1\Desktop\communication
2016-03-20 00:46 - 2011-07-21 01:38 - 00041984 _____ C:\Users\Poste1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-20 00:12 - 2012-02-27 18:37 - 11548160 ___SH C:\Users\Poste1\Thumbs.db
2016-03-19 23:15 - 2011-11-10 21:19 - 00000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1655880554-1590236670-1070646973-1000UA.job
2016-03-19 23:11 - 2016-02-04 00:15 - 00000000 ____D C:\Users\Poste1\Desktop\books
2016-03-19 22:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2016-03-19 12:31 - 2011-10-02 21:42 - 00002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-19 12:31 - 2011-10-02 21:42 - 00002087 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-19 01:04 - 2014-02-18 19:12 - 00000000 ____D C:\Users\Poste1\AppData\Local\CrashDumps
2016-03-19 00:22 - 2011-03-25 19:42 - 00000000 ____D C:\Users\Poste1
2016-03-17 23:28 - 2015-10-12 17:40 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\HpUpdate
2016-03-17 23:12 - 2011-10-14 12:14 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\Media Player Classic
2016-03-12 21:55 - 2012-03-30 20:08 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-03-12 21:55 - 2011-07-19 18:38 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-12 20:15 - 2011-11-10 21:19 - 00000908 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1655880554-1590236670-1070646973-1000Core.job
2016-03-11 21:26 - 2012-12-10 21:25 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\Nitro
2016-03-11 17:36 - 2016-02-19 23:16 - 00000000 ____D C:\Users\Poste1\Desktop\internet shopping
2016-03-11 11:53 - 2011-10-15 10:53 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2016-03-10 22:48 - 2016-02-17 10:50 - 00000000 ____D C:\Users\Poste1\Desktop\at the airport
2016-03-09 19:01 - 2016-02-05 14:50 - 00000000 ____D C:\Users\Poste1\Desktop\let everyday be an eath day
2016-03-09 19:01 - 2016-02-03 22:48 - 00000000 ____D C:\Users\Poste1\Desktop\save the earth
2016-03-09 18:59 - 2013-01-04 19:35 - 00000000 ____D C:\Users\Poste1\Desktop\time for lunch
2016-03-09 18:57 - 2015-10-15 15:37 - 00000000 ____D C:\Users\Poste1\Desktop\DCIM
2016-03-08 15:52 - 2016-01-27 22:11 - 00000000 ____D C:\Users\Poste1\Desktop\Aly`s house
2016-03-04 22:11 - 2016-02-19 23:57 - 00000000 ____D C:\Users\Poste1\Desktop\lesson plans
2016-03-04 20:48 - 2011-09-03 20:35 - 03940798 _____ C:\Windows\system32\perfh001.dat
2016-03-04 20:48 - 2011-09-03 20:35 - 01254458 _____ C:\Windows\system32\perfc001.dat
2016-03-04 20:48 - 2011-01-26 11:03 - 04207036 _____ C:\Windows\system32\perfh00C.dat
2016-03-04 20:48 - 2011-01-26 11:03 - 01308960 _____ C:\Windows\system32\perfc00C.dat
2016-03-04 20:48 - 2010-11-20 22:01 - 00006314 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-03 23:09 - 2014-03-21 01:01 - 00253404 ____H C:\bdr-ld01
2016-03-03 23:09 - 2014-03-21 01:01 - 00009216 ____H C:\bdr-ld01.mbr
2016-03-03 23:09 - 2014-03-21 00:29 - 00000307 ____H C:\bdr-cf01
2016-03-03 22:19 - 2016-02-18 14:46 - 00000000 ____D C:\Users\Poste1\Desktop\market day
2016-03-03 21:41 - 2011-03-25 20:15 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\Skype
2016-03-01 20:08 - 2015-11-15 22:19 - 00000000 ____D C:\Users\Poste1\Desktop\sandisk drive
2016-03-01 20:03 - 2012-06-29 12:57 - 00000000 ____D C:\Program Files\AllMedia Grabber
2016-02-28 16:24 - 2015-12-02 20:58 - 00000000 ____D C:\Users\Poste1\Desktop\7 TH FORM LISTENING
2016-02-26 12:05 - 2012-06-20 12:23 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\vlc
2016-02-24 14:01 - 2016-02-03 22:47 - 00000000 ____D C:\Users\Poste1\Desktop\uncle Hedy`s farm
==================== Fichiers à la racine de certains dossiers =======
2014-06-10 03:44 - 2014-06-10 03:44 - 0001708 _____ () C:\Program Files\Internet Download Manager.pem
2011-10-15 10:53 - 2013-03-30 23:11 - 0000268 ___RH () C:\Users\Poste1\AppData\Roaming\Distortion
2011-10-15 10:53 - 2013-03-30 23:11 - 0000268 ___RH () C:\Users\Poste1\AppData\Roaming\Documentation
2013-03-30 23:11 - 2013-03-30 23:11 - 0000268 ___RH () C:\Users\Poste1\AppData\Roaming\Documents
2012-04-18 21:54 - 2012-04-24 21:34 - 0087608 _____ () C:\Users\Poste1\AppData\Roaming\inst.exe
2012-04-18 21:54 - 2012-04-24 21:34 - 0007887 _____ () C:\Users\Poste1\AppData\Roaming\pcouffin.cat
2012-04-18 21:54 - 2012-04-24 21:34 - 0001144 _____ () C:\Users\Poste1\AppData\Roaming\pcouffin.inf
2012-04-18 21:54 - 2012-04-24 21:34 - 0047360 _____ (VSO Software) C:\Users\Poste1\AppData\Roaming\pcouffin.sys
2013-01-27 21:13 - 2013-01-27 21:13 - 0005327 _____ () C:\Users\Poste1\AppData\Roaming\source.dll
2012-04-18 21:56 - 2012-04-19 14:10 - 0001041 _____ () C:\Users\Poste1\AppData\Roaming\vso_ts_preview.xml
2012-10-15 12:47 - 2013-08-18 11:13 - 0010866 _____ () C:\Users\Poste1\AppData\Roaming\website.dll
2011-05-27 18:16 - 2011-05-27 18:16 - 0000000 _____ () C:\Users\Poste1\AppData\Local\AtStart.txt
2011-07-21 01:38 - 2016-03-20 00:46 - 0041984 _____ () C:\Users\Poste1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-27 18:16 - 2011-05-27 18:16 - 0000000 _____ () C:\Users\Poste1\AppData\Local\DSwitch.txt
2011-05-27 18:16 - 2011-05-27 18:16 - 0000000 _____ () C:\Users\Poste1\AppData\Local\QSwitch.txt
2012-01-29 15:17 - 2012-02-09 12:42 - 0271737 _____ () C:\Users\Poste1\AppData\Local\rtmpdump.exe
2011-12-20 17:07 - 2011-12-20 17:07 - 0000000 _____ () C:\Users\Poste1\AppData\Local\{54B2C290-7EF6-4524-A044-A5429B14ECD9}
2014-03-21 00:20 - 2014-03-21 00:20 - 0000000 _____ () C:\ProgramData\1395357569.3200.bin
2014-03-21 00:30 - 2014-03-21 00:30 - 2171803 _____ () C:\ProgramData\1395357569.bdinstall.bin
2015-10-12 17:32 - 2015-10-12 17:32 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-04-16 10:33 - 2012-04-16 10:33 - 0000000 _____ () C:\ProgramData\Distortion
2013-03-30 23:11 - 2013-03-30 23:11 - 0000268 ___RH () C:\ProgramData\Drums
2013-03-30 23:11 - 2013-03-30 23:11 - 0000268 ___RH () C:\ProgramData\Dynamic Library
2013-03-30 23:11 - 2013-03-30 23:11 - 0000268 ___RH () C:\ProgramData\Echo
2014-03-14 22:36 - 2014-03-14 22:36 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2011-10-15 10:53 - 2013-03-30 23:11 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2011-10-15 10:53 - 2016-03-11 11:53 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2011-10-15 10:53 - 2013-03-30 23:11 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\C__Program Files_PlatinumHideIP_Cracked-casper03_PlatinumHideIP.exe
C:\ProgramData\C__Users_Poste1_AppData_Local_Temp_Rar$EX00.021_Platinum.Hide.IP.v3.1.1.6.Cracked-casper03_Cracked-casper03_PlatinumHideIP.exe
C:\ProgramData\C__Users_Poste1_AppData_Local_Temp_Rar$EX13.704_Platinum.Hide.IP.v3.1.1.6.Cracked-casper03_Cracked-casper03_PlatinumHideIP.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-03-19 05:29
==================== Fin de FRST.txt ============================