Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015 Exécuté par Utilisateur (administrateur) sur UTILISATEUR-HP (03-09-2015 20:12:16) Exécuté depuis C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HGKT74YK Profils chargés: Utilisateur (Profils disponibles: Utilisateur) Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: IE) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard) C:\Windows\System32\hpservice.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe () C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (Orange) C:\Program Files (x86)\Orange\ma Livebox\maLivebox.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe () C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (France Telecom SA) C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Orange) C:\Program Files (x86)\Orange\ma Livebox\dist\ST2.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe () C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-09] (IDT, Inc.) HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] () HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2012-11-28] (Synaptics Incorporated) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-16] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-06-02] (EasyBits Software AS) HKLM-x32\...\Run: [DATAMNGR] => C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [tuto4pc_fr_59] => [X] HKLM-x32\...\Run: [Allin1Convert_8h Browser Plugin Loader 64] => C:\PROGRA~2\ALLIN1~2\bar\2.bin\8hbrmon64.exe HKLM-x32\...\Run: [BrowserSafeguard] => "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" HKLM-x32\...\Run: [Internet Speed Tracker AppIntegrator 32-bit] => C:\PROGRA~2\INTERN~3\bar\1.bin\AppIntegrator.exe HKLM-x32\...\Run: [Internet Speed Tracker AppIntegrator 64-bit] => C:\PROGRA~2\INTERN~3\bar\1.bin\AppIntegrator64.exe HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-1273721838-351419648-928497889-1000\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] () HKU\S-1-5-21-1273721838-351419648-928497889-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company) HKU\S-1-5-21-1273721838-351419648-928497889-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-1273721838-351419648-928497889-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation) HKU\S-1-5-21-1273721838-351419648-928497889-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom) HKU\S-1-5-21-1273721838-351419648-928497889-1000\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [476760 2015-01-19] () HKU\S-1-5-21-1273721838-351419648-928497889-1000\...\Run: [OrangeInside] => C:\Users\Utilisateur\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1557064 2015-02-18] (Orange) HKU\S-1-5-21-1273721838-351419648-928497889-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll => Pas de fichier Lsa: [Notification Packages] DPPassFilter scecli ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-30] (EasyBits Software Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-12-06] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyEnable: [.DEFAULT] => Proxy est activé. ProxyServer: [.DEFAULT] => http=127.0.0.1:51220;https=127.0.0.1:51220 Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{A9FD4B53-4045-4CD1-8D19-2004D9C6E910}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.awesomehp.com/?type=hp&ts=1392502839&from=adks&uid=TOSHIBAXMK6476GSX_Z15CC40FTXXZ15CC40FT HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:newtab HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392502839&from=adks&uid=TOSHIBAXMK6476GSX_Z15CC40FTXXZ15CC40FT&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=77302&tid=18195&ver=5.7&ts=1400796000000.000000&tguid=77302-18195-1400798788544-254FF6F7E34D5BE04747E6CC515C296F&st=chrome&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1392502839&from=adks&uid=TOSHIBAXMK6476GSX_Z15CC40FTXXZ15CC40FT HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1392502839&from=adks&uid=TOSHIBAXMK6476GSX_Z15CC40FTXXZ15CC40FT HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392502839&from=adks&uid=TOSHIBAXMK6476GSX_Z15CC40FTXXZ15CC40FT&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=77302&tid=18195&ver=5.7&ts=1400796000000.000000&tguid=77302-18195-1400798788544-254FF6F7E34D5BE04747E6CC515C296F&st=chrome&q= HKU\S-1-5-21-1273721838-351419648-928497889-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_home_ie HKU\S-1-5-21-1273721838-351419648-928497889-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1392502839&from=adks&uid=TOSHIBAXMK6476GSX_Z15CC40FTXXZ15CC40FT HKU\S-1-5-21-1273721838-351419648-928497889-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=77302&tid=18195&ver=5.7&ts=1400796000000.000000&tguid=77302-18195-1400798788544-254FF6F7E34D5BE04747E6CC515C296F&st=chrome&q= HKU\S-1-5-21-1273721838-351419648-928497889-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=77302&tid=18195&ver=5.7&ts=1400796000000.000000&tguid=77302-18195-1400798788544-254FF6F7E34D5BE04747E6CC515C296F&st=chrome&q= HKU\S-1-5-21-1273721838-351419648-928497889-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=77302&tid=18195&ver=5.7&ts=1400796000000.000000&tguid=77302-18195-1400798788544-254FF6F7E34D5BE04747E6CC515C296F&st=chrome&q= URLSearchHook: HKLM-x32 -> Par défaut = {FE69C007-C452-4d3e-86D2-1730DF8BC871} URLSearchHook: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll Pas de fichier SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392502839&from=adks&uid=TOSHIBAXMK6476GSX_Z15CC40FTXXZ15CC40FT&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392502839&from=adks&uid=TOSHIBAXMK6476GSX_Z15CC40FTXXZ15CC40FT&q={searchTerms} SearchScopes: HKLM -> {4F4AB892-E87A-CEB0-932D-7CE624681522} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms} SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_29_ch&cd=2XzuyEtN2Y1L1Qzu0EtDtB0AzztB0AtBtDyByCyEyC0CyBzytN0D0Tzu0SzytAtDtN1L2XzutBtFtBtCtFtCyEtFyEtN1L1CzutCyEtBzytDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StCtA0C0D0Bzz0AtAtG0A0E0AzytG0A0C0E0BtGyBtD0FtCtGyDtD0DyCyE0ByBzzyByD0C0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDtCzz0EtBtA0DtG0AzztAtDtGzyyC0EzztG0E0FyBtAtGyC0A0B0F0C0E0EtAtB0FtBtC2Q&cr=415204673&ir= SearchScopes: HKLM -> {841489FA-037B-4932-8C11-28C96B292E6C} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0EtDtB0AzztB0AtBtDyByCyEyC0CyBzytN0D0Tzu0CyDtDyEtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1T1L1C1H1B1Q&cr=1663370216&ir= SearchScopes: HKLM -> {CA2BB27A-1FED-4E76-958F-8919829085E5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {CAC5B3BD-E47D-4372-A4ED-BABE9A907F2C} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392502839&from=adks&uid=TOSHIBAXMK6476GSX_Z15CC40FTXXZ15CC40FT&q={searchTerms} SearchScopes: HKLM-x32 -> {67CDCC4F-15C4-2998-1221-32AFE4D61444} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms} SearchScopes: HKLM-x32 -> {841489FA-037B-4932-8C11-28C96B292E6C} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0EtDtB0AzztB0AtBtDyByCyEyC0CyBzytN0D0Tzu0CyDtDyEtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1T1L1C1H1B1Q&cr=1663370216&ir= SearchScopes: HKLM-x32 -> {a0892e19-6051-4ae6-9a5f-91542a166b2b} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^BBQ^xdm006^YYA^fr&si=CN7K6qLW0MMCFafLtAodNGYAWA&ptb=61C5F1BB-ABA9-4347-9738-C446C59E3A86&ind=2015020715&n=781ac6ab&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKLM-x32 -> {CA2BB27A-1FED-4E76-958F-8919829085E5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {CAC5B3BD-E47D-4372-A4ED-BABE9A907F2C} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> DefaultScope {814C76CB-2623-43F4-AAD0-58A0E5190A20} URL = hxxp://r.orange.fr/r/Omoteur_home?ref=O_OI_hook_openSearchIE&module=orange&bhv=web_fr&kw={searchTerms} SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://r.orange.fr/r?ref=O_OI_hook_openSearchIE&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata={searchTerms} SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D042515-A510D0E105D5B4CC49CF&form=CONBDF&conlogo=CT3330941&q={searchTerms} SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=38F1E02A82A20764&affID=119357&tsp=4994 SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392502839&from=adks&uid=TOSHIBAXMK6476GSX_Z15CC40FTXXZ15CC40FT&q={searchTerms} SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {4F4AB892-E87A-CEB0-932D-7CE624681522} URL = hxxp://r.orange.fr/r?ref=O_OI_hook_openSearchIE&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata={searchTerms} SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_29_ch&cd=2XzuyEtN2Y1L1Qzu0EtDtB0AzztB0AtBtDyByCyEyC0CyBzytN0D0Tzu0SzytAtDtN1L2XzutBtFtBtCtFtCyEtFyEtN1L1CzutCyEtBzytDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StCtA0C0D0Bzz0AtAtG0A0E0AzytG0A0C0E0BtGyBtD0FtCtGyDtD0DyCyE0ByBzzyByD0C0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDtCzz0EtBtA0DtG0AzztAtDtGzyyC0EzztG0E0FyBtAtGyC0A0B0F0C0E0EtAtB0FtBtC2Q&cr=415204673&ir= SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {814C76CB-2623-43F4-AAD0-58A0E5190A20} URL = hxxp://r.orange.fr/r/Omoteur_home?ref=O_OI_hook_openSearchIE&module=orange&bhv=web_fr&kw={searchTerms} SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {841489FA-037B-4932-8C11-28C96B292E6C} URL = hxxp://fr.search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20120309,17135,0,18,0 SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms} SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms} SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {a0892e19-6051-4ae6-9a5f-91542a166b2b} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^BBQ^xdm006^YYA^fr&si=CN7K6qLW0MMCFafLtAodNGYAWA&ptb=61C5F1BB-ABA9-4347-9738-C446C59E3A86&ind=2015020715&n=781ac6ab&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_fr_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-fr-ie-21&tbrId=v1_abb-channel-7_897e4954a1d34ed0bc6af4c8a86ba146_30_46_20131104_FR_ie_ds_IS0&query={searchTerms} SearchScopes: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> {CAC5B3BD-E47D-4372-A4ED-BABE9A907F2C} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} BHO: HQ-Video-Pro-1.6 -> {11111111-1111-1111-1111-110511291124} -> C:\Program Files (x86)\HQ-Video-Pro-1.6\HQ-Video-Pro-1.6-bho64.dll [2014-05-23] (HQ-Video) BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO) BHO: Pas de nom -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Pas de fichier BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL Pas de fichier BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Pas de fichier BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Pas de nom -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> Pas de fichier BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24] (pdfforge GmbH) BHO-x32: HQ-Video-Pro-1.6 -> {11111111-1111-1111-1111-110511291124} -> C:\Program Files (x86)\HQ-Video-Pro-1.6\HQ-Video-Pro-1.6-bho.dll [2014-05-23] (HQ-Video) BHO-x32: ToolbarOrange.InitToolbarBHO -> {1d970ed5-3eda-438d-bffd-715931e2775b} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO) BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH) BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll Pas de fichier BHO-x32: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL Pas de fichier BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31] (Oracle Corporation) BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) BHO-x32: mysearchdial Helper Object -> {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} -> C:\Program Files (x86)\Mysearchdial\bh\mysearchdial.dll [2013-05-19] (Ironsource Israel (2011) LTD) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.) Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll Pas de fichier Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\mysearchdialTlbr.dll [2013-05-19] (Ironsource Israel (2011) LTD) Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH) Toolbar: HKLM-x32 - Barre d'outils Orange - {c9a6357b-25cc-4bcf-96c1-78736985d412} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation) Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24] (pdfforge GmbH) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.) Toolbar: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier Toolbar: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> Pas de nom - {EF468E5B-5B30-4136-A833-7F2E3A31AFDF} - Pas de fichier Toolbar: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> Pas de nom - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - Pas de fichier Toolbar: HKU\S-1-5-21-1273721838-351419648-928497889-1000 -> Pas de nom - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - Pas de fichier FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2010-05-05] (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-31] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-31] (Oracle Corporation) FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-09] () FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-09] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH) FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-24] (pdfforge GmbH) FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2013-05-29] FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF Extension: Speed Analysis 2 - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com [2013-08-11] FF HKLM-x32\...\Firefox\Extensions: [7go@7go.com] - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Extensions\7go@7go.com FF Extension: 7Go Games - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Extensions\7go@7go.com [2013-08-11] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-07-13] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-07-13] FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-07-13] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-12-26] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-06-13] FF HKU\S-1-5-21-1273721838-351419648-928497889-1000\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF HKU\S-1-5-21-1273721838-351419648-928497889-1000\...\Firefox\Extensions: [7go@7go.com] - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Extensions\7go@7go.com FF HKU\S-1-5-21-1273721838-351419648-928497889-1000\...\Firefox\Extensions: [lyrics@lyricsplus.net] - C:\Program Files (x86)\LyricsPlus\128.xpi Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3319734&octid=EB_ORIGINAL_CTID&ISID=ME67F3BE9-AA25-483A-A56A-B0A0165474D0&SearchSource=55&CUI=&UM=5&UP=SP71E87321-FDDF-497A-9C90-C709FBF9385F&SSPV=" CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Extended Protection) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-02-16] CHR Extension: (Kaspersky Protection) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-07-18] CHR Extension: (Fpro_1.2) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgpbjjcdccinnndjdgmegndbmhbgglb [2014-05-17] CHR Extension: (Blazer Deals) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbnlgebpgjoiedgfdhgggnnflkhnkfh [2015-08-12] CHR Extension: (7Go) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjajpkikblccgefaibcafkfbanllpefi [2013-08-11] CHR Extension: (Bookmark Manager) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-14] CHR Extension: (HQ-Video-Pro-1.6) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgheonmabinoadcfoneehgpdflbdcjpk [2014-05-23] CHR Extension: (Portail Orange) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafdhbipfdlldljdanpnlipdinjcjjid [2015-06-03] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-08] CHR Extension: (Menu contextuel Orange) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkdglgjjpicgkbfdflchobhdiblbjgf [2015-06-03] CHR Extension: (Google Wallet) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15] CHR Extension: (uTorrentBar_FR) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib [2013-07-25] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\UTILIS~1\AppData\Local\mysearchdial.crx [2013-05-19] CHR HKU\S-1-5-21-1273721838-351419648-928497889-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [paoponfhfdfnjgddpnpjkambkcgdaaib] - C:\Users\Utilisateur\AppData\Local\CRE\paoponfhfdfnjgddpnpjkambkcgdaaib.crx [2012-04-17] CHR HKU\S-1-5-21-1273721838-351419648-928497889-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\UTILIS~1\AppData\Local\mysearchdial.crx [2013-05-19] CHR HKLM-x32\...\Chrome\Extension: [cpbfnlppfjpopepenccdnpbeajakkcip] - C:\Program Files (x86)\LyricsPlus\128.crx CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM-x32\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\Utilisateur\AppData\Roaming\7go\7go.crx [2013-07-30] CHR HKLM-x32\...\Chrome\Extension: [hidjnkeodmholilgafgdlgmgggbhnigl] - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\similarsites.crx [2012-05-14] CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx CHR HKLM-x32\...\Chrome\Extension: [paoponfhfdfnjgddpnpjkambkcgdaaib] - C:\Users\Utilisateur\AppData\Local\CRE\paoponfhfdfnjgddpnpjkambkcgdaaib.crx [2012-04-17] CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\UTILIS~1\AppData\Local\mysearchdial.crx [2013-05-19] CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-02-16] Opera: ======= OPR Extension: (HQ-Video-Pro-1.6) - C:\Users\Utilisateur\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgheonmabinoadcfoneehgpdflbdcjpk [2014-12-26] ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO) R2 Dedicarz Service; C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe [1970544 2014-09-15] () [Fichier non signé] R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Fichier non signé] R2 FTRTSVC; C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [69632 2010-03-03] (France Telecom SA) [Fichier non signé] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [Fichier non signé] S2 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [730648 2015-06-08] (Orange SA) S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH) R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH) S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH) S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH) R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 Update ConstaSurf; "C:\Program Files (x86)\ConstaSurf\updateConstaSurf.exe" [X] S2 Update Jump Flip; "C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe" [X] ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 FNETTHJM_152D; C:\Windows\SysWOW64\drivers\fnetthjm_152D.sys [24448 2012-11-11] (FNet Co., Ltd.) [Fichier non signé] R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-10-09] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-10-09] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R1 {0782648b-1717-4fef-ac58-8cb3ce03adb3}w64; C:\Windows\System32\drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}w64.sys [61120 2014-05-22] (StdLib) S1 ccnfd_1_10_0_2; system32\drivers\ccnfd_1_10_0_2.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2015-09-03 20:11 - 2015-09-03 20:12 - 00000000 ____D C:\FRST 2015-08-31 19:06 - 2015-08-31 19:06 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Sun 2015-08-31 19:06 - 2015-08-31 19:06 - 00000000 ____D C:\Users\Utilisateur\.oracle_jre_usage 2015-08-31 18:28 - 2015-09-03 18:35 - 00002988 _____ C:\Windows\System32\Tasks\maLivebox 2015-08-29 23:06 - 2015-08-29 23:06 - 00302888 _____ C:\Windows\Minidump\082915-32510-01.dmp 2015-08-23 12:45 - 2015-08-23 12:45 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\PDFCreator 2015-08-22 00:30 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-08-22 00:30 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-08-22 00:30 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-08-22 00:30 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-08-15 10:08 - 2015-08-15 10:08 - 00003179 _____ C:\Users\Utilisateur\Desktop\Mors aux dents.lnk 2015-08-13 02:05 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-13 02:05 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 20:12 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-08-12 20:12 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-08-12 20:12 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-08-12 20:12 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-08-12 20:12 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-08-12 20:12 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-08-12 20:12 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-08-12 20:12 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2015-08-12 20:12 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-08-12 20:12 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-08-12 20:12 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-08-12 20:12 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-08-12 20:12 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-08-12 20:12 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-08-12 20:12 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-08-12 20:12 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-08-12 20:12 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-08-12 20:12 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-08-12 20:12 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-12 20:12 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-12 20:12 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-12 20:12 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-12 20:12 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-12 20:12 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-12 20:12 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-08-12 20:12 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-08-12 20:12 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-12 20:12 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-08-12 20:12 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-08-12 20:12 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-12 20:12 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-12 20:12 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-12 20:12 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-12 20:12 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-08-12 20:12 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-08-12 20:12 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-08-12 20:12 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-08-12 20:12 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-08-12 20:12 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-08-12 20:12 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-08-12 20:12 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-08-12 20:12 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-08-12 20:12 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-08-12 20:12 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-08-12 20:12 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-08-12 20:12 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-08-12 20:12 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-08-12 20:12 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-08-12 20:12 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-08-12 20:12 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-08-12 20:12 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-08-12 20:12 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-08-12 20:12 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-08-12 20:12 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-08-12 20:12 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-08-12 20:12 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-08-12 20:12 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-08-12 20:12 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-08-12 20:12 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-08-12 20:12 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-08-12 20:12 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-08-12 20:12 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-08-12 20:12 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-08-12 20:12 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-08-12 20:12 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-08-12 20:12 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-08-12 20:12 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-08-12 20:12 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-08-12 20:12 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-08-12 20:12 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-08-12 20:12 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-08-12 20:12 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-08-12 20:12 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-08-12 20:12 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-08-12 20:12 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-08-12 20:12 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-08-12 20:12 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-08-12 20:12 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-08-12 20:12 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-08-12 20:12 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-08-12 20:12 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-08-12 20:12 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-08-12 20:12 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-08-12 20:12 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-08-12 20:12 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-08-12 20:12 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-08-12 20:12 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-08-12 20:12 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-08-12 20:12 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-08-12 20:12 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-08-12 20:12 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-08-12 20:12 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-08-12 20:11 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-12 20:11 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-12 20:11 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-12 20:11 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-12 20:11 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-12 20:11 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-08-12 20:11 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-12 20:11 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-12 20:11 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-08-12 20:11 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-08-12 20:11 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-08-12 20:11 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-08-12 20:11 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-08-12 20:11 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-08-12 20:11 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-08-12 20:11 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-08-12 20:11 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-08-12 20:11 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-08-12 20:11 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-08-12 20:11 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-08-12 20:11 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-08-12 20:11 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-08-12 20:11 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-08-12 20:11 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-08-12 20:11 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-08-12 20:11 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-08-12 20:11 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-08-12 20:11 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-08-12 20:11 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-08-12 20:11 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-08-12 20:11 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-08-12 20:11 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-08-12 20:11 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-08-12 20:11 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-08-12 20:11 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-08-12 20:11 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-08-12 20:11 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-08-12 20:11 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-08-12 20:11 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-08-12 20:11 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-08-12 20:11 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-08-12 20:11 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-08-12 20:11 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-08-12 20:11 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-08-12 20:11 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-08-12 20:11 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-08-12 20:11 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-08-12 20:11 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-08-12 20:11 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-08-12 20:11 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-08-12 20:11 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-08-12 20:11 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-08-12 20:11 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-08-12 20:11 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-08-12 20:11 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-08-12 20:11 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-08-12 20:11 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-08-12 20:11 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-08-12 20:11 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-08-12 20:11 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-08-12 20:11 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-08-12 20:11 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-08-12 20:11 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-08-12 20:05 - 2015-07-16 21:12 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-08-12 20:05 - 2015-07-16 21:12 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-08-12 20:05 - 2015-07-16 21:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2015-08-12 20:05 - 2015-07-16 21:11 - 05779456 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-08-12 20:05 - 2015-07-16 21:11 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2015-08-12 20:05 - 2015-07-16 21:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2015-08-12 20:05 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-08-12 20:05 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-08-12 20:05 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-08-12 20:05 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-08-12 20:05 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2015-08-12 19:10 - 2015-09-03 19:10 - 00000366 _____ C:\Windows\Tasks\ChemBuddy.job 2015-08-12 19:10 - 2015-08-12 19:23 - 00000000 ____D C:\ProgramData\{c0b040c4-f89c-43ce-c0b0-040c4f890313} 2015-08-09 19:10 - 2015-09-03 19:10 - 00000366 _____ C:\Windows\Tasks\CandyBrowser.job 2015-08-09 19:10 - 2015-08-09 19:14 - 00000000 ____D C:\ProgramData\{205a0904-b580-bc47-205a-a0904b582412} 2015-08-09 13:10 - 2015-08-09 13:11 - 00000000 ____D C:\ProgramData\{b00a2d39-07c6-d050-b00a-a2d3907cb4e4} 2015-08-09 13:10 - 2015-08-09 13:10 - 00000366 _____ C:\Windows\Tasks\DataVolley.job ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2015-09-03 20:08 - 2012-02-15 03:13 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-09-03 19:59 - 2014-12-11 20:02 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-03 19:59 - 2012-03-03 20:59 - 00000422 _____ C:\Windows\Tasks\Final Media Player Update Checker.job 2015-09-03 19:52 - 2014-05-23 00:47 - 00001350 _____ C:\Windows\Tasks\6b8fe38f-05e9-47ba-9bdc-22e87d0c6fbe-7.job 2015-09-03 19:45 - 2012-03-10 20:28 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-03 19:34 - 2014-07-18 21:41 - 00000310 _____ C:\Windows\Tasks\Rocket Updater.job 2015-09-03 19:26 - 2010-12-06 02:16 - 02077019 _____ C:\Windows\WindowsUpdate.log 2015-09-03 19:22 - 2012-11-10 10:27 - 00000579 _____ C:\Users\Utilisateur\Desktop\Portail Orange.website 2015-09-03 19:10 - 2015-07-20 19:10 - 00000352 _____ C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job 2015-09-03 19:03 - 2009-07-14 06:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-03 19:03 - 2009-07-14 06:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-03 18:48 - 2014-05-23 00:48 - 00001482 _____ C:\Windows\Tasks\6b8fe38f-05e9-47ba-9bdc-22e87d0c6fbe-5.job 2015-09-03 18:48 - 2014-05-23 00:48 - 00001404 _____ C:\Windows\Tasks\6b8fe38f-05e9-47ba-9bdc-22e87d0c6fbe-1.job 2015-09-03 18:47 - 2014-05-23 00:47 - 00003134 _____ C:\Windows\Tasks\6b8fe38f-05e9-47ba-9bdc-22e87d0c6fbe-3.job 2015-09-03 18:47 - 2014-05-23 00:47 - 00002426 _____ C:\Windows\Tasks\6b8fe38f-05e9-47ba-9bdc-22e87d0c6fbe-4.job 2015-09-03 18:47 - 2014-05-23 00:47 - 00001412 _____ C:\Windows\Tasks\6b8fe38f-05e9-47ba-9bdc-22e87d0c6fbe-6.job 2015-09-03 18:47 - 2012-01-31 13:05 - 00238209 _____ C:\Windows\setupact.log 2015-09-03 18:33 - 2013-03-10 01:00 - 00000428 ____H C:\Windows\Tasks\schedule!3036567561.job 2015-09-03 18:33 - 2012-03-10 20:28 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-03 18:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-03 00:04 - 2012-08-29 16:56 - 00477696 _____ C:\Users\Utilisateur\Desktop\Films DVD.xls 2015-09-02 19:13 - 2012-03-10 19:52 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\CUSTPDF Writer 2015-09-02 18:42 - 2011-03-08 10:53 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log 2015-08-31 19:07 - 2013-10-16 21:44 - 00000000 ____D C:\ProgramData\Oracle 2015-08-31 19:07 - 2012-01-31 14:28 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-31 19:06 - 2013-10-16 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-31 19:06 - 2011-03-08 09:14 - 00000000 ____D C:\Users\Utilisateur 2015-08-31 19:05 - 2014-01-15 13:43 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-08-31 18:26 - 2010-12-06 02:23 - 00674348 _____ C:\Windows\PFRO.log 2015-08-30 21:31 - 2012-02-06 21:13 - 00000000 ____D C:\Users\Utilisateur\Documents\Films 2015-08-30 15:16 - 2012-03-03 20:59 - 00000000 ____D C:\Program Files (x86)\File Type Assistant 2015-08-30 10:40 - 2012-02-06 21:08 - 00000000 ____D C:\Users\Utilisateur\Documents\Antivirus 2015-08-29 23:06 - 2012-06-24 21:29 - 500002727 _____ C:\Windows\MEMORY.DMP 2015-08-29 23:06 - 2012-06-24 21:29 - 00000000 ____D C:\Windows\Minidump 2015-08-29 16:25 - 2012-02-18 20:40 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\CrashDumps 2015-08-29 11:30 - 2015-01-03 12:44 - 00046080 _____ C:\Users\Utilisateur\Desktop\Prédications 2015.xls 2015-08-29 09:06 - 2010-07-31 00:51 - 00747940 _____ C:\Windows\system32\perfh00C.dat 2015-08-29 09:06 - 2010-07-31 00:51 - 00150432 _____ C:\Windows\system32\perfc00C.dat 2015-08-29 09:06 - 2009-07-14 07:13 - 01669784 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-28 16:40 - 2012-03-10 20:28 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-28 16:40 - 2012-03-10 20:28 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-26 23:13 - 2012-08-11 19:13 - 00000000 ____D C:\Users\Utilisateur\Desktop\Calculs 2015-08-22 16:19 - 2012-02-11 15:44 - 00000000 ____D C:\Users\Utilisateur\Desktop\Prédications 2015-08-21 20:06 - 2014-07-29 15:09 - 00003222 _____ C:\Windows\System32\Tasks\HPCeeScheduleForUtilisateur 2015-08-21 20:06 - 2014-07-29 15:09 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForUtilisateur.job 2015-08-17 09:10 - 2015-06-26 09:50 - 00000000 ____D C:\Users\Utilisateur\Desktop\Clé USB 8GB 2015-08-15 10:08 - 2012-02-06 21:14 - 00000000 ____D C:\Users\Utilisateur\Documents\Stéphane 2015-08-13 22:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-08-13 12:37 - 2012-02-11 15:40 - 00000000 ____D C:\Users\Utilisateur\Documents\Chantal 2015-08-13 12:36 - 2012-02-11 15:38 - 00000000 ____D C:\Users\Utilisateur\Desktop\Chantal 2015-08-13 12:05 - 2009-07-14 06:45 - 00416936 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-13 12:02 - 2014-12-10 04:27 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-13 12:02 - 2014-05-06 13:07 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-13 01:56 - 2013-08-15 10:25 - 00000000 ____D C:\Windows\system32\MRT 2015-08-13 01:46 - 2011-03-08 10:03 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-12 19:03 - 2014-12-11 20:02 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-12 19:03 - 2014-12-11 20:02 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-12 19:03 - 2014-12-11 20:02 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-08-09 14:35 - 2015-07-20 19:19 - 00000000 ____D C:\ProgramData\c259d600000d36 ==================== Fichiers à la racine de certains dossiers ======= 2014-05-17 09:45 - 2014-05-16 21:15 - 18133768 _____ (Adobe Systems Inc.) C:\Program Files\AdobeAIRSetup.exe 2014-05-22 23:14 - 2014-05-22 23:16 - 0001242 _____ () C:\Users\Utilisateur\AppData\Roaming\Bubble Dock.boostrap.log 2014-05-22 23:15 - 2014-05-22 23:16 - 0013189 _____ () C:\Users\Utilisateur\AppData\Roaming\Bubble Dock.installation.log 2013-08-11 16:46 - 2013-08-11 16:45 - 0030894 _____ () C:\Users\Utilisateur\AppData\Roaming\speedanalysis.ico 2013-02-06 00:46 - 2013-02-06 00:46 - 0000043 _____ () C:\Users\Utilisateur\AppData\Roaming\stats.txt 2013-09-23 00:47 - 2015-07-10 19:34 - 0000287 _____ () C:\Users\Utilisateur\AppData\Roaming\WB.CFG 2013-04-23 01:25 - 2013-04-23 01:29 - 0005632 _____ () C:\Users\Utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-05-19 01:47 - 2013-05-19 01:46 - 0572439 _____ () C:\Users\Utilisateur\AppData\Local\mysearchdial.crx 2012-02-15 03:15 - 2012-02-15 03:15 - 0017408 _____ () C:\Users\Utilisateur\AppData\Local\WebpageIcons.db 2012-03-04 20:49 - 2012-03-04 20:49 - 0004910 _____ () C:\ProgramData\qjaxlkio.dss 2010-12-06 02:40 - 2010-12-06 02:40 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log 2010-07-30 17:38 - 2010-07-30 17:39 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2010-12-06 02:40 - 2010-12-06 02:40 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log 2010-07-30 17:33 - 2010-07-30 17:34 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2010-12-06 02:39 - 2010-12-06 02:39 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log 2010-12-06 02:40 - 2010-12-06 02:40 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log 2010-07-30 17:33 - 2010-07-30 17:33 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2010-07-30 17:34 - 2010-07-30 17:38 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2010-12-06 02:40 - 2010-12-06 02:40 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log Fichiers à déplacer ou supprimer: ==================== C:\ProgramData\qjaxlkio.dss C:\Users\Public\AlexaNSISPlugin.3708.dll C:\Users\Utilisateur\ADKS_AWESOMEHP.EXE C:\Users\Utilisateur\VOPACKAGE.EXE Certains fichiers dans TEMP: ==================== C:\Users\Utilisateur\AppData\Local\Temp\AdobeAIRUpdateSetup.exe C:\Users\Utilisateur\AppData\Local\Temp\AdobeFlashPlayerActiveXUpdateSetup.exe C:\Users\Utilisateur\AppData\Local\Temp\CloudBackup5064.exe C:\Users\Utilisateur\AppData\Local\Temp\DRHelper_installFinish.exe C:\Users\Utilisateur\AppData\Local\Temp\DRHelper_installStart.exe C:\Users\Utilisateur\AppData\Local\Temp\DRHelper_uninstallComplete.exe C:\Users\Utilisateur\AppData\Local\Temp\GoogleChromeUpdateSetup.exe C:\Users\Utilisateur\AppData\Local\Temp\GoogleEarthUpdateSetup.exe C:\Users\Utilisateur\AppData\Local\Temp\JavaPlatformSEUpdateSetup.exe C:\Users\Utilisateur\AppData\Local\Temp\jre-8u45-windows-au.exe C:\Users\Utilisateur\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Utilisateur\AppData\Local\Temp\optprosetup.exe C:\Users\Utilisateur\AppData\Local\Temp\PDFCreatorUpdateSetup.exe C:\Users\Utilisateur\AppData\Local\Temp\SpOrder.dll C:\Users\Utilisateur\AppData\Local\Temp\Tsu5799AC1D.dll C:\Users\Utilisateur\AppData\Local\Temp\VLCmediaplayerUpdateSetup.exe C:\Users\Utilisateur\AppData\Local\Temp\{AD263DAA-7DEA-4171-8F1F-37F9802AC9C1}.dll ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2015-09-01 18:58 ==================== Fin de FRST.txt ============================