Fenetre roaming
Fermé
chrisdeceze
Messages postés
72
Date d'inscription
mardi 12 février 2008
Statut
Membre
Dernière intervention
21 décembre 2020
-
11 mars 2016 à 09:12
kevix49 Messages postés 68 Date d'inscription vendredi 4 mars 2016 Statut Membre Dernière intervention 25 mai 2020 - 11 mars 2016 à 10:18
kevix49 Messages postés 68 Date d'inscription vendredi 4 mars 2016 Statut Membre Dernière intervention 25 mai 2020 - 11 mars 2016 à 10:18
bonjour
ci-joint rapport " OTL " . probleme: une fenetre roaming s'ouvre au démarrage.
merci de voir si une correction peut etre apportéeOTL logfile created on: 3/11/2016 8:54:48 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\christian\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18230)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2.93 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 59.05% Memory free
5.86 Gb Paging File | 4.45 Gb Available in Paging File | 75.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 90.01 Gb Free Space | 64.76% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 137.91 Gb Free Space | 99.22% Space Free | Partition Type: NTFS
Computer Name: CHRISTIAN-PC | User Name: christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2016/03/11 08:54:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\christian\Downloads\OTL.exe
PRC - [2016/03/09 19:17:59 | 007,137,664 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\avastui.exe
PRC - [2016/03/09 18:09:32 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2016/02/17 16:08:49 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\GWX\GWX.exe
PRC - [2016/02/12 22:11:50 | 006,638,296 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2016/02/09 22:35:58 | 000,237,096 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2016/02/02 15:44:14 | 000,252,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
PRC - [2016/01/22 06:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2016/01/20 00:53:08 | 001,904,368 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
PRC - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/12/08 12:40:16 | 000,195,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/03/28 13:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2010/05/06 07:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010/01/19 03:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/11/04 05:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/10/13 11:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009/06/03 12:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/04/15 15:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2016/02/23 08:19:50 | 000,325,824 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2016/02/12 22:13:36 | 000,065,536 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1036.dll
MOD - [2016/02/09 22:35:59 | 000,480,760 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\ffl2.dll
MOD - [2016/02/09 22:35:59 | 000,113,496 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\log.dll
MOD - [2016/02/09 22:35:58 | 000,133,768 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
MOD - [2015/12/13 09:15:06 | 040,539,648 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2013/04/21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/06/03 12:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/06/03 12:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2006/08/12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - File not found [Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2016/03/09 18:09:31 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/02/10 18:43:03 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/02/09 22:35:58 | 000,237,096 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2016/02/08 21:28:58 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016/01/28 10:21:30 | 000,803,856 | ---- | M] (Garmin Ltd. or its subsidiaries) [Auto | Stopped] -- C:\Program Files\Garmin\Device Interaction Service\GarminService.exe -- (Garmin Device Interaction Service)
SRV - [2016/01/20 00:53:08 | 001,904,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/07/22 18:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/07/09 12:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/28 13:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/12/18 20:00:18 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\windows\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2016/03/09 19:18:03 | 000,816,304 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2016/03/09 19:18:02 | 000,091,168 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2016/02/23 19:13:33 | 000,447,848 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2016/02/10 19:28:52 | 000,221,240 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswvmm.sys -- (aswVmm)
DRV - [2016/02/09 22:36:05 | 000,127,432 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2016/02/09 22:36:04 | 000,091,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2016/02/09 22:36:04 | 000,058,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2016/02/09 22:36:04 | 000,032,792 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2013/09/03 13:05:27 | 000,007,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2010/11/25 06:59:16 | 000,603,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010/11/23 16:10:44 | 001,249,792 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/10/26 03:57:27 | 000,015,656 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtport.sys -- (rtport)
DRV - [2009/09/28 10:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/10 14:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKCU\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw_1223183.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\christian\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2016/02/10 07:16:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\Alwil Software\Avast5\SafePrice\FF [2016/02/10 07:16:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2016/03/09 18:09:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 45.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 45.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2016/03/09 18:09:24 | 000,000,000 | ---D | M]
[2010/12/22 10:59:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\christian\AppData\Roaming\mozilla\Extensions
[2010/12/22 10:59:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\christian\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2016/02/24 08:58:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\christian\AppData\Roaming\mozilla\Firefox\Profiles\8htvua7o.default-1415012050991\extensions
[2016/02/24 08:58:08 | 001,013,992 | ---- | M] () (No name found) -- C:\Users\christian\AppData\Roaming\mozilla\firefox\profiles\8htvua7o.default-1415012050991\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/03/09 18:09:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2016/03/09 18:09:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2016/03/09 18:09:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2016/03/09 18:09:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2016/03/09 18:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Mysearchdial (Enabled)
CHR - default_search_provider: search_url = https://www.google.com/?gws_rd=ssl
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms},
CHR - homepage: https://www.google.com/?gws_rd=ssl
CHR - plugin: Shockwave (Enabled) = C:\windows\system32\Adobe\Director\np32dsw_1203133.dll
CHR - Extension: YouTube = C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Recherche Google = C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd. or its subsidiaries)
O4 - Startup: C:\Users\christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
O4 - Startup: C:\Users\christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Games [2010/12/17 16:36:12 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Programs\PMU\PMUPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Programs\PMU\PMUPoker\RunApp.exe ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///E:/components/hidinputmonitorx.ocx (HidInputMonitorX Control)
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///E:/components/A9.ocx (A9Helper.A9)
O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///E:/components/wmvhdrating.ocx (WMVHDRatingCtrl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{506B4ADF-1E8B-438D-B449-88CF07F3800B}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A01204E6-3498-4762-BE85-5AE5592765BC}: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2016/03/10 08:24:31 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{B0917659-3984-4061-BD89-FC1FA3A6A175}
[2016/03/09 18:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2016/03/09 09:43:20 | 002,387,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2016/03/09 09:43:18 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfds.dll
[2016/03/09 09:43:12 | 003,994,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2016/03/09 09:43:12 | 003,938,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2016/03/09 09:43:10 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll
[2016/03/09 09:43:10 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2016/03/09 09:43:09 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rstrui.exe
[2016/03/09 09:43:09 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\auditpol.exe
[2016/03/09 09:43:09 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll
[2016/03/09 09:43:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll
[2016/03/09 09:43:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\apisetschema.dll
[2016/03/09 09:43:08 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\adtschema.dll
[2016/03/09 09:43:08 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msaudite.dll
[2016/03/09 09:43:08 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msobjs.dll
[2016/03/09 09:42:54 | 002,956,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2016/03/09 09:42:54 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2016/03/09 09:42:54 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2016/03/09 09:42:54 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2016/03/09 09:42:54 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WinSetupUI.dll
[2016/03/09 09:42:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2016/03/09 09:42:54 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2016/03/09 09:42:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2016/03/09 09:42:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wu.upgrade.ps.dll
[2016/03/09 09:42:48 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\asycfilt.dll
[2016/03/09 09:42:46 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2016/03/09 09:42:46 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollector.exe
[2016/03/09 09:42:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\JavaScriptCollectionAgent.dll
[2016/03/09 09:42:46 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwproxystub.dll
[2016/03/09 09:42:45 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2016/03/09 09:42:45 | 000,687,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2016/03/09 09:42:45 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MsSpellCheckingFacility.exe
[2016/03/09 09:42:45 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9diag.dll
[2016/03/09 09:42:45 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll
[2016/03/09 09:42:45 | 000,341,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2016/03/09 09:42:45 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2016/03/09 09:42:45 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inseng.dll
[2016/03/09 09:42:45 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2016/03/09 09:42:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2016/03/09 09:42:44 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2016/03/09 09:42:43 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2016/03/09 09:42:43 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msrating.dll
[2016/03/09 09:42:42 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2016/03/09 09:42:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollectorres.dll
[2016/03/09 09:42:41 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll
[2016/03/09 09:42:40 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2016/03/09 09:42:38 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2016/03/09 09:42:37 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmlmedia.dll
[2016/03/09 09:42:37 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MshtmlDac.dll
[2016/03/09 09:42:36 | 004,611,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2016/03/09 09:42:02 | 001,206,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\appraiser.dll
[2016/03/09 09:42:01 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aeinv.dll
[2016/03/09 09:42:01 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\invagent.dll
[2016/03/09 09:42:01 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\generaltel.dll
[2016/03/09 09:42:01 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\devinv.dll
[2016/03/09 09:42:01 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\acmigration.dll
[2016/03/09 09:42:01 | 000,034,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CompatTelRunner.exe
[2016/03/09 09:42:00 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ucrtbase.dll
[2016/03/09 09:42:00 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2016/03/09 09:42:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fontsub.dll
[2016/03/09 09:42:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll
[2016/03/09 09:42:00 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
[2016/03/09 09:42:00 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
[2016/03/09 09:42:00 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-2-0.dll
[2016/03/09 09:42:00 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-locale-l1-1-0.dll
[2016/03/09 09:42:00 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-2-0.dll
[2016/03/09 09:42:00 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-timezone-l1-1-0.dll
[2016/03/09 09:42:00 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-2-0.dll
[2016/03/09 09:42:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dciman32.dll
[2016/03/09 09:41:59 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-private-l1-1-0.dll
[2016/03/09 09:41:59 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-math-l1-1-0.dll
[2016/03/09 09:41:59 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-string-l1-1-0.dll
[2016/03/09 09:41:59 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
[2016/03/09 09:41:59 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-convert-l1-1-0.dll
[2016/03/09 09:41:59 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-time-l1-1-0.dll
[2016/03/09 09:41:59 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-process-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-heap-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-conio-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-utility-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-environment-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
[2016/03/09 09:41:59 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l2-1-0.dll
[2016/03/09 09:41:59 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l2-1-0.dll
[2016/03/09 09:41:58 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmploc.DLL
[2016/03/09 09:41:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwmp.dll
[2016/03/09 09:41:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdxm.ocx
[2016/03/09 09:41:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxmasf.dll
[2016/03/09 08:35:22 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{B4069263-78E8-4586-A340-B2BE7CEBDD3C}
[2016/03/08 09:27:29 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{803BDB3B-0FF6-4260-B761-4BA9735E2EDF}
[2016/03/08 08:54:29 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{6BA4CCF9-5B81-487D-9450-EA124AEC77BC}
[2016/03/07 13:29:51 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{9B3B9592-D478-4628-928F-5C9835E07846}
[2016/03/04 08:17:08 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{19BABDF3-D1CC-4696-9278-9A3EDF408B0E}
[2016/03/03 16:40:40 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{A0080719-791A-4094-8565-43BF4367BB6A}
[2016/03/02 20:28:45 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{D184B6BD-CB81-4503-BF37-BDE60A482C1B}
[2016/03/02 08:11:11 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{55EBCDB7-E7E3-42EA-9F2E-3DB3EBF3C749}
[2016/03/02 08:02:54 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{16E3AA41-B7A6-49BA-A642-0C6C86C81439}
[2016/03/01 09:45:02 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{B4BDA3FC-D000-48F8-B97E-3F8EB560F644}
[2016/02/29 08:32:14 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{2588D5AD-F497-475C-B2C2-595AB1C94470}
[2016/02/28 08:55:42 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{F0BC4AAB-6301-43F0-BDB4-2F9C84C09B55}
[2016/02/27 19:47:51 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{2806DEC9-47D2-4213-B6E6-8832AAF3DC13}
[2016/02/27 07:19:12 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{B5661E0C-F717-4053-8BD9-009977BF46D4}
[2016/02/26 08:58:14 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{631FED99-B4B3-40C8-9AD0-B6352774135E}
[2016/02/25 14:13:59 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{9F13629F-833A-4C11-A4CE-0B5E33E129A5}
[2016/02/24 22:05:39 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{F3AD5079-82A2-4A60-8111-84C26D2EE2DB}
[2016/02/24 21:39:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2016/02/24 21:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2016/02/24 21:39:45 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2016/02/24 08:53:11 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{E08A798B-CF26-4200-BE6E-C9F043582719}
[2016/02/23 08:46:36 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{0AF01655-6F2C-47E5-ACF4-43BECED58EF3}
[2016/02/22 09:27:51 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{0ACB4B93-AEA4-43AF-B9E8-F47289C26EC3}
[2016/02/21 08:24:00 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{1E3023E1-D483-4226-87E0-AEDA47BAAFA7}
[2016/02/20 14:42:45 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{D4420D36-F618-49B7-A70B-44C4CB357561}
[2016/02/19 10:26:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMU Poker
[2016/02/19 08:44:41 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{3FFE0E9B-0E51-48D0-A158-66A89C399A0D}
[2016/02/18 12:20:47 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{FDC27A2F-4EA5-4C1F-ABA7-6E04B0723936}
[2016/02/17 13:34:21 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{4ABF4F18-C57B-44A5-BD54-6DCC9A8326E1}
[2016/02/16 21:49:37 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{07D975A5-B5D2-48BC-8A18-2B1F33CDC25A}
[2016/02/16 08:35:30 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{A3CE39B7-52D8-48A9-A868-735912EE71B3}
[2016/02/15 08:46:50 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{17D26C9F-53F3-4F95-BB59-F58226F326AA}
[2016/02/14 09:03:46 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{BC799CEA-1884-4A9E-86A1-D0153D2D8A7D}
[2016/02/13 08:58:15 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{535E990A-8EA4-443C-AF3E-318DD7B8CC57}
[2016/02/12 08:27:34 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{E6DC7960-971E-4E22-84F0-31B837787160}
[2016/02/11 10:35:42 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{2E8BAF38-F9AC-4104-9533-2155A47A2861}
[2016/02/11 10:19:54 | 002,973,184 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2016/02/11 10:19:54 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\authui.dll
[2016/02/11 10:19:54 | 001,498,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ExplorerFrame.dll
[2016/02/11 10:19:40 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\InkEd.dll
[2016/02/11 10:19:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jnwmon.dll
[2016/02/11 10:19:26 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CPFilters.dll
[2016/02/11 10:19:25 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll
[2016/02/11 10:19:07 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msorcl32.dll
[2016/02/11 08:54:28 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2016/02/11 08:54:28 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2016/02/11 08:54:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2016/02/11 08:54:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2016/02/11 08:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2016/02/11 08:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2016/02/11 08:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2016/02/11 08:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2016/02/11 08:54:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2016/02/11 08:54:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2016/02/11 08:54:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2016/03/11 08:49:37 | 000,023,552 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/03/11 08:49:37 | 000,023,552 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/03/11 08:49:24 | 000,001,058 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/03/11 08:41:12 | 000,000,586 | ---- | M] () -- C:\windows\tasks\G2MUpdateTask-S-1-5-21-3219418776-4157282183-555089908-1000.job
[2016/03/11 08:38:20 | 000,001,054 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/03/11 08:37:33 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2016/03/11 08:37:26 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2016/03/10 22:45:40 | 000,001,002 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2016/03/10 22:45:40 | 000,000,682 | ---- | M] () -- C:\windows\tasks\G2MUploadTask-S-1-5-21-3219418776-4157282183-555089908-1000.job
[2016/03/10 08:20:37 | 000,747,910 | ---- | M] () -- C:\windows\System32\perfh00C.dat
[2016/03/10 08:20:37 | 000,654,480 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2016/03/10 08:20:37 | 000,150,402 | ---- | M] () -- C:\windows\System32\perfc00C.dat
[2016/03/10 08:20:37 | 000,122,352 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2016/03/10 08:12:07 | 000,444,464 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2016/03/09 19:18:03 | 000,816,304 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswsnx.sys
[2016/03/09 19:18:02 | 000,091,168 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswmonflt.sys
[2016/03/09 08:43:56 | 003,189,760 | ---- | M] () -- C:\Users\christian\Documents\Saut l'ilasticlucette.pps
[2016/03/09 08:42:29 | 003,473,440 | ---- | M] () -- C:\Users\christian\Documents\Escarpolettes!!1.mp4
[2016/02/29 14:05:14 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/02/24 21:39:46 | 000,002,685 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2016/02/23 19:13:33 | 000,447,848 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswsp.sys
[2016/02/19 19:50:25 | 000,034,240 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\CompatTelRunner.exe
[2016/02/19 19:41:49 | 000,958,464 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\aeinv.dll
[2016/02/19 15:07:31 | 001,206,784 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\appraiser.dll
[2016/02/19 10:26:40 | 000,001,435 | ---- | M] () -- C:\Users\christian\Application Data\Microsoft\Internet Explorer\Quick Launch\PMU Poker.lnk
[2016/02/19 10:26:40 | 000,001,411 | ---- | M] () -- C:\Users\christian\Desktop\PMU Poker.lnk
[2016/02/12 19:39:55 | 002,956,288 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2016/02/12 19:39:55 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2016/02/12 19:26:42 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\WinSetupUI.dll
[2016/02/12 19:06:13 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2016/02/12 19:05:17 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2016/02/12 19:05:17 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2016/02/12 19:05:13 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2016/02/12 19:05:13 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2016/02/12 19:05:07 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wu.upgrade.ps.dll
[2016/02/11 19:44:45 | 003,994,560 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2016/02/11 19:44:45 | 003,938,240 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2016/02/11 19:37:53 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\srcore.dll
[2016/02/11 19:35:14 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2016/02/11 19:35:06 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msobjs.dll
[2016/02/11 19:34:26 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msaudite.dll
[2016/02/11 19:31:29 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll
[2016/02/11 19:30:36 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\apisetschema.dll
[2016/02/11 19:30:33 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\adtschema.dll
[2016/02/11 18:43:48 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\auditpol.exe
[2016/02/11 18:37:31 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\rstrui.exe
[2016/02/11 18:30:58 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll
[2016/02/11 15:07:26 | 000,552,960 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\generaltel.dll
[2016/02/10 19:28:52 | 000,221,240 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswvmm.sys
[2016/02/10 18:43:03 | 000,796,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2016/02/10 18:43:03 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2016/03/09 08:43:55 | 003,189,760 | ---- | C] () -- C:\Users\christian\Documents\Saut l'ilasticlucette.pps
[2016/03/09 08:42:28 | 003,473,440 | ---- | C] () -- C:\Users\christian\Documents\Escarpolettes!!1.mp4
[2014/04/06 08:11:15 | 000,003,584 | ---- | C] () -- C:\Users\christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/19 11:24:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/12/17 15:19:00 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/01/22 07:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:6FB93194
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:E36F5B57
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:2430E4FC
< End of report >
ci-joint rapport " OTL " . probleme: une fenetre roaming s'ouvre au démarrage.
merci de voir si une correction peut etre apportéeOTL logfile created on: 3/11/2016 8:54:48 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\christian\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18230)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2.93 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 59.05% Memory free
5.86 Gb Paging File | 4.45 Gb Available in Paging File | 75.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 90.01 Gb Free Space | 64.76% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 137.91 Gb Free Space | 99.22% Space Free | Partition Type: NTFS
Computer Name: CHRISTIAN-PC | User Name: christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2016/03/11 08:54:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\christian\Downloads\OTL.exe
PRC - [2016/03/09 19:17:59 | 007,137,664 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\avastui.exe
PRC - [2016/03/09 18:09:32 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2016/02/17 16:08:49 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\GWX\GWX.exe
PRC - [2016/02/12 22:11:50 | 006,638,296 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2016/02/09 22:35:58 | 000,237,096 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2016/02/02 15:44:14 | 000,252,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
PRC - [2016/01/22 06:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2016/01/20 00:53:08 | 001,904,368 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
PRC - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/12/08 12:40:16 | 000,195,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/03/28 13:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2010/05/06 07:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010/01/19 03:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/11/04 05:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/10/13 11:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009/06/03 12:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/04/15 15:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2016/02/23 08:19:50 | 000,325,824 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2016/02/12 22:13:36 | 000,065,536 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1036.dll
MOD - [2016/02/09 22:35:59 | 000,480,760 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\ffl2.dll
MOD - [2016/02/09 22:35:59 | 000,113,496 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\log.dll
MOD - [2016/02/09 22:35:58 | 000,133,768 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
MOD - [2015/12/13 09:15:06 | 040,539,648 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2013/04/21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/06/03 12:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/06/03 12:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2006/08/12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - File not found [Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2016/03/09 18:09:31 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/02/10 18:43:03 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/02/09 22:35:58 | 000,237,096 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2016/02/08 21:28:58 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016/01/28 10:21:30 | 000,803,856 | ---- | M] (Garmin Ltd. or its subsidiaries) [Auto | Stopped] -- C:\Program Files\Garmin\Device Interaction Service\GarminService.exe -- (Garmin Device Interaction Service)
SRV - [2016/01/20 00:53:08 | 001,904,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/07/22 18:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/07/09 12:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/28 13:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/12/18 20:00:18 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\windows\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2016/03/09 19:18:03 | 000,816,304 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2016/03/09 19:18:02 | 000,091,168 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2016/02/23 19:13:33 | 000,447,848 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2016/02/10 19:28:52 | 000,221,240 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswvmm.sys -- (aswVmm)
DRV - [2016/02/09 22:36:05 | 000,127,432 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2016/02/09 22:36:04 | 000,091,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2016/02/09 22:36:04 | 000,058,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2016/02/09 22:36:04 | 000,032,792 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2013/09/03 13:05:27 | 000,007,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2010/11/25 06:59:16 | 000,603,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010/11/23 16:10:44 | 001,249,792 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/10/26 03:57:27 | 000,015,656 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtport.sys -- (rtport)
DRV - [2009/09/28 10:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/10 14:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKCU\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw_1223183.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\christian\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2016/02/10 07:16:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\Alwil Software\Avast5\SafePrice\FF [2016/02/10 07:16:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2016/03/09 18:09:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 45.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 45.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2016/03/09 18:09:24 | 000,000,000 | ---D | M]
[2010/12/22 10:59:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\christian\AppData\Roaming\mozilla\Extensions
[2010/12/22 10:59:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\christian\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2016/02/24 08:58:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\christian\AppData\Roaming\mozilla\Firefox\Profiles\8htvua7o.default-1415012050991\extensions
[2016/02/24 08:58:08 | 001,013,992 | ---- | M] () (No name found) -- C:\Users\christian\AppData\Roaming\mozilla\firefox\profiles\8htvua7o.default-1415012050991\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/03/09 18:09:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2016/03/09 18:09:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2016/03/09 18:09:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2016/03/09 18:09:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2016/03/09 18:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Mysearchdial (Enabled)
CHR - default_search_provider: search_url = https://www.google.com/?gws_rd=ssl
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms},
CHR - homepage: https://www.google.com/?gws_rd=ssl
CHR - plugin: Shockwave (Enabled) = C:\windows\system32\Adobe\Director\np32dsw_1203133.dll
CHR - Extension: YouTube = C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Recherche Google = C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd. or its subsidiaries)
O4 - Startup: C:\Users\christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
O4 - Startup: C:\Users\christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Games [2010/12/17 16:36:12 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Programs\PMU\PMUPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Programs\PMU\PMUPoker\RunApp.exe ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///E:/components/hidinputmonitorx.ocx (HidInputMonitorX Control)
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///E:/components/A9.ocx (A9Helper.A9)
O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///E:/components/wmvhdrating.ocx (WMVHDRatingCtrl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{506B4ADF-1E8B-438D-B449-88CF07F3800B}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A01204E6-3498-4762-BE85-5AE5592765BC}: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2016/03/10 08:24:31 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{B0917659-3984-4061-BD89-FC1FA3A6A175}
[2016/03/09 18:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2016/03/09 09:43:20 | 002,387,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2016/03/09 09:43:18 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfds.dll
[2016/03/09 09:43:12 | 003,994,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2016/03/09 09:43:12 | 003,938,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2016/03/09 09:43:10 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll
[2016/03/09 09:43:10 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2016/03/09 09:43:09 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rstrui.exe
[2016/03/09 09:43:09 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\auditpol.exe
[2016/03/09 09:43:09 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll
[2016/03/09 09:43:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll
[2016/03/09 09:43:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\apisetschema.dll
[2016/03/09 09:43:08 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\adtschema.dll
[2016/03/09 09:43:08 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msaudite.dll
[2016/03/09 09:43:08 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msobjs.dll
[2016/03/09 09:42:54 | 002,956,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2016/03/09 09:42:54 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2016/03/09 09:42:54 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2016/03/09 09:42:54 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2016/03/09 09:42:54 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WinSetupUI.dll
[2016/03/09 09:42:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2016/03/09 09:42:54 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2016/03/09 09:42:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2016/03/09 09:42:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wu.upgrade.ps.dll
[2016/03/09 09:42:48 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\asycfilt.dll
[2016/03/09 09:42:46 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2016/03/09 09:42:46 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollector.exe
[2016/03/09 09:42:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\JavaScriptCollectionAgent.dll
[2016/03/09 09:42:46 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwproxystub.dll
[2016/03/09 09:42:45 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2016/03/09 09:42:45 | 000,687,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2016/03/09 09:42:45 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MsSpellCheckingFacility.exe
[2016/03/09 09:42:45 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9diag.dll
[2016/03/09 09:42:45 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll
[2016/03/09 09:42:45 | 000,341,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2016/03/09 09:42:45 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2016/03/09 09:42:45 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inseng.dll
[2016/03/09 09:42:45 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2016/03/09 09:42:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2016/03/09 09:42:44 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2016/03/09 09:42:43 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2016/03/09 09:42:43 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msrating.dll
[2016/03/09 09:42:42 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2016/03/09 09:42:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollectorres.dll
[2016/03/09 09:42:41 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll
[2016/03/09 09:42:40 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2016/03/09 09:42:38 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2016/03/09 09:42:37 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmlmedia.dll
[2016/03/09 09:42:37 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MshtmlDac.dll
[2016/03/09 09:42:36 | 004,611,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2016/03/09 09:42:02 | 001,206,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\appraiser.dll
[2016/03/09 09:42:01 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aeinv.dll
[2016/03/09 09:42:01 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\invagent.dll
[2016/03/09 09:42:01 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\generaltel.dll
[2016/03/09 09:42:01 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\devinv.dll
[2016/03/09 09:42:01 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\acmigration.dll
[2016/03/09 09:42:01 | 000,034,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CompatTelRunner.exe
[2016/03/09 09:42:00 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ucrtbase.dll
[2016/03/09 09:42:00 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2016/03/09 09:42:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fontsub.dll
[2016/03/09 09:42:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll
[2016/03/09 09:42:00 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
[2016/03/09 09:42:00 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
[2016/03/09 09:42:00 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-2-0.dll
[2016/03/09 09:42:00 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-locale-l1-1-0.dll
[2016/03/09 09:42:00 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-2-0.dll
[2016/03/09 09:42:00 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-timezone-l1-1-0.dll
[2016/03/09 09:42:00 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-2-0.dll
[2016/03/09 09:42:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dciman32.dll
[2016/03/09 09:41:59 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-private-l1-1-0.dll
[2016/03/09 09:41:59 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-math-l1-1-0.dll
[2016/03/09 09:41:59 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-string-l1-1-0.dll
[2016/03/09 09:41:59 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
[2016/03/09 09:41:59 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-convert-l1-1-0.dll
[2016/03/09 09:41:59 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-time-l1-1-0.dll
[2016/03/09 09:41:59 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-process-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-heap-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-conio-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-utility-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-crt-environment-l1-1-0.dll
[2016/03/09 09:41:59 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
[2016/03/09 09:41:59 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l2-1-0.dll
[2016/03/09 09:41:59 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l2-1-0.dll
[2016/03/09 09:41:58 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmploc.DLL
[2016/03/09 09:41:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwmp.dll
[2016/03/09 09:41:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdxm.ocx
[2016/03/09 09:41:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxmasf.dll
[2016/03/09 08:35:22 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{B4069263-78E8-4586-A340-B2BE7CEBDD3C}
[2016/03/08 09:27:29 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{803BDB3B-0FF6-4260-B761-4BA9735E2EDF}
[2016/03/08 08:54:29 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{6BA4CCF9-5B81-487D-9450-EA124AEC77BC}
[2016/03/07 13:29:51 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{9B3B9592-D478-4628-928F-5C9835E07846}
[2016/03/04 08:17:08 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{19BABDF3-D1CC-4696-9278-9A3EDF408B0E}
[2016/03/03 16:40:40 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{A0080719-791A-4094-8565-43BF4367BB6A}
[2016/03/02 20:28:45 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{D184B6BD-CB81-4503-BF37-BDE60A482C1B}
[2016/03/02 08:11:11 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{55EBCDB7-E7E3-42EA-9F2E-3DB3EBF3C749}
[2016/03/02 08:02:54 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{16E3AA41-B7A6-49BA-A642-0C6C86C81439}
[2016/03/01 09:45:02 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{B4BDA3FC-D000-48F8-B97E-3F8EB560F644}
[2016/02/29 08:32:14 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{2588D5AD-F497-475C-B2C2-595AB1C94470}
[2016/02/28 08:55:42 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{F0BC4AAB-6301-43F0-BDB4-2F9C84C09B55}
[2016/02/27 19:47:51 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{2806DEC9-47D2-4213-B6E6-8832AAF3DC13}
[2016/02/27 07:19:12 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{B5661E0C-F717-4053-8BD9-009977BF46D4}
[2016/02/26 08:58:14 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{631FED99-B4B3-40C8-9AD0-B6352774135E}
[2016/02/25 14:13:59 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{9F13629F-833A-4C11-A4CE-0B5E33E129A5}
[2016/02/24 22:05:39 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{F3AD5079-82A2-4A60-8111-84C26D2EE2DB}
[2016/02/24 21:39:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2016/02/24 21:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2016/02/24 21:39:45 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2016/02/24 08:53:11 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{E08A798B-CF26-4200-BE6E-C9F043582719}
[2016/02/23 08:46:36 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{0AF01655-6F2C-47E5-ACF4-43BECED58EF3}
[2016/02/22 09:27:51 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{0ACB4B93-AEA4-43AF-B9E8-F47289C26EC3}
[2016/02/21 08:24:00 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{1E3023E1-D483-4226-87E0-AEDA47BAAFA7}
[2016/02/20 14:42:45 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{D4420D36-F618-49B7-A70B-44C4CB357561}
[2016/02/19 10:26:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMU Poker
[2016/02/19 08:44:41 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{3FFE0E9B-0E51-48D0-A158-66A89C399A0D}
[2016/02/18 12:20:47 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{FDC27A2F-4EA5-4C1F-ABA7-6E04B0723936}
[2016/02/17 13:34:21 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{4ABF4F18-C57B-44A5-BD54-6DCC9A8326E1}
[2016/02/16 21:49:37 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{07D975A5-B5D2-48BC-8A18-2B1F33CDC25A}
[2016/02/16 08:35:30 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{A3CE39B7-52D8-48A9-A868-735912EE71B3}
[2016/02/15 08:46:50 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{17D26C9F-53F3-4F95-BB59-F58226F326AA}
[2016/02/14 09:03:46 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{BC799CEA-1884-4A9E-86A1-D0153D2D8A7D}
[2016/02/13 08:58:15 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{535E990A-8EA4-443C-AF3E-318DD7B8CC57}
[2016/02/12 08:27:34 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{E6DC7960-971E-4E22-84F0-31B837787160}
[2016/02/11 10:35:42 | 000,000,000 | ---D | C] -- C:\Users\christian\AppData\Local\{2E8BAF38-F9AC-4104-9533-2155A47A2861}
[2016/02/11 10:19:54 | 002,973,184 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2016/02/11 10:19:54 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\authui.dll
[2016/02/11 10:19:54 | 001,498,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ExplorerFrame.dll
[2016/02/11 10:19:40 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\InkEd.dll
[2016/02/11 10:19:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jnwmon.dll
[2016/02/11 10:19:26 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CPFilters.dll
[2016/02/11 10:19:25 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll
[2016/02/11 10:19:07 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msorcl32.dll
[2016/02/11 08:54:28 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2016/02/11 08:54:28 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2016/02/11 08:54:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2016/02/11 08:54:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2016/02/11 08:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2016/02/11 08:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2016/02/11 08:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2016/02/11 08:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2016/02/11 08:54:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2016/02/11 08:54:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2016/02/11 08:54:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2016/02/11 08:54:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2016/02/11 08:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2016/03/11 08:49:37 | 000,023,552 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/03/11 08:49:37 | 000,023,552 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/03/11 08:49:24 | 000,001,058 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/03/11 08:41:12 | 000,000,586 | ---- | M] () -- C:\windows\tasks\G2MUpdateTask-S-1-5-21-3219418776-4157282183-555089908-1000.job
[2016/03/11 08:38:20 | 000,001,054 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/03/11 08:37:33 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2016/03/11 08:37:26 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2016/03/10 22:45:40 | 000,001,002 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2016/03/10 22:45:40 | 000,000,682 | ---- | M] () -- C:\windows\tasks\G2MUploadTask-S-1-5-21-3219418776-4157282183-555089908-1000.job
[2016/03/10 08:20:37 | 000,747,910 | ---- | M] () -- C:\windows\System32\perfh00C.dat
[2016/03/10 08:20:37 | 000,654,480 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2016/03/10 08:20:37 | 000,150,402 | ---- | M] () -- C:\windows\System32\perfc00C.dat
[2016/03/10 08:20:37 | 000,122,352 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2016/03/10 08:12:07 | 000,444,464 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2016/03/09 19:18:03 | 000,816,304 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswsnx.sys
[2016/03/09 19:18:02 | 000,091,168 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswmonflt.sys
[2016/03/09 08:43:56 | 003,189,760 | ---- | M] () -- C:\Users\christian\Documents\Saut l'ilasticlucette.pps
[2016/03/09 08:42:29 | 003,473,440 | ---- | M] () -- C:\Users\christian\Documents\Escarpolettes!!1.mp4
[2016/02/29 14:05:14 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/02/24 21:39:46 | 000,002,685 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2016/02/23 19:13:33 | 000,447,848 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswsp.sys
[2016/02/19 19:50:25 | 000,034,240 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\CompatTelRunner.exe
[2016/02/19 19:41:49 | 000,958,464 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\aeinv.dll
[2016/02/19 15:07:31 | 001,206,784 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\appraiser.dll
[2016/02/19 10:26:40 | 000,001,435 | ---- | M] () -- C:\Users\christian\Application Data\Microsoft\Internet Explorer\Quick Launch\PMU Poker.lnk
[2016/02/19 10:26:40 | 000,001,411 | ---- | M] () -- C:\Users\christian\Desktop\PMU Poker.lnk
[2016/02/12 19:39:55 | 002,956,288 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2016/02/12 19:39:55 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2016/02/12 19:26:42 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\WinSetupUI.dll
[2016/02/12 19:06:13 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2016/02/12 19:05:17 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2016/02/12 19:05:17 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2016/02/12 19:05:13 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2016/02/12 19:05:13 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2016/02/12 19:05:07 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wu.upgrade.ps.dll
[2016/02/11 19:44:45 | 003,994,560 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2016/02/11 19:44:45 | 003,938,240 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2016/02/11 19:37:53 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\srcore.dll
[2016/02/11 19:35:14 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2016/02/11 19:35:06 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msobjs.dll
[2016/02/11 19:34:26 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msaudite.dll
[2016/02/11 19:31:29 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll
[2016/02/11 19:30:36 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\apisetschema.dll
[2016/02/11 19:30:33 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\adtschema.dll
[2016/02/11 18:43:48 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\auditpol.exe
[2016/02/11 18:37:31 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\rstrui.exe
[2016/02/11 18:30:58 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll
[2016/02/11 15:07:26 | 000,552,960 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\generaltel.dll
[2016/02/10 19:28:52 | 000,221,240 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswvmm.sys
[2016/02/10 18:43:03 | 000,796,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2016/02/10 18:43:03 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2016/03/09 08:43:55 | 003,189,760 | ---- | C] () -- C:\Users\christian\Documents\Saut l'ilasticlucette.pps
[2016/03/09 08:42:28 | 003,473,440 | ---- | C] () -- C:\Users\christian\Documents\Escarpolettes!!1.mp4
[2014/04/06 08:11:15 | 000,003,584 | ---- | C] () -- C:\Users\christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/19 11:24:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/12/17 15:19:00 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/01/22 07:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:6FB93194
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:E36F5B57
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:2430E4FC
< End of report >
A voir également:
- Fenetre roaming
- Appdata roaming - Guide
- Raccourci agrandir fenetre - Guide
- Fenetre privée - Guide
- Fenêtre hors écran windows 11 - Guide
- Pass roaming internet *78 - Forum Réseau
2 réponses
kevix49
Messages postés
68
Date d'inscription
vendredi 4 mars 2016
Statut
Membre
Dernière intervention
25 mai 2020
3
11 mars 2016 à 09:42
11 mars 2016 à 09:42
bonjour, Cette ligne n'est pas bonne
[2016/03/11 08:49:37 | 000,023,552 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-
[2016/03/11 08:49:37 | 000,023,552 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-
kevix49
Messages postés
68
Date d'inscription
vendredi 4 mars 2016
Statut
Membre
Dernière intervention
25 mai 2020
3
11 mars 2016 à 10:18
11 mars 2016 à 10:18
A moi ? je en sais strictement rien !
11 mars 2016 à 10:01
merci