Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Exécuté par Ismael (administrateur) sur ISMAEL-PC (01-04-2016 18:26:58)
Exécuté depuis C:\Users\Ismael\AppData\Local\Temp\scoped_dir3768_6030
Profils chargés: Ismael (Profils disponibles: Ismael)
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Opera)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Navigation Co., Ltd.) C:\Users\Ismael\AppData\Roaming\ntsvc\ntsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(blekko) C:\ProgramData\ZGame Anti-Phishing Domain\zgame_antiphishing.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\DataCardService\HWDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe
() C:\Program Files\MyPublicWiFi\PublicWiFiService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\Temp\nsvC2E2.tmp\nsC3FB.tmp
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Birds) C:\Users\Ismael\AppData\Local\Birds\birds365.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient.exe
() C:\Program Files\UCBrowser\Application\UCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\config\systemprofile\AppData\Roaming\XBox\XBLive.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(skype.cog.cc) C:\Program Files\SkypeUpdateEx\SkypeUpdateEx.exe
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
() C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [336992 2012-05-31] (Power Software Ltd)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2008-12-19] (TOSHIBA CORPORATION)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Run: [ZGame Anti-Phishing Domain] => C:\ProgramData\ZGame Anti-Phishing Domain\zgame_antiphishing.exe [235072 2013-08-14] (blekko)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-18] (Adobe Systems Incorporated)
HKLM\...\Run: [fst_tr_70] => [X]
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient.exe [3933928 2015-07-23] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [MyPublicWiFi] => C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe [2006784 2014-02-11] ()
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [92168 2009-01-21] (Logitech Inc.)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\...\Run: [TBHostSupport] => "C:\Windows\system32\Rundll32.exe" "C:\Users\Ismael\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin <===== ATTENTION
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\...\Run: [*LABAL*] => [X]
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\...\Run: [VoipConnect] => C:\Program Files\VoipConnect.com\VoipConnect\voipconnect.exe [31445088 2015-04-15] (VoipConnect)
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\...\Run: [Birds] => C:\Users\Ismael\AppData\Local\Birds\birds365.exe [113664 2015-11-14] (Birds)
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\...\MountPoints2: {2498cf52-0682-11e3-9801-7c0507abe270} - K:\LGAutoRun.exe
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\...\MountPoints2: {610bedd4-73a0-11e3-884e-7c0507abe270} - K:\autorun.exe
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\...\MountPoints2: {610bede0-73a0-11e3-884e-7c0507abe270} - L:\Autorun.exe
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\...\MountPoints2: {6445ae30-fd4f-11e2-9065-de1bca64d8bd} - I:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\...\MountPoints2: {a76b6716-7b73-11e3-92fc-c0d9625f5805} - M:\LaunchU3.exe -a
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\...\MountPoints2: {f6dc6648-fd37-11e2-949a-806e6f6e6963} - G:\Autorun.exe
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: c:\progra~1\suppor~1\suppor~1.dll => Pas de fichier
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Pas de fichier
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => C:\Windows\system32\config\systemprofile\AppData\Local\Temp\VSTmp\explorerEx.dll Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DeskDrive.lnk [2014-02-04]
ShortcutTarget: DeskDrive.lnk -> C:\Windows\Lion Skin Pack\DeskDrive\DeskDrive.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Finderbar.lnk [2014-02-04]
ShortcutTarget: Finderbar.lnk -> C:\Windows\Lion Skin Pack\Finderbar\Finderbar.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\maComfort.lnk [2014-02-04]
ShortcutTarget: maComfort.lnk -> C:\Windows\Lion Skin Pack\maComfort\maComfort.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2014-02-04]
ShortcutTarget: RocketDock.lnk -> C:\Windows\Lion Skin Pack\RocketDock\RocketDock.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-07-23]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk [2015-07-10]
ShortcutTarget: WebBrowserMixVideoPlayer.lnk -> C:\Program Files\MixVideoPlayer\BrowserWeb.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinLaunch.lnk [2014-02-04]
ShortcutTarget: WinLaunch.lnk -> C:\Windows\Lion Skin Pack\WinLaunch\WinLaunch.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Winroll.lnk [2014-02-04]
ShortcutTarget: Winroll.lnk -> C:\Windows\Lion Skin Pack\Winroll\winroll.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\xwidget.lnk [2014-02-04]
ShortcutTarget: xwidget.lnk -> C:\Windows\Lion Skin Pack\Xwidget\xwidget.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YzShadow.lnk [2014-02-04]
ShortcutTarget: YzShadow.lnk -> C:\Windows\Lion Skin Pack\YzShadow\YzShadow.exe (Pas de fichier)
Startup: C:\Users\Ismael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-04-05]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Pas de fichier)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyEnable: [S-1-5-21-1337840865-3249250241-3975571679-1000] => Proxy est activé.
ProxyServer: [S-1-5-21-1337840865-3249250241-3975571679-1000] => http=127.0.0.1:8080;https=127.0.0.1:8080
AutoConfigURL: [S-1-5-21-1337840865-3249250241-3975571679-1000] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog5 10 C:\ProgramData\System32\SafeGuard32.dll [2771896 2015-12-30] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2DBF695C-1DD6-4E58-BD1D-10D5208A4F84}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2DBF695C-1DD6-4E58-BD1D-10D5208A4F84}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{63DCB71F-043B-4409-B588-2BFA0AAF699C}: [DhcpNameServer] 213.136.96.157 213.136.96.37
Tcpip\..\Interfaces\{B69517A1-38AA-46D7-B0E5-2C048D606D19}: [DhcpNameServer] 213.136.96.157 213.136.96.37
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nav.brotstation.com?uid={63adb75e08d243259655077ded449034}&r=eg
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={63adb75e08d243259655077ded449034}&r=eg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={63adb75e08d243259655077ded449034}&r=eg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={63adb75e08d243259655077ded449034}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nav.brotstation.com?uid={63adb75e08d243259655077ded449034}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={63adb75e08d243259655077ded449034}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={63adb75e08d243259655077ded449034}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={63adb75e08d243259655077ded449034}&r=eg
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130885340292917555&GUID=409265F0-D135-4185-B143-13E815495277
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1433840540&from=mych123&uid=toshibaxmq01abf050_33p7s1p7sxx33p7s1p7s&z=93fdf4d83f87f8e7510e97ag4zcc8ccbdzeeaw3zde
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130885340293057563&GUID=409265F0-D135-4185-B143-13E815495277
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1433840540&from=mych123&uid=toshibaxmq01abf050_33p7s1p7sxx33p7s1p7s&z=93fdf4d83f87f8e7510e97ag4zcc8ccbdzeeaw3zde
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.fr.msn.com/
HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130955978228590403&GUID=409265F0-D135-4185-B143-13E815495277
URLSearchHook: HKLM - (Pas de nom) - {f9a3f73a-20b9-4baf-bdc7-5a6088ff47fd} - Pas de fichier
SearchScopes: HKLM -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={63adb75e08d243259655077ded449034}&r=eg
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1395664576&from=cor&uid=TOSHIBAXMQ01ABF050_33P7S1P7SXX33P7S1P7S&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=114&itype=a&ver=12692&tm=340&src=ds&p={searchTerms}
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2860425
SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=625&r=2014/04/10&hid=812479164703930483&lg=EN&cc=TR&unqvl=51
SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={63adb75e08d243259655077ded449034}&r=eg
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> DefaultScope 22CD3F8EFF22804C333D6681DDC36893 URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> 22CD3F8EFF22804C333D6681DDC36893 URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> E01163C7919ED9AD717DBD60FE85DF79 URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {69ABAE4C-47BC-4EAD-A2B3-ED08ED617830} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {A05024BB-1FCD-44B1-8006-EFC5ABA6014B} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {CECEC013-8715-47B8-960F-ED853204E3EC} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {EBD839AE-B08C-4fb7-859B-F54AF16C159F} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {F3B6CDFD-32AB-4319-9279-9F0215834A6A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> {F749E661-1290-49EA-8509-C0146BC0FC9B} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: Pas de nom -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> Pas de fichier
BHO: Pas de nom -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> Pas de fichier
BHO: Pas de nom -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> Pas de fichier
BHO: Pas de nom -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> Pas de fichier
BHO: Pas de nom -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Pas de fichier
BHO: Pas de nom -> {7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} -> Pas de fichier
BHO: Pas de nom -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> Pas de fichier
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Pas de nom -> {C45EC9F0-8333-465D-9728-074BD41985C9} -> Pas de fichier
BHO: Pas de nom -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> Pas de fichier
BHO: Pas de nom -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> Pas de fichier
BHO: Pas de nom -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
BHO: Pas de nom -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> Pas de fichier
BHO: Pas de nom -> {f9a3f73a-20b9-4baf-bdc7-5a6088ff47fd} -> Pas de fichier
Toolbar: HKLM - Pas de nom - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - Pas de fichier
Toolbar: HKLM - Pas de nom - {f9a3f73a-20b9-4baf-bdc7-5a6088ff47fd} - Pas de fichier
Toolbar: HKLM - Pas de nom - {30F9B915-B755-4826-820B-08FBA6BD249D} - Pas de fichier
Toolbar: HKLM - Pas de nom - {91397D20-1446-11D4-8AF4-0040CA1127B6} - Pas de fichier
Toolbar: HKU\.DEFAULT -> Pas de nom - {91397D20-1446-11D4-8AF4-0040CA1127B6} - Pas de fichier
Toolbar: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> Pas de nom - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Pas de fichier
Toolbar: HKU\S-1-5-21-1337840865-3249250241-3975571679-1000 -> Pas de nom - {91397D20-1446-11D4-8AF4-0040CA1127B6} - Pas de fichier
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://nav.brotlab.net?uid={63adb75e08d243259655077ded449034}&r=eg
FireFox:
========
FF ProfilePath: C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine:
FF SearchEngineOrder.1:
FF SelectedSearchEngine:
FF Homepage: ?uid={63adb75e08d243259655077ded449034}&r=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-30] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-12-18] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-15] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-15] (Intel Corporation)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\npDeployJava1.dll [2014-03-12] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2014-03-12] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-04-05] (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-04-05] (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\user.js [2015-11-14]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Ismael\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\searchplugins\.xml [2015-12-19]
FF SearchPlugin: C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\searchplugins\portalsepeti.xml [2015-12-19]
FF SearchPlugin: C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\searchplugins\yqs-barff-yagorsel.xml [2015-02-01]
FF SearchPlugin: C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\searchplugins\yqs-barff-yahaber.xml [2015-02-01]
FF SearchPlugin: C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\searchplugins\yqs-barff-yandex.xml [2015-02-01]
FF SearchPlugin: C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\searchplugins\yqs-barff-yavideo.xml [2015-02-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml [2014-05-19]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml [2015-05-29]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml [2015-09-22]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\netmahal.xml [2014-12-25]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\portalsepeti.xml [2015-11-05]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\search-with-eazelbar.xml [2013-11-12]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zgametb.xml [2014-02-04]
FF Extension: Battlefield Play4Free - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\extensions\battlefieldplay4free@ea.com [2014-04-25] [non signé]
FF Extension: Easy Tab - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\extensions\newtabff@gmail.com [2014-12-25] [non signé]
FF Extension: Hold Page 1.0.1 - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\extensions\{fb92e7a9-ee13-44c3-a51b-600382fe9211}.xpi [2014-12-20] [non signé]
FF Extension: Media Player - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha7370\ff [2014-02-20] [non signé]
FF Extension: Media Watch - C:\Program Files\MediaWatchV1\MediaWatchV1home867\ff [2014-03-22] [non signé]
FF Extension: DownloadHelper - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-08-19]
FF Extension: groover121120151836 - C:\Program Files\groover121120151836\Firefox\{350F8805-D431-4908-8701-57A62717BAF2}.xpi [2015-11-14] [non signé]
FF Extension: FirefixTab - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\extensions\deskCutv2@gmail.com [2016-02-13] [non signé]
FF Extension: Default NewTab - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\extensions\default_newtabff@gmail.com [2016-02-13] [non signé]
FF Extension: CinemaPlus-3.2c - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2016-02-22] [non signé]
FF Extension: Frevens Pro 13 - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\4099ddac-55a8-4242-a8ee-c11ac5c483f8@d381c88b-b41d-4125-a4e3-e1ec58b7567b.com [2016-02-21] [non signé]
FF Extension: Website Discovery Pro - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\discoverypro@discoverypro.com [2014-04-28] [non signé]
FF Extension: CostMin - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\e0yv0uai@tkptlqrxdv.net [2014-06-02] [non signé]
FF Extension: Linkey for Firefox - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\extension@linkeyproject.com [2014-05-07] [non signé]
FF Extension: YoutubeAdblocker - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\eyuykcqg-jk@qosm-rawg.com [2014-04-10] [non signé]
FF Extension: SNT - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\hcob.sjhx@pqjphvs-zdk.com [2014-04-10] [non signé]
FF Extension: saive Net - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\mbioagwf4@qpmcjitwvs.net [2014-04-10] [non signé]
FF Extension: SNT - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\oiumy@iyieue.org [2014-04-10] [non signé]
FF Extension: Quick Start - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\quick_start@gmail.com [2014-05-30] [non signé]
FF Extension: save Net - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\qx3b@ssao-.net [2014-04-10] [non signé]
FF Extension: savvea net - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\rdi6i@jvcgl.edu [2014-04-10] [non signé]
FF Extension: SNT - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\rkfrr1ul@twmes-eyy.co.uk [2014-04-11] [non signé]
FF Extension: uBlock Origin - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\uBlock0@raymondhill.net.xpi [2016-02-21]
FF Extension: Settings Manager - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\Extensions\{1ED03F15-1006-1C66-CCA5-15A00B80A7B7} [2014-05-19] [non signé]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [ext@MediaPlayerV1alpha7370.net] - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha7370\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaWatchV1home867.net] - C:\Program Files\MediaWatchV1\MediaWatchV1home867\ff
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\extensions\quick_start@gmail.com
FF HKLM\...\Firefox\Extensions: [search-snacks@search-snacks.com] - C:\Program Files\Mozilla Firefox\extensions\search-snacks@search-snacks.com => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [newtabff@gmail.com] - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\extensions\newtabff@gmail.com
FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files\RelevantKnowledge\firefox => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\extensions\quick_searchff@gmail.com => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Ismael\AppData\Roaming\Mozilla\Firefox\Profiles\740tzrd5.default-1393670652106\extensions\deskCutv2@gmail.com
FF HKLM\...\Firefox\Extensions: [{350F8805-D431-4908-8701-57A62717BAF2}] - C:\Program Files\groover121120151836\Firefox\{350F8805-D431-4908-8701-57A62717BAF2}.xpi
StartMenuInternet: FIREFOX.EXE - c:\program files\mozilla firefox\firefox.exe hxxp://nav.brotlab.net?uid={63adb75e08d243259655077ded449034}&r=eg
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-01-14]
Chrome:
=======
CHR HomePage: Default -> ?uid={63adb75e08d243259655077ded449034}&r=
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=792_pr__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1442939054&z=a230331098f8bb2906e59fcgfzdz4o5t3c9b9bcm0b&from=cmi&uid=TOSHIBAXMQ01ABF050_33P7S1P7SXX33P7S1P7S"
CHR Plugin: (Shockwave Flash) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll => Pas de fichier
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\48.0.2564.97\ppGoogleNaClPluginChrome.dll => Pas de fichier
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\48.0.2564.97\pdf.dll => Pas de fichier
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (BitCometAgent) - C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll (BitComet)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Users\Ismael\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL => Pas de fichier
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Pas de fichier
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files\Java\jre6\bin\npDeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Musicnotes) - C:\Program Files\Musicnotes\npmusicn.dll => Pas de fichier
CHR Plugin: (SaveSenseLive Update) - C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (globalUpdate Update) - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Ismael\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Pas de fichier
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll => Pas de fichier
CHR Profile: C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (YouTube) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (MediaPlayer+) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejnaecmjmpnajcpbhkelomfdnjdfgfe [2015-06-07] [UpdateUrl: hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/chrome/update/58024.xml] <==== ATTENTION
CHR Extension: (Hola Better Internet Engine) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-05-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-11]
CHR Extension: (AdBlock) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-28]
CHR Extension: (Skype) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-25]
CHR Extension: (Hold Page) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlekdnjpgajfkijgkfdffdndpmgjnicm [2015-01-13] [UpdateUrl: hxxp://wwwholdingmypage-a.akamaihd.net/update/chrome] <==== ATTENTION
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-09]
CHR Extension: (CinemaPlus-3.2cV04.04) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-04-06]
CHR Extension: (Gmail) - C:\Users\Ismael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [biahaobfpkgeiomkihcdgknebbhadonc] - C:\Users\Ismael\AppData\Local\CRE\biahaobfpkgeiomkihcdgknebbhadonc.crx
CHR HKLM\...\Chrome\Extension: [dghncoeocefmhkhiphdgikkamjeglbfh] - C:\Program Files\mystarttb\chrome-newtab-search.crx
CHR HKLM\...\Chrome\Extension: [gkginhadjmacoeapohpkdmlbkocpkedh] - C:\Program Files\MediaWatchV1\MediaWatchV1home867\ch\MediaWatchV1home867.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files\RelevantKnowledge\rlcm.crx
CHR HKU\S-1-5-21-1337840865-3249250241-3975571679-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [biahaobfpkgeiomkihcdgknebbhadonc] - C:\Users\Ismael\AppData\Local\CRE\biahaobfpkgeiomkihcdgknebbhadonc.crx
StartMenuInternet: Google Chrome.RYIMZXYMYSTPURHJG4VMHQ2FWY - C:\Users\Ismael\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [437880 2015-08-19] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413304 2015-08-19] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [839288 2015-08-19] (BlueStack Systems, Inc.)
S2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2013-03-22] (Intel Corporation)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2014-07-30] (Flexera Software LLC)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [583680 2013-02-13] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [637912 2013-02-13] (Intel(R) Corporation)
R2 InternetEverywhere_Service; C:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe [347120 2012-08-16] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R2 MyPublicWiFiService; C:\Program Files\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [Fichier non signé]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [241936 2011-12-08] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2104840 2016-02-14] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2014-04-26] ()
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [96972 2014-04-05] () [Fichier non signé] <==== ATTENTION
R2 Sed; C:\Users\Ismael\AppData\Roaming\ntsvc\ntsvc.exe [266104 2015-10-12] (Navigation Co., Ltd.)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient.exe [3933928 2015-07-23] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 SkypeUpdateEx; C:\Program Files\SkypeUpdateEx\SkypeUpdateEx.exe [167352 2016-03-18] (skype.cog.cc)
S4 trntv; C:\Users\Ismael\AppData\Roaming\TornTV.com\TornTVSvc.exe [19456 2014-11-18] (Cool Mirage) [Fichier non signé]
R2 UCBrowserSvc; C:\Program Files\UCBrowser\Application\UCService.exe [516088 2015-12-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [7246288 2016-03-29] (Microsoft Corporation)
R2 XBox; C:\Windows\system32\config\systemprofile\AppData\Roaming\XBox\XBLive.exe [5359032 2016-02-20] (Microsoft Corporation)
S4 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [X]
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2012-03-07] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2012-03-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-03-06] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [73728 2012-03-06] (LG Electronics Inc.)
R1 bsdriver; C:\Windows\system32\drivers\bsdriver.sys [30112 2015-11-14] ()
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [132216 2015-08-19] (BlueStack Systems)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [56480 2015-11-14] (Cherimoya Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2014-01-02] (DT Soft Ltd)
S3 egg_protect; C:\Windows\DelYAC_x86.sys [16448 2016-02-18] ()
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2013-08-04] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [66688 2013-08-04] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2013-08-04] (Huawei Technologies Co., Ltd.)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [505192 2013-08-07] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [25448 2013-08-07] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-02-22] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [352752 2013-02-22] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [796656 2013-02-22] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-05-15] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
S3 MRV6X32U; C:\Windows\System32\DRIVERS\MRVW24B.sys [310016 2007-10-28] (Marvell Semiconductor, Inc) [Fichier non signé]
R1 ndiskhaz; C:\Windows\System32\DRIVERS\ndiskhaz.sys [25416 2012-12-07] (Khalil Azzouzi)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0076.sys [26208 2015-04-04] (SoftEther VPN Project at University of Tsukuba, Japan.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-11-02] (Sonic Solutions) [Fichier non signé]
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [17512 2012-01-05] (Realtek Microelectronics)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtwlane.sys [937576 2012-01-16] (Realtek Semiconductor Corporation )
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113104 2012-05-31] (Power Software Ltd)
S3 SEE; C:\Windows\System32\drivers\see.sys [43104 2015-04-04] (SoftEther VPN Project at University of Tsukuba, Japan.)
R1 swsedrvr_vt_1_10_0_25; C:\Windows\System32\drivers\swsedrvr_vt_1_10_0_25.sys [56440 2015-09-22] (SS)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [19336 2009-01-13] (Logitech Inc.)
R3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [29192 2009-01-13] (Logitech Inc.)
R3 WmHidLo; C:\Windows\System32\drivers\WmHidLo.sys [31240 2009-01-13] (Logitech Inc.)
R3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [14728 2009-01-13] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [49160 2009-01-13] (Logitech Inc.)
S3 cpuz134; \??\C:\Users\Ismael\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S1 innfd_1_10_0_13; system32\drivers\innfd_1_10_0_13.sys [X]
S2 sbmntr; \??\C:\PROGRA~1\YTDOWN~1\sbmntr.sys [X]
S1 scfd_1_10_0_16; system32\drivers\scfd_1_10_0_16.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 Tosrfcom; pas de ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-01 18:10 - 2016-04-01 18:10 - 00082639 _____ C:\Users\Ismael\Desktop\Addition.txt
2016-04-01 18:01 - 2016-04-01 18:26 - 00000000 ____D C:\FRST
2016-04-01 18:01 - 2016-04-01 18:01 - 01725440 _____ (Farbar) C:\Users\Ismael\Downloads\FRST.exe
2016-03-31 12:56 - 2016-03-31 12:56 - 00002774 _____ C:\Users\Ismael\Downloads\3_et_hept.mol
2016-03-31 12:56 - 2016-03-31 12:56 - 00002492 _____ C:\Users\Ismael\Downloads\234_me_pent.mol
2016-03-31 12:56 - 2016-03-31 12:56 - 00002210 _____ C:\Users\Ismael\Downloads\24_me_pent.mol
2016-03-31 12:56 - 2016-03-31 12:56 - 00002210 _____ C:\Users\Ismael\Downloads\2_me_hex.mol
2016-03-31 12:56 - 2016-03-31 12:56 - 00001928 _____ C:\Users\Ismael\Downloads\2_me_pent.mol
2016-03-31 12:48 - 2016-03-31 12:48 - 00014368 _____ C:\Users\Ismael\Downloads\alcane.swf
2016-03-27 22:05 - 2016-03-27 22:14 - 00000000 ____D C:\Users\Ismael\Downloads\Sexion d'Assaut - Best Of Sexion d'Assaut (2013 - Album)
2016-03-27 22:03 - 2016-03-27 22:03 - 00014970 _____ C:\Users\Ismael\Downloads\[kat.cr]sexion.d.assaut.best.of.sexion.d.assaut.2013.album.torrent
2016-03-27 18:11 - 2016-03-27 18:11 - 03432764 _____ C:\Users\Ismael\Downloads\nordschleifeguide.pdf
2016-03-27 16:12 - 2016-03-27 16:12 - 01189128 _____ C:\Users\Ismael\Downloads\24 - Gauss's Law.pdf
2016-03-27 16:12 - 2016-03-27 16:12 - 01165607 _____ C:\Users\Ismael\Downloads\23 - Electric Fields (1).pdf
2016-03-21 08:01 - 2016-03-21 08:02 - 24449143 _____ C:\Users\Ismael\Downloads\com.whatsapp_v2.12.541-451031_Android-2.1.apk
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-04-01 18:17 - 2015-12-08 11:56 - 00000446 _____ C:\Windows\Tasks\UCBrowserUpdater.job
2016-04-01 18:16 - 2014-03-13 08:15 - 00000000 ____D C:\Program Files\Steam
2016-04-01 18:06 - 2016-01-30 15:19 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-01 17:34 - 2013-08-28 22:11 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-01 16:34 - 2013-08-28 22:11 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-01 16:09 - 2009-07-14 06:34 - 00020880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-01 16:09 - 2009-07-14 06:34 - 00020880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-01 16:07 - 2014-03-27 10:07 - 00001496 _____ C:\Windows\Tasks\Plus-HD-9.1-updater.job
2016-04-01 16:07 - 2014-03-27 10:07 - 00001450 _____ C:\Windows\Tasks\Plus-HD-9.1-codedownloader.job
2016-04-01 16:07 - 2014-03-27 10:07 - 00001350 _____ C:\Windows\Tasks\Plus-HD-9.1-enabler.job
2016-04-01 16:05 - 2014-03-27 10:05 - 00002300 _____ C:\Windows\Tasks\Plus-HD-9.1-firefoxinstaller.job
2016-04-01 16:04 - 2014-03-27 10:04 - 00003082 _____ C:\Windows\Tasks\Plus-HD-9.1-chromeinstaller.job
2016-03-31 16:39 - 2014-05-26 09:19 - 00000266 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2016-03-31 12:17 - 2014-07-07 11:22 - 00000000 ____D C:\Users\Ismael\AppData\Local\Deployment
2016-03-31 10:03 - 2016-01-12 11:30 - 00000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2016-03-31 10:03 - 2015-06-19 14:38 - 00000000 ____D C:\Users\Ismael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-03-31 10:00 - 2014-11-18 02:48 - 00000000 ____D C:\Program Files\Opera
2016-03-31 09:56 - 2014-07-21 17:12 - 00000366 _____ C:\Windows\Tasks\AmiUpdXp.job
2016-03-29 16:30 - 2016-02-24 16:39 - 00000000 ____D C:\ProgramData\Windows Security
2016-03-29 16:30 - 2016-01-12 13:57 - 00000000 ____D C:\Windows\19
2016-03-29 15:38 - 2015-11-21 22:59 - 00002229 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-29 15:37 - 2015-11-21 22:59 - 00002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-28 17:21 - 2015-12-15 10:20 - 00000000 ____D C:\Windows\3
2016-03-28 17:21 - 2015-09-24 17:54 - 00000000 ____D C:\Program Files\SkypeUpdateEx
2016-03-28 17:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-03-28 16:51 - 2014-03-24 15:27 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-03-27 22:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2016-03-27 22:18 - 2013-09-04 14:12 - 00000000 ____D C:\Users\Ismael\AppData\Roaming\uTorrent
2016-03-27 19:34 - 2011-01-17 02:52 - 01679808 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-27 19:34 - 2009-07-14 10:39 - 00753328 _____ C:\Windows\system32\perfh00C.dat
2016-03-27 19:34 - 2009-07-14 10:39 - 00152228 _____ C:\Windows\system32\perfc00C.dat
2016-03-27 19:30 - 2015-04-20 19:29 - 00001978 _____ C:\Users\Ismael\Desktop\Google Chrome.lnk
2016-03-27 19:10 - 2014-02-04 21:46 - 00000000 ____D C:\ProgramData\ZGame Anti-Phishing Domain
2016-03-27 19:09 - 2015-07-23 19:39 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2016-03-27 19:08 - 2014-08-28 19:17 - 00000348 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2016-03-27 19:08 - 2014-03-27 11:39 - 00000374 _____ C:\Windows\Tasks\RegInOut on user logon - Ismael.job
2016-03-27 19:07 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-18 00:16 - 2014-02-20 21:17 - 00001516 __RSH C:\ProgramData\ntuser.pol
2016-03-18 00:16 - 2014-01-02 17:34 - 00000622 __RSH C:\Users\Ismael\ntuser.pol
2016-03-18 00:16 - 2013-08-04 23:14 - 00000000 ____D C:\Users\Ismael
2016-03-17 03:16 - 2014-03-25 18:55 - 00000000 ____D C:\ProgramData\Origin
2016-03-07 15:23 - 2013-08-21 14:58 - 00001146 _____ C:\Users\Ismael\Desktop\Téléchargements.lnk
2016-03-07 13:45 - 2013-08-14 23:45 - 00000000 ____D C:\Users\Ismael\AppData\Roaming\vlc
2016-03-04 21:00 - 2013-12-06 11:49 - 00000439 _____ C:\Windows\system32\Drivers\etc\hosts.ics
==================== Fichiers à la racine de certains dossiers =======
2014-05-04 13:57 - 2014-05-04 13:57 - 0000320 _____ () C:\Users\Ismael\AppData\Roaming\aps.uninstall.scan.results
2013-12-27 14:22 - 2014-01-04 19:16 - 0000000 _____ () C:\Users\Ismael\AppData\Roaming\bitlord_log.txt
2014-04-22 18:04 - 2015-01-29 19:20 - 0000130 _____ () C:\Users\Ismael\AppData\Roaming\Camdata.ini
2014-04-22 18:04 - 2015-01-29 19:20 - 0000408 _____ () C:\Users\Ismael\AppData\Roaming\CamLayout.ini
2014-04-22 18:04 - 2015-01-29 19:20 - 0000408 _____ () C:\Users\Ismael\AppData\Roaming\CamShapes.ini
2014-04-22 17:49 - 2015-01-29 19:20 - 0004547 _____ () C:\Users\Ismael\AppData\Roaming\CamStudio.cfg
2015-08-06 23:00 - 2015-08-06 23:00 - 0000784 _____ () C:\Users\Ismael\AppData\Roaming\dj.log
2014-04-10 16:48 - 2014-04-10 17:09 - 0027425 _____ () C:\Users\Ismael\AppData\Roaming\Explorer.EXE_log.txt
2015-03-26 21:14 - 2015-04-07 01:01 - 0000385 _____ () C:\Users\Ismael\AppData\Roaming\ILMHVSL
2014-04-10 16:48 - 2014-04-10 16:49 - 0000871 _____ () C:\Users\Ismael\AppData\Roaming\LiveSupport.exe_log.txt
2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\Ismael\AppData\Roaming\NELMC
2014-04-26 11:33 - 2014-04-26 11:33 - 0138056 _____ () C:\Users\Ismael\AppData\Roaming\PnkBstrK.sys
2014-04-10 16:48 - 2014-04-10 17:09 - 0000086 _____ () C:\Users\Ismael\AppData\Roaming\regsvr32.exe_log.txt
2010-10-22 10:14 - 2010-10-22 10:14 - 0000870 _____ () C:\Users\Ismael\AppData\Roaming\smallwindows.cfg
2014-02-01 00:45 - 2014-02-01 00:45 - 0018685 _____ () C:\Users\Ismael\AppData\Roaming\UserTile.png
2014-04-22 17:34 - 2015-01-29 18:42 - 0000096 _____ () C:\Users\Ismael\AppData\Roaming\version2.xml
2014-02-04 21:22 - 2014-09-20 23:21 - 0000112 _____ () C:\Users\Ismael\AppData\Roaming\WB.CFG
2015-11-15 16:04 - 2015-11-15 16:04 - 0157896 _____ () C:\Users\Ismael\AppData\Local\ars.cache
2015-11-15 16:04 - 2015-11-15 16:04 - 0303377 _____ () C:\Users\Ismael\AppData\Local\census.cache
2015-11-15 15:26 - 2015-11-15 15:26 - 0000036 _____ () C:\Users\Ismael\AppData\Local\housecall.guid.cache
2015-04-05 01:20 - 2015-04-05 01:20 - 0628688 _____ (CMI Limited) C:\Users\Ismael\AppData\Local\nsfDEB6.tmp
2015-04-05 00:26 - 2015-04-05 00:26 - 0613255 _____ (CMI Limited) C:\Users\Ismael\AppData\Local\nsq2064.tmp
2014-01-12 18:56 - 2014-01-12 18:56 - 0000600 _____ () C:\Users\Ismael\AppData\Local\PUTTY.RND
2014-01-29 12:18 - 2014-01-29 12:18 - 0000218 _____ () C:\Users\Ismael\AppData\Local\recently-used.xbel
2013-08-17 14:34 - 2016-01-22 16:59 - 0007628 _____ () C:\Users\Ismael\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-03-20 19:18
==================== Fin de FRST.txt ============================