OTL.Txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 30/09/2015 22:28:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jocelyne\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18015)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 36,17% Memory free
8,00 Gb Paging File | 5,27 Gb Available in Paging File | 65,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918,77 Gb Total Space | 658,27 Gb Free Space | 71,65% Space Free | Partition Type: NTFS
Drive D: | 12,64 Gb Total Space | 1,71 Gb Free Space | 13,55% Space Free | Partition Type: NTFS

Computer Name: JOCELYNE-PC | User Name: jocelyne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/09/30 22:23:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jocelyne\Downloads\OTL.exe
PRC - [2015/09/26 10:32:21 | 000,336,896 | ---- | M] (BitTorrent Inc.) -- C:\Users\jocelyne\AppData\Roaming\uTorrent\updates\3.4.5_41162\utorrentie.exe
PRC - [2015/09/26 10:18:53 | 001,821,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\jocelyne\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2015/09/24 04:34:44 | 000,815,944 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/09/23 11:35:32 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
PRC - [2015/09/20 14:55:18 | 000,609,504 | ---- | M] () -- C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe
PRC - [2015/09/17 17:35:19 | 001,203,424 | ---- | M] () -- C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe
PRC - [2015/09/11 19:03:33 | 006,111,824 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015/09/11 19:03:03 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/06/27 00:55:46 | 001,861,640 | ---- | M] (DivX, LLC) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2015/04/10 17:33:06 | 001,469,440 | ---- | M] (Orange-France) -- C:\Users\jocelyne\AppData\Local\Le Cloud Orange\omclient.exe
PRC - [2015/04/07 21:34:52 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\jocelyne\AppData\Local\Microsoft\BingSvc\BingSvc.exe
PRC - [2014/09/15 11:01:40 | 001,970,544 | ---- | M] () -- C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe
PRC - [2014/01/07 10:24:30 | 007,215,616 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe
PRC - [2012/02/21 16:04:11 | 000,296,232 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012/02/21 16:04:09 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012/02/21 16:04:07 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012/02/21 15:19:12 | 000,371,256 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Cyberlink\PowerDVD12\PowerDVD12Agent.exe
PRC - [2012/01/31 10:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2009/10/22 19:50:40 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/02/10 17:54:02 | 000,485,376 | ---- | M] (Micro Application) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe
PRC - [2008/11/20 11:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2007/03/06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/09/24 04:34:43 | 016,487,752 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll
MOD - [2015/09/24 04:34:41 | 001,501,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
MOD - [2015/09/24 04:34:40 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
MOD - [2015/09/11 19:03:05 | 000,102,864 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015/09/11 19:03:05 | 000,102,864 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\log.dll
MOD - [2015/09/11 19:03:04 | 000,123,976 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015/09/11 19:03:04 | 000,123,976 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\JsonRpcServer.dll
MOD - [2015/09/10 04:30:52 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96d744857eeaf0f2445213d08032e5cc\PresentationFramework.ni.dll
MOD - [2015/09/10 04:30:39 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09e9b52418dba5729ace249cf0487675\System.Windows.Forms.ni.dll
MOD - [2015/09/10 04:30:33 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\82ecf48db57ddf66f74fca17b0f99453\System.Drawing.ni.dll
MOD - [2015/09/10 04:30:29 | 012,255,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9c4c2749b3cc38c602b59ee4fd68a8b4\PresentationCore.ni.dll
MOD - [2015/09/10 03:59:36 | 001,639,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\fe41e3eae34ac29f3c1f03a03d8aa1af\System.Drawing.ni.dll
MOD - [2015/09/10 03:21:59 | 000,237,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\bc851ce73d2f70602433eb58d91e266e\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2015/08/13 08:43:14 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3d4521ea040737939f831af5a10cd6ad\PresentationFramework.Aero.ni.dll
MOD - [2015/08/13 08:42:41 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\a6265e4a24c4f8361d84fc84f10e9736\WindowsBase.ni.dll
MOD - [2015/06/23 15:05:32 | 001,954,240 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\js32.dll
MOD - [2015/06/19 11:36:40 | 002,550,728 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\vsvector170.bpl
MOD - [2015/06/19 11:36:40 | 000,096,200 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\vspropsaver170.bpl
MOD - [2015/06/19 11:36:40 | 000,031,688 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\vstrees170.bpl
MOD - [2015/06/19 11:36:38 | 000,072,648 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\vsprinters170.bpl
MOD - [2015/06/19 11:36:38 | 000,070,600 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\vspdfprinter170.bpl
MOD - [2015/06/19 11:36:36 | 005,170,632 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\vspdfcore170.bpl
MOD - [2015/06/19 11:36:36 | 000,579,016 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\vspdfeditor170.bpl
MOD - [2015/06/19 11:36:30 | 001,206,216 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\TMSlite170.bpl
MOD - [2015/06/19 11:36:18 | 000,084,936 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\expertpdfcore170.bpl
MOD - [2015/06/19 11:36:16 | 002,980,808 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\bblite170.bpl
MOD - [2015/05/14 11:53:34 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2015/05/14 01:13:06 | 000,023,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\487cddd7393a97ec2fc3c1077c165ad0\PresentationFramework-SystemCore.ni.dll
MOD - [2015/05/14 00:59:16 | 018,753,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\dba6e73775e7b823a02925f063bd2983\PresentationFramework.ni.dll
MOD - [2015/05/14 00:59:11 | 007,386,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\b4399d67856eba2bcec6104e356aba77\System.Data.ni.dll
MOD - [2015/05/14 00:59:04 | 011,014,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\f6fee9c78602505e874ec0807e3b1a51\PresentationCore.ni.dll
MOD - [2015/05/14 00:58:55 | 006,982,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\c61bafa9d029e3f2bf83bd5af3f1f5ac\System.Core.ni.dll
MOD - [2015/05/14 00:58:55 | 003,904,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\efd34838fa44da246b78328f4432eac7\WindowsBase.ni.dll
MOD - [2015/05/14 00:58:49 | 000,967,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\908075c4922acdf834c67ac802814c9d\System.Configuration.ni.dll
MOD - [2015/04/16 08:56:05 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0967cf5c31691f38d013263304d2dacb\System.Runtime.Remoting.ni.dll
MOD - [2015/04/13 16:00:22 | 002,631,616 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
MOD - [2015/04/13 15:57:12 | 000,143,296 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
MOD - [2015/03/21 19:45:10 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/02/28 23:07:42 | 010,069,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll
MOD - [2015/02/28 12:22:46 | 000,396,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8092ad8ffb37d779da3984d6e11e7516\System.Xml.Linq.ni.dll
MOD - [2015/02/28 12:19:52 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\94c5cba998f28affea3889fcdf99d66c\UIAutomationProvider.ni.dll
MOD - [2015/02/27 20:56:47 | 001,172,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\a48bd2a02ed1ae2fbb79ef8797f0c5f6\System.Management.ni.dll
MOD - [2015/02/27 20:55:27 | 002,855,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll
MOD - [2015/02/27 20:55:02 | 001,054,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\736256bbeb4557664ef1d22ce2b8cd47\System.ComponentModel.Composition.ni.dll
MOD - [2015/02/27 20:53:03 | 001,873,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\1196cc375887ce75f134047505fe19bf\System.Xaml.ni.dll
MOD - [2015/02/27 20:53:00 | 007,793,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6ee4ffbd9a86ac1e7b01800b6fe9c7\System.Xml.ni.dll
MOD - [2015/02/27 20:52:41 | 000,658,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\ea4b09c3c6f55fc808fae12477465c1b\System.Transactions.ni.dll
MOD - [2015/02/27 20:51:51 | 000,458,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\5e3e26e6c81809aab854ea76a884fde2\PresentationFramework.Aero.ni.dll
MOD - [2015/02/27 20:50:44 | 000,146,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\de2a832558f95db343e443c365bd3575\System.Numerics.ni.dll
MOD - [2015/02/27 20:50:27 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MOD - [2014/10/16 09:41:10 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\99cdfef98595ed91f14936cf52a49c54\System.Management.ni.dll
MOD - [2014/10/16 09:33:40 | 006,638,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\4b335bfaa07fc54f2d72213d33f53e97\System.Data.ni.dll
MOD - [2014/10/16 09:33:05 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/16 09:32:45 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/11 09:02:33 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\61bea915a98d92c2748dc18d5fc594a7\UIAutomationTypes.ni.dll
MOD - [2014/09/11 09:02:05 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/03/21 00:49:19 | 002,952,704 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2014/02/05 17:33:27 | 000,037,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2014/01/07 10:24:30 | 007,215,616 | ---- | M] () -- C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe
MOD - [2012/02/21 15:15:34 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd
MOD - [2011/08/24 04:39:11 | 000,655,360 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Common\Koan\_ssl.pyd
MOD - [2011/08/24 04:39:11 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Common\Koan\_ctypes.pyd
MOD - [2011/08/24 04:39:11 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Common\Koan\_socket.pyd
MOD - [2010/11/13 02:54:34 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/10/22 19:50:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/10/19 18:30:24 | 000,042,280 | ---- | M] () -- C:\Program Files (x86)\Hercules\Deluxe Optical Glass\x86\WebCamKSProxyPlugin.ax
MOD - [2009/09/29 16:25:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/09/29 16:25:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/09/29 16:25:38 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/09/29 16:25:38 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/09/29 16:25:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/09/29 16:25:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/09/29 16:25:28 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/09/29 16:25:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009/06/08 19:58:12 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009/06/08 19:58:12 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/09/11 19:03:03 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2015/08/15 08:04:47 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/07/23 02:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2014/02/06 13:15:50 | 001,069,248 | ---- | M] () [Auto | Stopped] -- C:\Program Files\KMSpico\Service_KMS.exe -- (Service KMSELDI)
SRV:[b]64bit:[/b] - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/09/22 20:43:18 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:[b]64bit:[/b] - [2012/04/24 18:43:49 | 000,390,632 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010/04/14 21:01:44 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeecoms.exe -- (lxee_device)
SRV:[b]64bit:[/b] - [2010/04/14 21:01:37 | 000,045,736 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxeeserv.exe -- (lxeeCATSCustConnectService)
SRV:[b]64bit:[/b] - [2009/12/02 14:18:44 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2015/09/24 07:17:12 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/09/20 14:55:18 | 000,609,504 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe -- (Update Mgr GreatFind)
SRV - [2015/09/17 17:35:19 | 001,203,424 | ---- | M] () [Auto | Running] -- C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe -- (Service Mgr GreatFind)
SRV - [2015/07/22 13:48:36 | 000,625,632 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe -- (Lenovo EasyPlus Hotspot)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/08 15:42:20 | 000,730,648 | ---- | M] (Orange SA) [Auto | Stopped] -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service)
SRV - [2015/06/03 16:42:38 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/05/19 17:22:06 | 000,099,128 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/09/15 11:01:40 | 001,970,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe -- (Dedicarz Service)
SRV - [2014/04/12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/02/04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/02/21 16:04:11 | 000,296,232 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012/02/21 16:04:09 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2012/02/21 16:04:07 | 000,087,336 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012/01/31 10:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010/04/14 21:01:37 | 000,045,736 | ---- | M] () [Auto | Running] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxeeserv.exe -- (lxeeCATSCustConnectService)
SRV - [2010/04/14 21:01:23 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxeecoms.exe -- (lxee_device)
SRV - [2009/06/06 02:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/02/22 13:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2007/05/31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/03/06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/09/11 19:03:31 | 001,048,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2015/09/11 19:03:09 | 000,274,808 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2015/09/11 19:03:09 | 000,150,672 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2015/09/11 19:03:08 | 000,447,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2015/09/11 19:03:08 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2015/09/11 19:03:08 | 000,090,968 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2015/09/11 19:03:08 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2015/09/11 19:03:08 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2014/01/22 09:52:12 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:[b]64bit:[/b] - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2013/10/02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/12/02 14:55:26 | 006,175,744 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009/11/19 09:30:56 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2009/07/30 19:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/04/22 13:46:06 | 003,552,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:[b]64bit:[/b] - [2009/02/08 22:43:10 | 000,111,104 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hxctlflt.sys -- (hxctlflt)
DRV:[b]64bit:[/b] - [2008/05/16 12:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm)
DRV:[b]64bit:[/b] - [2008/05/16 12:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic)
DRV:[b]64bit:[/b] - [2008/05/16 12:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV:[b]64bit:[/b] - [2008/05/16 12:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex)
DRV:[b]64bit:[/b] - [2008/05/16 12:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5)
DRV:[b]64bit:[/b] - [2008/05/16 12:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV:[b]64bit:[/b] - [2008/05/16 12:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus)
DRV:[b]64bit:[/b] - [2008/01/02 14:11:50 | 000,024,848 | ---- | M] (IBM) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\LUMDriver.sys -- (LUMDriver)
DRV - [2014/07/01 19:37:44 | 000,020,872 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2012/04/17 19:22:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2012/09/07 19:33:04] [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Common\NavFilter\000.fcl -- ({73526619-C24F-470B-9BED-53D455FBB5C6})
DRV - [2011/10/27 08:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_14_49_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyDyE0FyBtByEyByDtD0FtB0FtN0D0Tzu0StCtDyBtCtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2SyBtA0B0F0EtDtDyDtG0CyE0EyEtGyE0EtA0FtGyDtA0F0EtGyCtAyC0A0F0A0FtAtByEtAzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0C0FzyzztCyDtCtGyCzzzyyEtGyEyE0FyBtGzyyE0AyBtGtD0CyE0ByDzyyByCtAtD0D0A2Q&cr=1538337190&ir=
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=164&systemid=406&sr=0&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{B572D63C-E1AA-449F-9F46-31737D9F7C5F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}: "URL" = http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_14_49_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyDyE0FyBtByEyByDtD0FtB0FtN0D0Tzu0StCtDyBtCtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StD0E0C0AyD0Fzz0AtG0EyBtCyDtG0FtD0BtBtGyB0CyByCtGyEtDtB0CyByDyC0F0Bzy0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0C0FzyzztCyDtCtGyCzzzyyEtGyEyE0FyBtGzyyE0AyBtGtD0CyE0ByDzyyByCtAtD0D0A2Q&cr=2126578778&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=62606&st=home&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=62606&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1&st=chrome&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=62606&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1&st=chrome&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=62606&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1&st=chrome&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=62606&st=home&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=62606&st=home&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1
IE - HKLM\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=a2c7a2a0-1de8-11e1-92b7-002354f72475&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=164&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{AABC106D-C744-4724-9716-8075ACC47359}: "URL" = http://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=4.9&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1&q={searchTerms}
IE - HKLM\..\SearchScopes\{B572D63C-E1AA-449F-9F46-31737D9F7C5F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{D2475C61-581A-4D9E-9845-9BBED4C05270}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=62606&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1&st=chrome&q=
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=62606&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1&st=chrome&q=
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=62606&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1&st=chrome&q=
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=62606&st=home&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=62606&st=home&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ssbtis1&mntrId=70FB002354F72475&affID=121151&tsp=4977
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DXTB_frFR453
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\SearchScopes\{814C76CB-2623-43F4-AAD0-58A0E5190A20}: "URL" = http://r.orange.fr/r/Omoteur_home?ref=O_OI_hook_openSearchIE&module=orange&bhv=web_fr&kw={searchTerms}
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\SearchScopes\{AABC106D-C744-4724-9716-8075ACC47359}: "URL" = http://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=4.9&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1&q={searchTerms}
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=5.7&ts=1377192466386.000009&tguid=62606-6533-1377192466386-DD632C6756AAB6A4EAE948AF539F9EE1&q={searchTerms}
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\SearchScopes\{C481E418-B521-4347-9029-25E20789D22B}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYFR&apn_uid=2E81F88F-E8C2-4D0A-9BB5-2FA70A506C97&apn_sauid=4A1B4496-1CF9-4DF3-B74D-207E87E3DA9D
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}: "URL" = http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_14_49_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyDyE0FyBtByEyByDtD0FtB0FtN0D0Tzu0StCtDyBtCtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StD0E0C0AyD0Fzz0AtG0EyBtCyDtG0FtD0BtBtGyB0CyByCtGyEtDtB0CyByDyC0F0Bzy0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0C0FzyzztCyDtCtGyCzzzyyEtGyEyE0FyBtGzyyE0AyBtGtD0CyE0ByDzyyByCtAtD0D0A2Q&cr=2126578778&ir=
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..CT3240727.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "DivX Browser Bar FR Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3297124&CUI=UN14879590955540470&UM=2&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..browser.search.selectedEngine: "Orange"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://r.orange.fr/r/Oodc_home_ff"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:10.2.0.187
FF - prefs.js..extensions.enabledAddons: menu_contextuel_orange%40orange.fr:1.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.2
FF - prefs.js..keyword.URL: "http://r.orange.fr/r/Omoteur_home?ref=O_OI_hook_openSearchFF&module=orange&bhv=web_fr&kw="

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files (x86)\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\jocelyne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\HBLite@HBLite.com: C:\Program Files (x86)\HBLite\bin\11.0.363.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\jocelyne\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013/01/16 15:45:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/09/24 00:15:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2015/08/16 22:06:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@vshsolutions.com: C:\Users\jocelyne\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com [2013/01/16 15:45:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\jocelyne\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013/01/16 15:45:33 | 000,000,000 | ---D | M]

[2013/01/16 15:45:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Extensions
[2013/01/16 15:45:12 | 000,000,000 | ---D | M] (Special Savings) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Extensions\specialsavings@vshsolutions.com
[2013/01/16 15:45:33 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks
[2012/09/26 08:11:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\extensions
[2012/09/26 08:11:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}
[2015/09/24 00:10:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\9ino3csh.default\extensions
[2013/11/23 16:08:27 | 000,000,000 | ---D | M] (findr) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\9ino3csh.default\extensions\{4373e9b4-0a12-4112-8e3d-36ded19ee3dd}
[2015/09/24 00:10:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\9ino3csh.default\extensions\cacaoweb@cacaoweb.org
[2015/09/24 00:10:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\9ino3csh.default\extensions\ffxtlbr@holasearch.com
[2015/05/02 11:54:35 | 000,000,000 | ---D | M] (Menu contextuel Orange) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\9ino3csh.default\extensions\menu_contextuel_orange@orange.fr
[2015/01/03 11:54:02 | 000,000,000 | ---D | M] (barre d'outils Orange) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\9ino3csh.default\extensions\toolbar@Orange.fr
[2015/09/24 00:10:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\Solo_52402\extensions
[2013/11/24 14:31:19 | 000,000,000 | ---D | M] (findr) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\Solo_52402\extensions\{4373e9b4-0a12-4112-8e3d-36ded19ee3dd}
[2015/09/24 00:10:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\Solo_52402\extensions\cacaoweb@cacaoweb.org
[2015/09/24 00:10:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\Solo_52402\extensions\ffxtlbr@holasearch.com
[2015/09/24 00:10:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\Solo_52402\extensions\toolbar@ask.com
[2015/01/03 11:54:05 | 000,000,000 | ---D | M] (barre d'outils Orange) -- C:\Users\jocelyne\AppData\Roaming\mozilla\Firefox\Profiles\Solo_52402\extensions\toolbar@Orange.fr
[2014/10/20 15:35:34 | 000,001,114 | ---- | M] () -- C:\Users\jocelyne\AppData\Roaming\mozilla\firefox\profiles\9ino3csh.default\searchplugins\orange.xml
[2015/09/24 00:15:16 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2015/03/31 10:23:10 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.6.0_0\
CHR - Extension: No name found = C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - Reg Error: Value error. File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {bb184e6d-26d1-461a-9226-b93ca8da2af9} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{6571950c-6eb2-4d8b-975e-5a25053ff845} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{6571950c-6eb2-4d8b-975e-5a25053ff845} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\Toolbar\WebBrowser: (no name) - {249D74A3-BD19-4657-B6CE-E62F480A20DE} - No CLSID value found.
O3 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\Toolbar\WebBrowser: (no name) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No CLSID value found.
O3 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (DivX, LLC)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000..\Run: [AdobeFlashPlayer] wscript "C:\Users\jocelyne\AppData\Roaming\Adobe\Flash Player\Cache\IDMcache.vbs" "C:\Users\jocelyne\AppData\Roaming\Adobe\Flash Player\Cache\IDMcache.bat" File not found
O4 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000..\Run: [BingSvc] C:\Users\jocelyne\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000..\Run: [GoogleChromeAutoLaunch_33CB067EF7C37089602DCBE1F64EE447] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000..\Run: [Le Cloud d'Orange - Transfert de fichiers Client] C:\Users\jocelyne\AppData\Local\Le Cloud Orange\omclient.exe (Orange-France)
O4 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000..\Run: [Orange Installer] C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe ()
O4 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000..\Run: [OrangeInside] C:\Users\jocelyne\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe (Orange)
O4 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000..\Run: [uTorrent] C:\Users\jocelyne\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax",DllRegisterServer File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\jocelyne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lanceur.lnk = C:\Program Files (x86)\Micro Application\LauncherMA.exe (Micro Application)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-4280253580-1216471224-246078179-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab (Java Plug-in 11.60.2)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab (Java Plug-in 1.8.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab (Java Plug-in 11.60.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{350F674E-4E3A-4450-9827-47A3AB002DB2}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - Reg Error: Value error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - Reg Error: Value error. File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/02/12 10:04:27 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2015/09/19 17:30:37 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0b138611-6dbe-11e4-ab64-002354f72475}\Shell - "" = AutoRun
O33 - MountPoints2\{0b138611-6dbe-11e4-ab64-002354f72475}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{14f8167e-facd-11e4-be2a-002354f72475}\Shell - "" = AutoRun
O33 - MountPoints2\{14f8167e-facd-11e4-be2a-002354f72475}\Shell\AutoRun\command - "" = J:\unlock.exe autoplay=true
O33 - MountPoints2\{9291299e-0ec1-11e2-af4a-002354f72475}\Shell - "" = AutoRun
O33 - MountPoints2\{9291299e-0ec1-11e2-af4a-002354f72475}\Shell\AutoRun\command - "" = M:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/09/30 13:21:28 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Roaming\ParetoLogic
[2015/09/30 13:21:28 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Roaming\DriverCure
[2015/09/30 13:21:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ParetoLogic
[2015/09/30 13:21:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2015/09/30 10:33:20 | 000,020,872 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2015/09/30 10:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
[2015/09/29 21:31:10 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015/09/29 17:34:57 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\{1AA5F49F-23F4-463F-A43A-6A3FAC9097FC}
[2015/09/29 09:34:18 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\Desktop\Links
[2015/09/24 15:28:32 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\Documents\Modèles Office personnalisés
[2015/09/24 00:15:23 | 000,378,880 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/09/22 14:12:42 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\{3174785A-30BA-4F90-BBB8-C924FF9AEFE1}
[2015/09/19 17:29:04 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2015/09/19 17:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2015/09/19 15:58:52 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Roaming\Lavasoft
[2015/09/19 15:01:30 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Roaming\LavasoftStatistics
[2015/09/19 15:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2015/09/19 14:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2015/09/19 14:56:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2015/09/19 13:09:14 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/09/17 20:18:14 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\{36C140ED-D84E-4A3E-A00A-FFC4CD5E3102}
[2015/09/17 19:26:02 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\Opera Software
[2015/09/17 19:26:01 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Roaming\Opera Software
[2015/09/17 19:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2015/09/17 12:45:23 | 000,000,000 | -H-D | C] -- C:\$Windows.~BT
[2015/09/17 10:07:01 | 000,780,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/09/17 10:07:01 | 000,142,536 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/09/16 19:01:07 | 000,000,000 | R--D | C] -- C:\Users\jocelyne\Documents\PORTABLEMAISON
[2015/09/15 15:12:04 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2015/09/14 18:48:24 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\Lenovo
[2015/09/14 18:47:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LENOVO
[2015/09/14 18:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
[2015/09/14 18:47:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lenovo
[2015/09/14 18:47:16 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2015/09/14 18:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc
[2015/09/14 18:46:55 | 000,000,000 | ---D | C] -- C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc
[2015/09/14 18:46:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Great Find
[2015/09/14 18:46:39 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Roaming\RHEng
[2015/09/14 13:11:12 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\{E70BB6A7-AC61-4D09-ACED-3554A7B706AA}
[2015/09/14 09:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/09/14 09:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/09/13 19:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/09/13 16:10:30 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\2014-2015
[2015/09/13 15:54:55 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\{324D24EE-3A2E-414F-8CF5-7D130BEA116E}
[2015/09/12 20:59:30 | 000,000,000 | ---D | C] -- C:\$SysReset
[2015/09/11 23:33:41 | 000,000,000 | -HSD | C] -- C:\Recovery
[2015/09/11 22:45:59 | 000,000,000 | ---D | C] -- C:\AMD
[2015/09/11 19:03:05 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/09/11 18:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
[2015/09/11 18:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\KMSpico
[2015/09/11 09:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/09/11 09:42:37 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Roaming\Sun
[2015/09/11 09:42:37 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\.oracle_jre_usage
[2015/09/09 18:36:19 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\{01CCEBD6-AE31-49AA-AF64-0696903A09CF}
[2015/09/09 10:24:43 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/09/09 10:24:43 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/09/09 10:24:43 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/09/09 10:24:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/09/09 10:24:43 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/09/09 10:24:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/09/09 10:24:42 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/09/09 10:24:42 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/09/09 10:24:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/09/09 10:24:42 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/09/09 10:24:41 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/09/09 10:24:41 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/09/09 10:24:41 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/09/09 10:24:40 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/09/09 10:24:40 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/09/09 10:24:40 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/09/09 10:24:40 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/09/09 10:24:40 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/09/09 10:24:40 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/09/09 10:24:40 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/09/09 10:24:40 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/09/09 10:24:39 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/09/09 10:24:39 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/09/09 10:24:38 | 002,126,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/09/09 10:24:37 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/09/09 10:24:37 | 000,585,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/09/09 10:24:37 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/09/09 10:24:37 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/09/09 10:24:37 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/09/09 10:24:37 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/09/09 10:24:36 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/09/09 10:24:36 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/09/09 10:24:36 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/09/09 10:24:36 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/09/09 10:24:35 | 005,923,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/09/09 10:24:35 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/09/09 10:24:35 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/09/09 10:24:35 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/09/09 10:24:35 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/09/09 10:22:43 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2015/09/09 10:22:43 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2015/09/09 10:22:43 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jnwmon.dll
[2015/09/09 10:18:17 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2015/09/09 10:18:17 | 001,372,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2015/09/09 10:18:17 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmapi.dll
[2015/09/09 10:13:42 | 001,390,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagtrack.dll
[2015/09/09 10:13:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UtcResources.dll
[2015/09/09 10:13:41 | 005,568,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/09/09 10:13:40 | 003,934,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/09/09 10:13:40 | 001,730,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/09/09 10:13:40 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/09/09 10:13:40 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2015/09/09 10:13:37 | 003,989,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/09/09 10:13:37 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/09/09 10:13:36 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2015/09/09 10:13:36 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2015/09/09 10:13:34 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/09/09 10:13:34 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/09/09 10:13:33 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/09/09 10:13:31 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015/09/09 10:13:31 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/09/09 10:13:30 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/09/09 10:13:30 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/09/09 10:13:29 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/09/09 10:13:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/09/09 10:13:29 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/09/09 10:13:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/09/09 10:13:28 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/09/09 10:13:28 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/09/09 10:13:28 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/09/09 10:13:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015/09/09 10:13:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/09/09 10:13:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/09/09 10:13:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/09/09 10:13:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/09/09 10:13:27 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/09/09 10:13:27 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/09/09 10:13:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/09/09 10:13:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/09/09 10:13:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/09/09 10:13:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/09/09 10:13:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/09/09 10:13:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/09/09 10:13:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/09/09 10:13:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/09/09 10:13:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/09/09 10:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/09/09 10:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/09/09 10:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/09/09 10:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/09/09 10:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/09/09 10:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/09/09 10:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/09/09 10:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/09/09 10:13:25 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/09/09 10:13:25 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/09/09 10:13:25 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/09/09 10:13:25 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/09/09 10:13:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/09/09 10:13:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/09/09 10:13:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/09/09 10:13:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/09/09 10:13:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/09/09 10:13:25 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/09/09 10:13:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/09/09 10:13:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/09/09 10:13:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/09/09 10:13:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/09/09 10:13:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/09/09 10:13:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/09/09 10:13:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/09/09 10:13:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/09/09 10:13:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/09/09 10:13:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/09/09 10:13:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/09/09 10:13:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/09/09 10:13:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/09/09 10:13:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/09/09 10:13:19 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2015/09/09 10:13:19 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2015/09/09 10:13:19 | 000,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2015/09/09 10:13:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2015/09/09 10:13:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2015/09/09 10:13:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015/09/09 10:13:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015/09/09 10:13:01 | 000,692,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2015/09/09 10:13:01 | 000,616,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2015/09/09 10:13:01 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2015/09/09 10:13:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2015/09/09 10:13:00 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2015/09/09 10:12:59 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2015/09/09 10:12:59 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2015/09/09 10:12:48 | 000,372,736 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/09/09 10:12:48 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/09/09 10:12:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/09/09 10:12:47 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/09/09 10:12:47 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/09/09 10:12:47 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/09/09 10:12:47 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/09/09 10:12:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015/09/09 10:12:34 | 003,165,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/09/09 10:12:34 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/09/09 10:12:34 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/09/09 10:12:34 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/09/09 10:12:34 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/09/09 10:12:33 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/09/09 10:12:33 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/09/09 10:12:33 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/09/09 10:12:33 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/09/09 10:12:33 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/09/09 10:12:33 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/09/09 10:12:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/09/09 10:12:33 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/09/09 10:12:33 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/09/09 10:12:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/09/08 08:50:47 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\{37EC61CF-A9C5-44B9-9D03-21465F40EA01}
[2015/09/05 22:35:13 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\{9B972735-DC5B-4D6F-90BD-3414C059C56F}
[2015/09/03 19:07:00 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\{F27FE95A-AFDC-4C74-943C-E9F6FE6492C2}
[2015/09/01 18:37:04 | 000,000,000 | ---D | C] -- C:\Users\jocelyne\AppData\Local\{549725C1-F483-4404-99BE-101687389852}
[2015/09/01 11:51:32 | 000,365,576 | ---- | C] (DivX, LLC) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[8 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[19 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[19 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\jocelyne\Documents\*.tmp files -> C:\Users\jocelyne\Documents\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/09/30 21:57:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/09/30 21:44:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0f5e3cf8b819a.job
[2015/09/30 21:27:48 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/09/30 21:27:48 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/09/30 21:16:17 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/09/30 21:15:42 | 000,000,500 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
[2015/09/30 21:15:26 | 000,000,448 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2015/09/30 21:15:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/09/30 21:15:00 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2015/09/30 18:00:00 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2015/09/30 14:17:34 | 000,000,644 | ---- | M] () -- C:\Users\jocelyne\Documents\cc_20150930_141705.reg
[2015/09/30 10:43:35 | 000,031,844 | ---- | M] () -- C:\Users\jocelyne\Documents\cc_20150930_104246.reg
[2015/09/29 09:35:52 | 001,669,584 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/09/29 09:35:52 | 000,747,644 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2015/09/29 09:35:52 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/09/29 09:35:52 | 000,150,168 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2015/09/29 09:35:52 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/09/27 18:07:17 | 000,150,848 | ---- | M] () -- C:\Users\jocelyne\Desktop\Pic-20150927-005.jpg
[2015/09/26 22:21:43 | 000,515,874 | ---- | M] () -- C:\Users\jocelyne\Desktop\infographie_personnages_game_of_thrones_2790.jpeg
[2015/09/26 19:28:46 | 001,461,343 | ---- | M] () -- C:\Users\jocelyne\Desktop\Ramin Djawadi - For the Realm.mp3
[2015/09/24 07:38:08 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2015/09/24 07:35:10 | 000,002,279 | ---- | M] () -- C:\Users\jocelyne\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/09/24 07:17:12 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/09/24 07:17:12 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/09/24 00:15:47 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015/09/24 00:12:52 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/09/19 17:30:37 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2015/09/19 15:07:27 | 000,000,009 | ---- | M] () -- C:\END
[2015/09/14 18:46:38 | 000,001,619 | ---- | M] () -- C:\Users\jocelyne\Desktop\DivX Movies.lnk
[2015/09/14 18:46:22 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2015/09/14 18:46:02 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2015/09/14 09:56:20 | 000,443,062 | ---- | M] () -- C:\Users\jocelyne\Documents\cc_20150914_095445.reg
[2015/09/14 09:50:19 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/09/14 08:40:27 | 000,000,996 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Runner.job
[2015/09/14 08:40:27 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\AVSRegistryCleaner.job
[2015/09/13 11:59:36 | 000,001,845 | ---- | M] () -- C:\Users\jocelyne\Desktop\mémoire_anthony_Miranda_1_(1).compressed (1).pdf - Raccourci.lnk
[2015/09/12 10:15:09 | 000,001,221 | ---- | M] () -- C:\Users\jocelyne\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/09/12 09:54:16 | 000,000,292 | ---- | M] () -- C:\task.vbs
[2015/09/11 23:33:01 | 000,010,449 | ---- | M] () -- C:\Windows\diagerr.xml
[2015/09/11 23:33:01 | 000,009,528 | ---- | M] () -- C:\Windows\diagwrn.xml
[2015/09/11 19:03:31 | 001,048,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015/09/11 19:03:09 | 000,274,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/09/11 19:03:09 | 000,150,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/09/11 19:03:08 | 000,447,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015/09/11 19:03:08 | 000,378,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/09/11 19:03:08 | 000,093,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/09/11 19:03:08 | 000,090,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015/09/11 19:03:08 | 000,065,224 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/09/11 19:03:08 | 000,028,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/09/11 19:03:05 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/09/11 09:41:55 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/09/10 04:23:57 | 000,591,976 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/09/07 12:22:14 | 000,001,180 | ---- | M] () -- C:\Users\jocelyne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk
[2015/09/02 05:04:49 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/09/02 05:04:46 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/09/02 05:04:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015/09/02 05:04:42 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/09/02 04:48:31 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/09/02 04:48:25 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/09/02 03:47:08 | 000,372,736 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/09/02 03:33:48 | 000,299,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/09/01 11:51:32 | 000,365,576 | ---- | M] (DivX, LLC) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[8 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[19 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[19 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\jocelyne\Documents\*.tmp files -> C:\Users\jocelyne\Documents\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/09/30 14:17:13 | 000,000,644 | ---- | C] () -- C:\Users\jocelyne\Documents\cc_20150930_141705.reg
[2015/09/30 13:21:36 | 000,000,474 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2015/09/30 13:21:19 | 000,000,500 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
[2015/09/30 13:21:18 | 000,000,448 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2015/09/30 10:43:13 | 000,031,844 | ---- | C] () -- C:\Users\jocelyne\Documents\cc_20150930_104246.reg
[2015/09/27 18:07:17 | 000,150,848 | ---- | C] () -- C:\Users\jocelyne\Desktop\Pic-20150927-005.jpg
[2015/09/26 22:21:43 | 000,515,874 | ---- | C] () -- C:\Users\jocelyne\Desktop\infographie_personnages_game_of_thrones_2790.jpeg
[2015/09/26 19:28:35 | 001,461,343 | ---- | C] () -- C:\Users\jocelyne\Desktop\Ramin Djawadi - For the Realm.mp3
[2015/09/23 11:39:58 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0f5e3cf8b819a.job
[2015/09/19 17:30:37 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2015/09/19 15:07:26 | 000,000,009 | ---- | C] () -- C:\END
[2015/09/17 10:49:56 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/09/14 09:56:10 | 000,443,062 | ---- | C] () -- C:\Users\jocelyne\Documents\cc_20150914_095445.reg
[2015/09/14 09:50:19 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/09/12 21:16:29 | 3220,676,608 | -HS- | C] () -- C:\hiberfil.sys
[2015/09/12 09:59:28 | 000,001,221 | ---- | C] () -- C:\Users\jocelyne\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/09/12 09:54:16 | 000,000,292 | ---- | C] () -- C:\task.vbs
[2015/09/11 22:04:34 | 000,010,449 | ---- | C] () -- C:\Windows\diagerr.xml
[2015/09/11 22:04:34 | 000,009,528 | ---- | C] () -- C:\Windows\diagwrn.xml
[2015/08/01 19:26:36 | 000,000,581 | ---- | C] () -- C:\Windows\eReg.dat
[2015/03/14 13:15:23 | 000,203,932 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmp20141214_151539.1
[2015/03/14 13:15:21 | 000,622,359 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmp20141214_151539.0
[2015/03/14 13:15:21 | 000,202,852 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmp20141214_151539.JPG
[2015/02/26 10:58:49 | 000,908,993 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpDSCF1684.JPG
[2015/02/26 10:58:48 | 003,362,576 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpDSCF1684.0
[2015/02/20 09:57:26 | 000,569,024 | ---- | C] () -- C:\Windows\SysWow64\new_OrangeInstaller.exe
[2015/02/15 14:00:42 | 000,000,036 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\housecall.guid.cache
[2015/01/18 12:19:07 | 000,656,673 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpPFC_1411.JPG
[2015/01/18 12:19:06 | 001,503,194 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpPFC_1411.0
[2014/02/06 20:17:42 | 002,946,528 | ---- | C] ( ) -- C:\Users\jocelyne\AppData\Roaming\KMSpico_setup.exe
[2014/01/03 21:13:53 | 000,210,456 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2014/01/03 21:13:53 | 000,206,360 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2014/01/03 21:13:53 | 000,198,168 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2014/01/03 21:13:53 | 000,198,168 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2014/01/03 21:13:53 | 000,194,072 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2014/01/03 21:13:53 | 000,026,136 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2012/10/24 15:10:50 | 000,013,312 | -H-- | C] () -- C:\Users\jocelyne\photothumb.db
[2012/04/09 18:23:44 | 000,000,017 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\resmon.resmoncfg
[2011/12/15 20:30:18 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/07/18 22:43:16 | 003,224,922 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpDSCF1453.0
[2011/07/18 22:43:16 | 001,547,918 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpDSCF1453.JPG
[2011/07/04 19:38:07 | 000,150,626 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmp04-07-2011 19;37;38.JPG
[2011/07/04 19:38:06 | 000,239,642 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmp04-07-2011 19;37;38.0
[2011/06/29 08:51:08 | 000,000,326 | ---- | C] () -- C:\Users\jocelyne\AppData\Roaming\wklnhst.dat
[2011/06/24 18:05:07 | 000,002,952 | R--- | C] () -- C:\Users\jocelyne\SDV2MP7.XSL
[2011/06/24 18:05:07 | 000,002,444 | R--- | C] () -- C:\Users\jocelyne\MP7_2SDV.XSL
[2011/06/24 18:05:07 | 000,000,742 | R--- | C] () -- C:\Users\jocelyne\MASTER.XML
[2011/06/24 18:05:07 | 000,000,256 | ---- | C] () -- C:\Users\jocelyne\MGR_DATA
[2011/06/24 18:05:07 | 000,000,040 | ---- | C] () -- C:\Users\jocelyne\PRG_MGR
[2011/06/16 10:58:34 | 000,775,317 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmp16-06-2011 10;57;56.1
[2011/06/16 10:58:33 | 000,768,004 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmp16-06-2011 10;57;56.JPG
[2011/06/16 10:58:32 | 001,472,390 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmp16-06-2011 10;57;56.0
[2011/06/15 22:58:58 | 001,479,762 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpCOPIE.JPG
[2011/06/15 22:58:57 | 001,414,882 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpCOPIE.0
[2011/06/15 22:57:27 | 001,875,755 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpDSCF1614.JPG
[2011/06/15 22:57:26 | 002,312,299 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpDSCF1614.0
[2011/06/14 10:02:00 | 000,377,011 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpPHOTO ANTHONY.0
[2011/06/14 10:02:00 | 000,184,173 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpPHOTO ANTHONY.JPG
[2011/06/06 15:14:39 | 001,066,649 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpDSCF1593.1
[2011/06/06 15:14:38 | 001,062,975 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpDSCF1593.JPG
[2011/06/06 15:14:37 | 003,310,190 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpDSCF1593.0
[2011/06/05 19:41:00 | 000,796,453 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpASSEDIC.1
[2011/06/05 19:40:54 | 000,785,156 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpASSEDIC.JPG
[2011/06/05 19:40:53 | 001,853,300 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpASSEDIC.0
[2011/05/24 18:44:52 | 000,246,427 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpPIC_1271.JPG
[2011/05/24 18:44:52 | 000,246,422 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\tmpPIC_1271.0
[2011/05/24 08:36:08 | 000,034,304 | ---- | C] () -- C:\Users\jocelyne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/07/10 19:51:25 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/10 19:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2011/11/01 16:15:30 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Anthropics
[2012/11/06 22:18:38 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Autodesk
[2015/03/21 19:47:53 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\AVAST Software
[2015/09/20 14:51:49 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\cacaoweb
[2012/06/25 22:24:04 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/03/16 00:09:58 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\com.w3i.FlipToast
[2015/02/28 18:13:22 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Covixo
[2012/04/07 10:15:14 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\D-Jix
[2012/04/07 10:26:17 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\D-Jix Media LE
[2012/11/23 23:11:36 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\DassaultSystemes
[2015/09/30 13:21:28 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\DriverCure
[2015/03/21 20:20:26 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Dropbox
[2013/02/11 22:40:37 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\DVDVideoSoft
[2012/09/26 08:11:26 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\eBayDesktopShortcut
[2011/09/25 15:22:10 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\eTeks
[2015/08/23 19:33:57 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Expert PDF 9
[2014/12/10 16:06:53 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\fr.orange.assistancelivebox
[2012/10/25 19:25:10 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\FVD3
[2015/09/20 14:51:49 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Gameo
[2014/12/07 17:09:09 | 000,000,000 | -H-D | M] -- C:\Users\jocelyne\AppData\Roaming\GoldenGate
[2014/12/13 02:36:59 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\GoPro
[2012/02/08 22:16:38 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\MusicNet
[2015/09/24 00:11:38 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\OpenCandy
[2011/10/05 10:29:58 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\OpenOffice.org
[2015/09/17 19:26:01 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Opera Software
[2015/01/03 11:54:59 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Orange
[2014/12/10 16:05:55 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Orange-France
[2015/09/30 13:21:28 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\ParetoLogic
[2015/08/23 19:50:06 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\PDF Pro 10 9
[2012/06/14 19:52:28 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\PhotoFiltre 7
[2015/09/14 09:52:40 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\PhotoScape
[2015/09/24 00:10:29 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\RHEng
[2015/09/24 00:10:29 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\SearchProtect
[2011/10/30 19:21:50 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Sony
[2012/06/09 11:19:39 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Spotify
[2015/09/24 00:10:30 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\SuperEasy Software
[2011/06/29 08:51:09 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Template
[2014/05/22 19:57:13 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Thunderbird
[2013/02/11 22:41:10 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\TuneUp Software
[2014/01/03 21:15:59 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Ulead Systems
[2012/08/10 21:34:12 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Unity
[2015/09/30 22:38:57 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\uTorrent
[2012/04/30 12:32:27 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\WildTangent
[2011/09/20 11:30:57 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\WinBatch
[2013/07/05 21:43:57 | 000,000,000 | ---D | M] -- C:\Users\jocelyne\AppData\Roaming\Windows Live Writer
[2015/06/12 21:31:11 | 000,000,000 | ---D | M] -- C:\Users\lol\AppData\Roaming\AVAST Software
[2015/06/13 15:44:44 | 000,000,000 | ---D | M] -- C:\Users\lol.jocelyne-PC\AppData\Roaming\AVAST Software

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:054203E4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AA6D0077
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:A1EDB939
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >

Signaler le contenu de ce document