cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 24/02/2016 22:28:10 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jacqueline\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18205)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,44 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 57,30% Memory free
6,94 Gb Paging File | 5,10 Gb Available in Paging File | 73,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1845,49 Gb Total Space | 1726,88 Gb Free Space | 93,57% Space Free | Partition Type: NTFS
Drive D: | 16,05 Gb Total Space | 2,01 Gb Free Space | 12,54% Space Free | Partition Type: NTFS

Computer Name: PLOT | User Name: jacqueline | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2016/02/24 11:58:48 | 000,309,704 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2016/02/24 11:52:01 | 000,237,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/02/23 08:26:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jacqueline\Downloads\OTL.exe
PRC - [2015/11/11 22:14:04 | 000,815,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2015/10/06 20:45:54 | 000,597,040 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2015/04/28 15:39:48 | 001,102,472 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2014/12/19 16:03:56 | 001,852,928 | ---- | M] (CNAMTS - GIE SESAM-Vitale) -- C:\Program Files (x86)\santesocial\srvsvcnam\SRVSVCNAM.exe
PRC - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/11/08 11:38:23 | 000,021,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
PRC - [2014/03/21 07:14:56 | 000,051,712 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWOW64\tbaseprovisioning.exe
PRC - [2013/04/02 04:27:32 | 000,079,872 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\9.2\bin\pg_ctl.exe
PRC - [2013/04/02 04:27:00 | 004,525,568 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\9.2\bin\postgres.exe
PRC - [2012/03/16 21:39:58 | 000,476,728 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2016/02/24 11:59:03 | 000,936,776 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.12.11510.1228\swg.dll
MOD - [2016/02/24 11:58:48 | 003,046,856 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_8A0038D085DC3886.dll
MOD - [2016/02/24 11:58:48 | 001,020,360 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7DD5AD3C25C05E37.dll
MOD - [2016/02/24 11:58:48 | 000,309,704 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
MOD - [2016/02/24 11:58:47 | 000,194,504 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
MOD - [2016/02/24 11:53:57 | 003,049,744 | ---- | M] (AVAST Software) -- C:\PROGRA~1\AVASTS~1\Avast\Aavm4h.dll
MOD - [2016/02/24 11:53:52 | 001,582,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswWrcIEBroker32.dll
MOD - [2016/02/24 11:52:57 | 000,875,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll
MOD - [2016/02/24 11:52:57 | 000,535,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll
MOD - [2016/02/24 11:52:34 | 000,179,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2016/02/24 11:52:09 | 000,113,496 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\log.dll
MOD - [2016/02/24 11:52:07 | 001,080,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\AVAST Software\Avast\dbghelp.dll
MOD - [2016/02/24 11:52:06 | 000,088,504 | ---- | M] (AVAST Software) -- C:\PROGRA~1\AVASTS~1\Avast\avastIP.dll
MOD - [2016/02/24 11:52:05 | 000,073,984 | ---- | M] (AVAST Software) -- C:\PROGRA~1\AVASTS~1\Avast\aswEngLdr.dll
MOD - [2016/02/24 11:52:04 | 000,958,704 | ---- | M] (AVAST Software) -- C:\PROGRA~1\AVASTS~1\Avast\aswAux.dll
MOD - [2016/02/24 11:52:04 | 000,403,848 | ---- | M] (AVAST Software) -- C:\PROGRA~1\AVASTS~1\Avast\aswCmnIS.dll
MOD - [2016/02/24 11:52:04 | 000,374,240 | ---- | M] (AVAST Software) -- C:\PROGRA~1\AVASTS~1\Avast\aswCmnBS.dll
MOD - [2016/02/24 11:52:04 | 000,140,480 | ---- | M] (AVAST Software) -- C:\PROGRA~1\AVASTS~1\Avast\aswCmnOS.dll
MOD - [2016/02/24 11:52:03 | 000,436,640 | ---- | M] (AVAST Software) -- C:\PROGRA~1\AVASTS~1\Avast\ashTask.dll
MOD - [2016/02/24 11:52:02 | 001,052,752 | ---- | M] (AVAST Software) -- C:\PROGRA~1\AVASTS~1\Avast\ashBase.dll
MOD - [2016/02/24 11:52:02 | 000,133,768 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\JsonRpcServer.dll
MOD - [2016/02/24 11:52:01 | 000,619,448 | ---- | M] (AVAST Software) -- C:\PROGRA~1\AVASTS~1\Avast\commchannel.dll
MOD - [2016/02/24 11:52:00 | 000,329,608 | ---- | M] (AVAST Software) -- C:\PROGRA~1\AVASTS~1\Avast\AavmRpch.dll
MOD - [2016/02/24 11:51:57 | 000,678,656 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
MOD - [2016/02/23 08:26:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jacqueline\Downloads\OTL.exe
MOD - [2016/02/06 11:01:21 | 020,366,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2016/02/06 10:43:17 | 002,280,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2016/02/06 10:16:20 | 012,857,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2016/02/06 09:54:19 | 001,312,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2016/02/02 03:37:41 | 019,963,896 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx
MOD - [2016/01/22 08:11:11 | 019,794,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2016/01/22 06:35:15 | 004,611,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2016/01/22 06:07:28 | 002,120,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2016/01/22 06:02:12 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2016/01/19 19:23:58 | 001,564,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\combase.dll
MOD - [2016/01/19 19:23:33 | 001,501,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2016/01/19 18:30:39 | 000,862,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2015/12/08 20:07:49 | 000,507,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2015/12/07 13:55:38 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre1.8.0_66\bin\msvcr100.dll
MOD - [2015/12/07 13:55:38 | 000,460,384 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
MOD - [2015/12/07 13:55:38 | 000,172,640 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
MOD - [2015/12/07 13:55:37 | 000,446,560 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre1.8.0_66\bin\deploy.dll
MOD - [2015/12/04 16:00:36 | 001,097,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2015/12/03 19:52:09 | 000,340,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2015/12/03 19:52:09 | 000,120,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2015/12/03 19:52:09 | 000,091,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncryptsslp.dll
MOD - [2015/12/03 17:45:16 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2015/11/11 22:14:04 | 000,815,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2015/11/10 01:04:14 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2015/11/10 00:25:40 | 001,048,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2015/11/10 00:16:05 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2015/11/08 21:52:10 | 001,559,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2015/11/08 21:48:20 | 001,376,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2015/11/08 21:42:50 | 001,490,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.18123_none_dad9a2585bcb0fd8\GdiPlus.dll
MOD - [2015/10/06 20:45:54 | 000,597,040 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2015/10/03 20:41:47 | 001,124,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2015/09/10 16:23:05 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2015/09/03 03:17:54 | 001,903,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2015/09/02 18:09:35 | 001,556,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2015/08/12 15:03:38 | 000,122,128 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MOD - [2015/08/10 17:56:30 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2015/08/06 18:20:31 | 002,105,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee\comctl32.dll
MOD - [2015/08/06 17:18:28 | 004,068,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2015/07/01 22:35:39 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2015/06/27 17:42:34 | 000,747,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2015/06/16 06:36:44 | 001,212,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2015/06/15 22:09:15 | 003,607,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2015/04/25 03:33:20 | 000,549,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_7c5b6194aa0716f1\comctl32.dll
MOD - [2015/04/10 01:17:55 | 001,018,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAutomationCore.dll
MOD - [2015/04/01 03:31:00 | 001,207,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2015/03/23 22:45:04 | 000,257,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2015/01/30 02:29:04 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atlthunk.dll
MOD - [2015/01/29 19:34:45 | 001,488,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2015/01/23 06:02:33 | 000,560,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SHCore.dll
MOD - [2014/12/19 16:03:56 | 001,852,928 | ---- | M] (CNAMTS - GIE SESAM-Vitale) -- C:\Program Files (x86)\santesocial\srvsvcnam\SRVSVCNAM.exe
MOD - [2014/12/19 09:25:28 | 000,602,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2014/11/08 11:38:23 | 000,021,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
MOD - [2014/10/31 03:24:42 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll
MOD - [2014/10/31 00:38:56 | 001,612,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2014/10/29 04:18:47 | 001,782,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2014/10/29 04:18:47 | 000,241,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2014/10/29 04:18:46 | 000,029,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel.appcore.dll
MOD - [2014/10/29 04:18:44 | 000,255,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2014/10/29 04:18:42 | 000,016,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2014/10/29 04:18:41 | 000,127,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2014/10/29 04:15:39 | 000,035,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2014/10/29 04:15:37 | 000,245,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2014/10/29 04:15:37 | 000,165,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntasn1.dll
MOD - [2014/10/29 04:15:37 | 000,098,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2014/10/29 04:15:37 | 000,068,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2014/10/29 04:15:36 | 000,192,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2014/10/29 04:15:36 | 000,154,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2014/10/29 04:15:36 | 000,110,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2014/10/29 04:15:36 | 000,021,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsrole.dll
MOD - [2014/10/29 04:15:32 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2014/10/29 04:15:32 | 000,051,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2014/10/29 04:15:31 | 000,115,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2014/10/29 04:15:31 | 000,096,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2014/10/29 04:13:18 | 000,185,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2014/10/29 04:12:51 | 000,087,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2014/10/29 04:12:03 | 001,946,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll
MOD - [2014/10/29 04:12:03 | 000,430,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2014/10/29 04:12:03 | 000,102,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2014/10/29 04:11:32 | 000,031,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2014/10/29 04:10:54 | 001,287,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2014/10/29 04:10:54 | 000,278,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2014/10/29 04:10:54 | 000,026,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2014/10/29 04:10:07 | 000,276,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2014/10/29 04:10:07 | 000,052,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2014/10/29 04:10:01 | 000,569,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2014/10/29 04:07:09 | 000,370,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2014/10/29 04:07:01 | 000,331,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2014/10/29 04:07:01 | 000,136,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2014/10/29 04:07:01 | 000,134,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmmbase.dll
MOD - [2014/10/29 04:06:28 | 000,800,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2014/10/29 04:06:28 | 000,080,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcd.dll
MOD - [2014/10/29 04:06:28 | 000,074,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2014/10/29 04:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2014/10/29 04:05:15 | 000,052,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2014/10/29 04:05:14 | 000,120,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2014/10/29 04:05:14 | 000,030,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2014/10/29 04:05:14 | 000,026,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2014/10/29 04:05:14 | 000,020,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2014/10/29 03:00:28 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2014/10/29 03:00:15 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2014/10/29 03:00:13 | 000,642,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2014/10/29 03:00:11 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
MOD - [2014/10/29 02:59:50 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2014/10/29 02:59:49 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2014/10/29 02:58:23 | 001,040,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2014/10/29 02:58:06 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2014/10/29 02:57:59 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pcacli.dll
MOD - [2014/10/29 02:57:31 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WinSCard.dll
MOD - [2014/10/29 02:56:40 | 000,499,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2014/10/29 02:55:53 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput8.dll
MOD - [2014/10/29 02:51:01 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2014/10/29 02:50:50 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2014/10/29 02:47:53 | 000,517,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2014/10/29 02:40:34 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2014/10/29 02:35:58 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Query.dll
MOD - [2014/10/29 02:32:29 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2014/10/29 02:29:05 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dlnashext.dll
MOD - [2014/10/29 02:14:54 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2014/10/29 02:08:36 | 002,174,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2014/10/29 02:06:27 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2014/10/29 02:06:25 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2014/10/29 02:06:20 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dpapi.dll
MOD - [2014/10/29 02:06:19 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2014/10/29 02:06:17 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2014/10/29 02:06:04 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2014/10/29 02:05:50 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2014/10/29 02:05:46 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2014/10/29 02:05:41 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2014/10/29 02:05:33 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2014/10/29 02:05:32 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2014/10/29 02:05:25 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2014/10/29 02:05:12 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2014/10/29 02:05:02 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
MOD - [2014/10/29 02:04:34 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2014/10/29 02:04:21 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2014/10/29 02:03:37 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2014/10/29 02:03:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2014/10/29 02:02:54 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DevDispItemProvider.dll
MOD - [2014/10/29 02:00:02 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dcomp.dll
MOD - [2014/10/29 01:59:28 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2014/10/29 01:58:41 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2014/10/29 01:58:34 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2014/10/29 01:58:05 | 000,306,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2014/10/29 01:57:46 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAnimation.dll
MOD - [2014/10/29 01:57:42 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2014/10/29 01:56:21 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2014/10/29 01:55:27 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ninput.dll
MOD - [2014/10/29 01:55:11 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2014/10/29 01:49:12 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\tiptsf.dll
MOD - [2014/10/29 01:48:28 | 000,949,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2014/10/29 01:48:01 | 001,142,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2014/10/29 01:45:16 | 000,397,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2014/10/29 01:45:07 | 000,573,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2014/10/29 01:44:46 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2014/10/29 01:43:55 | 000,624,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2014/10/29 01:30:15 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PlayToDevice.dll
MOD - [2014/06/06 22:28:34 | 000,126,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiuxpag.dll
MOD - [2014/06/06 22:28:16 | 001,107,384 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2014/06/06 22:27:54 | 008,764,952 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2014/03/18 16:40:53 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2014/03/18 16:40:53 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sppc.dll
MOD - [2013/08/03 05:40:17 | 000,653,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcr90.dll
MOD - [2013/08/03 05:40:17 | 000,570,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcp90.dll
MOD - [2012/07/27 21:51:34 | 000,066,496 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MOD - [2012/07/27 21:51:32 | 000,063,944 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll


[color=#E56717]========== Services (All) ==========[/color]

SRV - [2016/02/24 11:59:01 | 000,194,032 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2015/11/01 16:24:42 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/09/28 09:19:10 | 000,025,800 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/08/31 17:56:50 | 000,144,200 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdatem)
SRV - [2015/08/31 17:56:50 | 000,144,200 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2015/07/01 22:37:18 | 000,198,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2015/06/15 22:16:41 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2015/05/07 16:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2015/04/28 15:39:48 | 001,102,472 | ---- | M] (Hewlett-Packard Company) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2015/04/01 03:12:53 | 000,710,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2014/12/25 10:17:09 | 000,265,808 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/10/29 04:50:12 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/29 04:09:40 | 000,017,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2014/10/29 02:59:46 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2014/10/29 02:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 02:46:07 | 000,183,296 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2014/10/29 02:38:42 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2014/10/29 02:34:59 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2014/10/29 02:25:07 | 001,534,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2014/10/29 02:19:39 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2014/10/29 02:05:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2014/10/29 02:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/29 02:04:13 | 000,010,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2014/10/29 02:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\netlogon.dll -- (Netlogon)
SRV - [2014/10/29 02:01:27 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV - [2014/10/29 02:00:55 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2014/10/29 02:00:55 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2014/10/29 01:57:39 | 000,261,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2014/10/29 01:56:21 | 000,631,808 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2014/10/29 01:55:10 | 000,367,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2014/10/29 01:52:47 | 002,170,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2014/10/29 01:49:09 | 000,576,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2014/10/29 01:42:30 | 000,366,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2014/10/29 01:42:08 | 000,331,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2014/10/29 01:40:28 | 000,296,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2014/04/16 00:33:38 | 000,050,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2014/04/02 15:45:42 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2014/04/02 15:45:42 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2014/04/02 15:45:42 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2014/03/21 07:14:56 | 000,051,712 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\tbaseprovisioning.exe -- (tbaseprovisioning)
SRV - [2014/03/18 18:37:26 | 000,043,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2014/03/03 15:05:44 | 000,023,040 | ---- | M] (MUST info) [Auto | Running] -- C:\Program Files (x86)\MediMust\Outils\Sauvegarder_MediMustv2.0\service\Service_sauvegarde.exe -- (Postgres_Backup)
SRV - [2014/01/23 06:54:32 | 000,150,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2013/08/22 05:12:15 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2013/04/02 04:27:32 | 000,079,872 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\9.2\bin\pg_ctl.exe -- (postgresql-9.2)
SRV - [2012/03/16 21:39:58 | 000,476,728 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)


[color=#E56717]========== Driver Services (All) ==========[/color]


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK14/3
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK14/3
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3514722453-3218668315-90442094-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-3514722453-3218668315-90442094-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/
IE - HKU\S-1-5-21-3514722453-3218668315-90442094-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3514722453-3218668315-90442094-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3514722453-3218668315-90442094-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3514722453-3218668315-90442094-1001\..\SearchScopes,DefaultScope = {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}
IE - HKU\S-1-5-21-3514722453-3218668315-90442094-1001\..\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-3514722453-3218668315-90442094-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3514722453-3218668315-90442094-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3514722453-3218668315-90442094-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:43.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.66.2: C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2: C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/02/24 11:56:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 44.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 44.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2015/07/27 08:58:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jacqueline\AppData\Roaming\mozilla\Extensions
[2016/01/08 09:28:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jacqueline\AppData\Roaming\mozilla\Firefox\Profiles\5h8g5fox.default-1442568323441\extensions
[2015/09/18 10:18:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[color=#E56717]========== Chrome ==========[/color]


O1 HOSTS File: ([2013/08/22 14:25:41 | 000,000,824 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-3514722453-3218668315-90442094-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [FbNotifications] C:\Program Files (x86)\Goto.Games\Funbridge2\FbNotificationsComServer.exe (Goto.Games)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [sfagent] C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe File not found
O4 - HKLM..\Run: [SrvSVCNAM] C:\Program Files (x86)\santesocial\srvsvcnam\SRVSVCNAM.exe (CNAMTS - GIE SESAM-Vitale)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5.hp.com/WCLWeb/cabs/HPISDataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9E82796-9265-46D9-AF93-996EB0861057}: DhcpNameServer = 192.168.0.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/02/02 14:26:06 | 000,000,016 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2016/01/29 12:09:03 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2016/01/29 12:09:03 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: mcpltsvc -
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: vgasave.sys - Driver
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: mcpltsvc -
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: ntrexeservice - Service
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vgasave.sys - Driver
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

77.CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/02/24 14:07:07 | 000,000,000 | ---D | C] -- C:\Users\jacqueline\AppData\Roaming\TouchDRL
[2016/02/24 11:54:29 | 000,000,000 | ---D | C] -- C:\Users\jacqueline\AppData\Roaming\AVAST Software
[2016/02/24 11:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2016/02/24 11:52:10 | 000,052,184 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2016/02/17 08:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2016/02/11 10:10:54 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2016/02/10 09:24:43 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CPFilters.dll
[2016/02/10 09:24:39 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2016/02/10 09:24:34 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mtxoci.dll
[2016/02/10 09:24:33 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msorcl32.dll
[2016/02/10 09:24:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cfgbkend.dll
[2016/02/10 09:23:39 | 005,267,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\glcndFilter.dll
[2016/02/10 09:23:39 | 005,264,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Data.Pdf.dll
[2016/02/10 09:19:26 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2016/02/10 09:18:19 | 012,879,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinui.dll
[2016/02/10 09:18:16 | 002,464,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2016/02/10 09:15:31 | 001,564,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\combase.dll
[2016/02/10 09:15:31 | 000,548,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinTypes.dll
[2016/02/10 09:15:31 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wincorlib.dll
[2016/02/10 09:15:22 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSync.dll
[2016/02/10 09:14:40 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2016/02/10 09:14:39 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2016/02/10 09:14:39 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2016/02/10 09:14:29 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2016/02/10 09:14:28 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2016/02/10 09:14:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2016/02/10 09:14:28 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2016/02/04 09:32:53 | 000,000,000 | ---D | C] -- C:\Users\jacqueline\AppData\Local\G DATA
[2016/02/03 10:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G DATA
[2016/02/03 10:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\G Data
[2016/01/30 08:42:32 | 000,000,000 | ---D | C] -- C:\KVRT_Data
[2016/01/29 12:09:03 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2016/01/29 11:40:55 | 000,000,000 | ---D | C] -- C:\UsbFix
[2016/01/26 08:43:55 | 000,000,000 | ---D | C] -- C:\Users\jacqueline\Doctor Web

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/02/24 22:25:12 | 000,001,146 | ---- | M] () -- C:\Users\jacqueline\Desktop\OTL.exe - Raccourci.lnk
[2016/02/24 22:23:20 | 000,001,082 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/02/24 22:22:45 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2016/02/24 19:20:48 | 000,000,490 | ---- | M] () -- C:\Instal.reg
[2016/02/24 19:17:20 | 000,001,086 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/02/24 15:03:02 | 003,920,134 | ---- | M] () -- C:\windows\SysWow64\rootpa.e2e
[2016/02/24 15:02:19 | 000,000,507 | ---- | M] () -- C:\windows\SESAM.INI
[2016/02/24 15:02:16 | 000,000,056 | ---- | M] () -- C:\CNDA.INI
[2016/02/24 14:59:13 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/02/24 14:59:12 | 2951,303,168 | -HS- | M] () -- C:\hiberfil.sys
[2016/02/24 12:27:24 | 000,026,163 | ---- | M] () -- C:\Users\jacqueline\Documents\CONTRAT DE REMPLACEMENT REGULIER (3)SAAL.odt
[2016/02/24 12:27:24 | 000,026,163 | ---- | M] () -- C:\Users\jacqueline\Desktop\CONTRAT DE REMPLACEMENT REGULIER (3)SAAL.odt
[2016/02/24 11:52:10 | 000,052,184 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2016/02/22 18:25:54 | 000,000,362 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForjacqueline.job
[2016/02/22 10:07:04 | 000,000,432 | ---- | M] () -- C:\THALWIN.BAT
[2016/02/22 09:51:08 | 000,000,432 | ---- | M] () -- C:\THALWIN.BAK
[2016/02/07 18:58:00 | 000,021,993 | ---- | M] () -- C:\Users\jacqueline\Documents\COURRIER BNP.odt
[2016/02/04 10:05:57 | 000,000,000 | ---- | M] () -- C:\windows\topsecret.INI
[2016/02/04 10:05:56 | 000,000,000 | ---- | M] () -- C:\windows\GDDevCtrl.INI
[2016/02/02 03:37:41 | 000,828,920 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2016/02/02 03:37:41 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/02/24 22:25:12 | 000,001,146 | ---- | C] () -- C:\Users\jacqueline\Desktop\OTL.exe - Raccourci.lnk
[2016/02/24 13:09:16 | 000,026,163 | ---- | C] () -- C:\Users\jacqueline\Documents\CONTRAT DE REMPLACEMENT REGULIER (3)SAAL.odt
[2016/02/24 12:26:53 | 000,026,163 | ---- | C] () -- C:\Users\jacqueline\Desktop\CONTRAT DE REMPLACEMENT REGULIER (3)SAAL.odt
[2016/02/22 17:39:49 | 000,000,362 | ---- | C] () -- C:\windows\tasks\HPCeeScheduleForjacqueline.job
[2016/02/07 18:10:59 | 000,021,993 | ---- | C] () -- C:\Users\jacqueline\Documents\COURRIER BNP.odt
[2016/02/04 10:05:57 | 000,000,000 | ---- | C] () -- C:\windows\topsecret.INI
[2016/02/04 10:05:56 | 000,000,000 | ---- | C] () -- C:\windows\GDDevCtrl.INI
[2016/01/19 15:02:56 | 000,000,132 | ---- | C] () -- C:\windows\wininit.ini
[2015/06/01 15:47:36 | 000,254,976 | ---- | C] () -- C:\windows\SysWow64\SMSEQ.DLL
[2015/06/01 15:47:36 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\SMOOTHS.DLL
[2015/06/01 15:47:36 | 000,014,048 | ---- | C] () -- C:\windows\SysWow64\SMOOTH16.DLL
[2015/06/01 15:47:36 | 000,010,720 | ---- | C] () -- C:\windows\SysWow64\SCRLIB.DLL
[2015/06/01 15:47:35 | 000,009,984 | ---- | C] () -- C:\windows\SysWow64\BTDESIGN.DLL
[2015/04/22 08:37:20 | 000,107,008 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2015/04/22 08:34:29 | 000,046,080 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2015/02/02 13:11:46 | 000,305,664 | ---- | C] () -- C:\windows\BKL_CPS.DLL
[2015/02/02 13:11:46 | 000,057,344 | ---- | C] () -- C:\windows\cgcode32.dll
[2015/02/02 13:11:44 | 000,262,864 | ---- | C] () -- C:\windows\SysWow64\Bole16.dll
[2015/02/02 13:11:44 | 000,228,902 | ---- | C] () -- C:\windows\SysWow64\Vmpeg.dll
[2015/02/02 13:11:44 | 000,034,283 | ---- | C] () -- C:\windows\LHA.EXE
[2015/02/02 13:11:44 | 000,024,094 | ---- | C] () -- C:\windows\SysWow64\Mcivmpeg.drv
[2015/02/02 13:11:44 | 000,003,570 | ---- | C] () -- C:\windows\Spot.ini
[2015/02/02 13:11:44 | 000,001,986 | ---- | C] () -- C:\windows\Socket.ini
[2015/02/02 13:11:41 | 000,180,096 | ---- | C] () -- C:\windows\SysWow64\LTKRN61W.DLL
[2015/02/02 13:11:41 | 000,140,928 | ---- | C] () -- C:\windows\SysWow64\LFCMP61W.DLL
[2015/02/02 13:11:41 | 000,110,592 | ---- | C] () -- C:\windows\SysWow64\UNLHA.DLL
[2015/02/02 13:11:41 | 000,055,136 | ---- | C] () -- C:\windows\SysWow64\LTIMG61W.DLL
[2015/02/02 13:11:41 | 000,046,080 | ---- | C] () -- C:\windows\SysWow64\Oc25fra.dll
[2015/02/02 13:11:41 | 000,025,216 | ---- | C] () -- C:\windows\SysWow64\LTFIL61W.DLL
[2015/02/02 13:11:41 | 000,016,800 | ---- | C] () -- C:\windows\SysWow64\LTTWN61W.DLL
[2015/02/02 13:11:41 | 000,010,304 | ---- | C] () -- C:\windows\SysWow64\LFBMP61W.DLL
[2015/02/02 13:11:41 | 000,007,008 | ---- | C] () -- C:\windows\SysWow64\SETUPKIT.DLL
[2015/02/02 13:11:41 | 000,004,416 | ---- | C] () -- C:\windows\SysWow64\REGOCX16.EXE
[2015/02/02 13:11:32 | 000,343,040 | ---- | C] () -- C:\windows\SysWow64\lffpx7.dll
[2015/02/02 13:11:32 | 000,116,736 | ---- | C] () -- C:\windows\SysWow64\lfkodak.dll
[2015/02/02 13:11:32 | 000,068,096 | ---- | C] () -- C:\windows\SysWow64\lfplt11n.dll
[2015/02/02 13:11:31 | 000,258,048 | ---- | C] () -- C:\windows\SysWow64\Unlha32.dll
[2015/02/02 13:11:31 | 000,250,368 | ---- | C] () -- C:\windows\THLFILES.DLL
[2015/01/12 09:58:36 | 000,000,044 | ---- | C] () -- C:\windows\RSS.INI
[2015/01/12 09:55:45 | 000,000,507 | ---- | C] () -- C:\windows\SESAM.INI
[2015/01/12 09:55:42 | 000,045,056 | ---- | C] () -- C:\windows\ATLW32.DLL
[2015/01/12 09:55:41 | 000,024,064 | ---- | C] () -- C:\windows\FTUASETU.EXE
[2015/01/12 09:55:40 | 000,000,407 | ---- | C] () -- C:\windows\EMAILWIN.INI
[2014/12/26 18:09:06 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/10/20 09:09:25 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2014/10/20 08:41:56 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2014/06/12 12:29:40 | 000,000,645 | ---- | C] () -- C:\windows\galss.ini
[2014/06/06 19:53:58 | 000,995,342 | ---- | C] () -- C:\windows\SysWow64\amdocl_as32.exe
[2014/06/06 19:53:58 | 000,798,734 | ---- | C] () -- C:\windows\SysWow64\amdocl_ld32.exe
[2014/06/06 18:48:00 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2014/06/06 18:48:00 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2014/06/06 18:26:06 | 000,123,392 | ---- | C] () -- C:\windows\SysWow64\amdhdl32.dll
[2014/04/02 15:45:51 | 001,855,518 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2014/03/21 07:14:56 | 000,002,473 | ---- | C] () -- C:\windows\SysWow64\tbaseprovisioning.exe.config
[2014/03/18 16:40:52 | 000,002,255 | ---- | C] () -- C:\windows\SysWow64\WimBootCompress.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2014/10/20 09:00:23 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/01/22 09:01:44 | 022,365,992 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/01/22 08:11:11 | 019,794,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 02:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 01:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 02:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2015/01/10 08:30:24 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\4D
[2015/01/02 12:19:15 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\Goto.Games
[2015/01/10 08:30:22 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\MediMust 10_03c
[2016/02/24 19:46:29 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\4D
[2016/01/19 11:53:46 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\apilec
[2016/02/24 11:54:29 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\AVAST Software
[2015/01/14 12:12:59 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\Canon Electronics
[2015/01/19 09:47:57 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\ComptaMust 7_03a
[2015/01/09 15:11:36 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\FileZilla
[2015/10/02 18:11:39 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\Foxit Software
[2014/12/24 18:25:59 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\Goto.Games
[2015/10/30 16:14:05 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\MediMust 10_03c
[2016/01/19 14:08:31 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\MediMust 10_04h
[2015/01/15 16:00:18 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\OpenOffice
[2015/01/21 15:44:11 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\postgresql
[2015/06/09 10:46:44 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\TeamViewer
[2015/09/10 09:08:11 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\Thunderbird
[2016/02/24 14:58:13 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\TouchDRL
[2014/12/25 10:16:42 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\WildTangent
[2015/01/29 16:37:13 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\Windows Live Writer
[2015/12/17 09:04:32 | 000,000,000 | ---D | M] -- C:\Users\jacqueline\AppData\Roaming\ZHP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< 1.HKCU\Software >[/color]
[2013/08/22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2014/12/25 10:11:28 | 000,001,082 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/12/25 10:11:29 | 000,001,086 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2016/02/22 17:39:49 | 000,000,362 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForjacqueline.job

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 2.HKCU\Software\AppDataLow /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 3.HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 4.HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 5.HKLM\Software >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 6.HKCU\Software\Microsoft\Command Processor /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 7.HKLM\Software\Microsoft\Command Processor /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 8.HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 9.HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 10.HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 11.HKLM\System\CurrentControlSet\Control\Session Manager\AppcertDlls /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 12.%Homedrive%\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 13.%Homedrive%\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 14.%Homedrive%\Recycler\*.exe /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 15.%Homedrive%\Recycler\*.scr /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 16.%Homedrive%\Recycler\*.pif /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 17.%Homedrive%\Recycler\*.vb* /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 18.%Homedrive%\$Recycle.bin\*.exe /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 19.%Homedrive%\$Recycle.bin\*.scr /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 20.%Homedrive%\$Recycle.bin\*.pif /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 21.%Homedrive%\$Recycle.bin\*.vb* /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 22.%Userprofile%\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 23.%Userprofile%\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 24.%Allusersprofile%\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 25.%Allusersprofile%\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 26.%LocalAppData%\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 27.%LocalAppData%\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 28.%Userprofile%\Local Settings\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 29.%Userprofile%\Local Settings\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 30.%Userprofile%\Local Settings\Application Data\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 31.%Userprofile%\Local Settings\Application Data\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 32.%Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 33.%Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 34.%Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 35.%Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 36.%programFiles%\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 37.%programFiles%\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 38.%programfiles%\Google\Desktop\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 39.%ProgramFiles%\Common Files\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 40.%ProgramFiles(X86)%\Common Files\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 41.%Systemroot%\Installer\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 42.%Systemroot%\Temp\*.exe /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 43.%systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 44.%systemroot%\system32\*.exe /lockedfiles >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 45.%systemroot%\system32\*.in* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 46.%systemroot%\PSS\* /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 47.%systemroot%\Tasks\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 48.%systemroot%\Tasks\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 49.%systemroot%\system32\Tasks\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 50.%systemroot%\system32\Tasks\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 51.%systemroot%\syswow64\Tasks\* >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 52.%systemroot%\syswow64\Tasks\*. >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 53.%systemroot%\system32\drivers\*.sy* /lockedfiles >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 54.%systemroot%\system32\config\*.exe /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 55.%Systemroot%\ServiceProfiles\*.exe /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 56.%systemroot%\system32\*.sys >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 57.dir %Homedrive%\* /S /A:L /C >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 58.msconfig >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 59.activex >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 220 bytes -> C:\Users\jacqueline\OneDrive:ms-properties

< End of report >

Publicité

Signaler le contenu de ce document

Publicité