Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:18-01-2016 Exécuté par jean (administrateur) sur JEAN-PC (20-01-2016 14:38:39) Exécuté depuis C:\Users\jean\Downloads Profils chargés: jean & UpdatusUser (Profils disponibles: jean & UpdatusUser) Platform: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) Langue: Français (France) Internet Explorer Version 9 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Guillemot Corporation) C:\Windows\System32\HerculesWiFiService.exe (AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe (AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\hsswd.exe (NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe () C:\Windows\System32\PnkBstrA.exe (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe (Ralink Technology, Corp.) C:\Program Files\Hercules\WiFi Station DB\Service\x86\RaRegistry.exe (TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Yahoo Inc.) C:\Program Files\Yahoo!\yset\{B5E1A256-C0ED-674E-A0C9-20E1C0215B64}\YSearchUtilSVC.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtKbd.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe (IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\ImApp.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (BitTorrent Inc.) C:\Users\jean\AppData\Roaming\uTorrent\uTorrent.exe (IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\IncMail.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe () C:\Users\jean\Desktop\RogueKiller.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcfgex.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\jean\Downloads\FRST (1).exe (Farbar) C:\Users\jean\Downloads\FRST (1).exe (Farbar) C:\Users\jean\Downloads\FRST (1).exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2008-12-19] (TOSHIBA CORPORATION) HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated) Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03] (SUPERAntiSpyware.com) HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2014-12-15] (NETGEAR Inc.) HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd) HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2322457574-4222280960-816390384-1001\...\MountPoints2: {4720015d-cb43-11e4-a574-0009dd509000} - F:\.\Driver\DriverInstaller.exe -eject AppInit_DLLs: c:\progra~1\suptab\search~1.dll => Pas de fichier ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com) CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices. Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 Tcpip\..\Interfaces\{0C24C21B-CC58-4597-B2BA-F2E4B654848E}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{52C760B2-3A71-47D5-A982-5F16AE7ED7F0}: [DhcpNameServer] 10.0.0.1 Tcpip\..\Interfaces\{F2E7E049-1669-4A76-B4E5-806290039C44}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{FA742BD0-183A-4912-87FE-562F73E7FE50}: [DhcpNameServer] 212.27.40.240 212.27.40.241 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-2322457574-4222280960-816390384-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.fr HKU\S-1-5-21-2322457574-4222280960-816390384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr URLSearchHook: HKLM - IsoBuster FR Toolbar - {70430ea3-c27e-4e2e-9318-77c0d8b279a5} - Pas de fichier URLSearchHook: HKLM - MicroApplication Toolbar - {6d94116c-03d4-4c6d-9f0f-6697a376d421} - Pas de fichier URLSearchHook: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 - MicroApplication Toolbar - {6d94116c-03d4-4c6d-9f0f-6697a376d421} - Pas de fichier SearchScopes: HKLM -> {3279DBB2-78D4-49B3-B646-03FEC0EF9FF8} URL = SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> DefaultScope {cf34d395-9ff1-49a0-98a5-8db1636431b1} URL = SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> A649BFEFDF6B49EA969CE62D3D3BB70B URL = hxxp://www.gnoosi.net/web?q={searchTerms} SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {09a37ca6-8f28-4130-a323-235f5c7b151c} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {3279DBB2-78D4-49B3-B646-03FEC0EF9FF8} URL = SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {58D41C25-B9A0-44B2-B1BB-CCBE0AC0B454} URL = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = SearchScopes: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs BHO: MicroApplication Toolbar -> {6d94116c-03d4-4c6d-9f0f-6697a376d421} -> Pas de fichier BHO: IsoBuster FR Toolbar -> {70430ea3-c27e-4e2e-9318-77c0d8b279a5} -> Pas de fichier BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-18] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-18] (Oracle Corporation) Toolbar: HKLM - IsoBuster FR Toolbar - {70430ea3-c27e-4e2e-9318-77c0d8b279a5} - Pas de fichier Toolbar: HKLM - MicroApplication Toolbar - {6d94116c-03d4-4c6d-9f0f-6697a376d421} - Pas de fichier Toolbar: HKLM - Pas de nom - {4F13AB08-8328-4d87-A34D-1C7E8A8A9C83} - Pas de fichier Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {A057A204-BACC-4D26-9990-79A187E2698E} - Pas de fichier Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {F0381DBD-E018-4E07-AE40-D96AB15083F0} - Pas de fichier Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {249D74A3-BD19-4657-B6CE-E62F480A20DE} - Pas de fichier Toolbar: HKU\S-1-5-21-2322457574-4222280960-816390384-1001 -> Pas de nom - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Pas de fichier Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.5.0\ViProtocol.dll [2015-12-13] (AVG Secure Search) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-18] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-27] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.) FF Extension: Pas de nom - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-12-24] [non signé] FF Extension: FTdownloader - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader@ftdownloader.com.xpi [2012-11-29] [non signé] FF Extension: OneClickDownloader - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2012-09-01] [non signé] FF Extension: Pas de nom - C:\Users\jean\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2014-05-02] [non signé] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.fr/" CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default CHR DefaultSearchKeyword: Default -> Yahoo CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Profile: C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-03] CHR Extension: (Google Docs) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-03] CHR Extension: (Google Drive) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-03] CHR Extension: (YouTube) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-03] CHR Extension: (Recherche Google) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-03] CHR Extension: (Yahoo Web) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedgghdcpmmmilkmfpnklknlenbiolec [2016-01-03] CHR Extension: (Google) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbohklmimoggfbgbgpogjmlaoiipopen [2016-01-03] CHR Extension: (Google Docs hors connexion) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-03] CHR Extension: (EasyReader) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\leninfpgimplcdddoonihcnjblmheije [2016-01-19] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-03] CHR Extension: (AdBlock Pro) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-01-15] CHR Extension: (Gmail) - C:\Users\jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-03] CHR HKLM\...\Chrome\Extension: [bccldkoinakjmmgebambiaggjobhikfg] - CHR HKLM\...\Chrome\Extension: [bnnikilnciagaocmjnnblagidkailein] - CHR HKLM\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ehdmaehkiiampolokajdcelladmnopgp] - CHR HKLM\...\Chrome\Extension: [feancjeaegfjpegiiingkpoidgojnogn] - CHR HKLM\...\Chrome\Extension: [fmgpgnlopckfhokgklihdgpeiocjlgln] - CHR HKLM\...\Chrome\Extension: [fojnkghiggpfagjciliabphpgnbmehjf] - CHR HKLM\...\Chrome\Extension: [gkjoindjjcmbdpbfppabdgflnkgbbcli] - CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - CHR HKLM\...\Chrome\Extension: [lcjcipkegofkgcoacnlenijapjncllkj] - CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehdmaehkiiampolokajdcelladmnopgp] - CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [feancjeaegfjpegiiingkpoidgojnogn] - CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fojnkghiggpfagjciliabphpgnbmehjf] - CHR HKU\S-1-5-21-2322457574-4222280960-816390384-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lcjcipkegofkgcoacnlenijapjncllkj] - ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-12-16] (Freemake) [Fichier non signé] R2 HerculesWiFi; C:\Windows\system32\HerculesWiFiService.exe [78744 2012-07-06] (Guillemot Corporation) R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [2048720 2015-11-13] (AnchorFree Inc.) S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-11-13] () R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [851152 2015-11-13] (AnchorFree Inc.) R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2014-12-15] (NETGEAR) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-12-16] () R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [65536 2009-10-29] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [Fichier non signé] R2 RalinkRegistryWriter; C:\Program Files\Hercules\WiFi Station DB\Service\x86\RaRegistry.exe [372736 2012-01-12] (Ralink Technology, Corp.) [Fichier non signé] R2 vToolbarUpdater3.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe [1829776 2015-12-13] (AVG Secure Search) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) R2 YSearchUtilSvc; C:\Program Files\Yahoo!\yset\{B5E1A256-C0ED-674E-A0C9-20E1C0215B64}\YSearchUtilSvc.exe [160536 2015-12-04] (Yahoo Inc.) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [X] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [X] ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2012-09-14] () R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [255920 2015-11-06] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [231344 2015-08-20] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [193968 2015-11-06] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [36784 2015-08-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.) S3 cdrombus; C:\Windows\System32\Drivers\cdrombus.sys [19968 2012-08-22] (Windows (R) Codename Longhorn DDK provider) U0 cxkvnomm; C:\Windows\System32\drivers\txoktela.sys [52440 2016-01-20] (Malwarebytes) R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-03-17] (EldoS Corporation) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-09-14] () R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1317952 2012-04-17] (Ralink Technology Corp.) R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2015-04-12] (CACE Technologies, Inc.) S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [9968 2009-11-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Fichier non signé] S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [7408 2009-11-23] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Fichier non signé] R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [74480 2009-11-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Fichier non signé] S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [134144 2013-02-22] (Prolific Technology Inc.) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [36968 2015-11-13] (Anchorfree Inc.) S3 tapwp01; C:\Windows\System32\DRIVERS\tapwp01.sys [35288 2014-12-11] (The OpenVPN Project) S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [104576 2004-12-30] (Microsoft Corporation) [Fichier non signé] S1 ASPI32; pas de ImagePath S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X] S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X] S3 BT; system32\DRIVERS\btnetdrv.sys [X] S3 Btcsrusb; System32\Drivers\btcusb.sys [X] S0 BTHidEnum; System32\Drivers\vbtenum.sys [X] S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X] S3 cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 taphss; system32\DRIVERS\taphss.sys [X] S3 VComm; system32\DRIVERS\VComm.sys [X] S3 VcommMgr; System32\Drivers\VcommMgr.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-01-20 14:38 - 2016-01-20 14:38 - 00024032 _____ C:\Users\jean\Downloads\FRST.txt 2016-01-20 14:38 - 2016-01-20 14:38 - 00000000 ____D C:\FRST 2016-01-20 14:37 - 2016-01-20 14:37 - 01721856 _____ (Farbar) C:\Users\jean\Downloads\FRST (1).exe 2016-01-20 14:34 - 2016-01-20 14:34 - 01721856 _____ (Farbar) C:\Users\jean\Downloads\FRST.exe 2016-01-20 14:08 - 2016-01-20 14:08 - 00052440 _____ (Malwarebytes) C:\Windows\system32\Drivers\txoktela.sys 2016-01-20 11:18 - 2016-01-20 11:18 - 00035195 _____ C:\Users\jean\Downloads\ANTIBES_NICE.pdf 2016-01-19 15:50 - 2016-01-19 18:21 - 29086561 _____ C:\Users\jean\Downloads\Hotspot Shield VPN Elite 5.20.2 Setup + Activator.zip 2016-01-15 15:20 - 2016-01-15 15:20 - 00001078 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk 2016-01-15 15:19 - 2016-01-15 15:20 - 00000000 ____D C:\Program Files\Hotspot Shield 2016-01-15 15:19 - 2016-01-15 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield 2016-01-15 15:18 - 2016-01-15 15:20 - 00000000 ____D C:\ProgramData\Hotspot Shield 2016-01-15 15:06 - 2016-01-15 15:12 - 00000000 ____D C:\Users\jean\Downloads\Hotspot Shield 5.20.9 Elite Edition + Patch (Sadeem World) 2016-01-15 15:06 - 2016-01-15 15:06 - 00000000 ____D C:\Users\jean\Downloads\HotSpot Shield VPN v.4.15.3 + Elite Edition Activator [danhuk] 2016-01-14 11:26 - 2016-01-14 11:26 - 00062840 _____ C:\Users\jean\Downloads\Lien+internet+-+recherche+manuelle+des+chaines.pdf 2016-01-13 17:02 - 2016-01-15 12:49 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-01-13 16:34 - 2016-01-13 16:34 - 00000000 ____D C:\Users\jean\Downloads\ANTIBES NICE_files 2016-01-13 16:32 - 2016-01-13 16:32 - 00031745 _____ C:\Users\jean\Downloads\Reçu.html 2016-01-13 15:11 - 2016-01-13 15:12 - 00000000 ____D C:\BILLETS SNCF 2016 2016-01-12 15:59 - 2016-01-12 15:59 - 00000000 ____D C:\Users\jean\AppData\Local\CrashRpt 2016-01-12 15:58 - 2016-01-12 15:58 - 00000000 ____D C:\Users\jean\AppData\Roaming\Hotspot Shield 2016-01-09 11:08 - 2016-01-09 11:08 - 00860160 _____ C:\Users\jean\Downloads\IM_fix.exe 2016-01-06 17:02 - 2016-01-20 11:19 - 00000000 ____D C:\Catherine 2016-01-05 09:49 - 2016-01-05 10:08 - 00027537 _____ C:\Users\jean\Documents\bayac 5 1 16.wlmp 2016-01-05 09:20 - 2016-01-05 09:21 - 00000000 ____D C:\Users\jean\AppData\Local\{7068B973-0F04-46B5-AEA0-4DDC692EF1D4} 2016-01-04 17:45 - 2016-01-04 17:45 - 00000000 ____D C:\Users\jean\AppData\Local\{69368D50-2E60-42F4-BFAD-1246F2F12045} 2016-01-03 14:56 - 2016-01-13 16:39 - 00000000 ____D C:\FILM 2016-01-03 12:16 - 2016-01-03 12:16 - 00000000 ____D C:\Users\jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome 2016-01-03 11:28 - 2016-01-03 11:44 - 00066028 _____ C:\Windows\ntbtlog.txt 2016-01-03 10:22 - 2016-01-03 11:30 - 00000000 ____D C:\Program Files\Probit Software 2016-01-02 19:05 - 2016-01-02 19:05 - 00000000 ____D C:\Users\jean\Documents\AVS4YOU 2016-01-02 13:26 - 2016-01-02 13:26 - 00000000 ____D C:\Users\jean\AppData\Local\{EC8301B4-9FF8-4AD9-AE86-34DD165E7B71} 2016-01-02 13:23 - 2016-01-02 13:23 - 00000000 ____D C:\Users\jean\AppData\Local\{DE5C257D-15F9-4AA3-A10F-7427655F1F28} 2016-01-02 13:12 - 2016-01-02 13:12 - 00194628 _____ C:\Users\jean\Documents\gege.pdf 2015-12-24 17:50 - 2016-01-14 12:17 - 00000000 ____D C:\eeeeeeeeeeeee 2015-12-24 17:47 - 2015-12-24 17:47 - 00000000 ____D C:\Users\jean\AppData\Local\{E4EF2E76-9FCC-4231-ADB8-9EFB679AB174} 2015-12-24 09:42 - 2016-01-14 17:25 - 00000000 ____D C:\ProgramData\UtilTool 2015-12-24 09:42 - 2015-12-24 09:42 - 00000000 ____D C:\ProgramData\clp 2015-12-24 09:42 - 2015-12-24 09:42 - 00000000 ____D C:\ProgramData\BSD 2015-12-21 18:50 - 2016-01-04 17:52 - 00000000 ____D C:\chansons pour eugene 2015-12-21 18:21 - 2015-12-21 18:21 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth 2015-12-21 18:21 - 2015-12-21 18:21 - 00000000 ____D C:\Program Files\Toshiba 2015-12-21 16:36 - 2016-01-15 11:43 - 00001272 _____ C:\Users\Public\Desktop\Freemake Audio Converter.lnk 2015-12-21 16:36 - 2015-12-21 16:37 - 00000000 ____D C:\Users\jean\Documents\Freemake 2015-12-21 16:36 - 2015-12-21 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2015-12-21 16:36 - 2015-12-21 16:36 - 00000000 ____D C:\Program Files\Freemake 2015-12-21 16:36 - 2015-12-21 16:36 - 00000000 ____D C:\Program Files\Common Files\Freemake Shared 2015-12-21 16:17 - 2015-12-21 16:17 - 00000098 _____ C:\Users\jean\Downloads\dc1d6706-8cfe-4709-aaba-5aeca58d00da (1).html 2015-12-21 15:56 - 2015-12-21 15:56 - 00000000 ____D C:\Users\jean\AppData\Roaming\dBpoweramp 2015-12-21 15:55 - 2015-12-21 15:55 - 05199808 _____ C:\Windows\system32\SpoonUninstall.exe ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-01-20 14:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows 2016-01-20 14:37 - 2012-03-27 17:32 - 00000000 ____D C:\Users\jean\AppData\Roaming\uTorrent 2016-01-20 14:08 - 2013-08-14 19:57 - 00000000 ____D C:\Windows\PixArt 2016-01-20 13:47 - 2012-03-30 09:46 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-20 13:45 - 2015-04-11 12:19 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-20 12:11 - 2014-05-02 17:17 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-01-20 11:07 - 2013-04-07 09:24 - 00000000 ____D C:\ProgramData\MFAData 2016-01-19 18:00 - 2015-11-18 15:30 - 00000442 _____ C:\Windows\Tasks\ParetoLogic Registration3.job 2016-01-19 17:59 - 2014-09-30 17:47 - 00000000 ____D C:\FILMS 2016-01-19 15:45 - 2015-04-11 12:19 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-19 11:07 - 2015-12-04 13:37 - 00000000 ____D C:\Users\jean\AppData\LocalLow\uTorrent 2016-01-19 10:36 - 2009-07-14 05:34 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-19 10:36 - 2009-07-14 05:34 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-19 10:29 - 2015-11-18 15:30 - 00000468 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job 2016-01-19 10:29 - 2013-11-16 19:29 - 00000000 ____D C:\Users\jean\AppData\Local\CrashDumps 2016-01-19 10:28 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-18 18:57 - 2015-11-01 14:37 - 00000000 ____D C:\porsche 2016-01-16 18:36 - 2012-12-21 17:27 - 00000000 ____D C:\Users\jean\AppData\Roaming\vlc 2016-01-15 15:20 - 2013-01-25 16:54 - 00000000 ____D C:\Users\jean\AppData\Local\GHISLER 2016-01-15 15:19 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2016-01-15 11:52 - 2013-01-25 16:47 - 00000000 ____D C:\Users\jean\AppData\Local\LiveGBoost 2016-01-15 11:43 - 2015-11-16 18:21 - 00000800 _____ C:\Users\Public\Desktop\AVG.lnk 2016-01-15 11:43 - 2015-09-21 09:50 - 00001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk 2016-01-15 11:43 - 2015-09-21 09:50 - 00001977 _____ C:\Users\Public\Desktop\IncrediMail.lnk 2016-01-15 11:43 - 2015-04-11 10:04 - 00001996 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk 2016-01-15 11:43 - 2015-04-11 10:04 - 00001990 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk 2016-01-15 11:43 - 2015-03-19 16:05 - 00002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk 2016-01-15 11:43 - 2015-01-30 13:43 - 00002164 _____ C:\Users\Public\Desktop\Google Earth.lnk 2016-01-15 11:43 - 2015-01-27 10:47 - 00001028 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2016-01-15 11:43 - 2014-10-15 14:06 - 00000959 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-01-15 11:43 - 2014-10-02 17:36 - 00002012 _____ C:\Users\Public\Desktop\WiFi Station DB.lnk 2016-01-15 11:43 - 2014-08-26 18:01 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-01-15 11:43 - 2014-08-26 18:01 - 00001983 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2016-01-15 11:43 - 2014-02-11 15:03 - 00000838 _____ C:\Users\Public\Desktop\PC Booster.lnk 2016-01-15 11:43 - 2014-01-28 09:02 - 00001664 _____ C:\Users\Public\Desktop\WebMate.lnk 2016-01-15 11:43 - 2013-12-16 18:43 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-01-15 11:43 - 2013-04-08 12:42 - 00001966 _____ C:\Users\Public\Desktop\e-Carte Bleue Banque Populaire.lnk 2016-01-15 11:43 - 2013-02-02 11:56 - 00001855 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk 2016-01-15 11:43 - 2013-02-02 11:56 - 00001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Encore plus de jeux.lnk 2016-01-15 11:43 - 2013-01-21 15:57 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-01-15 11:43 - 2012-12-19 10:25 - 00001018 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-01-15 11:43 - 2012-11-12 16:21 - 00001809 _____ C:\Users\Public\Desktop\QuickTime Player.lnk 2016-01-15 11:43 - 2012-09-03 18:03 - 00001054 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-01-15 11:43 - 2012-06-21 08:07 - 00000883 _____ C:\Users\Public\Desktop\GBoost.lnk 2016-01-15 11:43 - 2012-05-08 08:42 - 00001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk 2016-01-15 11:43 - 2012-04-04 13:34 - 00002733 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk 2016-01-15 11:43 - 2012-03-27 18:06 - 00001308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk 2016-01-15 11:43 - 2012-03-27 18:06 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk 2016-01-15 11:43 - 2012-03-27 18:05 - 00001392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2016-01-15 11:43 - 2012-03-27 17:20 - 00000985 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2016-01-15 11:43 - 2012-03-27 16:24 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2016-01-15 11:43 - 2012-03-27 16:24 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2016-01-15 11:43 - 2009-07-14 05:46 - 00001479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-01-15 11:43 - 2009-07-14 05:42 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk 2016-01-15 11:43 - 2009-07-14 05:42 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk 2016-01-15 11:43 - 2009-07-14 05:42 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk 2016-01-15 11:43 - 2009-07-14 05:42 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk 2016-01-15 11:42 - 2015-05-19 16:51 - 00002221 _____ C:\Users\jean\Desktop\Kindle.lnk 2016-01-15 11:42 - 2015-03-20 18:52 - 00000928 _____ C:\Users\jean\Desktop\Gestionnaire pour appareils Windows Mobile.lnk 2016-01-15 11:42 - 2013-09-14 09:28 - 00000849 _____ C:\Users\jean\Desktop\µTorrent.lnk 2016-01-15 11:42 - 2013-09-14 09:28 - 00000829 _____ C:\Users\jean\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2016-01-15 11:42 - 2013-08-31 17:01 - 00001831 _____ C:\Users\jean\Desktop\Piratrax.lnk 2016-01-15 11:42 - 2013-04-08 12:42 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\e-Carte Bleue Banque Populaire.lnk 2016-01-15 11:42 - 2013-01-02 11:14 - 00001195 _____ C:\Users\jean\Desktop\AVS Video Converter.lnk 2016-01-15 11:42 - 2012-04-13 14:12 - 00001940 _____ C:\Users\jean\Desktop\AlerteGPS G300.lnk 2016-01-15 11:42 - 2012-03-27 17:23 - 00001197 _____ C:\Users\jean\Desktop\Magic Speed.lnk 2016-01-15 11:42 - 2009-07-14 05:46 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk 2016-01-15 11:42 - 2009-07-14 05:37 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk 2016-01-13 17:46 - 2012-03-29 07:52 - 00058368 _____ C:\Users\jean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-01-10 10:19 - 2012-09-22 09:56 - 00000000 ____D C:\Users\jean\AppData\Local\NETGEARGenie 2016-01-07 12:26 - 2014-10-13 07:42 - 00000000 ____D C:\Users\jean\AppData\Local\ElevatedDiagnostics 2016-01-06 17:50 - 2010-11-21 01:30 - 00722064 _____ C:\Windows\system32\perfh00C.dat 2016-01-06 17:50 - 2010-11-21 01:30 - 00139204 _____ C:\Windows\system32\perfc00C.dat 2016-01-06 17:50 - 2010-11-20 22:01 - 01599210 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-06 17:45 - 2015-11-16 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen 2016-01-06 17:28 - 2012-03-27 17:23 - 00000000 ____D C:\ProgramData\TEMP 2016-01-06 11:38 - 2015-08-22 19:32 - 00000000 ____D C:\easy 2016-01-05 09:20 - 2015-11-18 15:30 - 00000416 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job 2016-01-04 19:51 - 2012-03-27 17:46 - 00000000 ____D C:\Users\jean\AppData\Local\Windows Live 2016-01-04 18:25 - 2013-01-01 14:52 - 00000000 ____D C:\Program Files\AVS4YOU 2016-01-03 10:53 - 2012-03-27 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-01-03 10:53 - 2012-03-27 17:29 - 00000000 ____D C:\Program Files\WinRAR 2016-01-03 10:49 - 2009-07-14 05:33 - 00301160 _____ C:\Windows\system32\FNTCACHE.DAT 2016-01-03 10:21 - 2009-07-14 03:04 - 00000904 _____ C:\Windows\win.ini 2016-01-02 12:56 - 2013-01-01 14:53 - 00000000 ____D C:\Users\jean\AppData\Roaming\AVS4YOU 2016-01-02 12:56 - 2012-03-27 16:47 - 00066368 _____ C:\Users\jean\AppData\Local\GDIPFONTCACHEV1.DAT 2016-01-02 12:52 - 2013-01-02 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2015-12-24 09:50 - 2012-03-27 16:30 - 00000000 ____D C:\Users\jean 2015-12-21 17:44 - 2013-12-25 12:27 - 00000000 ____D C:\ProgramData\TOSHIBA 2015-12-21 16:36 - 2014-03-16 18:56 - 00000000 ____D C:\ProgramData\Freemake ==================== Fichiers à la racine de certains dossiers ======= 2015-05-08 15:07 - 2015-08-14 09:31 - 0000555 _____ () C:\Users\jean\AppData\Roaming\burnaware.ini 2012-03-29 07:52 - 2016-01-13 17:46 - 0058368 _____ () C:\Users\jean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-28 08:51 - 2014-01-28 08:51 - 0007606 _____ () C:\Users\jean\AppData\Local\Resmon.ResmonCfg 2015-11-19 15:04 - 2015-11-19 15:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2013-11-28 10:20 - 2013-11-28 10:20 - 0005033 _____ () C:\ProgramData\mtbjfghn.xbe Certains fichiers dans TEMP: ==================== C:\Users\jean\AppData\Local\Temp\5KiHq9fvUA.exe C:\Users\jean\AppData\Local\Temp\aEaeFgJXBS.exe C:\Users\jean\AppData\Local\Temp\avguirn_081984414746.exe C:\Users\jean\AppData\Local\Temp\hss_update.exe C:\Users\jean\AppData\Local\Temp\nsbEC43.exe C:\Users\jean\AppData\Local\Temp\nsg5C7.exe C:\Users\jean\AppData\Local\Temp\ntdll_dump.dll C:\Users\jean\AppData\Local\Temp\Temp1.exe C:\Users\jean\AppData\Local\Temp\Uninstall.exe C:\Users\jean\AppData\Local\Temp\ytb.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-01-20 13:34 ==================== Fin de FRST.txt ============================