Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

problem with sdxc card & locky ~ i'm french, i go speak french on bleepingcomput


  • This topic is locked This topic is locked
25 replies to this topic

#1 datwin-bordo

datwin-bordo

  • Banned
  • 60 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 05 April 2016 - 02:37 AM

Hello, my name is Jonathan, i'm 27 year old, i'm located on France->Aquitaine, i'm speak french:.....

Hmmm! Hmmm!, excuse moi je connais un peu plus le français que l'anglais,

Je suis sur bleepingcomputer.com pour paler français,
J'ai ma carte sdxc de 500go quand je la mets dans mon appareil-pjoto sony cybershot dsc-w690, il y à marqué "erreur base de données", c'est sans doute/peut être dû aux 2600 "hidden.rootkits" détectés par le scan de comodo cleaning essentials, à la fin du scan, je les mets en quarantaine, mais comodo cleaning essentials plante, impossible donc de nettoyer ces "rootkits cachés"

J'ai également vu dans mes rapports d'il y a 5 jours de zhpdiag et de pre_scan une dizaine de traces de Locky aussi...

BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 05 April 2016 - 05:25 AM

Salut Jonathan :)

Malheureusement, BleepingComputer est un forum d'entraide informatique en Anglais, et donc si tu veux reçevoir de l'assistance ici, il va falloir travailler en Anglais. Si tu veux, je peux te recommender un autre forum dans la même organisation que BleepingComputer (soit UNITE) qui est en Français et ou tu peux reçevoir le même type d'assistance. C'est Security-X.

https://forum.security-x.fr/

Si tu décides d'aller là-bas pour reçevoir de l'aide, laisse-moi le savoir ici s'il-te-plait.

Merci! :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 datwin-bordo

datwin-bordo
  • Topic Starter

  • Banned
  • 60 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 05 April 2016 - 02:37 PM

No no no, i had bannissement on security-x foum, too late, i go finally speak english on bleepingcomputer, i speak english on comodo geekbuddy chat,

#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 05 April 2016 - 04:25 PM

Alright. In that case I'll ask you to agree to two things before I assist you.

1. If you are being assisted anywhere else for these issues right now (on other forums, or even in real life), I need to know. Reason being that if you're currently being assisted on another forum, I won't be assisting you here as it would conflict with your other clean-up.

2. You are to follow every instructions I post, and not run scans or do any other kind of your actions on your system without my approval.

Let me know if you agree to my two conditions above (on top of letting me know if you're being assisted elsewhere at the moment), and if you do, we'll start the clean-up (assuming you're not being assisted anywhere else at the moment).

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 datwin-bordo

datwin-bordo
  • Topic Starter

  • Banned
  • 60 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 05 April 2016 - 09:48 PM

Hello, i agree theses 2 rules,

And i have 2 problems:

Problem #1 ~ 512Gb sdxc card:
When i put my 512gb sdxc card on my sony cybershot dsc-w690, i have on my camera "database error" message, maybe because of 2500 hidden.rootkits detected by "comodo cleaning esseantials", at the "comodo cleaning essentials" scans ends, i go try to quarantines the 2500 detected "hidden.rootkits" and comodo cleaning essentials crashes everytime at 50/2500 or 180/2500 on cleanup, turns into the cleanup/quarantines very very impossible, i had tried usbfix, pre_scan, remediate VBS worm, and it's not enough

Problem #2 ~ Locky malware:
Since 5 days, i have "Locky" mentionned on my ZHP & pre_scan repports, and for the time locky not visible on desktop, locky soon risks crypts my files on my disks/usb/cards plugged on my computer, i'm infected by Locky malware

By precaution, And i have installed Auslogics BitReplica for backup all data of my 512gb sdxc card to my 1tb external hard drive, and installed Shadow Explorer because of Locky,

Go help...

#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 06 April 2016 - 05:25 AM

Alright, good.

In order to get started, I'll need you to run FRST and provide me a fresh set of logs. Follow the instructions below please.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.
  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • Check the Addition.txt option;
  • Click on the Scan button;
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files;
  • Copy and paste the content of FRST.txt in your next reply, and attach Addition.txt to it;
You can also copy/paste your ZHP and pre_scan reports here.

Your next reply(ies) should include:
  • Copy/pasted content of the FRST.txt log;
  • Copy/pasted content of the Addition.txt log;
  • Copy/pasted content of your ZHP and pre_scan reports (if you still have them);

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 datwin-bordo

datwin-bordo
  • Topic Starter

  • Banned
  • 60 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 06 April 2016 - 01:23 PM

and now the reports of zhp, pre_scan, frst & comodo:

http://www.cjoint.com/c/FDgsp71gJNp

http://www.cjoint.com/c/FDgsqSaXrcp

http://www.cjoint.com/c/FDgsrvnIKsp

http://www.cjoint.com/c/FDgsr5Pqo0p

http://www.cjoint.com/c/FDgslRXDLYp

http://www.cjoint.com/c/FDgspiPfiIp

 

and i had today install the recuva by piriform to undelete files deleted by the locky virus  and 7zip for unzip the zip folder of shadow explorer's portable version, but in the setup, because recuva & 7zip downloaded on the downloadlod site, the setups of recuva/7zip have the "web bar virus" and i'm infected by the "web bar malware", and recuva is installed to a portable folder in desktop,

go help



#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 06 April 2016 - 01:27 PM

Thanks for the logs. I'll look at them tonight after getting back from my night class, and work on a fix.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 datwin-bordo

datwin-bordo
  • Topic Starter

  • Banned
  • 60 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 06 April 2016 - 01:38 PM

we "tune-up" my 512 gb sdxc card and my pc for use my sdxc card on my sony cybershot camera and erase locky & web bar virus



#10 datwin-bordo

datwin-bordo
  • Topic Starter

  • Banned
  • 60 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 07 April 2016 - 06:05 AM

Thanks for the logs. I'll look at them tonight after getting back from my night class, and work on a fix.

you work for a fix, and i'm infected also by YAC yet another cleaner, winzip registry optimizer, winzip driver updater, yahoo toolbar, ad-aware webcompanion, opencandy's tracking cookies, etc...



#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 08 April 2016 - 05:20 AM

Hi datwin-bordo :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.
  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens;
  • As long as I'm assisting you on BleepingComputer, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you;
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system;
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!;
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced;
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against BleepingComputer's rules;
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process;
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone;
  • Since I'm still a trainee, all my posts have to be reviewed by an instructor prior to be posted to make sure that you receive the best assistance possible. Sorry for the inconvenience. This being said, I have a full time job, and I also have night classes on Mondays and Wednesdays, which means that if you reply during these two days, it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread;
This being said, it's time to clean-up some malware, so let's get started, shall we?

Two things.
  • From now on, all your logs are to be copy/pasted in the thread directly (not on another website like cjoint.com) unless specified otherwise;
  • Do not download nor install any program on your own unless I ask you to;
You agreed to follow these rules earlier. If you cannot follow them, I won't be able to assist you, alright?

warning.gifPC Booster/Tune-Up Program Warning!
"PC Booster/Tune Up" programs are part of the worst programs you can install on a system. When it comes to messing up your system (Windows), these are as worst as malware. They are completely worthless and useless to use. The worst is that they'll often take action on your system without you knowing, nor authorizing it, which could lead to your system being altered in a way you don't want it to be or even worst, a "broke" system. Every feature they provide, you can either do it natively under Windows, do it via another standalone executable (which is way easier and safer to use) or they aren't providing something you need. Here's a few examples:
  • Cleaning temporary files: TFC (standalone executable), CCleaner (installed), Cleanmgr.exe (built-in);
  • Managing start-up entries: Autoruns (standalone executable), CCleaner (installed), Task Manager and Registry Editor (built-in);
  • Driver Updater: Not needed, all you need is to go on your manufacturer website so you'll be sure to get the right, official, working drivers for your computer or hardware;
  • Registry Cleaner/Defragger: Completely useless and also dangerous;
  • Disk Defragging: Disk Defrag (built-in), O&O Disk Defrag (installed), Defraggler (installed);
  • Powerful uninstaller: Not needed, only needed when you have to make sure a program is completely uninstalled. Revo Uninstaller and GeekUninstaller are two good alternatives;
  • "Enhanced" Task Manager: ProcExp from Sysinternals Suite (standalone executable), Process Hacker (portable or installed);
  • "Active security": Any Antivirus and Antimalware can beat that, easily. These programs aren't made to replace Antivirus or Antimalware products and shouldn't be seen as such;
  • Repair bad sectors on a hard drive: Simple chkdsk /r command under Windows (built-in);
Having such program installing on your system will just bloat it down and you have more chances to have issues by using them than without. These products are advertised as a program that can solve all your issues, remove every malware, speed up your computer performance over 100%, etc. The truth is that there's not a single program that can do that. First of all, these programs aren't made to remove virus and malware, leave this in the hands of Antivirus and Antimalware, period. Secondly, there's so many kind of issues under Windows that there's not a single program that can address them all. If you think that BSOD (Blue Screen of Death) issues can be solved by opening a program and clicking on a "Fix" button, then I'm sorry to tell you but, you're wrong. Also, you cannot boost the performance of a hardware over it's hardware capabilities. Of course you can overclock some components, like your CPU, RAM and GPU, but these aren't done via these programs, but via your BIOS interface. I could recommend you a program for every feature these programs advertise, and also tell you exactly in detail why most of them are completely useless, such as Registry cleaner (dangerous to use), and driver updater (dangerous to use, and also completely useless, it'll not improve your system performance). In the end, buying such programs is the exact same as being scammed (because this is what it is, a pure scam) and using one of these programs will result you in having a system less performant than prior to using it.

Relevant articles if you want to read more about PC Boosters/Optimizers and why they are useless:It looks to me like you installed all these PC Booster, Driver Updater, etc. programs in a hope to recover your files. Let me tell you that these won't help you at all, and also, the more of these programs you install on your computer, the slower it'll become. Therefore, I strongly suggest you to uninstall the following programs.
  • Advanced SystemCare 9;
  • Driver Booster 3.2;
  • Fix-It Utilities 10 Professional;
  • IObit Uninstaller;
  • RegSeeker;
  • Smart Defrag 5;
  • Start Menu Reviver;
  • Wise Memory Optimizer 3.32;
Please let me know which programs you uninstalled, and which ones you decided to keep (if any).

warning.gifMultiple Antivirus Warning!
I see that you have multiple Antivirus programs installed on your system.
  • Comodo Internet Security Premium;
  • Emsisoft Anti-Malware
You should only have one Antivirus installed at all time on a computer. Reason being that having more than one installed can cause system instability and conflict due to the way these programs works and interact with the system. If you want to read more about these kind of issues, I suggest you to read the "IMPORTANT NOTE" in quietman7's post here. This being said, I'll ask you to choose the Antivirus program you want to keep, and uninstall the other(s). Usually, you would keep the program you pay for, and uninstall the free one(s). If you pay for multiple products, keep the one you prefer the most, and uninstall the other(s).

Once you've followed the instructions above, let's run a first fix with FRST.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.
  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located);
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste that log in your next reply;
[attachment=179001:fixlist.txt]

Once you ran the fix, we'll run FRST again to get a fresh set of logs.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.
  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • Check the Addition.txt option;
  • Click on the Scan button;
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files;
  • Copy and paste the content of FRST.txt in your next reply, and attach Addition.txt to it;
Your next reply(ies) should contain:
  • Your word that you'll follow the instructions you previously agreed to follow;
  • Whether or not you uninstalled the programs I listed above or not (I want to know which ones you uninstall, and which ones you decide to keep if any);
  • Which Antivirus you decided to uninstall;
  • Copy/pasted content of the FRST fixlog;
  • Copy/pasted content of the FRST.txt log;
  • Copy/pasted content of the Addition.txt log;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 datwin-bordo

datwin-bordo
  • Topic Starter

  • Banned
  • 60 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 08 April 2016 - 07:58 AM

Hello,

 

i agree all your instruction your last reply,

 

i keep only "smart defrag 5", "regseeker", "wise memory optimizer" & "comodo internet security",

but i don't keep all others antivirus/optimizers,

 

and now the 3 FRST logs:


Résultats de correction de Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Exécuté par Jean-Marie (2016-04-08 14:21:51) Run:1
Exécuté depuis C:\Users\Jean-Marie\Desktop
Profils chargés: Jean-Marie (Profils disponibles: Jean-Marie & _ashbackuppb_ & _ashbackup_)
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
CloseProcesses:

HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1475344 2016-04-06] (Lavasoft)
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\MountPoints2: {dd42a525-f5ab-11e5-be6d-4c72b9f956a2} - "G:\SecureBrowser.exe"

Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2016-04-06] (Lavasoft Limited)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2016-04-06] (Lavasoft Limited)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2016-04-06] (Lavasoft Limited)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2016-04-06] (Lavasoft Limited)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2016-04-06] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-04-06] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-04-06] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-04-06] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-04-06] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-04-06] (Lavasoft Limited)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQDSK13/3
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK13/3
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK13/3
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/CQDSK13/3
SearchScopes: HKLM -> {5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-4261453527-2494187915-1683905538-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D040616-A880FF2AB0987464788F&form=CONBDF&conlogo=CT3332041&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4261453527-2494187915-1683905538-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D040616-A880FF2AB0987464788F&form=CONBDF&conlogo=CT3332041&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4261453527-2494187915-1683905538-1001 -> {5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-4261453527-2494187915-1683905538-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
SearchScopes: HKU\S-1-5-21-4261453527-2494187915-1683905538-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
Toolbar: HKU\S-1-5-21-4261453527-2494187915-1683905538-1001 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Pas de fichier
Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 -  Pas de fichier
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 -  Pas de fichier

R3 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2016-04-06] (Lavasoft Limited)
R3 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [17168 2016-04-06] ()

C:\Program Files (x86)\Lavasoft
C:\ProgramData\Lavasoft
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
C:\Users\Jean-Marie\AppData\Local\Lavasoft
C:\Users\Jean-Marie\AppData\Roaming\Lavasoft
C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
C:\WINDOWS\system32\LavasoftTcpService64.dll
C:\WINDOWS\SysWOW64\LavasoftTcpService.dll

Task: {5F14A94D-AD72-490D-B2D9-791017D89D6A} - System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed ?n Jean-Marie logon => C:\Users\JEAN-M~1\AppData\Local\Temp\is-5VB2H.tmp\boost_speed_stub_installer.exe [2016-04-06] (Auslogics) <==== ATTENTION
Task: {64E47324-5F54-4446-A59C-DE1852D9AD07} - \ReviverSoft Start Menu Reviver Run once task -> Pas de fichier <==== ATTENTION
Task: {AC2D43D5-9F51-4862-B01E-CC970C3F6A17} - \Start Driver Reviver Update -> Pas de fichier <==== ATTENTION
Task: {F300F96C-46D4-4644-8833-196A9D7AA5E8} - \Start Driver Reviver Schedule -> Pas de fichier <==== ATTENTION
Task: {22A3E91E-B1A2-495B-8FA2-EC50D9B6F36B} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\SymErr.exe
Task: {76415118-A697-4E51-B7E5-74335C22E9AE} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\SymErr.exe
Task: {A7E772DC-3BAC-4DD1-A751-5AD2AE9467EF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\WSCStub.exe

ShortcutWithArgument: C:\Users\Jean-Marie\Desktop\Pre_Scan_Donate.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN

IE trusted site: HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\webcompanion.com -> hxxp://webcompanion.com

AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\BootMan.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EuEpmGdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IObitSmartDefragExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SmartDefragBootTime.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BootMan.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\epmntdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EuEpmGdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EuGdiDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\setupempdrv03.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CBUFS.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cbvd.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\clvad.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CLVirtualBus01.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\clwvd7.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\clwvdVM.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\COSService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\GeneStor.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hotcore3.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\L1C63x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sbapifs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynchronizationService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vdbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Desktop\FRST64.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Desktop\UsbFix_2016_8.210.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Desktop\ZHPDiag3.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Desktop\ZHPDiag3.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\7Zip_setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\7Zip_setup.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\advanced-systemcare-setup(1).exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\advanced-systemcare-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ashampoo_backup_2016_dl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ashampoo_backup_2016_dl.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ashampoo_backup_pro_10_dl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ashampoo_backup_pro_10_dl.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\auslogics-bitreplica-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\auslogics-bitreplica-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Ccleaner_setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Ccleaner_setup.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\disk-defrag-pro-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\disk-defrag-pro-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\disk-defrag-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\disk-defrag-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\disk-defrag-touch-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\disk-defrag-touch-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\DriverReviverSetup_ppc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\DriverReviverSetup_ppc.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\epm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\epm.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_15.0.32.28.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_15.0.32.28.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_signed.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_signed.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\OpenOffice_setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\OpenOffice_setup.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\pm14free_x64_fr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\pm14free_x64_fr.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Recuva_Setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\sd5-setup.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\SetupLCL.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\SetupLCL.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-portable.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-portable.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-setup.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\SophosInstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\SophosInstall.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\usb-rescate-plus_8.8.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\usb-rescate-plus_8.8.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\VLC_setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\VLC_setup.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Documents\Power2Go_10.0.2522.0_Essential_b_Essential_P2G151125-04.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Documents\VideoMeetingPlus_1.0.1402a.0_Beta_VMX151229-01.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Documents\YouCam_7.0.0824.0_Essential_Essential_YUC150904-01.exe:$CmdTcID [64]

EmptyTemp:
*****************

Processus fermé avec succès.
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion => valeur supprimé(es) avec succès
"HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd42a525-f5ab-11e5-be6d-4c72b9f956a2}" => clé supprimé(es) avec succès
HKCR\CLSID\{dd42a525-f5ab-11e5-be6d-4c72b9f956a2} => clé non trouvé(e).
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001" => clé supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002" => clé supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003" => clé supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004" => clé supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016" => clé supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001" => clé supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002" => clé supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003" => clé supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004" => clé supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000016" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => clé supprimé(es) avec succès
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => valeur restauré(es) avec succès
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => valeur restauré(es) avec succès
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valeur restauré(es) avec succès
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => valeur restauré(es) avec succès
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\Software\Microsoft\Internet Explorer\Main\\First Home Page => valeur supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D}" => clé supprimé(es) avec succès
HKCR\CLSID\{5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D} => clé non trouvé(e).
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => clé supprimé(es) avec succès
HKCR\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} => clé non trouvé(e).
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => clé supprimé(es) avec succès
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => clé non trouvé(e).
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D}" => clé supprimé(es) avec succès
HKCR\Wow6432Node\CLSID\{5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D} => clé non trouvé(e).
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => clé supprimé(es) avec succès
HKCR\Wow6432Node\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} => clé non trouvé(e).
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => clé supprimé(es) avec succès
HKCR\Wow6432Node\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => clé non trouvé(e).
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valeur supprimé(es) avec succès
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => clé non trouvé(e).
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => clé non trouvé(e).
"HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D}" => clé supprimé(es) avec succès
HKCR\CLSID\{5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D} => clé non trouvé(e).
"HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => clé supprimé(es) avec succès
HKCR\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} => clé non trouvé(e).
"HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => clé supprimé(es) avec succès
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => clé non trouvé(e).
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => valeur supprimé(es) avec succès
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => clé non trouvé(e).
"HKCR\PROTOCOLS\Handler\WSAllMyTubechrome" => clé supprimé(es) avec succès
"HKCR\PROTOCOLS\Handler\WSISVCUchrome" => clé supprimé(es) avec succès
LavasoftTcpService => Service arrêté avec succès.
LavasoftTcpService => service supprimé(es) avec succès
WCAssistantService => service supprimé(es) avec succès
C:\Program Files (x86)\Lavasoft => déplacé(es) avec succès
C:\ProgramData\Lavasoft => déplacé(es) avec succès
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft => déplacé(es) avec succès
C:\Users\Jean-Marie\AppData\Local\Lavasoft => déplacé(es) avec succès
C:\Users\Jean-Marie\AppData\Roaming\Lavasoft => déplacé(es) avec succès
C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini => déplacé(es) avec succès
C:\WINDOWS\system32\LavasoftTcpServiceOff.ini => déplacé(es) avec succès
C:\WINDOWS\system32\LavasoftTcpService64.dll => déplacé(es) avec succès
C:\WINDOWS\SysWOW64\LavasoftTcpService.dll => déplacé(es) avec succès
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F14A94D-AD72-490D-B2D9-791017D89D6A} => clé non trouvé(e).
Impossible de déplacer "C:\WINDOWS\System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed ?n Jean-Marie logon" => Planifié pour déplacement au redémarrage.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Auslogics\BoostSpeed\Start BoostSpeed ?n Jean-Marie logon => clé non trouvé(e).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64E47324-5F54-4446-A59C-DE1852D9AD07}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64E47324-5F54-4446-A59C-DE1852D9AD07}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReviverSoft Start Menu Reviver Run once task" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC2D43D5-9F51-4862-B01E-CC970C3F6A17}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC2D43D5-9F51-4862-B01E-CC970C3F6A17}" => clé supprimé(es) avec succès
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start Driver Reviver Update => clé non trouvé(e).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F300F96C-46D4-4644-8833-196A9D7AA5E8}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F300F96C-46D4-4644-8833-196A9D7AA5E8}" => clé supprimé(es) avec succès
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start Driver Reviver Schedule => clé non trouvé(e).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22A3E91E-B1A2-495B-8FA2-EC50D9B6F36B}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22A3E91E-B1A2-495B-8FA2-EC50D9B6F36B}" => clé supprimé(es) avec succès
C:\WINDOWS\System32\Tasks\Norton Internet Security\Norton Error Analyzer => déplacé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Internet Security\Norton Error Analyzer" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76415118-A697-4E51-B7E5-74335C22E9AE}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76415118-A697-4E51-B7E5-74335C22E9AE}" => clé supprimé(es) avec succès
C:\WINDOWS\System32\Tasks\Norton Internet Security\Norton Error Processor => déplacé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Internet Security\Norton Error Processor" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7E772DC-3BAC-4DD1-A751-5AD2AE9467EF}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7E772DC-3BAC-4DD1-A751-5AD2AE9467EF}" => clé supprimé(es) avec succès
C:\WINDOWS\System32\Tasks\Norton WSC Integration => déplacé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton WSC Integration" => clé supprimé(es) avec succès
C:\Users\Jean-Marie\Desktop\Pre_Scan_Donate.lnk => Raccourci argument supprimé(es) avec succès.
"HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => clé supprimé(es) avec succès
"C:\WINDOWS\system32\AERTAC64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\AERTAR64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\BootMan.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\EuEpmGdi.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\IObitSmartDefragExtension.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RltkAPO64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RP3DAA64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RP3DHT64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RtDataProc64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RTEED64A.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RTEEG64A.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RTEEL64A.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RTEEP64A.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RtkApi64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RtkCfg64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RtPgEx64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\RTSnMg64.cpl" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\sl3apo64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\slprp64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\sltech64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\SmartDefragBootTime.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\SRSHP64.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\WdfCoInstaller01009.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\WdfCoInstaller01011.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\SysWOW64\BootMan.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\SysWOW64\epmntdrv.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\SysWOW64\EuEpmGdi.dll" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\SysWOW64\EuGdiDrv.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\SysWOW64\setupempdrv03.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\CBUFS.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\cbvd.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\clvad.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\CLVirtualBus01.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\clwvd7.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\clwvdVM.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\COSService.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\GeneStor.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\hotcore3.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\L1C63x64.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\mbam.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\mbamchameleon.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\mwac.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\RTKVHD64.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\sbapifs.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\SynchronizationService.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\WINDOWS\system32\Drivers\vdbus.sys" => ":$CmdTcID" ADS non trouvé(e).
"C:\Users\Jean-Marie\Desktop\FRST64.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Desktop\FRST64.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
C:\Users\Jean-Marie\Desktop\UsbFix_2016_8.210.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Desktop\ZHPDiag3.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Desktop\ZHPDiag3.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\7Zip_setup.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\Users\Jean-Marie\Downloads\7Zip_setup.exe" => ":$CmdZnID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\advanced-systemcare-setup(1).exe => ":$CmdZnID" ADS supprimé(es) avec succès.
C:\Users\Jean-Marie\Downloads\advanced-systemcare-setup.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\ashampoo_backup_2016_dl.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\ashampoo_backup_2016_dl.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\ashampoo_backup_pro_10_dl.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\ashampoo_backup_pro_10_dl.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\auslogics-bitreplica-setup.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\auslogics-bitreplica-setup.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\Ccleaner_setup.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\Users\Jean-Marie\Downloads\Ccleaner_setup.exe" => ":$CmdZnID" ADS non trouvé(e).
"C:\Users\Jean-Marie\Downloads\disk-defrag-pro-setup.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\disk-defrag-pro-setup.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\disk-defrag-setup.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\disk-defrag-setup.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\disk-defrag-touch-setup.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\disk-defrag-touch-setup.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\DriverReviverSetup_ppc.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\DriverReviverSetup_ppc.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\epm.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\epm.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_15.0.32.28.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_15.0.32.28.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_signed.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_signed.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\OpenOffice_setup.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\Users\Jean-Marie\Downloads\OpenOffice_setup.exe" => ":$CmdZnID" ADS non trouvé(e).
"C:\Users\Jean-Marie\Downloads\pm14free_x64_fr.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\pm14free_x64_fr.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\Recuva_Setup.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\sd5-setup.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\SetupLCL.zip" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\SetupLCL.zip => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-portable.zip" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-portable.zip => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-setup.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-setup.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\SophosInstall.exe" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\SophosInstall.exe => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\usb-rescate-plus_8.8.zip" => ":$CmdTcID" ADS non trouvé(e).
C:\Users\Jean-Marie\Downloads\usb-rescate-plus_8.8.zip => ":$CmdZnID" ADS supprimé(es) avec succès.
"C:\Users\Jean-Marie\Downloads\VLC_setup.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\Users\Jean-Marie\Downloads\VLC_setup.exe" => ":$CmdZnID" ADS non trouvé(e).
"C:\Users\Jean-Marie\Documents\Power2Go_10.0.2522.0_Essential_b_Essential_P2G151125-04.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\Users\Jean-Marie\Documents\VideoMeetingPlus_1.0.1402a.0_Beta_VMX151229-01.exe" => ":$CmdTcID" ADS non trouvé(e).
"C:\Users\Jean-Marie\Documents\YouCam_7.0.0824.0_Essential_Essential_YUC150904-01.exe" => ":$CmdTcID" ADS non trouvé(e).
EmptyTemp: => 1.4 GB données temporaires supprimées.

Résultats du déplacement planifié des fichiers (Mode d'amorçage: Normal) (Date&Heure: 2016-04-08 14:28:07)

"C:\WINDOWS\System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed ?n Jean-Marie logon" => Impossible de déplacer

==== Fin de Fixlog 14:28:08 ====


Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Exécuté par Jean-Marie (administrateur) sur LFS_ULTRA (08-04-2016 14:34:45)
Exécuté depuis C:\Users\Jean-Marie\Desktop
Profils chargés: Jean-Marie (Profils disponibles: Jean-Marie & _ashbackuppb_ & _ashbackup_)
Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: "C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe" -osint -url "%1")
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\COSService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
() C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\SynchronizationService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag Touch\DiskDefragTouch.exe
(Reason Software Company Inc.) C:\Users\Jean-Marie\AppData\Roaming\Reason\Boost\boost.exe
(Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(WinZip Computing, S.L. (WinZip Computing)) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(COMODO Security Solutions) C:\Program Files\COMODO\cCloud\cCloud.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe
(CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Logitech, Inc.) C:\Users\Jean-Marie\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-04-07] (COMODO)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [9404304 2016-04-06] (Emsisoft Ltd)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485944 2016-03-30] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2669568 2016-04-08] (Sony Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G9] => C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe [110344 2016-04-08] (CyberLink)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2016-04-08] (Apple Inc.)
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\Run: [COS] => C:\Program Files\COMODO\cCloud\cCloud.exe [7195824 2016-04-01] (COMODO Security Solutions)
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-04-05] (IObit)
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\Run: [Power2GoExpress9] => C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe [2397448 2016-04-08] (CyberLink Corp.)
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2016-04-08] (CyberGhost S.R.L.)
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\RunOnce: [Uninstall C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILPE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILPE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\RunOnce: [AvanquestMainUI] => C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [95712 2015-11-05] (Zemana Ltd.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [COSDriveIconOverlay] -> {5FDACB62-6B7B-4116-9403-C5E0D3852A57} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemInSyncIconOverlay] -> {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemModifiedIconOverlay] -> {AE67D273-7253-4236-B55E-D40055B305D6} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemNewIconOverlay] -> {022F23E9-DA0F-4A86-A728-CAF6150C0B63} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemUnsynchronizedIconOverlay] -> {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-30] (Microsoft Corporation)
BootExecute: autocheck autochk * bootdelete

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: 127.0.0.1    localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{b389ab24-c362-4fab-b29c-601c91b5a911}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{b389ab24-c362-4fab-b29c-601c91b5a911}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2016-04-07] (DVDVideoSoft Ltd.)
BHO-x32: Wondershare AllMyTube 4.9.0 -> {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} -> C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll [2016-02-26] ()
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH)
BHO-x32: iSkysoft iMedia Converter Deluxe 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-10-29] (Wondershare)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-04-07] (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH)

FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH)
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-04-07] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [youcam@cyberlink.com] - C:\Program Files (x86)\CyberLink\YouCam7\BrowserExtension\Firefox
FF Extension: CyberLink YouCam WebLogin - C:\Program Files (x86)\CyberLink\YouCam7\BrowserExtension\Firefox [2015-09-16] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi
FF Extension: Wondershare AllMyTube - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi [2016-03-31]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [11334288 2016-04-06] (Emsisoft Ltd)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-04-05] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Fichier non signé]
S3 ashbackup; c:\Program Files\Ashampoo\Ashampoo Backup 2016\bin\backupService-ab.exe [32064 2016-04-06] ()
S3 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupService-abpb.exe [32072 2016-04-06] ()
S3 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2016-04-01] (Microsoft Corp.)
S3 CCleanerCloudAgentService; C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudAgent.exe [18527656 2016-04-07] (Piriform)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2016-04-08] (CyberGhost S.R.L)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [76984 2016-04-01] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5799552 2016-04-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-04-08] (COMODO)
R2 COSService.exe; C:\Program Files\COMODO\COMMON\COSService.exe [3550400 2016-04-01] (COMODO Security Solutions)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [Fichier non signé]
S3 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-04-07] (Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-04-07] (Disc Soft Ltd)
S3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [1369280 2016-03-29] (Disc Soft Ltd)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2056376 2016-04-08] (Comodo)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485944 2016-03-30] (Comodo Security Solutions, Inc.)
S3 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-04-04] (SurfRight B.V.)
R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [1985688 2016-04-08] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-04-02] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-04-01] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-04-01] (Malwarebytes)
S3 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-04-07] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-04-07] (pdfforge GmbH)
S3 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-04-07] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [494592 2016-04-08] (Sony Corporation)
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-04-05] (Realtek Semiconductor)
S3 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2016-04-06] (www.shadowexplorer.com) [Fichier non signé]
R2 SynchronizationService.exe; C:\Program Files\COMODO\COMMON\SynchronizationService.exe [2575552 2016-04-01] (COMODO Security Solutions)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S3 WINZIPSSDiskOptimizer; C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe [290400 2016-04-07] (WinZip Computing, S.L. (WinZip Computing))
S3 Fix-It Task Manager; C:\PROGRA~2\AVANQU~1\Fix-It\mxtask.exe -Service [X]

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 bdisk; C:\Windows\System32\drivers\bdisk.sys [85488 2014-10-07] (COMODO Security Solutions Inc.)
R0 CBUfs; C:\Windows\System32\drivers\CBUFS.sys [230712 2016-04-01] (COMODO Security Solutions Inc.)
R0 cbvd; C:\Windows\System32\DRIVERS\cbvd.sys [677744 2016-04-01] (COMODO Security Solutions Inc.)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-12-25] (Windows ® Win 7 DDK provider)
R3 clvad; C:\Windows\system32\drivers\clvad.sys [40392 2016-03-30] (CyberLink)
R3 CLVirtualBus01; C:\Windows\System32\drivers\CLVirtualBus01.sys [103176 2016-03-30] (CyberLink)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwvd7; C:\Windows\system32\DRIVERS\clwvd7.sys [42968 2016-03-30] (CyberLink Corporation)
R3 clwvdVM; C:\Windows\system32\DRIVERS\clwvdVM.sys [41912 2016-03-30] (CyberLink Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [32224 2016-04-06] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [846104 2016-04-06] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [45600 2016-04-06] (COMODO)
R3 cpuz138; C:\Users\JEAN-M~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-04-08] (CPUID)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-07] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-07] (Disc Soft Ltd)
R3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30264 2016-03-29] (Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2016-04-04] ()
R1 epp; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-04-01] (Emsisoft Ltd)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2016-04-04] ()
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2016-04-05] (GenesysLogic)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [49584 2016-04-07] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2016-04-04] (Paragon Software Group)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-05] (REALiX™)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [138560 2016-04-06] (COMODO)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [143904 2015-11-05] (Zemana Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-04-01] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-08] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-04-01] (Malwarebytes Corporation)
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [38392 2012-11-23] (IObit Information Technology)
R0 reparse; C:\Windows\System32\DRIVERS\cbreparse.sys [674160 2014-10-07] (COMODO Security Solutions Inc.)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [63536 2016-04-01] (Sunbelt Software)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys [31320 2015-12-07] ()
U5 usbfilter; C:\Windows\System32\Drivers\usbfilter.sys [57000 2012-07-17] (Advanced Micro Devices)
R3 vdbus; C:\Windows\System32\drivers\vdbus.sys [826040 2016-03-30] (COMODO Security Solutions Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R2 WiseFs; C:\WINDOWS\WiseFs64.sys [13264 2016-04-01] (WiseCleaner.com)
S0 AvanquestFltr; system32\DRIVERS\mxRCycle.sys [X]
U0 Compbatt; pas de ImagePath
U2 ERSvc; pas de ImagePath
U2 IAStorDataMgrsvc; pas de ImagePath
U2 NIHardwareService; pas de ImagePath
U2 NVSvc; pas de ImagePath
U2 Parvdm; pas de ImagePath
U2 srService; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-04-08 14:21 - 2016-04-08 14:28 - 00034526 _____ C:\Users\Jean-Marie\Desktop\Fixlog.txt
2016-04-08 13:18 - 2016-04-08 13:18 - 00001876 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-04-08 13:18 - 2016-04-08 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-04-08 13:17 - 2016-04-08 13:17 - 00000000 ____D C:\ProgramData\Apple Computer
2016-04-08 13:15 - 2016-04-08 13:15 - 00000000 ____D C:\Users\Jean-Marie\AppData\LocalLow\Apple Computer
2016-04-08 13:14 - 2016-04-08 13:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Director Suite
2016-04-08 13:03 - 2016-04-08 13:03 - 00000000 ____D C:\Program Files\CyberLink
2016-04-08 12:32 - 2016-04-08 13:01 - 00000000 ____D C:\ProgramData\CLSK
2016-04-08 11:50 - 2016-04-08 11:50 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\CyberGhost
2016-04-08 11:44 - 2016-04-08 11:46 - 00000000 ____D C:\Program Files\TAP-Windows
2016-04-08 11:42 - 2016-04-08 11:47 - 00000000 ____D C:\Program Files\CyberGhost 5
2016-04-08 11:42 - 2016-04-08 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2016-04-08 11:35 - 2016-04-08 11:35 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Power2Go9
2016-04-08 11:24 - 2016-04-08 11:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 9
2016-04-08 11:08 - 2016-04-08 11:10 - 00000000 ____D C:\Users\Jean-Marie\Documents\Sony PMB
2016-04-08 11:06 - 2016-04-08 11:06 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-04-08 11:05 - 2016-04-08 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2016-04-08 11:01 - 2016-04-08 11:01 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Sony Corporation
2016-04-08 10:25 - 2016-04-08 10:25 - 00000000 ____D C:\Program Files (x86)\Sony
2016-04-08 10:16 - 2016-04-08 13:32 - 00000000 ____D C:\Users\Jean-Marie\Desktop\cyberlink, cyberghost, cybershot
2016-04-08 09:40 - 2016-04-08 09:40 - 60823296 _____ (Avanquest) C:\Users\Jean-Marie\Desktop\Fix-It_Professional_ENU_15.6.32.12.exe
2016-04-08 09:34 - 2016-04-08 09:34 - 04880392 _____ (Microsoft Corporation) C:\Users\Jean-Marie\Downloads\vcredist_x64(1).exe
2016-04-08 09:33 - 2016-04-08 09:33 - 00855040 _____ (Microsoft Corporation) C:\install.exe
2016-04-08 09:32 - 2016-04-08 09:32 - 02373640 _____ (Microsoft Corporation) C:\Users\Jean-Marie\Downloads\vcredist_x64.exe
2016-04-08 09:15 - 2016-04-08 09:15 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\UserData
2016-04-08 09:07 - 2016-04-08 09:07 - 00000000 ____D C:\ProgramData\Comodo Downloader
2016-04-08 08:16 - 2016-04-08 09:39 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-08 08:09 - 2016-04-08 08:09 - 00002084 _____ C:\Users\Public\Desktop\Virtual Comodo Dragon.lnk
2016-04-08 08:09 - 2016-04-08 08:09 - 00001265 _____ C:\Users\Public\Desktop\Comodo Dragon.lnk
2016-04-08 07:25 - 2016-04-08 07:25 - 00000000 ____D C:\ProgramData\Movavi Video Suite 11
2016-04-08 07:01 - 2016-04-08 07:01 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\MOVAVI
2016-04-07 18:20 - 2016-04-07 18:20 - 00002144 _____ C:\Users\Public\Desktop\Nero MediaHome.lnk
2016-04-07 18:10 - 2016-04-07 18:10 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-04-07 18:10 - 2016-04-07 18:10 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-04-07 18:09 - 2016-04-07 18:09 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-04-07 17:57 - 2016-04-07 17:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\Nero
2016-04-07 17:54 - 2016-04-07 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-04-07 17:54 - 2016-04-07 18:19 - 00000000 ____D C:\Program Files (x86)\Nero
2016-04-07 17:53 - 2016-04-07 18:04 - 00000000 ____D C:\ProgramData\Nero
2016-04-07 17:27 - 2016-04-07 17:27 - 00003996 _____ C:\WINDOWS\System32\Tasks\Boost
2016-04-07 17:26 - 2016-04-07 17:26 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2016-04-07 17:25 - 2016-04-07 17:25 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Reason
2016-04-07 17:25 - 2016-04-07 17:25 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boost
2016-04-07 17:16 - 2016-04-07 17:16 - 07761936 _____ (Reason Software Company Inc.) C:\Users\Jean-Marie\Downloads\installboost.exe
2016-04-07 16:54 - 2016-04-07 16:54 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Disc_Soft_Ltd
2016-04-07 16:49 - 2016-04-07 16:54 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-04-07 16:49 - 2016-04-07 16:52 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\DAEMON Tools Lite
2016-04-07 16:49 - 2016-04-07 16:49 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-04-07 16:47 - 2016-04-07 16:47 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\TeraCopy
2016-04-07 16:46 - 2016-04-07 16:46 - 00000402 _____ C:\Users\Jean-Marie\Documents\desktop_FromLFS_ULTRA.ini
2016-04-07 16:46 - 2016-04-07 16:46 - 00000000 _____ C:\Users\Jean-Marie\Documents\Default.rdp
2016-04-07 16:44 - 2016-04-07 16:47 - 00000000 ____D C:\Users\Jean-Marie\Desktop\easeus todo pctrans pro
2016-04-07 16:44 - 2016-04-07 16:44 - 99985640 _____ C:\Users\Jean-Marie\Documents\VideoMeetingPlus_1.0.1402a.0_Beta_VMX151229-01_FromLFS_ULTRA.exe
2016-04-07 16:44 - 2016-04-07 16:44 - 00026450 _____ C:\Users\Jean-Marie\Documents\starburn_FromLFS_ULTRA.txt
2016-04-07 16:44 - 2016-04-07 16:44 - 00000282 _____ C:\Users\Jean-Marie\Desktop\desktop_FromLFS_ULTRA.ini
2016-04-07 16:40 - 2016-04-07 16:50 - 00000000 ____D C:\Users\Jean-Marie\Desktop\video editors for efm du musée de l'homme
2016-04-07 16:40 - 2016-04-07 16:48 - 00000000 ____D C:\Users\Jean-Marie\Desktop\ram disk manager
2016-04-07 16:40 - 2016-04-07 16:40 - 01048576 _____ C:\Users\Jean-Marie\Documents\YouCam_7.0.0824.0_Essential_Essential_YUC150904-01_FromLFS_ULTRA.exe
2016-04-07 16:38 - 2016-04-07 16:51 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2016-04-07 16:38 - 2016-04-07 16:50 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2016-04-07 16:38 - 2016-04-07 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-04-07 16:38 - 2016-04-07 16:38 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-04-07 14:52 - 2016-04-07 19:09 - 00003268 _____ C:\WINDOWS\System32\Tasks\WinZip System Utilities Suite
2016-04-07 14:38 - 2016-04-07 14:38 - 00000000 ____D C:\Users\Jean-Marie\AppData\LocalLow\VDownloader
2016-04-07 14:34 - 2016-04-07 14:39 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\VDownloader
2016-04-07 11:43 - 2016-04-07 11:43 - 00023764 _____ C:\WINDOWS\System32\Tasks\{7F7E7A47-7904-7E0A-7D11-050C0A0A1109}
2016-04-07 11:33 - 2016-04-08 14:40 - 00003252 _____ C:\WINDOWS\System32\Tasks\WinZipDriverUpdaterRunAtStartup
2016-04-07 11:28 - 2016-04-07 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Driver Updater
2016-04-07 11:28 - 2016-04-07 11:28 - 00000000 ____D C:\Program Files (x86)\WinZip Driver Updater
2016-04-07 11:15 - 2016-04-07 11:15 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\PDFCreator
2016-04-07 11:09 - 2016-04-07 11:32 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\WinZip
2016-04-07 11:04 - 2016-04-08 11:05 - 00000502 _____ C:\WINDOWS\Tasks\WINZIPSS-WINZIPSSOneClickCare.job
2016-04-07 11:04 - 2016-04-07 11:05 - 00003528 _____ C:\WINDOWS\System32\Tasks\WINZIPSS-WINZIPSSOneClickCare
2016-04-07 11:03 - 2016-04-07 14:25 - 00000540 _____ C:\WINDOWS\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job
2016-04-07 11:03 - 2016-04-07 11:04 - 00003586 _____ C:\WINDOWS\System32\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days
2016-04-07 10:59 - 2016-04-07 10:59 - 00000843 _____ C:\Users\Public\Desktop\PDF Architect 4.lnk
2016-04-07 10:59 - 2016-04-07 10:59 - 00000000 ____D C:\WINDOWS\system32\log
2016-04-07 10:56 - 2016-04-07 10:56 - 00002341 _____ C:\Users\Public\Desktop\WinZip System Utilities Suite.lnk
2016-04-07 10:56 - 2016-04-07 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip System Utilities Suite
2016-04-07 10:56 - 2014-10-01 18:04 - 00020480 _____ C:\WINDOWS\system32\sasnative64.exe
2016-04-07 10:55 - 2016-04-08 06:52 - 00000000 ____D C:\Program Files (x86)\WinZip System Utilities Suite
2016-04-07 10:55 - 2016-04-07 15:17 - 00000000 ____D C:\ProgramData\WinZip
2016-04-07 10:50 - 2016-04-07 10:53 - 14360000 _____ (WinZip ) C:\Users\Jean-Marie\Downloads\wzsus26.exe
2016-04-07 10:48 - 2016-04-08 06:52 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2016-04-07 10:48 - 2016-04-08 03:28 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Elex-tech
2016-04-07 10:43 - 2016-04-07 10:43 - 00001649 _____ C:\Users\Public\Desktop\Aiseesoft DVD Software Toolkit.lnk
2016-04-07 10:42 - 2016-04-07 10:42 - 00001677 _____ C:\Users\Public\Desktop\Aiseesoft PDF Convertisseur Ultimate.lnk
2016-04-07 10:40 - 2016-04-07 10:40 - 00001114 _____ C:\Users\Public\Desktop\Movavi Video Suite 11.lnk
2016-04-07 10:40 - 2016-04-07 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Suite 11
2016-04-07 10:37 - 2016-04-07 10:40 - 00000000 ____D C:\Program Files (x86)\Movavi Video Suite 11
2016-04-07 10:35 - 2016-04-07 10:35 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\PDF Architect 4
2016-04-07 10:34 - 2016-04-07 10:54 - 00000000 ____D C:\Program Files\PDF Architect 4
2016-04-07 10:34 - 2016-04-07 10:54 - 00000000 ____D C:\Program Files (x86)\PDF Architect 4
2016-04-07 10:34 - 2016-04-07 10:34 - 00000000 ____D C:\Users\Jean-Marie\Documents\PDF Architect
2016-04-07 10:30 - 2016-04-07 10:30 - 00120072 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2016-04-07 10:30 - 2016-04-07 10:30 - 00000000 ____D C:\ProgramData\PDF Architect 4
2016-04-07 10:29 - 2016-04-07 11:15 - 00000000 ____D C:\Program Files\PDFCreator
2016-04-07 10:29 - 2016-04-07 10:29 - 00000879 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2016-04-07 10:29 - 2016-04-07 10:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2016-04-07 10:21 - 2016-04-07 10:21 - 00001401 _____ C:\Users\Jean-Marie\Desktop\Aiseesoft PDF Splitter.lnk
2016-04-07 10:21 - 2016-04-07 10:21 - 00001377 _____ C:\Users\Jean-Marie\Desktop\Aiseesoft PDF Merger.lnk
2016-04-07 10:20 - 2016-04-07 10:36 - 122362064 _____ (Aiseesoft Studio ) C:\Users\Jean-Marie\Downloads\pdf-converter-ultimate.exe
2016-04-07 10:20 - 2016-04-07 10:21 - 02068096 _____ ( ) C:\Users\Jean-Marie\Downloads\pdf-splitter.exe
2016-04-07 10:20 - 2016-04-07 10:21 - 01908040 _____ ( ) C:\Users\Jean-Marie\Downloads\pdf-merger.exe
2016-04-07 10:18 - 2016-04-07 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2016-04-07 10:18 - 2016-04-07 10:36 - 148802608 _____ ( ) C:\Users\Jean-Marie\Downloads\dvd-software-toolkit.exe
2016-04-07 10:18 - 2016-04-07 10:18 - 00001705 _____ C:\Users\Public\Desktop\Aiseesoft Convertisseur Vidéo Ultime.lnk
2016-04-07 10:17 - 2016-04-07 10:37 - 00000000 ____D C:\ProgramData\Aiseesoft Studio
2016-04-07 10:17 - 2016-04-07 10:37 - 00000000 ____D C:\Program Files (x86)\Aiseesoft Studio
2016-04-07 10:15 - 2016-04-07 10:15 - 00002405 _____ C:\Users\Jean-Marie\Desktop\download.cnet.lnk
2016-04-07 10:15 - 2016-04-07 10:15 - 00002311 _____ C:\Users\Jean-Marie\Desktop\disc-soft.lnk
2016-04-07 10:14 - 2016-04-07 10:17 - 46736640 _____ (Aiseesoft Studio ) C:\Users\Jean-Marie\Downloads\video-converter-ultimate.exe
2016-04-07 10:14 - 2016-04-07 10:17 - 46736640 _____ (Aiseesoft Studio ) C:\Users\Jean-Marie\Downloads\video-converter-ultimate(1).exe
2016-04-07 10:11 - 2016-04-07 14:39 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\VDownloader
2016-04-07 10:11 - 2016-04-07 10:11 - 00001764 _____ C:\Users\Public\Desktop\VDownloader.lnk
2016-04-07 10:11 - 2016-04-07 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader
2016-04-07 10:10 - 2016-04-07 10:11 - 00000000 ____D C:\Program Files\VDownloader
2016-04-07 10:03 - 2016-04-07 16:56 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2016-04-07 10:01 - 2016-04-07 10:12 - 00001430 _____ C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2016-04-07 10:01 - 2016-04-07 10:12 - 00001422 _____ C:\Users\Jean-Marie\Desktop\Torch.lnk
2016-04-07 10:01 - 2016-04-07 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor Free Vimeo Downloader
2016-04-07 10:00 - 2016-04-07 10:01 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\KastorFreeVimeoDownloader
2016-04-07 10:00 - 2016-04-07 10:01 - 00000000 ____D C:\Program Files (x86)\Kastor Free Vimeo Downloader
2016-04-07 10:00 - 2016-04-07 10:00 - 03266240 _____ (KastorSoft ) C:\Users\Jean-Marie\Downloads\Setup_FreeVimeoDownloader.exe
2016-04-07 09:59 - 2016-04-07 10:00 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\KastorVideoConverter
2016-04-07 09:59 - 2016-04-07 09:59 - 06509896 _____ (Kastor Soft ) C:\Users\Jean-Marie\Downloads\SetupFreeVideoConverter.exe
2016-04-07 09:59 - 2016-04-07 09:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor Free Video Converter
2016-04-07 09:59 - 2016-04-07 09:59 - 00000000 ____D C:\Program Files (x86)\Kastor Free Video Converter
2016-04-07 09:58 - 2016-04-07 09:59 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\KastorTubeToMp3
2016-04-07 09:58 - 2016-04-07 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Tube To Mp3
2016-04-07 09:58 - 2016-04-07 09:58 - 00000000 ____D C:\Program Files (x86)\Kastor Tube To Mp3
2016-04-07 09:57 - 2016-04-07 09:58 - 11461136 _____ (KastorSoft ) C:\Users\Jean-Marie\Downloads\setup_YoutubeToMp3.exe
2016-04-07 09:57 - 2016-04-07 09:57 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\KastorAllVideoDownloader
2016-04-07 09:57 - 2016-04-07 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor All Video Downloader
2016-04-07 09:57 - 2016-04-07 09:57 - 00000000 ____D C:\Program Files (x86)\Kastor All Video Downloader
2016-04-07 09:54 - 2016-04-07 10:01 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Torch
2016-04-07 09:53 - 2016-04-07 09:53 - 01667792 _____ (Torch Media, Inc) C:\Users\Jean-Marie\Downloads\TorchSetup-r807-n-bf.exe
2016-04-07 09:24 - 2016-04-07 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
2016-04-07 09:24 - 2016-04-07 09:24 - 00000000 ____D C:\Program Files\TeraCopy
2016-04-07 09:22 - 2016-04-07 09:22 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\GlarySoft
2016-04-07 09:20 - 2016-04-07 17:26 - 00002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Update Pro.lnk
2016-04-07 09:20 - 2016-04-07 17:26 - 00002228 _____ C:\Users\Public\Desktop\Software Update Pro.lnk
2016-04-07 09:20 - 2016-04-07 17:08 - 00003558 _____ C:\WINDOWS\System32\Tasks\SoftwareUpdate Pro
2016-04-07 09:20 - 2016-04-07 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2016-04-07 09:20 - 2016-04-07 09:20 - 00000000 ____D C:\Program Files (x86)\Glarysoft
2016-04-07 09:17 - 2016-04-07 09:17 - 05927952 _____ (SosVirus) C:\Users\Jean-Marie\Desktop\AdsFix.exe
2016-04-07 09:11 - 2016-04-07 09:14 - 07157328 _____ C:\Users\Jean-Marie\Downloads\susetupPro.exe
2016-04-07 09:09 - 2016-04-07 09:27 - 00000000 ____D C:\Users\Jean-Marie\Desktop\data copy tools for cyberlink power2go 11 ESSENTials
2016-04-07 09:08 - 2016-04-07 14:14 - 00000000 ____D C:\Users\Jean-Marie\Desktop\¤¤¤SPAMWARE¤¤¤
2016-04-07 09:05 - 2016-04-07 09:06 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supercopier
2016-04-07 09:05 - 2016-04-07 09:06 - 00000000 ____D C:\Program Files\Supercopier
2016-04-07 09:03 - 2016-04-07 09:03 - 06652804 _____ C:\Users\Jean-Marie\Downloads\supercopier_4-0-1-13_fr_11010_64.exe
2016-04-07 09:00 - 2016-04-07 09:01 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier
2016-04-07 09:00 - 2016-04-07 09:01 - 00000000 ____D C:\Program Files (x86)\Ultracopier
2016-04-07 08:58 - 2016-04-07 08:58 - 06938568 _____ C:\Users\Jean-Marie\Downloads\ultracopier-windows-x86-1.2.1.0-setup.exe
2016-04-07 08:53 - 2016-04-07 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-07 08:53 - 2016-04-07 08:53 - 00000000 ____D C:\Program Files\WinRAR
2016-04-07 08:47 - 2016-04-07 08:47 - 00000000 ____D C:\ProgramData\Piriform
2016-04-07 08:47 - 2016-04-07 08:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Cloud
2016-04-07 08:46 - 2016-04-08 12:56 - 00000000 ____D C:\Program Files (x86)\CCleaner Cloud
2016-04-07 08:46 - 2016-04-07 17:08 - 00003256 _____ C:\WINDOWS\System32\Tasks\CCleaner Cloud Watchdog
2016-04-07 08:46 - 2016-04-07 08:46 - 00003374 _____ C:\WINDOWS\System32\Tasks\CCleaner Cloud Update
2016-04-07 08:44 - 2016-04-07 08:44 - 06483968 _____ C:\Users\Jean-Marie\Downloads\agent_installer(1).msi
2016-04-07 08:44 - 2016-04-07 08:44 - 06259936 _____ (Piriform) C:\Users\Jean-Marie\Downloads\CCleanerCloudSetup_1_4_1817.exe
2016-04-07 08:42 - 2016-04-07 08:42 - 06483968 _____ C:\Users\Jean-Marie\Downloads\agent_installer.msi
2016-04-07 08:03 - 2016-04-07 08:04 - 01707144 _____ C:\Users\Jean-Marie\Downloads\Adaware_Installer-11.2.5952.exe
2016-04-07 07:42 - 2016-04-07 07:44 - 00000000 ____D C:\Program Files\RFA 9
2016-04-07 07:42 - 2016-04-07 07:43 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 9
2016-04-07 07:42 - 2016-04-07 07:42 - 00000000 ____D C:\ProgramData\Registry First Aid
2016-04-07 07:40 - 2016-04-07 07:40 - 07522336 _____ (RoseCitySoftware ) C:\Users\Jean-Marie\Downloads\RFA_9_AQDE_SOFTONIC.exe
2016-04-07 07:38 - 2016-04-07 07:39 - 00000240 _____ C:\Users\Jean-Mar\updhelper.xml
2016-04-07 07:38 - 2016-04-07 07:38 - 00001993 _____ C:\Users\Jean-Marie\Desktop\Folder Marker.lnk
2016-04-07 07:38 - 2016-04-07 07:38 - 00000008 _____ C:\Users\Jean-Mar\updhelper.xml.lck
2016-04-07 07:38 - 2016-04-07 07:38 - 00000000 ____D C:\Users\Jean-Mar
2016-04-07 07:38 - 2016-04-07 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Marker
2016-04-07 07:38 - 2016-04-07 07:38 - 00000000 ____D C:\Program Files (x86)\Folder Marker
2016-04-07 07:34 - 2016-04-07 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2016-04-07 07:31 - 2016-04-07 07:33 - 02451912 _____ (IObit ) C:\Users\Jean-Marie\Downloads\unlocker-setup.exe
2016-04-07 07:29 - 2016-04-07 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-04-07 07:29 - 2016-04-07 07:29 - 25862528 _____ (DVDVideoSoft Ltd. ) C:\Users\Jean-Marie\Downloads\FreeVideoToJPGConverter [1].exe
2016-04-07 07:28 - 2016-04-07 07:35 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-04-07 07:28 - 2016-04-07 07:29 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-04-07 07:28 - 2016-04-07 07:28 - 01040296 _____ (DVDVideoSoft_DLM) C:\Users\Jean-Marie\Downloads\FreeVideoToJPGConverter.exe
2016-04-07 07:28 - 2016-04-07 07:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-07 07:27 - 2016-04-07 07:57 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\DVDVideoSoft
2016-04-07 07:25 - 2016-04-07 07:25 - 34219320 _____ (DVDVideoSoft Ltd. ) C:\Users\Jean-Marie\Downloads\FreeYouTubeToMP3ConverterClassic [1].exe
2016-04-07 07:24 - 2016-04-07 07:24 - 01040296 _____ (DVDVideoSoft_DLM) C:\Users\Jean-Marie\Downloads\FreeYouTubeToMP3ConverterClassic.exe
2016-04-06 21:17 - 2016-04-06 21:17 - 00000941 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-04-06 21:15 - 2016-04-06 21:16 - 00000000 ____D C:\Program Files\GIMP 2
2016-04-06 21:09 - 2016-04-06 21:09 - 00001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-06 21:09 - 2016-04-06 21:09 - 00001042 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-04-06 21:08 - 2016-04-06 21:09 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-04-06 21:02 - 2016-04-06 21:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-06 20:48 - 2016-04-07 10:36 - 100766168 _____ (Movavi) C:\Users\Jean-Marie\Downloads\MovaviVideoSuiteSetup.exe
2016-04-06 15:20 - 2016-04-07 14:25 - 00049584 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2016-04-06 14:38 - 2016-04-06 14:45 - 00065595 _____ C:\Users\Jean-Marie\Desktop\Addition.txt
2016-04-06 14:26 - 2016-04-08 14:34 - 00022187 _____ C:\Users\Jean-Marie\Desktop\FRST.txt
2016-04-06 14:25 - 2016-04-08 14:34 - 00000000 ____D C:\FRST
2016-04-06 14:21 - 2016-04-08 14:21 - 02374144 _____ (Farbar) C:\Users\Jean-Marie\Desktop\FRST64.exe
2016-04-06 13:44 - 2016-04-06 13:44 - 00001301 _____ C:\Users\Jean-Marie\Desktop\Auslogics DiskDefrag.lnk
2016-04-06 12:59 - 2016-04-06 13:00 - 14085144 _____ (Auslogics Software Pty Ltd ) C:\Users\Jean-Marie\Downloads\disk-defrag-touch-setup.exe
2016-04-06 12:58 - 2016-04-06 12:59 - 07582376 _____ (Auslogics Labs Pty Ltd ) C:\Users\Jean-Marie\Downloads\disk-defrag-setup.exe
2016-04-06 12:58 - 2016-04-06 12:58 - 08120952 _____ (Auslogics Software Pty Ltd ) C:\Users\Jean-Marie\Downloads\disk-defrag-pro-setup.exe
2016-04-06 12:24 - 2016-04-06 12:24 - 00000000 ___HD C:\VTRoot
2016-04-06 11:55 - 2016-04-06 19:26 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Ashampoo Backup
2016-04-06 11:55 - 2016-04-06 13:54 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Ashampoo Backup PB
2016-04-06 11:42 - 2016-04-06 11:42 - 00000020 ___SH C:\Users\_ashbackuppb_\ntuser.ini
2016-04-06 11:42 - 2016-04-06 11:42 - 00000020 ___SH C:\Users\_ashbackup_\ntuser.ini
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackuppb_\Voisinage réseau
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackuppb_\Voisinage d'impression
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackuppb_\Modèles
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackuppb_\Mes documents
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackuppb_\Menu Démarrer
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackuppb_\Documents\Mes vidéos
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackuppb_\Documents\Mes images
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackuppb_\Documents\Ma musique
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackuppb_\AppData\Local\Historique
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackup_\Voisinage réseau
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackup_\Voisinage d'impression
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackup_\Modèles
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackup_\Mes documents
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackup_\Menu Démarrer
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackup_\Documents\Mes vidéos
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackup_\Documents\Mes images
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackup_\Documents\Ma musique
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackup_\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-04-06 11:42 - 2016-04-06 11:42 - 00000000 _SHDL C:\Users\_ashbackup_\AppData\Local\Historique
2016-04-06 11:41 - 2016-04-04 11:05 - 00000000 ____D C:\Users\_ashbackup_\AppData\Roaming\Avanquest
2016-04-06 11:40 - 2016-04-06 11:42 - 00000000 ____D C:\Users\_ashbackup_
2016-04-06 11:40 - 2016-04-06 11:40 - 00000000 ____D C:\ProgramData\Ashampoo Backup
2016-04-06 11:40 - 2016-04-04 11:05 - 00000000 ____D C:\Users\_ashbackuppb_\AppData\Roaming\Avanquest
2016-04-06 11:40 - 2016-03-29 20:39 - 00000000 ____D C:\Users\_ashbackup_\Documents\hp.system.package.metadata
2016-04-06 11:40 - 2016-03-29 20:39 - 00000000 ____D C:\Users\_ashbackup_\Documents\hp.applications.package.appdata
2016-04-06 11:39 - 2016-04-06 11:43 - 00000000 ____D C:\Users\_ashbackuppb_
2016-04-06 11:39 - 2016-04-06 11:39 - 00001203 _____ C:\Users\Public\Desktop\Ashampoo Backup 2016.lnk
2016-04-06 11:39 - 2016-04-06 11:39 - 00000000 ____D C:\ProgramData\Ashampoo Backup PB
2016-04-06 11:39 - 2016-03-29 20:39 - 00000000 ____D C:\Users\_ashbackuppb_\Documents\hp.system.package.metadata
2016-04-06 11:39 - 2016-03-29 20:39 - 00000000 ____D C:\Users\_ashbackuppb_\Documents\hp.applications.package.appdata
2016-04-06 11:37 - 2016-04-06 11:39 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url
2016-04-06 11:37 - 2016-04-06 11:37 - 00001227 _____ C:\Users\Public\Desktop\Ashampoo Backup Pro 10.lnk
2016-04-06 11:36 - 2016-04-06 11:37 - 00000000 ____D C:\Program Files\Ashampoo
2016-04-06 11:31 - 2016-04-06 11:31 - 02608520 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Jean-Marie\Downloads\ashampoo_backup_2016_dl.exe
2016-04-06 11:30 - 2016-04-06 11:31 - 02610664 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Jean-Marie\Downloads\ashampoo_backup_pro_10_dl.exe
2016-04-06 10:45 - 2016-04-06 10:45 - 00000000 ____D C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-portable
2016-04-06 10:41 - 2016-04-06 10:41 - 00137737 _____ C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-portable.zip
2016-04-06 10:16 - 2016-04-06 10:16 - 00000000 ____D C:\Program Files\VideoLAN
2016-04-06 10:06 - 2016-04-06 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-04-06 10:06 - 2016-04-06 10:06 - 00000000 ____D C:\Program Files\7-Zip
2016-04-06 09:44 - 2016-04-06 09:47 - 00000000 ____D C:\Users\Jean-Marie\Desktop\recuva
2016-04-06 08:51 - 2016-04-06 08:52 - 00969845 _____ (ShadowExplorer.com ) C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-setup.exe
2016-04-06 07:17 - 2016-04-06 07:17 - 00003228 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Startup
2016-04-06 07:17 - 2016-04-06 07:17 - 00003224 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2016-04-06 07:17 - 2016-04-06 07:16 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2016-04-06 07:17 - 2016-04-06 07:16 - 00036824 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2016-04-06 07:16 - 2016-04-06 07:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2016-04-06 07:11 - 2016-04-06 07:12 - 09244008 _____ (IObit ) C:\Users\Jean-Marie\Downloads\sd5-setup.exe
2016-04-06 07:07 - 2016-04-06 07:07 - 00000000 ____D C:\Ericksystem
2016-04-06 07:04 - 2016-04-06 07:04 - 02209574 _____ C:\Users\Jean-Marie\Downloads\usb-rescate-plus_8.8.zip
2016-04-05 20:34 - 2016-04-05 20:35 - 73332576 _____ (Avanquest) C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_15.0.32.28.exe
2016-04-05 20:22 - 2016-04-05 20:23 - 60823296 _____ (Avanquest) C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_signed.exe
2016-04-05 20:01 - 2016-04-05 20:01 - 00000000 ____D C:\Program Files (x86)\e-Carte Bleue
2016-04-05 19:58 - 2016-04-05 19:58 - 01317951 _____ C:\Users\Jean-Marie\Downloads\SetupLCL.zip
2016-04-05 12:03 - 2016-04-05 12:14 - 00000000 ____D C:\cce_linux
2016-04-05 09:46 - 2016-04-05 09:46 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-04-05 09:45 - 2016-04-06 10:46 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\www.shadowexplorer.com
2016-04-05 09:42 - 2016-04-05 09:49 - 02894976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-04-05 09:42 - 2016-04-05 09:43 - 01943624 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-04-05 09:42 - 2016-04-05 09:42 - 01435152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-04-05 09:42 - 2016-04-05 09:42 - 01330072 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-04-05 09:42 - 2016-04-05 09:42 - 01022872 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-04-05 09:42 - 2016-04-05 09:42 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-04-05 09:42 - 2016-04-05 09:42 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-04-05 09:42 - 2016-04-05 09:42 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-04-05 09:42 - 2016-04-05 09:42 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-04-05 09:42 - 2016-04-05 09:42 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-04-05 09:42 - 2016-04-05 09:42 - 00221976 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-04-05 09:42 - 2016-04-05 09:42 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-04-05 09:42 - 2016-04-05 09:42 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-04-05 09:41 - 2016-04-05 09:49 - 03081808 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-04-05 09:41 - 2016-04-05 09:43 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-04-05 09:41 - 2016-04-05 09:43 - 03198720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-04-05 09:41 - 2016-04-05 09:43 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-04-05 09:41 - 2016-04-05 09:42 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-04-05 09:41 - 2016-04-05 09:42 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-04-05 09:41 - 2016-04-05 09:42 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-04-05 09:41 - 2016-04-05 09:42 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-04-05 09:41 - 2016-04-05 09:42 - 00192992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-04-05 09:41 - 2016-04-05 09:42 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-04-05 09:41 - 2016-04-05 09:42 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-04-05 09:41 - 2016-04-05 09:41 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-04-05 09:41 - 2016-04-05 09:41 - 05576400 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-04-05 09:41 - 2016-04-05 09:41 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-04-05 09:41 - 2016-04-05 09:41 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-04-05 09:32 - 2016-04-05 09:41 - 02049664 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-04-05 09:30 - 2016-04-05 09:49 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-04-05 09:30 - 2016-04-05 09:42 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-04-05 09:30 - 2016-04-05 09:42 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-04-05 09:30 - 2016-04-05 09:30 - 03282032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-04-05 09:30 - 2016-04-05 09:30 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-04-05 09:27 - 2016-04-05 09:28 - 00111336 _____ (GenesysLogic) C:\WINDOWS\system32\Drivers\GeneStor.sys
2016-04-05 09:27 - 2016-04-05 09:27 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-04-05 09:22 - 2016-04-05 09:24 - 00130248 _____ (Qualcomm Atheros Co., Ltd.) C:\WINDOWS\system32\Drivers\L1C63x64.sys
2016-04-05 08:45 - 2016-04-05 08:48 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-04-05 08:45 - 2016-04-05 08:46 - 00003086 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Jean-Marie)
2016-04-05 08:44 - 2016-04-05 09:50 - 00002203 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-04-05 08:44 - 2016-04-05 08:44 - 00027552 _____ (REALiX™) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-04-05 08:44 - 2016-04-05 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-04-05 08:40 - 2016-04-05 08:40 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-04-05 08:39 - 2016-04-05 08:39 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-04-05 08:38 - 2016-04-07 18:49 - 00000268 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_Jean-Marie.job
2016-04-05 08:38 - 2016-04-05 08:40 - 00003316 _____ C:\WINDOWS\System32\Tasks\ASC9_PerformanceMonitor
2016-04-05 08:38 - 2016-04-05 08:38 - 00002460 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_Jean-Marie
2016-04-05 08:37 - 2016-04-05 08:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-04-05 08:25 - 2016-04-05 08:25 - 05132976 _____ (ReviverSoft LLC) C:\Users\Jean-Marie\Downloads\DriverReviverSetup_ppc.exe
2016-04-05 08:23 - 2016-04-05 08:32 - 42683680 _____ (IObit ) C:\Users\Jean-Marie\Downloads\advanced-systemcare-setup(1).exe
2016-04-05 08:22 - 2016-04-05 08:24 - 42683680 _____ (IObit ) C:\Users\Jean-Marie\Downloads\advanced-systemcare-setup.exe
2016-04-05 06:56 - 2016-04-05 08:04 - 00000000 ____D C:\CCE_Quarantine
2016-04-05 06:22 - 2016-04-06 13:50 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Auslogics
2016-04-05 06:21 - 2016-04-05 06:21 - 00001208 _____ C:\Users\Jean-Marie\Desktop\Auslogics BitReplica.lnk
2016-04-05 06:20 - 2016-04-05 06:20 - 06628472 _____ (Auslogics Software Pty Ltd ) C:\Users\Jean-Marie\Downloads\auslogics-bitreplica-setup.exe
2016-04-05 06:14 - 2016-04-05 06:14 - 00000000 ____D C:\WINDOWS\5158974E2D28401893357694C2974746.TMP
2016-04-05 06:11 - 2016-04-05 06:11 - 00000000 ____D C:\OneDriveTemp
2016-04-04 19:42 - 2016-04-08 09:41 - 00429600 _____ C:\WINDOWS\ntbtlog.txt
2016-04-04 19:34 - 2016-04-04 19:34 - 00000000 ____D C:\ProgramData\launcher
2016-04-04 19:34 - 2016-04-04 19:34 - 00000000 ____D C:\ProgramData\explauncher
2016-04-04 19:33 - 2016-04-04 19:33 - 00034056 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\hotcore3.sys
2016-04-04 19:33 - 2016-04-04 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Partition Manager™ 14 Free
2016-04-04 19:14 - 2016-04-04 19:15 - 49922992 _____ C:\Users\Jean-Marie\Downloads\pm14free_x64_fr.exe
2016-04-04 18:42 - 2016-04-04 18:54 - 00003391 ____H C:\WINDOWS\EPMBatch.ept
2016-04-04 18:18 - 2016-04-04 18:52 - 00000000 _____ C:\WINDOWS\BcdLog.txt
2016-04-04 18:08 - 2016-04-04 18:08 - 03557000 _____ C:\WINDOWS\system32\BootMan.exe
2016-04-04 18:08 - 2016-04-04 18:08 - 02658952 _____ C:\WINDOWS\SysWOW64\BootMan.exe
2016-04-04 18:08 - 2016-04-04 18:08 - 00088160 _____ C:\WINDOWS\SysWOW64\setupempdrv03.exe
2016-04-04 18:08 - 2016-04-04 18:08 - 00021088 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll
2016-04-04 18:08 - 2016-04-04 18:08 - 00017504 _____ C:\WINDOWS\system32\EuEpmGdi.dll
2016-04-04 18:08 - 2016-04-04 18:08 - 00014944 _____ C:\WINDOWS\SysWOW64\epmntdrv.sys
2016-04-04 18:08 - 2016-04-04 18:08 - 00010208 _____ C:\WINDOWS\SysWOW64\EuGdiDrv.sys
2016-04-04 18:08 - 2016-04-04 18:08 - 00001427 _____ C:\Users\Public\Desktop\EaseUS Partition Master 10.8.lnk
2016-04-04 18:08 - 2016-04-04 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
2016-04-04 18:08 - 2014-11-18 14:39 - 00018528 _____ C:\WINDOWS\system32\epmntdrv.sys
2016-04-04 18:08 - 2014-11-18 14:39 - 00010848 _____ C:\WINDOWS\system32\EuGdiDrv.sys
2016-04-04 18:08 - 2014-11-18 14:38 - 00101984 _____ C:\WINDOWS\system32\setupempdrvx64.exe
2016-04-04 18:05 - 2016-04-04 18:06 - 29202592 _____ (EaseUS ) C:\Users\Jean-Marie\Downloads\epm.exe
2016-04-04 17:52 - 2016-04-04 17:52 - 00002600 _____ C:\Users\Jean-Marie\Desktop\mbam rapport.txt
2016-04-04 17:18 - 2016-04-04 17:24 - 02174464 _____ C:\Users\Jean-Marie\Desktop\ZHPDiag3.exe
2016-04-04 14:36 - 2016-04-04 15:11 - 196786040 _____ (Sophos Limited) C:\Users\Jean-Marie\Downloads\SophosInstall.exe
2016-04-04 11:05 - 2016-04-04 11:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Avanquest
2016-04-04 11:05 - 2016-04-04 11:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Avanquest
2016-04-04 11:05 - 2016-04-04 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Advisor
2016-04-04 09:56 - 2016-04-04 09:56 - 00000000 ____D C:\AdwCleaner
2016-04-04 09:56 - 2016-04-04 09:56 - 00000000 _____ C:\WINDOWS\EEventManager.INI
2016-04-04 09:27 - 2016-04-07 14:15 - 00015776 _____ C:\WINDOWS\system32\.crusader
2016-04-04 07:58 - 2016-04-04 07:58 - 00002016 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-04-04 07:58 - 2016-04-04 07:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-04-04 07:56 - 2016-04-04 07:58 - 00000000 ____D C:\Program Files\HitmanPro
2016-04-04 07:52 - 2016-04-04 09:52 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-04 07:09 - 2016-04-06 08:55 - 00001920 _____ C:\Users\Jean-Marie\Desktop\ShadowExplorer.lnk
2016-04-04 07:01 - 2016-04-06 08:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer
2016-04-04 06:54 - 2016-04-06 08:55 - 00000000 ____D C:\Program Files (x86)\ShadowExplorer
2016-04-03 18:06 - 2016-04-03 18:06 - 00114263 _____ C:\Users\Jean-Marie\Desktop\ZHPDiag 3 avril 2016.txt
2016-04-03 09:53 - 2016-04-06 06:58 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-04-03 09:16 - 2016-04-03 09:16 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\ProductData
2016-04-03 09:04 - 2016-04-03 09:03 - 00011392 ____R C:\Users\Jean-Marie\Desktop\Pre_Scan_03_04_2016_09_03_47.txt
2016-04-03 09:04 - 2016-04-03 09:03 - 00011392 ____R C:\Pre_Scan_03_04_2016_09_03_47.txt
2016-04-03 09:03 - 2016-04-03 09:03 - 00001023 _____ C:\Users\Jean-Marie\Desktop\Internet Explorer.lnk
2016-04-02 16:48 - 2016-04-02 16:48 - 00000000 ____D C:\AdsFix
2016-04-02 16:00 - 2016-04-08 14:22 - 00001023 _____ C:\Users\Jean-Marie\Desktop\Pre_Scan_Donate.lnk
2016-04-02 16:00 - 2016-04-03 09:05 - 00000000 ____D C:\Pre_Scan
2016-04-02 16:00 - 2016-04-02 16:00 - 00001565 _____ C:\Users\Jean-Marie\Desktop\Pre_Scan_Restore.lnk
2016-04-02 15:49 - 2016-04-02 15:58 - 03440656 _____ (SosVirus) C:\Users\Jean-Marie\Desktop\Pre_Scan.exe
2016-04-02 15:19 - 2016-04-08 06:52 - 00046350 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2016-04-02 15:18 - 2016-04-02 15:19 - 00001380 _____ C:\Users\Jean-Marie\Desktop\UsbFix_Maintenance Virtuel.lnk
2016-04-02 14:38 - 2016-04-08 08:31 - 00002514 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Jean-Marie
2016-04-02 14:36 - 2016-04-08 08:35 - 00000308 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Jean-Marie.job
2016-04-02 14:34 - 2016-04-06 07:18 - 00000000 ____D C:\ProgramData\ProductData
2016-04-02 14:34 - 2016-04-02 14:49 - 00000000 ____D C:\Users\Jean-Marie\AppData\LocalLow\IObit
2016-04-02 14:33 - 2016-04-02 14:33 - 00001393 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-04-02 14:33 - 2016-04-02 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-04-02 14:28 - 2016-04-06 07:14 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\IObit
2016-04-02 13:40 - 2016-04-02 14:20 - 00000000 ____D C:\Users\Jean-Marie\Desktop\roguekiller & webcam
2016-04-02 07:39 - 2016-04-03 09:52 - 00000901 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-04-02 07:39 - 2016-04-03 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-04-02 07:38 - 2016-04-03 15:18 - 00000000 ____D C:\ProgramData\RogueKiller
2016-04-02 07:38 - 2016-04-03 09:52 - 00000000 ____D C:\Program Files\RogueKiller
2016-04-01 11:31 - 2016-04-01 11:31 - 00000000 ____D C:\Users\Public\Documents\Mes rapports de nettoyage
2016-04-01 11:30 - 2016-04-01 12:07 - 00000000 ____D C:\ProgramData\migrateos
2016-04-01 10:48 - 2016-04-01 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Bureau
2016-04-01 10:45 - 2009-07-15 09:17 - 00082992 _____ (Sunbelt Software) C:\WINDOWS\system32\Drivers\sbtis.sys
2016-04-01 10:44 - 2016-04-01 10:44 - 00000000 ____D C:\Users\Public\Documents\BVRP Software
2016-04-01 10:42 - 2016-04-08 10:14 - 00000000 ____D C:\_Backup
2016-04-01 10:42 - 2016-04-01 10:42 - 00000000 ____D C:\_Backup.RC
2016-04-01 10:37 - 2016-04-08 08:34 - 00000000 ____D C:\ProgramData\Avanquest
2016-04-01 10:37 - 2016-04-01 11:21 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Avanquest
2016-04-01 10:36 - 2016-04-08 08:34 - 00000000 ____D C:\Program Files (x86)\Avanquest
2016-04-01 10:09 - 2016-04-08 14:29 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-01 10:08 - 2016-04-01 10:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-01 10:08 - 2016-04-01 10:08 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-01 10:08 - 2016-04-01 10:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-01 10:08 - 2016-04-01 10:08 - 00001137 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-01 10:08 - 2016-04-01 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-01 10:08 - 2016-04-01 10:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-01 10:08 - 2016-04-01 10:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-01 09:13 - 2016-04-01 09:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans
2016-04-01 08:59 - 2016-04-05 22:12 - 00000000 ___RD C:\Users\Jean-Marie\Desktop\cewbélink power2'dar, quel tri'toir nadia winifred, & macarons domi'gru
2016-04-01 08:59 - 2016-04-05 22:12 - 00000000 ____D C:\Users\Jean-Marie\Desktop\EASEUs Todo PCTrans Pro & FIX-IT Utilities 15 Pro
2016-04-01 08:54 - 2016-04-01 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Migrate OS to SSD™ 4.0
2016-04-01 08:53 - 2016-04-04 19:25 - 00000000 ____D C:\Program Files\Paragon Software
2016-04-01 08:13 - 2016-04-07 09:51 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Downloaded Installations
2016-04-01 08:04 - 2016-04-01 11:00 - 00000000 ____D C:\Users\Jean-Marie\Documents\jean-marie.carribon@wanadoo.fr's Online Sync
2016-04-01 07:25 - 2016-04-01 07:25 - 00001126 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-04-01 07:25 - 2016-04-01 07:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-04-01 07:23 - 2016-04-08 14:34 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2016-04-01 05:58 - 2016-04-01 05:58 - 00000593 _____ C:\Users\Public\Desktop\cCloud.lnk
2016-04-01 05:49 - 2016-04-01 05:49 - 00013264 _____ (WiseCleaner.com) C:\WINDOWS\WiseFs64.sys
2016-04-01 05:46 - 2016-04-01 05:46 - 00003972 _____ C:\WINDOWS\System32\Tasks\Ashampoo Privacy Protector Weekly Security Scan
2016-04-01 05:44 - 2016-04-01 05:44 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Wise Video Downloader
2016-04-01 05:44 - 2016-04-01 05:44 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Wise Care 365
2016-04-01 05:40 - 2016-04-01 05:40 - 00000000 ____D C:\My Works
2016-04-01 05:39 - 2016-04-01 05:39 - 00000000 ____D C:\Users\Jean-Marie\Documents\Avatar
2016-04-01 05:38 - 2016-04-01 05:38 - 00000000 ____D C:\Users\Jean-Marie\Documents\YouCam
2016-03-31 18:41 - 2016-03-31 18:41 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Wondershare Free YouTube Downloader
2016-03-31 18:37 - 2016-03-31 18:48 - 00000000 ____D C:\ProgramData\Wondershare Free YouTube Downloader
2016-03-31 18:36 - 2016-03-31 18:36 - 00000000 ____D C:\ProgramData\Wondershare Application Common Data
2016-03-31 16:11 - 2016-04-04 17:55 - 00116497 _____ C:\Users\Jean-Marie\Desktop\ZHPDiag.txt
2016-03-31 16:03 - 2016-04-04 18:42 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\ZHP
2016-03-31 16:03 - 2016-04-04 17:25 - 00000913 _____ C:\Users\Jean-Marie\Desktop\ZHPDiag.lnk
2016-03-31 15:26 - 2016-04-08 14:37 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\CrashDumps
2016-03-31 15:21 - 2016-04-06 15:12 - 00000000 ____D C:\UsbFix
2016-03-31 15:21 - 2016-03-31 15:21 - 00001487 _____ C:\Users\Jean-Marie\Desktop\UsbFix.lnk
2016-03-31 15:17 - 2016-03-31 15:20 - 03088723 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Jean-Marie\Desktop\UsbFix_2016_8.210.exe
2016-03-31 09:49 - 2016-03-31 09:49 - 00000000 ____D C:\Users\Jean-Marie\Documents\Camtasia Studio
2016-03-31 09:49 - 2016-03-31 09:49 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\TechSmith
2016-03-31 09:48 - 2016-04-04 09:33 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\TechSmith
2016-03-31 09:45 - 2016-04-08 13:18 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-03-31 09:45 - 2016-04-04 09:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2016-03-31 09:45 - 2016-03-31 09:45 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2016-03-31 09:44 - 2016-04-04 09:30 - 00000000 ____D C:\Program Files (x86)\TechSmith
2016-03-31 09:44 - 2016-03-31 09:44 - 00000000 ____D C:\ProgramData\TechSmith
2016-03-31 09:17 - 2016-03-31 09:48 - 00000000 ____D C:\Users\Jean-Marie\Desktop\screen capture & video editor for  events de la cité de la gastronomie & du vin
2016-03-31 08:46 - 2016-04-08 07:21 - 00004176 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CB233D6F-3E4E-4650-888F-DB1B075159E4}
2016-03-31 08:28 - 2016-03-31 08:28 - 00001079 _____ C:\Users\Public\Desktop\UpdateStar Product Key Finder.lnk
2016-03-31 08:28 - 2016-03-31 08:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateStar
2016-03-31 08:28 - 2016-03-31 08:28 - 00000000 ____D C:\Program Files\UpdateStar
2016-03-31 07:24 - 2016-03-31 07:24 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-03-31 07:05 - 2016-03-31 07:05 - 00003140 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2016-03-30 20:19 - 2016-03-30 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDAntiRansomware
2016-03-30 20:19 - 2016-03-30 20:19 - 00000000 ____D C:\Program Files\Bitdefender
2016-03-30 19:02 - 2016-03-30 19:02 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\IceDragon
2016-03-30 17:48 - 2016-03-30 17:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-30 17:48 - 2016-03-30 17:48 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-30 17:45 - 2016-02-24 11:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-30 17:45 - 2016-02-24 11:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-30 17:45 - 2016-02-24 11:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-30 17:45 - 2016-02-24 11:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-30 17:45 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-30 17:45 - 2016-02-24 10:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-30 17:45 - 2016-02-24 10:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-30 17:45 - 2016-02-24 10:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-30 17:45 - 2016-02-24 08:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-30 17:45 - 2016-02-24 08:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-30 17:45 - 2016-02-24 07:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-30 17:45 - 2016-02-24 07:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-30 17:45 - 2016-02-24 07:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-30 17:45 - 2016-02-24 07:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-30 17:45 - 2016-02-24 07:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-30 17:45 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-30 17:45 - 2016-02-23 13:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-30 17:45 - 2016-02-23 12:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-30 17:45 - 2016-02-23 12:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-30 17:45 - 2016-02-23 12:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-30 17:45 - 2016-02-23 12:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-30 17:45 - 2016-02-23 12:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-30 17:45 - 2016-02-23 12:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-30 17:45 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-30 17:45 - 2016-02-23 11:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-30 17:45 - 2016-02-23 10:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-30 17:45 - 2016-02-23 10:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-30 17:45 - 2016-02-23 10:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-30 17:45 - 2016-02-23 10:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-30 17:45 - 2016-02-23 10:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-30 17:45 - 2016-02-23 10:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-30 17:45 - 2016-02-23 10:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-30 17:45 - 2016-02-23 09:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-30 17:45 - 2016-02-23 09:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-30 17:45 - 2016-02-23 09:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-30 17:45 - 2016-02-23 09:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-30 17:45 - 2016-02-23 09:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-30 17:45 - 2016-02-23 09:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-30 17:45 - 2016-02-23 08:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-30 17:45 - 2016-02-23 08:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-30 17:45 - 2016-02-23 08:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-30 17:45 - 2016-02-23 08:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-30 17:45 - 2016-02-23 08:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-30 17:45 - 2016-02-23 08:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-30 17:45 - 2016-02-23 08:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-30 17:45 - 2016-02-23 08:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-30 17:45 - 2016-02-09 05:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-30 17:45 - 2016-02-09 05:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-30 17:45 - 2016-02-09 05:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-30 17:44 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-30 17:44 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-30 17:44 - 2016-02-24 11:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-30 17:44 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-30 17:44 - 2016-02-24 11:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-30 17:44 - 2016-02-24 10:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-30 17:44 - 2016-02-24 10:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-30 17:44 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-30 17:44 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-30 17:44 - 2016-02-24 10:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-30 17:44 - 2016-02-24 10:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-30 17:44 - 2016-02-24 09:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-30 17:44 - 2016-02-24 08:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-30 17:44 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-30 17:44 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-30 17:44 - 2016-02-24 08:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-30 17:44 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-30 17:44 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-30 17:44 - 2016-02-24 08:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-30 17:44 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-30 17:44 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-30 17:44 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-30 17:44 - 2016-02-24 08:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-30 17:44 - 2016-02-24 08:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-30 17:44 - 2016-02-24 07:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-30 17:44 - 2016-02-24 07:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-30 17:44 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-30 17:44 - 2016-02-24 07:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-30 17:44 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-30 17:44 - 2016-02-24 06:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-30 17:44 - 2016-02-24 06:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-30 17:44 - 2016-02-23 13:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-30 17:44 - 2016-02-23 13:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-30 17:44 - 2016-02-23 13:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-30 17:44 - 2016-02-23 12:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-30 17:44 - 2016-02-23 12:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-30 17:44 - 2016-02-23 12:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-30 17:44 - 2016-02-23 12:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-30 17:44 - 2016-02-23 12:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-30 17:44 - 2016-02-23 12:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-30 17:44 - 2016-02-23 12:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-30 17:44 - 2016-02-23 12:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-30 17:44 - 2016-02-23 12:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-30 17:44 - 2016-02-23 11:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-30 17:44 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-30 17:44 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-30 17:44 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-30 17:44 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-30 17:44 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-30 17:44 - 2016-02-23 11:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-30 17:44 - 2016-02-23 11:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-30 17:44 - 2016-02-23 11:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-30 17:44 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-30 17:44 - 2016-02-23 10:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-30 17:44 - 2016-02-23 10:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-30 17:44 - 2016-02-23 10:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-30 17:44 - 2016-02-23 10:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-30 17:44 - 2016-02-23 10:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-30 17:44 - 2016-02-23 10:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-30 17:44 - 2016-02-23 10:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-30 17:44 - 2016-02-23 10:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-30 17:44 - 2016-02-23 10:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-30 17:44 - 2016-02-23 10:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-30 17:44 - 2016-02-23 10:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-30 17:44 - 2016-02-23 10:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-30 17:44 - 2016-02-23 10:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-30 17:44 - 2016-02-23 10:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-30 17:44 - 2016-02-23 09:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-30 17:44 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-30 17:44 - 2016-02-23 09:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-30 17:44 - 2016-02-23 09:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-30 17:44 - 2016-02-23 09:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-30 17:44 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-30 17:44 - 2016-02-23 09:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-30 17:44 - 2016-02-23 09:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-30 17:44 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-30 17:44 - 2016-02-23 09:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-30 17:44 - 2016-02-23 09:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-30 17:44 - 2016-02-23 09:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-30 17:44 - 2016-02-23 09:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-30 17:44 - 2016-02-23 09:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-30 17:44 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-30 17:44 - 2016-02-23 08:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-30 17:44 - 2016-02-23 08:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-30 17:44 - 2016-02-23 08:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-30 17:44 - 2016-02-23 08:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-30 17:44 - 2016-02-23 08:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-30 17:44 - 2016-02-23 08:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-30 17:44 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-30 17:44 - 2016-02-23 08:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-30 17:44 - 2016-02-23 08:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-30 17:44 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-30 17:43 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-30 17:43 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-30 17:43 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-30 17:43 - 2016-02-24 10:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-30 17:43 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-30 17:43 - 2016-02-24 10:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-30 17:43 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-30 17:43 - 2016-02-24 10:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-30 17:43 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-30 17:43 - 2016-02-24 10:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-30 17:43 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-30 17:43 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-30 17:43 - 2016-02-24 09:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-30 17:43 - 2016-02-24 09:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-30 17:43 - 2016-02-24 09:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-30 17:43 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-30 17:43 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-30 17:43 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-30 17:43 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-30 17:43 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-30 17:43 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-30 17:43 - 2016-02-24 09:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-30 17:43 - 2016-02-24 09:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-30 17:43 - 2016-02-24 09:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-30 17:43 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-30 17:43 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-30 17:43 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-30 17:43 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-30 17:43 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-30 17:43 - 2016-02-24 09:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-30 17:43 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-30 17:43 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-30 17:43 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-30 17:43 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-30 17:43 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-30 17:43 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-30 17:43 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-30 17:43 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-30 17:43 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-30 17:43 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-30 17:43 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-30 17:43 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-30 17:43 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-30 17:43 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-30 17:43 - 2016-02-24 08:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-30 17:43 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-30 17:43 - 2016-02-24 08:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-30 17:43 - 2016-02-24 08:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-30 17:43 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-30 17:43 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-30 17:43 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-30 17:43 - 2016-02-24 08:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-30 17:43 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-30 17:43 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-30 17:43 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-30 17:43 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-30 17:43 - 2016-02-24 08:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-30 17:43 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-30 17:43 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-30 17:43 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-30 17:43 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-30 17:43 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-30 17:43 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-30 17:43 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-30 17:43 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-30 17:43 - 2016-02-24 08:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-30 17:43 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-30 17:43 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-30 17:43 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-30 17:43 - 2016-02-24 08:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-30 17:43 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-30 17:43 - 2016-02-23 13:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-30 17:43 - 2016-02-23 13:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-30 17:43 - 2016-02-23 13:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-30 17:43 - 2016-02-23 13:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-30 17:43 - 2016-02-23 13:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-30 17:43 - 2016-02-23 13:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-30 17:43 - 2016-02-23 12:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-30 17:43 - 2016-02-23 12:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-30 17:43 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-30 17:43 - 2016-02-23 12:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-30 17:43 - 2016-02-23 11:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-30 17:43 - 2016-02-23 11:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-30 17:43 - 2016-02-23 11:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-30 17:43 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-30 17:43 - 2016-02-23 11:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-30 17:43 - 2016-02-23 11:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-30 17:43 - 2016-02-23 11:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-30 17:43 - 2016-02-23 11:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-30 17:43 - 2016-02-23 11:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-30 17:43 - 2016-02-23 11:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-30 17:43 - 2016-02-23 11:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-30 17:43 - 2016-02-23 11:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-30 17:43 - 2016-02-23 11:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-30 17:43 - 2016-02-23 10:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-30 17:43 - 2016-02-23 10:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-30 17:43 - 2016-02-23 10:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-30 17:43 - 2016-02-23 10:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-30 17:43 - 2016-02-23 10:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-30 17:43 - 2016-02-23 10:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-30 17:43 - 2016-02-23 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-30 17:43 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-30 17:43 - 2016-02-23 10:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-30 17:43 - 2016-02-23 10:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-30 17:43 - 2016-02-23 10:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-30 17:43 - 2016-02-23 10:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-30 17:43 - 2016-02-23 10:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-30 17:43 - 2016-02-23 10:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-30 17:43 - 2016-02-23 10:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-30 17:43 - 2016-02-23 10:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-30 17:43 - 2016-02-23 10:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-30 17:43 - 2016-02-23 10:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-30 17:43 - 2016-02-23 10:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-30 17:43 - 2016-02-23 10:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-30 17:43 - 2016-02-23 10:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-30 17:43 - 2016-02-23 10:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-30 17:43 - 2016-02-23 10:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-30 17:43 - 2016-02-23 10:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-30 17:43 - 2016-02-23 10:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-30 17:43 - 2016-02-23 10:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-30 17:43 - 2016-02-23 10:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-30 17:43 - 2016-02-23 10:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-30 17:43 - 2016-02-23 10:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-30 17:43 - 2016-02-23 09:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-30 17:43 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-30 17:43 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-30 17:43 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-30 17:43 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-30 17:43 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-30 17:43 - 2016-02-23 09:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-30 17:43 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-30 17:43 - 2016-02-23 09:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-30 17:43 - 2016-02-23 09:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-30 17:43 - 2016-02-23 09:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-30 17:43 - 2016-02-23 09:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-30 17:43 - 2016-02-23 09:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-30 17:43 - 2016-02-23 08:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-30 17:43 - 2016-02-09 05:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-30 17:43 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-30 17:43 - 2016-02-09 05:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-30 17:42 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-30 17:42 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-30 17:42 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-30 17:42 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-30 17:42 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-30 17:42 - 2016-02-24 09:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-30 17:42 - 2016-02-24 09:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-30 17:42 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-30 17:42 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-30 17:42 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-30 17:42 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-30 17:42 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-30 17:42 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-30 17:42 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-30 17:42 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-30 17:42 - 2016-02-24 09:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-30 17:42 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-30 17:42 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-30 17:42 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-30 17:42 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-30 17:42 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-30 17:42 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-30 17:42 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-30 17:42 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-30 17:42 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-30 17:42 - 2016-02-24 08:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-30 17:42 - 2016-02-24 08:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-30 17:42 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-30 17:42 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-30 17:42 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-30 17:42 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-30 17:42 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-30 17:42 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-30 17:42 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-30 17:42 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-30 17:42 - 2016-02-23 11:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-30 17:42 - 2016-02-23 11:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-30 17:42 - 2016-02-23 11:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-30 17:42 - 2016-02-23 11:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-30 17:42 - 2016-02-23 10:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-30 17:42 - 2016-02-23 10:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-30 17:42 - 2016-02-23 10:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-30 17:42 - 2016-02-23 10:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-30 17:42 - 2016-02-23 10:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-30 17:42 - 2016-02-23 10:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-30 17:42 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-30 17:42 - 2016-02-23 09:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-30 17:42 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-30 17:42 - 2016-02-23 09:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-30 17:07 - 2016-04-08 14:01 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-30 17:04 - 2016-04-01 05:55 - 02575552 _____ (COMODO Security Solutions) C:\WINDOWS\system32\Drivers\SynchronizationService.exe
2016-03-30 17:04 - 2016-04-01 05:54 - 03550400 _____ (COMODO Security Solutions) C:\WINDOWS\system32\Drivers\COSService.exe
2016-03-30 15:35 - 2016-03-30 15:35 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools
2016-03-30 15:35 - 2016-03-30 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Power Tools
2016-03-30 15:34 - 2016-03-30 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2016-03-30 15:13 - 2016-04-04 18:07 - 00000000 ____D C:\Program Files (x86)\EaseUS
2016-03-30 14:55 - 2016-04-07 16:46 - 00000000 ____D C:\Users\Jean-Marie\Documents\AoaoPhoto Digital Studio
2016-03-30 14:55 - 2016-03-30 14:55 - 00001404 _____ C:\Users\Jean-Marie\Desktop\Watermark Software.lnk
2016-03-30 14:55 - 2016-03-30 14:55 - 00001164 _____ C:\Users\Jean-Marie\Desktop\Video Watermark Pro.lnk
2016-03-30 14:55 - 2016-03-30 14:55 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Watermark Pro
2016-03-30 14:55 - 2016-03-30 14:55 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AoaoPhoto Digital Studio
2016-03-30 14:55 - 2016-03-30 14:55 - 00000000 ____D C:\Program Files (x86)\AoaoPhoto Digital Studio
2016-03-30 14:54 - 2016-03-30 14:54 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Power2Go10
2016-03-30 14:53 - 2016-04-08 11:42 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\CyberLink
2016-03-30 14:53 - 2016-04-08 11:40 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2016-03-30 14:53 - 2016-03-30 14:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2
2016-03-30 14:50 - 2016-03-30 14:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 10
2016-03-30 14:49 - 2016-03-30 14:51 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-03-30 14:49 - 2016-03-30 14:51 - 00103176 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualBus01.sys
2016-03-30 14:41 - 2016-03-30 14:46 - 258331888 _____ C:\Users\Jean-Marie\Documents\Power2Go_10.0.2522.0_Essential_b_Essential_P2G151125-04.exe
2016-03-30 14:27 - 2016-03-30 15:35 - 00001286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 7 Mirror.lnk
2016-03-30 14:27 - 2016-03-30 15:35 - 00001280 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 7.lnk
2016-03-30 14:27 - 2016-03-30 14:27 - 00042968 _____ (CyberLink Corporation) C:\WINDOWS\system32\Drivers\clwvd7.sys
2016-03-30 14:11 - 2016-03-30 14:19 - 360972440 _____ C:\Users\Jean-Marie\Documents\YouCam_7.0.0824.0_Essential_Essential_YUC150904-01.exe
2016-03-30 14:10 - 2016-03-30 14:10 - 00000000 ____D C:\Users\Public\CyberLink
2016-03-30 14:03 - 2016-03-30 15:35 - 00001428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink VideoMeeting+.lnk
2016-03-30 14:03 - 2016-03-30 14:53 - 00000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2016-03-30 14:03 - 2016-03-30 14:04 - 00041912 _____ (CyberLink Corporation) C:\WINDOWS\system32\Drivers\clwvdVM.sys
2016-03-30 14:03 - 2016-03-30 14:04 - 00040392 _____ (CyberLink) C:\WINDOWS\system32\Drivers\clvad.sys
2016-03-30 13:59 - 2016-03-30 14:53 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2016-03-30 13:40 - 2016-03-30 15:09 - 00003654 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-03-30 13:37 - 2016-03-30 15:08 - 00000676 _____ C:\DelFix.txt
2016-03-30 13:37 - 2016-03-30 13:37 - 00000000 ____D C:\WINDOWS\ERUNT
2016-03-30 11:36 - 2016-03-30 12:25 - 99985640 _____ C:\Users\Jean-Marie\Documents\VideoMeetingPlus_1.0.1402a.0_Beta_VMX151229-01.exe
2016-03-30 08:54 - 2016-03-30 08:54 - 00000000 ____D C:\ProgramData\Emsisoft
2016-03-30 08:20 - 2016-04-01 07:03 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-03-30 08:19 - 2016-03-30 08:19 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\UsbFix
2016-03-30 08:12 - 2016-03-30 08:12 - 00000584 _____ C:\Users\Jean-Marie\Desktop\COMODO TrustConnect (VPN).lnk
2016-03-30 07:57 - 2016-04-08 14:36 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2016-03-30 07:57 - 2016-04-08 06:49 - 00001904 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2016-03-30 07:57 - 2016-04-04 09:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2016-03-30 07:56 - 2016-03-30 07:56 - 00000000 ____D C:\ProgramData\Shared Space
2016-03-30 07:55 - 2016-04-01 05:59 - 00000000 ____D C:\Program Files\COMODO
2016-03-30 07:55 - 2016-03-30 08:48 - 00001226 _____ C:\Users\Jean-Marie\Desktop\Internet (Chromodo).lnk
2016-03-30 07:54 - 2016-04-08 08:09 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Comodo
2016-03-30 07:52 - 2016-03-30 10:54 - 00000000 ____D C:\ProgramData\Comodo
2016-03-30 07:48 - 2016-03-30 07:48 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\AMD
2016-03-30 07:46 - 2016-04-08 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2016-03-30 07:46 - 2016-04-08 06:46 - 00001097 _____ C:\Users\Public\Desktop\Comodo IceDragon.lnk
2016-03-30 07:46 - 2016-03-30 10:54 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Comodo
2016-03-30 07:44 - 2016-04-08 08:08 - 00000000 ____D C:\Program Files (x86)\Comodo
2016-03-30 07:44 - 2016-03-30 07:44 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2016-03-30 07:42 - 2016-03-30 07:42 - 00000000 ____D C:\ProgramData\ATI
2016-03-30 06:59 - 2016-03-30 06:59 - 00000000 ____D C:\Users\Public\Documents\Ashampoo
2016-03-30 06:56 - 2016-03-30 15:05 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\MicrosoftEdge
2016-03-30 06:56 - 2016-03-30 06:56 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\VS Revo Group
2016-03-30 06:55 - 2016-04-01 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-03-30 06:55 - 2016-03-30 06:55 - 00001284 _____ C:\Users\Public\Desktop\Ashampoo UnInstaller 6.lnk
2016-03-30 06:55 - 2016-03-30 06:55 - 00001124 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2016-03-30 06:55 - 2016-03-30 06:55 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-03-30 06:55 - 2016-03-30 06:55 - 00000000 ____D C:\Program Files\VS Revo Group
2016-03-30 06:55 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2016-03-30 06:54 - 2016-03-30 06:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-03-30 06:53 - 2016-03-30 06:53 - 00000000 ____D C:\ProgramData\AMD
2016-03-30 06:53 - 2016-03-30 06:53 - 00000000 ____D C:\Program Files\ATI Technologies
2016-03-30 06:51 - 2016-04-04 08:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-30 06:49 - 2016-03-30 06:49 - 00000000 ____D C:\AMD
2016-03-30 06:48 - 2016-03-30 06:49 - 00000000 ____D C:\Program Files\AMD
2016-03-30 06:46 - 2016-04-05 06:11 - 00000000 ___RD C:\Users\Jean-Marie\OneDrive
2016-03-30 06:46 - 2016-03-30 06:47 - 00002469 _____ C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-30 06:42 - 2016-03-30 06:42 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Publishers
2016-03-30 06:38 - 2016-03-30 06:38 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Comms
2016-03-30 06:38 - 2016-03-30 06:38 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\ActiveSync
2016-03-30 06:36 - 2016-03-30 06:36 - 00000020 ___SH C:\Users\Jean-Marie\ntuser.ini
2016-03-30 06:36 - 2016-03-30 06:36 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\TileDataLayer
2016-03-29 21:24 - 2016-03-30 06:34 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-29 21:18 - 2016-03-29 21:18 - 00000000 ____D C:\Windows.old
2016-03-29 21:16 - 2016-03-29 21:16 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-03-29 21:14 - 2016-03-29 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-03-29 21:14 - 2016-03-29 21:14 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-03-29 21:14 - 2016-03-29 21:14 - 00000000 ____D C:\Program Files\MSBuild
2016-03-29 21:14 - 2016-03-29 21:14 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-03-29 21:14 - 2016-03-29 21:14 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-03-29 21:14 - 2016-03-29 21:14 - 00000000 ____D C:\inetpub
2016-03-29 21:13 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-03-29 21:13 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-03-29 21:13 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-03-29 21:13 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-03-29 21:13 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-03-29 21:13 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-03-29 21:12 - 2016-03-29 21:12 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-03-29 21:12 - 2016-03-29 21:12 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-03-29 21:12 - 2016-03-29 21:12 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-29 21:12 - 2016-03-29 21:12 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default\Modèles
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default\Mes documents
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default\Documents\Mes images
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-03-29 20:48 - 2016-03-29 20:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2016-03-29 20:46 - 2016-03-29 20:46 - 00023108 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-03-29 20:42 - 2016-03-29 20:42 - 00000939 _____ C:\WINDOWS\Tasks\EPSON XP-710 Series Update {1E56DFBF-2119-4CDC-B5AB-80C0EEC0CE4C}.job
2016-03-29 20:42 - 2016-03-29 20:42 - 00000753 _____ C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {1E56DFBF-2119-4CDC-B5AB-80C0EEC0CE4C}.job
2016-03-29 20:39 - 2016-03-29 20:39 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2016-03-29 20:39 - 2016-03-29 20:39 - 00000000 ____D C:\Users\Default\Documents\hp.applications.package.appdata
2016-03-29 20:39 - 2016-03-29 20:39 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2016-03-29 20:39 - 2016-03-29 20:39 - 00000000 ____D C:\Users\Default User\Documents\hp.applications.package.appdata
2016-03-29 20:38 - 2016-03-29 20:38 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-29 20:32 - 2016-03-29 20:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-03-29 20:31 - 2016-04-08 14:25 - 00000000 ____D C:\Users\Jean-Marie
2016-03-29 20:31 - 2016-03-29 20:31 - 00000000 _SHDL C:\Users\Jean-Marie\Voisinage réseau
2016-03-29 20:31 - 2016-03-29 20:31 - 00000000 _SHDL C:\Users\Jean-Marie\Voisinage d'impression
2016-03-29 20:31 - 2016-03-29 20:31 - 00000000 _SHDL C:\Users\Jean-Marie\Modèles
2016-03-29 20:31 - 2016-03-29 20:31 - 00000000 _SHDL C:\Users\Jean-Marie\Mes documents
2016-03-29 20:31 - 2016-03-29 20:31 - 00000000 _SHDL C:\Users\Jean-Marie\Menu Démarrer
2016-03-29 20:31 - 2016-03-29 20:31 - 00000000 _SHDL C:\Users\Jean-Marie\AppData\Local\Historique
2016-03-29 20:31 - 2016-03-29 20:31 - 00000000 __SDL C:\Users\Jean-Marie\Documents\Mes vidéos
2016-03-29 20:31 - 2016-03-29 20:31 - 00000000 __SDL C:\Users\Jean-Marie\Documents\Mes images
2016-03-29 20:31 - 2016-03-29 20:31 - 00000000 __SDL C:\Users\Jean-Marie\Documents\Ma musique
2016-03-29 20:31 - 2016-03-29 20:31 - 00000000 __SDL C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-03-29 20:30 - 2016-04-08 14:38 - 02420876 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-29 20:30 - 2016-03-29 20:30 - 01956472 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-03-29 20:27 - 2016-03-29 20:33 - 00000000 ____D C:\ProgramData\EPSON
2016-03-29 20:27 - 2016-03-29 20:33 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-03-29 20:27 - 2016-03-29 20:27 - 00000939 _____ C:\WINDOWS\Tasks\EPSON XP-710 Series Update {03E80943-C8F0-4A00-AD92-12877CAF59FA}.job
2016-03-29 20:27 - 2016-03-29 20:27 - 00000753 _____ C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {03E80943-C8F0-4A00-AD92-12877CAF59FA}.job
2016-03-29 20:27 - 2016-03-29 20:27 - 00000000 ____D C:\Program Files\Common Files\EPSON
2016-03-29 20:26 - 2016-04-05 09:45 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-03-29 20:26 - 2016-03-29 20:26 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-03-29 20:26 - 2016-03-29 20:26 - 00000000 ____D C:\Program Files\Realtek
2016-03-29 19:34 - 2016-04-08 10:18 - 00000000 ____D C:\ProgramData\Sony Corporation
2016-03-29 19:34 - 2016-03-29 19:34 - 00002173 _____ C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2016-03-29 19:34 - 2016-03-29 19:34 - 00000858 _____ C:\Users\Public\Desktop\Print CD.lnk
2016-03-29 19:34 - 2016-03-29 19:34 - 00000000 ____D C:\ProgramData\UDL
2016-03-29 19:33 - 2016-03-29 19:33 - 00001386 _____ C:\Users\Public\Desktop\Manuels EPSON.lnk
2016-03-29 19:33 - 2016-03-29 19:33 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2016-03-29 19:33 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2016-03-29 19:33 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2016-03-29 19:32 - 2016-03-29 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-03-29 19:32 - 2016-03-29 19:33 - 00000000 ____D C:\Program Files (x86)\EPSON
2016-03-29 19:32 - 2016-03-29 19:32 - 00001062 _____ C:\Users\Public\Desktop\MyEpson Portal.lnk
2016-03-29 19:32 - 2016-03-29 19:32 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Epson
2016-03-29 19:31 - 2016-04-08 14:33 - 00000939 _____ C:\WINDOWS\Tasks\EPSON XP-710 Series Update {7F90CE95-7D04-4032-B6B9-CD7B81B919B6}.job
2016-03-29 19:31 - 2016-04-08 14:32 - 00000753 _____ C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {7F90CE95-7D04-4032-B6B9-CD7B81B919B6}.job
2016-03-29 19:31 - 2016-03-29 20:46 - 00003266 _____ C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Update {7F90CE95-7D04-4032-B6B9-CD7B81B919B6}
2016-03-29 19:31 - 2016-03-29 20:46 - 00003080 _____ C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Invitation {7F90CE95-7D04-4032-B6B9-CD7B81B919B6}
2016-03-29 19:31 - 2013-10-22 04:04 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\SETF431.tmp
2016-03-29 19:31 - 2013-10-22 04:04 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\SET632F.tmp
2016-03-29 19:31 - 2013-10-22 04:04 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBLPE.DLL
2016-03-29 19:31 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2016-03-29 19:30 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BLPE.DLL
2016-03-29 19:26 - 2016-03-29 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-03-29 19:26 - 2016-03-29 19:34 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2016-03-29 19:13 - 2016-03-29 20:48 - 00010449 _____ C:\WINDOWS\diagerr.xml
2016-03-29 19:13 - 2016-03-29 20:48 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-03-29 19:13 - 2016-03-29 19:43 - 00000000 ____D C:\$WINDOWS.~BT
2016-03-29 18:04 - 2016-03-29 18:04 - 00000000 ____D C:\$Windows.~WS
2016-03-29 16:58 - 2016-03-29 18:50 - 00000000 ____D C:\ESD
2016-03-29 16:55 - 2016-03-29 16:55 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Logitech® Webcam Software
2016-03-29 16:53 - 2016-03-29 16:53 - 00000000 ____D C:\ProgramData\LogiShrd
2016-03-29 16:52 - 2016-03-29 16:52 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Leadertech
2016-03-29 16:50 - 2016-03-29 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-03-29 16:50 - 2016-03-29 16:52 - 00000000 ____D C:\Program Files (x86)\Logitech
2016-03-29 16:19 - 2016-04-07 15:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Auslogics
2016-03-29 16:19 - 2016-04-07 15:17 - 00000000 ____D C:\ProgramData\Auslogics
2016-03-29 16:19 - 2016-04-07 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2016-03-29 16:19 - 2016-04-07 14:55 - 00000000 ____D C:\Program Files (x86)\Auslogics
2016-03-29 15:53 - 2016-03-30 16:35 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Mozilla
2016-03-29 15:37 - 2016-03-31 18:36 - 00000000 ____D C:\ProgramData\Wondershare
2016-03-29 15:37 - 2016-03-29 15:41 - 00000641 _____ C:\Users\Jean-Marie\Documents\starburn.txt
2016-03-29 15:36 - 2016-03-31 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-03-29 15:36 - 2016-03-29 15:36 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Wondershare
2016-03-29 15:35 - 2016-04-07 16:44 - 00000000 ____D C:\Users\Jean-Marie\Documents\Wondershare Filmora
2016-03-29 15:35 - 2016-03-31 18:36 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-03-29 15:35 - 2016-03-29 15:35 - 00000000 ____D C:\ProgramData\Wondershare Video Editor
2016-03-29 15:33 - 2016-03-31 18:35 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-03-29 15:16 - 2016-04-05 20:00 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\DAEMON Tools Pro
2016-03-29 15:16 - 2016-03-29 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2016-03-29 15:16 - 2016-03-29 15:16 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtproscsibus.sys
2016-03-29 15:15 - 2016-03-29 15:16 - 00000000 ____D C:\Program Files\DAEMON Tools Pro
2016-03-29 15:14 - 2016-04-07 16:48 - 00023552 ___SH C:\Users\Jean-Marie\Desktop\Thumbs.db
2016-03-29 15:13 - 2016-03-29 15:15 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2016-03-29 15:13 - 2016-03-29 15:13 - 00000000 ____D C:\Users\Jean-Marie\Documents\iSkysoft iMedia Converter Deluxe
2016-03-29 15:13 - 2016-03-29 15:13 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2016-03-29 15:12 - 2016-03-29 15:12 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\iSkysoft iMedia Converter Deluxe
2016-03-29 15:11 - 2016-03-29 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft
2016-03-29 15:11 - 2016-03-29 15:11 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\iSkysoft
2016-03-29 15:11 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\ISCM64.dll
2016-03-29 15:11 - 2015-02-27 14:38 - 00214528 _____ () C:\WINDOWS\SysWOW64\ISCM32.dll
2016-03-29 15:10 - 2016-04-07 07:34 - 00000000 ____D C:\ProgramData\IObit
2016-03-29 15:10 - 2016-04-07 07:33 - 00000000 ____D C:\Program Files (x86)\IObit
2016-03-29 15:10 - 2016-04-01 05:45 - 00000000 ____D C:\ProgramData\iSkysoft iMedia Converter Deluxe
2016-03-29 15:10 - 2016-03-29 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Folder Hider
2016-03-29 15:10 - 2016-03-29 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Folder
2016-03-29 15:10 - 2016-03-29 15:13 - 00000000 ____D C:\ProgramData\iSkysoft
2016-03-29 15:10 - 2016-03-29 15:10 - 00000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner
2016-03-29 15:10 - 2016-03-29 15:10 - 00000000 ____D C:\Program Files (x86)\iSkysoft
2016-03-29 15:09 - 2016-03-29 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Video Downloader
2016-03-29 15:09 - 2016-03-29 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer
2016-03-29 15:09 - 2016-03-29 15:10 - 00000000 ____D C:\Program Files (x86)\Wise
2016-03-29 15:08 - 2016-04-05 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Carte Bleue LCL
2016-03-29 15:08 - 2016-04-01 05:44 - 00000000 ____D C:\Program Files (x86)\RegSeeker
2016-03-29 15:08 - 2016-03-29 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegSeeker
2016-03-29 15:08 - 2016-03-29 15:09 - 00000000 ____D C:\Users\Public\Documents\iSkysoft
2016-03-29 15:08 - 2016-03-29 15:08 - 00001958 _____ C:\ProgramData\Microsoft\Windows\Start Menu\e-Carte Bleue LCL.lnk
2016-03-29 15:08 - 2016-03-29 15:08 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegSeeker
2016-03-29 15:08 - 2016-03-29 15:08 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Macromedia
2016-03-29 15:08 - 2016-03-29 15:08 - 00000000 ____D C:\Program Files (x86)\e-Carte Bleue LCL
2016-03-29 15:07 - 2016-04-08 11:42 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\CyberLink
2016-03-29 15:07 - 2016-03-29 20:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Application Manager
2016-03-29 15:01 - 2016-04-06 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-03-29 15:00 - 2016-04-06 11:37 - 00000000 ____D C:\ProgramData\Ashampoo
2016-03-29 15:00 - 2016-03-30 06:54 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-03-29 14:59 - 2016-03-29 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free
2016-03-29 14:59 - 2016-03-29 14:59 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Zemana
2016-03-29 14:59 - 2016-03-29 14:59 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\AntiLogger Free
2016-03-29 14:59 - 2016-03-29 14:59 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger Free
2016-03-29 14:59 - 2016-03-29 14:59 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2016-03-29 14:59 - 2015-11-05 15:00 - 00143904 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\KeyCrypt64.sys
2016-03-29 14:58 - 2016-04-07 16:44 - 00000000 ___RD C:\Users\Jean-Marie\Desktop\LFS Ultra v4.00
2016-03-29 14:58 - 2016-03-29 15:41 - 00000000 ____D C:\Users\Jean-Marie\Desktop\video editor pour efm du musée de l'homme
2016-03-29 14:57 - 2016-03-29 20:46 - 00002752 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4261453527-2494187915-1683905538-1001
2016-03-29 14:52 - 2016-04-08 14:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2016-03-29 14:51 - 2016-03-30 07:03 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Hewlett-Packard
2016-03-29 14:51 - 2016-03-29 14:51 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\ATI
2016-03-29 14:51 - 2016-03-29 14:51 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\ATI
2016-03-29 14:50 - 2016-03-29 14:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-03-29 14:50 - 2016-03-29 14:50 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Power2Go8
2016-03-29 14:49 - 2016-04-01 20:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2016-03-29 14:49 - 2016-03-29 14:49 - 00000000 __RSH C:\WINDOWS\SysWOW64\Drivers\103C_HP_cPC_CQ2904EF_Y53316J_0U_Q4CH3100VPJ_E12WE3RR8607_4A_I2AE3_SHP_V1.02_B8.17_T130125_W8101-0_L40C_M3660_J1000_7AMD_8BFF_91.40_#130304_N19692062_Z_G10029809_Ohp DVD A DH16ACSHR_DACRAD46_HWDC WD10EZEX-60ZF5A0.MRK
2016-03-29 14:49 - 2016-03-29 14:49 - 00000000 __RSH C:\WINDOWS\system32\Drivers\103C_HP_cPC_CQ2904EF_Y53316J_0U_Q4CH3100VPJ_E12WE3RR8607_4A_I2AE3_SHP_V1.02_B8.17_T130125_W8101-0_L40C_M3660_J1000_7AMD_8BFF_91.40_#130304_N19692062_Z_G10029809_Ohp DVD A DH16ACSHR_DACRAD46_HWDC WD10EZEX-60ZF5A0.MRK
2016-03-29 14:49 - 2016-03-29 14:49 - 00000000 ____D C:\Users\Jean-Marie\AppData\Roaming\Adobe
2016-03-29 14:47 - 2016-04-07 16:44 - 00000000 ____D C:\Users\Jean-Marie\Documents\hp.system.package.metadata
2016-03-29 14:47 - 2016-04-04 12:55 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\Packages
2016-03-29 14:47 - 2016-03-30 14:55 - 00000000 ____D C:\Users\Jean-Marie\AppData\Local\VirtualStore
2016-03-29 14:47 - 2013-03-05 01:34 - 00000000 ____D C:\Users\Jean-Marie\Documents\hp.applications.package.appdata
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Public\Documents\Mes vidéos
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Public\Documents\Mes images
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Public\Documents\Ma musique
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Default.migrated\Voisinage réseau
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Default.migrated\Voisinage d'impression
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Default.migrated\Modèles
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Default.migrated\Mes documents
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Default.migrated\Menu Démarrer
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Mes vidéos
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Mes images
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Ma musique
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Historique
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\ProgramData\Modèles
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\ProgramData\Menu Démarrer
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\ProgramData\Bureau
2016-03-29 14:45 - 2016-03-29 14:45 - 00000000 _SHDL C:\Program Files\Fichiers communs
2016-03-29 14:41 - 2016-04-08 14:01 - 00135312 ____N C:\WINDOWS\Minidump\040816-22390-01.dmp
2016-03-29 14:41 - 2016-04-08 11:27 - 00138960 ____N C:\WINDOWS\Minidump\040816-23000-01.dmp
2016-03-29 14:41 - 2016-04-08 10:33 - 00134608 ____N C:\WINDOWS\Minidump\040816-22500-01.dmp
2016-03-29 14:41 - 2016-04-04 07:11 - 00137192 ____N C:\WINDOWS\Minidump\040416-28750-01.dmp
2016-03-29 14:41 - 2016-03-30 17:07 - 00135712 ____N C:\WINDOWS\Minidump\033016-34921-01.dmp

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-04-08 14:38 - 2016-02-13 14:49 - 01170394 _____ C:\WINDOWS\system32\perfh00C.dat
2016-04-08 14:38 - 2016-02-13 14:49 - 00282452 _____ C:\WINDOWS\system32\perfc00C.dat
2016-04-08 14:26 - 2016-02-13 15:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-08 14:25 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-08 14:14 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-08 13:02 - 2013-03-05 01:25 - 00000000 ____D C:\ProgramData\Temp
2016-04-08 13:02 - 2013-03-05 01:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-08 13:01 - 2013-03-05 01:28 - 00000000 ____D C:\ProgramData\install_clap
2016-04-08 12:40 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-08 12:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-08 12:32 - 2013-03-05 01:28 - 00000000 ____D C:\ProgramData\CyberLink
2016-04-08 11:45 - 2013-08-22 14:40 - 00040664 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2016-04-08 11:18 - 2013-03-05 01:28 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-04-07 18:21 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Cursors
2016-04-07 17:35 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-04-07 14:25 - 2016-02-13 06:10 - 00203416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-06 14:19 - 2015-08-05 01:31 - 00846104 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys
2016-04-06 14:19 - 2015-08-05 01:31 - 00138560 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2016-04-06 14:19 - 2015-08-05 01:31 - 00045600 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2016-04-06 14:19 - 2015-08-05 01:31 - 00032224 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2016-04-06 14:17 - 2015-08-05 01:29 - 00051800 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2016-04-06 14:16 - 2015-09-03 12:52 - 00596232 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2016-04-06 14:16 - 2015-09-03 12:52 - 00461648 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2016-04-06 14:14 - 2015-08-05 01:28 - 00365752 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2016-04-06 14:14 - 2015-08-05 01:28 - 00051896 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll
2016-04-06 14:12 - 2015-08-05 01:27 - 00296120 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2016-04-06 14:11 - 2015-08-05 01:26 - 00046776 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll
2016-04-05 20:55 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-05 09:48 - 2012-07-16 11:47 - 04803840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-04-05 09:41 - 2012-07-16 11:47 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-04-02 16:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-02 12:33 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-04-01 20:41 - 2009-08-10 20:06 - 00063536 _____ (Sunbelt Software) C:\WINDOWS\system32\Drivers\sbapifs.sys
2016-04-01 20:39 - 2013-03-05 01:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-04-01 20:39 - 2013-03-05 01:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2016-04-01 20:39 - 2013-03-05 01:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-04-01 05:53 - 2014-10-07 13:14 - 00677744 _____ (COMODO Security Solutions Inc.) C:\WINDOWS\system32\Drivers\cbvd.sys
2016-04-01 05:53 - 2014-10-07 13:14 - 00230712 _____ (COMODO Security Solutions Inc.) C:\WINDOWS\system32\Drivers\CBUFS.sys
2016-03-31 04:20 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-03-30 19:23 - 2016-02-13 15:18 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-30 19:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-30 19:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-30 19:14 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-30 19:13 - 2016-02-13 15:01 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-30 19:13 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-30 19:13 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-30 19:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-30 19:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-30 19:13 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-30 19:13 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-30 19:13 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-30 19:13 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-30 19:13 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-30 17:04 - 2014-10-07 13:14 - 00826040 _____ (COMODO Security Solutions Inc.) C:\WINDOWS\system32\Drivers\vdbus.sys
2016-03-30 07:06 - 2013-03-05 01:49 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-03-30 07:06 - 2013-03-05 01:48 - 00000000 ____D C:\ProgramData\Norton
2016-03-30 06:47 - 2013-03-05 01:30 - 00000000 ____D C:\ProgramData\WildTangent
2016-03-30 06:45 - 2013-03-05 01:14 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-03-29 21:24 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-03-29 21:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-03-29 21:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-03-29 21:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-03-29 21:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-03-29 21:14 - 2015-10-30 09:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-03-29 21:14 - 2015-10-30 09:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-03-29 21:14 - 2015-10-30 09:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-03-29 21:14 - 2015-10-30 09:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-03-29 21:14 - 2015-10-30 09:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-03-29 21:14 - 2015-10-30 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-03-29 21:14 - 2015-10-30 09:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-03-29 21:14 - 2015-10-30 09:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-03-29 21:14 - 2015-10-30 09:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-03-29 21:14 - 2015-10-30 09:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-03-29 21:14 - 2015-10-30 09:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-03-29 21:14 - 2015-10-30 09:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-03-29 20:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-03-29 20:48 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-03-29 20:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-03-29 20:44 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-03-29 20:40 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-29 20:40 - 2013-03-05 01:46 - 00000000 ____D C:\WINDOWS\fr
2016-03-29 20:40 - 2013-03-05 01:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-03-29 20:40 - 2013-03-05 01:19 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-03-29 20:40 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\en-GB
2016-03-29 20:39 - 2012-07-26 07:37 - 00000000 ____D C:\Users\Default.migrated
2016-03-29 20:35 - 2016-02-13 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-03-29 20:35 - 2016-02-13 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-03-29 20:35 - 2016-02-13 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-03-29 20:35 - 2016-02-13 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-03-29 20:35 - 2016-02-13 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-03-29 20:35 - 2016-02-13 14:49 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-03-29 20:35 - 2016-02-13 14:49 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-03-29 20:35 - 2016-02-13 14:49 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-03-29 20:35 - 2016-02-13 14:49 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-03-29 20:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-03-29 20:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-03-29 20:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-03-29 20:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-03-29 20:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-03-29 20:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-03-29 20:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-03-29 20:34 - 2016-02-13 15:01 - 00000000 ____D C:\WINDOWS\ShellNew
2016-03-29 20:34 - 2016-02-13 14:49 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-03-29 20:34 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-03-29 20:34 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2016-03-29 20:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-03-29 20:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-29 20:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-29 20:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-03-29 20:33 - 2013-03-05 01:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-03-29 20:33 - 2013-03-05 01:09 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-03-29 20:33 - 2012-08-01 19:06 - 00000000 ____D C:\ProgramData\PRICache
2016-03-29 20:29 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-03-29 14:49 - 2013-03-05 01:43 - 00000000 ___RD C:\Program Files\Online Services
2016-03-29 14:49 - 2013-03-05 01:30 - 00000000 ___RD C:\Program Files (x86)\Online Services
2016-03-29 14:49 - 2013-01-07 13:49 - 00000000 ____D C:\hp
2016-03-29 14:49 - 2012-08-02 05:15 - 00000000 ____D C:\SWSETUP
2016-03-29 14:49 - 2012-08-01 11:57 - 00000000 ____D C:\SYSTEM.SAV

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-03-29 20:24

==================== Fin de FRST.txt ============================


Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Exécuté par Jean-Marie (2016-04-08 14:44:14)
Exécuté depuis C:\Users\Jean-Marie\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-30 04:34:37)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-4261453527-2494187915-1683905538-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4261453527-2494187915-1683905538-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4261453527-2494187915-1683905538-1005 - Limited - Enabled)
Invité (S-1-5-21-4261453527-2494187915-1683905538-501 - Limited - Disabled)
Jean-Marie (S-1-5-21-4261453527-2494187915-1683905538-1001 - Administrator - Enabled) => C:\Users\Jean-Marie
_ashbackuppb_ (S-1-5-21-4261453527-2494187915-1683905538-1007 - Administrator - Enabled) => C:\Users\_ashbackuppb_
_ashbackup_ (S-1-5-21-4261453527-2494187915-1683905538-1008 - Administrator - Enabled) => C:\Users\_ashbackup_

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: COMODO Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.2.0 - IObit)
Aiseesoft Convertisseur Vidéo Ultime 9.0.18 (HKLM-x32\...\{BD446D04-7426-4a27-9B0B-33B0C386F71B}_is1) (Version: 9.0.18 - Aiseesoft Studio)
Aiseesoft DVD Software Toolkit 7.2.38 (HKLM-x32\...\{B1A2B118-0080-4ced-8E58-63CBB97D179C}_is1) (Version:  - )
Aiseesoft PDF Convertisseur Ultimate 3.2.62 (HKLM-x32\...\{96C9E2FD-9434-453e-9EF3-67E1E39D7CCE}_is1) (Version: 3.2.62 - Aiseesoft Studio)
Aiseesoft PDF Merger (HKLM-x32\...\Aiseesoft PDF Merger_is1) (Version:  - )
Aiseesoft PDF Splitter (HKLM-x32\...\Aiseesoft PDF Splitter_is1) (Version:  - )
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AntiLogger Free version 1.8.2.320 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.320 - Zemana Ltd.)
Ashampoo Backup 2016 (HKLM\...\{FDAE1FAD-57F8-6DCD-940E-885B7FB1CE43}_is1) (Version: 10.00 - Ashampoo GmbH & Co. KG)
Ashampoo Backup Pro 10 (HKLM\...\{FDAE1FAD-F9D8-4215-E9A3-24B2088C0FA7}_is1) (Version: 10.00 - Ashampoo GmbH & Co. KG)
Ashampoo Privacy Protector (HKLM-x32\...\{91B33C97-87C8-5585-2940-1AE1120D4DCC}_is1) (Version: 1.1.3 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 6 (HKLM-x32\...\{4209F371-7DE5-9DF2-5DEF-91667EBBBBC5}_is1) (Version: 6.00.14 - Ashampoo GmbH & Co. KG)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Auslogics BitReplica (HKLM-x32\...\{B6AEA771-9737-41A2-AA07-772CB1A1CC27}_is1) (Version: 2.1.1.0 - Auslogics Software Pty Ltd)
Auslogics BoostSpeed 8 (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 8.2.1.0 - Auslogics Labs Pty Ltd)
Auslogics Disk Defrag Professional (HKLM-x32\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.7.0.0 - Auslogics Software Pty Ltd)
Auslogics Disk Defrag Touch (HKLM-x32\...\{B259CF8C-5028-4F71-95E0-30E1E4F56606}_is1) (Version: 1.3.0.0 - Auslogics Software Pty Ltd)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.2.1.0 - Auslogics Labs Pty Ltd)
BDAntiRansomware (HKLM\...\{BE40AB1F-558F-4434-B72F-461EF97E7796}_is1) (Version: 1.0.11.26 - Bitdefender)
Bing Bureau (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation)
Boost (HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\Boost 1.0.2) (Version: 1.0.2 - Reason Software Company Inc.) <==== ATTENTION
Boost (Version: 1.0.2 - Reason Software Company Inc.) Hidden <==== ATTENTION
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
CCleaner Cloud (HKLM-x32\...\CCleaner Cloud) (Version: 1.4.0.1817 - Piriform)
CCleaner Cloud Installer (x32 Version: 1.0.0.1817 - Piriform) Hidden
cCloud (HKLM\...\{CF6C1B06-4F86-4C41-BD21-9E40500006B5}) (Version: 3.0.8.84 - COMODO)
Chromodo (HKLM-x32\...\Chromodo) (Version: 48.12.18.248 - Comodo)
COMODO BackUp (HKLM\...\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}) (Version: 4.4.1.23 - COMODO)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 46.9.15.424 - Comodo)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 45.0.0.5 - COMODO)
COMODO Internet Security Premium (HKLM\...\{38F898C8-272F-455F-9BD6-71FEBA3E4AF5}) (Version: 8.2.0.4703 - COMODO Security Solutions Inc.)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink Application Manager (HKLM-x32\...\InstallShield_{D25D3E15-CABD-420c-B62C-70C1C5EE63FD}) (Version: 1.0.2727.0 - CyberLink Corp.)
CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.4919 - CyberLink Corp.)
CyberLink ColorDirector 2 (HKLM-x32\...\InstallShield_{8B888A47-4BFA-482c-903F-7CC51BAAC4A3}) (Version: 2.0.2315.0 - CyberLink Corp.)
CyberLink ColorDirector 2 (Version: 2.0.2315.0 - Nom de votre société) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 13 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 13.0 - CyberLink Corp.)
CyberLink Power2Go 10 (HKLM-x32\...\{7E2D87F3-F3BC-4fa5-9F72-BF021ED66CB3}) (Version: 10.0.2522.0 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.1827.0 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
CyberLink VideoMeeting+ (HKLM-x32\...\{10AC3DD9-90D5-4560-930A-FFB939849175}) (Version: 0.1.1402.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.5816.0 - CyberLink Corp.)
CyberLink YouCam 7 (HKLM-x32\...\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}) (Version: 7.0.0824.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 7.1.0.0595 - Disc Soft Ltd)
Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo PCTrans 9.0 (HKLM-x32\...\EaseUS Todo PCTrans_is1) (Version:  - EaseUS)
e-Carte Bleue LCL (HKLM-x32\...\{3D6B54EF-65E4-4624-8709-03A3BBE2C240}) (Version: 2.2.7.0 - )
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.42.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-710 Series Printer Uninstall (HKLM\...\EPSON XP-710 Series) (Version:  - SEIKO EPSON Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Folder Marker Pro (HKLM\...\Folder Marker Pro_is1) (Version: 4.2 - ArcticLine Software)
Free Video Converter V 2.3 (HKLM-x32\...\Free Video Converter_is1) (Version: 2.3.0.0 - Kastor Soft)
Free Video to JPG Converter (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.78.328 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter Classic (HKLM-x32\...\Free YouTube to MP3 Converter Classic_is1) (Version: 3.12.80.328 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GeekBuddy (HKLM\...\{C74F8E1D-A095-4140-AF8F-FC8AF88B81EA}) (Version: 4.27.172 - Comodo Security Solutions Inc)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.13.258 - SurfRight B.V.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.138 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
iSkysoft iMedia Converter Deluxe(Build 5.8.0.1) (HKLM-x32\...\iSkysoft iMedia Converter Deluxe_is1) (Version: 5.8.0.1 - iSkysoft Software)
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
Kastor - All Video Downloader V 5.9.8 (HKLM-x32\...\{CB84FEF5-C573-4328-B9AF-B28568A4E10E}_is1) (Version: 5.9.8.0 - KastorSoft)
Kastor - Tube To Mp3 V 2.99 (HKLM-x32\...\{87C334CF-063A-4AEA-B523-1DE04014BA19}_is1) (Version: 2.99.95.0 - KastorSoft)
Kastor Free Vimeo Downloader V 2.0 (HKLM-x32\...\Kastor Free Vimeo Downloader_is1) (Version: 2.0.0.0 - KastorSoft)
LCL (HKLM-x32\...\{CB94CFB5-AE04-4A66-9445-D2798D2F42EE}) (Version: 5.6.0.0 - e-Carte Bleue LCL)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Manager (x32 Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden
Manuels EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{9B3F0A88-790D-3AD9-9F96-B19CF2746452}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movavi Video Suite 11 (HKLM-x32\...\Movavi Video Suite 11) (Version: 11.2.0 - Movavi)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.2.0 - Mozilla)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero CoverDesigner (HKLM-x32\...\{6F4B3CA0-8872-4F68-B972-E9D5306DCDD3}) (Version: 12.0.02900 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1007 - Nero AG)
Nero MediaHome Free (HKLM-x32\...\{416D687B-2432-437F-B7AD-B18FE7FA7B67}) (Version: 16.0.02900 - Nero AG)
Paragon Migrate OS to SSD™ 4.0 (HKLM\...\{D4378A80-C713-11DF-9399-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Partition Manager™ 14 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Architect 4 Create Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 4.3.00.04171 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.3.00 - Sony Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0010 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden
Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version:  - IObit)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Registry First Aid 9 (HKLM\...\RFA9_is1) (Version: 9.1.0 - RoseCitySoftware)
RegSeeker (HKLM-x32\...\RegSeeker) (Version: 2.57.2212 - HoverDesk)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.0.2 - IObit)
Software Update Pro 5.34.0.25 (HKLM-x32\...\Software Update Pro) (Version: 5.34.0.25 - Glarysoft Ltd)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Start Menu Reviver (HKLM-x32\...\Start Menu Reviver) (Version: 3.0.0.16 - ReviverSoft)
Supercopier 4.0.1.13 (HKLM-x32\...\Supercopier) (Version: 4.0.1.13 - Supercopier)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Torch (HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\Torch) (Version: 45.0.0.11172 - Torch Media, Inc) <==== ATTENTION
Ultracopier 1.2.1.0 (HKLM-x32\...\Ultracopier) (Version: 1.2.1.0 - Ultracopier)
UpdateStar Product Key Finder (HKLM\...\UpdateStar Product Key Finder_is1) (Version: 9.0.3.168 - UpdateStar)
UsbFix (HKLM-x32\...\Usbfix) (Version: 8.210 - El Desaparecido - www.usb-antivirus.com - www.sosvirus.net)
VDownloader 4.2.1820 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version:  - Vitzo Limited)
Video Watermark Pro (HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\VideoWatermarkPro) (Version:  - WonderFox Soft, Inc. All Rights Reserved.)
Watermark Software 8.2 (HKLM-x32\...\Watermark Software) (Version: 8.2 - watermark-software.com)
Web Companion (HKLM-x32\...\{06b1ffac-41ec-4394-b8ca-96d1bc3db99d}) (Version: 2.3.1395.2683 - Lavasoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
WinRAR 5.30 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.3 - win.rar GmbH)
WinZip Driver Updater (HKLM-x32\...\{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1) (Version: 1.0.648.16566 - WinZip Computing, S.L. (WinZip Computing))
WinZip System Utilities Suite (HKLM-x32\...\{73370408-B80E-4509-B9AF-957E2E0F512F}_is1) (Version: 2.5.1000.15714 - WinZip Computing, S.L. (WinZip Computing))
Wise Folder Hider 3.24 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 3.24 - WiseCleaner.com, Inc.)
Wise Memory Optimizer 3.32 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 3.32 - WiseCleaner.com, Inc.)
Wise Video Downloader 1.61 (HKLM-x32\...\Wise Video Downloader_is1) (Version: 1.61 - WiseCleaner.com, Inc.)
Wondershare Filmora(Build 7.0.2) (HKLM-x32\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Free YouTube Downloader(Build 4.9.0.1) (HKLM-x32\...\Wondershare Free YouTube Downloader_is1) (Version: 4.9.0.1 - Wondershare Software)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-4261453527-2494187915-1683905538-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0022BC43-AB6E-4A01-AFFA-EB09E78D94A4} - System32\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days => C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSCheckUpdate.exe [2016-04-07] (WinZip Computing, S.L. (WinZip Computing))
Task: {0D103126-7414-4BAC-9F0B-E9EF07FE7135} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-08] (COMODO)
Task: {142C5093-49E6-4ECB-81FE-D95B8F008862} - System32\Tasks\EPSON XP-710 Series Update {7F90CE95-7D04-4032-B6B9-CD7B81B919B6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {169E6E00-01F3-45FB-BED2-9FD223782595} - System32\Tasks\SoftwareUpdate Pro => C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe [2016-04-07] (Glarysoft Ltd)
Task: {3674EF88-86E9-43BC-9C03-443D3C0A7477} - System32\Tasks\WinZipDriverUpdaterRunAtStartup => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe [2016-04-07] (WinZip Computing, S.L. (WinZip Computing))
Task: {38D78A6C-3621-4640-9E8D-78627CDA09FB} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-04-05] (IObit)
Task: {3D70E166-281F-4577-8DBE-245A4C5663F1} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-04-07] (Nero AG)
Task: {4C561E4C-2978-4599-830C-FA86F7D04F29} - System32\Tasks\WINZIPSS-WINZIPSSOneClickCare => C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSS.exe
Task: {4FDFCCE8-BEF7-4D80-8050-05AE324258A4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {515A09F6-40A7-43DC-9225-99A7C7892B96} - System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed оn Jean-Marie logon => C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe [2016-04-07] (Auslogics)
Task: {536F0FCC-8DBF-41D6-B3E7-76825062F001} - System32\Tasks\Uninstaller_SkipUac_Jean-Marie => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-04-02] (IObit)
Task: {5593DC81-B056-48CD-9BBD-1C257D752DF2} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-04-07] (COMODO)
Task: {613E101A-6B77-4231-84DA-519F38CEF836} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-04-05] (IObit)
Task: {6B650EBA-8602-43BF-8A9F-82A2D5FE5178} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-04-06] (IObit)
Task: {763D4F2E-88EA-4C1D-948C-0949887537B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {776440C5-7B83-44C9-BF3A-D9898B20DFFC} - System32\Tasks\WinZip System Utilities Suite => C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSS.exe
Task: {7E0A510A-2837-4304-8F28-0EFD9BBBA200} - System32\Tasks\{7F7E7A47-7904-7E0A-7D11-050C0A0A1109} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ACAAOwAgACAAOwAgADsAOwA7ADsAIAA7ACAAOwAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcAUAByAGUA (l'élément de données a 9640 caractères en plus).
Task: {7F86580F-9B2D-4642-9538-745615BEF565} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {8E96983D-B58D-4BD1-A9D8-1532FF480EC9} - System32\Tasks\Auslogics\BoostSpeed\Scan and Repair => Rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"
Task: {9998A870-6EB1-4F78-B244-E3A9529DBA69} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-08] (COMODO)
Task: {A04EE9CA-0675-4AA9-B132-87FF78FC9136} - System32\Tasks\Boost => C:\Users\Jean-Marie\AppData\Roaming\Reason\Boost\boost.exe [2016-04-07] (Reason Software Company Inc.)
Task: {A1D2014B-EB89-43A9-82E4-1CEF58CD4A73} - System32\Tasks\CCleaner Cloud Update => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudHealthCheck.exe [2016-04-07] (Piriform)
Task: {A5CC764B-48CC-4CCC-B425-F90E59CFDA51} - System32\Tasks\ASC9_SkipUac_Jean-Marie => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-04-05] (IObit)
Task: {AC4457AC-8A16-43B4-B1D6-68CFE0FB89CD} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-04-06] (IObit)
Task: {B00BFB25-6EA8-4949-AAFE-8028BD156825} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {BDA475A3-FA5C-4931-949A-6CE981D80879} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-04-07] (COMODO)
Task: {BE11D1D8-6FB0-496F-BF41-F0364163E544} - System32\Tasks\Auslogics\Disk Defrag Touch\Start Disk Defrag Touch On Jean-Marie Logon => C:\Program Files (x86)\Auslogics\Disk Defrag Touch\DiskDefragTouch.exe [2015-01-26] (Auslogics)
Task: {C5E6DA48-E849-466F-A001-FFEB2ACF321A} - System32\Tasks\EPSON XP-710 Series Invitation {7F90CE95-7D04-4032-B6B9-CD7B81B919B6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {CA7032E9-663E-43D5-9892-BCBEB4B6E00C} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-08] (COMODO)
Task: {D1FF24E4-E8D1-4657-82EB-5A873C481FF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {E4E6FA12-2A9C-478B-871F-4484B61046EF} - System32\Tasks\Ashampoo Privacy Protector Weekly Security Scan => C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector\PrivacyProtector.exe [2015-08-26] (Ashampoo GmbH & Co. KG)
Task: {E6294D5D-E086-487E-8CF1-3CD820BE924D} - System32\Tasks\Driver Booster SkipUAC (Jean-Marie) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-04-05] (IObit)
Task: {F4B367D6-529A-45E9-801D-81EA5943A38E} - System32\Tasks\CCleaner Cloud Watchdog => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudHealthCheck.exe [2016-04-07] (Piriform)
Task: {FB84165F-7872-4269-9986-8CF8963AA4E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {FBB15457-3A9A-485B-A574-1B2506C25545} - System32\Tasks\WiseCleaner\WFHFreeSkipUAC => C:\Program Files (x86)\Wise\Wise Folder Hider\WiseFolderHider.exe [2015-10-10] (WiseCleaner.com)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Jean-Marie.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {03E80943-C8F0-4A00-AD92-12877CAF59FA}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {1E56DFBF-2119-4CDC-B5AB-80C0EEC0CE4C}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {7F90CE95-7D04-4032-B6B9-CD7B81B919B6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-710 Series Update {03E80943-C8F0-4A00-AD92-12877CAF59FA}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE:/EXE:{03E80943-C8F0-4A00-AD92-12877CAF59FA} /F:UpdateWORKGROUP\LFS_ULTRA$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-710 Series Update {1E56DFBF-2119-4CDC-B5AB-80C0EEC0CE4C}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE:/EXE:{1E56DFBF-2119-4CDC-B5AB-80C0EEC0CE4C} /F:UpdateWORKGROUP\LFS_ULTRA$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-710 Series Update {7F90CE95-7D04-4032-B6B9-CD7B81B919B6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE:/EXE:{7F90CE95-7D04-4032-B6B9-CD7B81B919B6} /F:UpdateWORKGROUP\LFS_ULTRA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Jean-Marie.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job => C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSCheckUpdate.exe
Task: C:\WINDOWS\Tasks\WINZIPSS-WINZIPSSOneClickCare.job => C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSS.exe

==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

ShortcutWithArgument: C:\Users\Jean-Marie\Desktop\disc-soft.lnk -> C:\Users\Jean-Marie\AppData\Local\Torch\Application\torch.exe (Torch Media Inc.) ->  --run-by-ddi hxxp://disc-soft.com/
ShortcutWithArgument: C:\Users\Jean-Marie\Desktop\download.cnet.lnk -> C:\Users\Jean-Marie\AppData\Local\Torch\Application\torch.exe (Torch Media Inc.) ->  --run-by-ddi hxxp://download.cnet.com/

==================== Modules chargés (Avec liste blanche) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-05 15:40 - 2016-04-08 06:46 - 01985688 _____ () C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
2016-04-01 05:59 - 2014-09-03 13:53 - 01508032 _____ () C:\Program Files\COMODO\COMMON\LIBEAY32.dll
2016-04-01 05:59 - 2014-09-03 13:53 - 00338112 _____ () C:\Program Files\COMODO\COMMON\SSLEAY32.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll
2016-03-30 17:44 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-30 17:44 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-07 09:24 - 2012-01-20 14:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2016-03-29 15:11 - 2015-02-27 14:38 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll
2015-01-08 23:02 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2016-02-13 14:52 - 2016-02-13 14:52 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-30 17:43 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-01 05:59 - 2014-09-03 13:53 - 01508032 _____ () C:\Program Files\COMODO\cCloud\LIBEAY32.dll
2016-04-01 05:59 - 2014-09-03 13:53 - 00338112 _____ () C:\Program Files\COMODO\cCloud\SSLEAY32.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-03-30 09:26 - 2016-03-30 09:26 - 00051200 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.29.13.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-02-13 14:52 - 2016-02-13 14:52 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-13 14:52 - 2016-02-13 14:52 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-02 14:35 - 2016-04-02 14:32 - 00629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-04-05 08:37 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2016-04-05 08:37 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2016-04-05 08:37 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2016-04-06 07:16 - 2016-04-06 07:17 - 00899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2016-04-06 07:16 - 2016-04-06 07:16 - 00630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2016-04-07 11:28 - 2016-04-07 11:28 - 00168448 _____ () C:\Program Files (x86)\WinZip Driver Updater\unrar.dll
2016-04-02 14:32 - 2015-12-23 16:27 - 00355616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-04-02 14:32 - 2015-12-23 16:27 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-04-02 14:32 - 2015-12-23 16:27 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-04-05 08:37 - 2016-04-05 08:37 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2016-04-05 08:36 - 2016-04-05 08:37 - 00629536 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2016-04-08 11:22 - 2014-07-08 08:37 - 00866056 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\UNO.dll
2016-04-08 11:22 - 2014-03-06 11:30 - 09491928 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\Language\FRA\P2GRC.dll
2016-04-08 11:22 - 2014-07-08 08:37 - 01693960 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\runtime\authoring\AuroraU.dll
2016-04-08 11:22 - 2011-12-20 05:30 - 00249344 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\runtime\mediacache\libebml.dll
2016-04-08 11:22 - 2011-12-20 05:30 - 00548352 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\runtime\mediacache\libmatroska.dll
2016-04-08 11:22 - 2014-07-08 08:37 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\CLVistaAudioMixer.dll
2016-04-08 11:22 - 2014-07-08 08:37 - 00302344 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\runtime\authoring\EditingMgrWrapperU.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2016-04-08 11:22 - 2013-05-20 05:01 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\CLMediaLibrary.dll
2013-05-20 11:02 - 2013-05-20 11:02 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvcPS.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\install.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\BootMan.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EuEpmGdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IObitSmartDefragExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SmartDefragBootTime.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BootMan.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\epmntdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EuEpmGdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EuGdiDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\setupempdrv03.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CBUFS.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cbvd.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\clvad.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CLVirtualBus01.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\clwvd7.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\clwvdVM.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\COSService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dtlitescsibus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dtliteusbbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\GeneStor.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hotcore3.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\L1C63x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sbapifs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynchronizationService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tap0901.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vdbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Desktop\AdsFix.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Desktop\AdsFix.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Desktop\ZHPDiag3.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Adaware_Installer-11.2.5952.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\agent_installer(1).msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\agent_installer(1).msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\agent_installer.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\agent_installer.msi:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ashampoo_backup_2016_dl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ashampoo_backup_pro_10_dl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\auslogics-bitreplica-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\CCleanerCloudSetup_1_4_1817.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\CCleanerCloudSetup_1_4_1817.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\disk-defrag-pro-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\disk-defrag-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\disk-defrag-touch-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\DriverReviverSetup_ppc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\dvd-software-toolkit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\dvd-software-toolkit.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\epm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_15.0.32.28.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Fix-It_Professional_ENU_signed.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\FreeVideoToJPGConverter.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\FreeVideoToJPGConverter.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\FreeYouTubeToMP3ConverterClassic [1].exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\FreeYouTubeToMP3ConverterClassic.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\FreeYouTubeToMP3ConverterClassic.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\installboost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\installboost.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\MovaviVideoSuiteSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\MovaviVideoSuiteSetup.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\pdf-converter-ultimate.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\pdf-converter-ultimate.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\pdf-merger.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\pdf-merger.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\pdf-splitter.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\pdf-splitter.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\pm14free_x64_fr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\RFA_9_AQDE_SOFTONIC.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\RFA_9_AQDE_SOFTONIC.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\SetupFreeVideoConverter.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\SetupFreeVideoConverter.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\SetupLCL.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Setup_FreeVimeoDownloader.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\Setup_FreeVimeoDownloader.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\setup_YoutubeToMp3.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-portable.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ShadowExplorer-0.9-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\SophosInstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\supercopier_4-0-1-13_fr_11010_64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\supercopier_4-0-1-13_fr_11010_64.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\susetupPro.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\susetupPro.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\TorchSetup-r807-n-bf.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\TorchSetup-r807-n-bf.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ultracopier-windows-x86-1.2.1.0-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\ultracopier-windows-x86-1.2.1.0-setup.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\unlocker-setup.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\usb-rescate-plus_8.8.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\vcredist_x64(1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\vcredist_x64(1).exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\vcredist_x64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\vcredist_x64.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\video-converter-ultimate(1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\video-converter-ultimate(1).exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\video-converter-ultimate.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\video-converter-ultimate.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Jean-Marie\Downloads\wzsus26.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Jean-Marie\Documents\Power2Go_10.0.2522.0_Essential_b_Essential_P2G151125-04.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Documents\VideoMeetingPlus_1.0.1402a.0_Beta_VMX151229-01.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Jean-Marie\Documents\VideoMeetingPlus_1.0.1402a.0_Beta_VMX151229-01_FromLFS_ULTRA.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Jean-Marie\Documents\YouCam_7.0.0824.0_Essential_Essential_YUC150904-01.exe:$CmdTcID [64]

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

==================== EXE Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\...\localhost -> localhost

==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2012-07-26 07:26 - 2016-04-06 06:58 - 00000768 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1    localhost

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-4261453527-2494187915-1683905538-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jean-Marie\AppData\Local\Microsoft\BingDesktop\themes\2016-04-08.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Actuellement, il n'y a pas de correction automatique pour cette section.)


==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{26116D7B-886E-4F9E-A37C-305FEF1862DC}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{6C36FAEA-E84D-4202-8C29-FFC088EACFCF}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{671AE137-3655-4619-8CBD-1BD81200AD57}] => (Allow) LPort=1900
FirewallRules: [{D6E833CF-0421-4571-9A10-383436754E3C}] => (Allow) LPort=2869
FirewallRules: [{BD01E8EF-D2BE-44EF-978D-ABFA0F8CF8E5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{618138FE-8DB2-4E09-8215-2C87E6D8169A}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{5FCA5AF1-8CB5-40DC-9489-93BACEE128DB}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{C5B62B61-5218-4C9B-9939-8B1B7619E45B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{30A328EA-A9F1-4991-A8A7-ECFAC2870676}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9F83C93F-3F6A-4700-A19A-1BF85F168944}] => (Allow) C:\Users\Jean-Marie\AppData\Local\Temp\7zSAAE6.tmp\SymNRT.exe
FirewallRules: [{5848AD9C-9CF2-480B-8C0D-7A1D5E504BD0}] => (Allow) C:\Users\Jean-Marie\AppData\Local\Temp\7zSAAE6.tmp\SymNRT.exe
FirewallRules: [{C2C910D4-4AD6-4418-A2CB-EAF46913886D}] => (Allow) C:\Program Files (x86)\CyberLink\VideoMeetingPlus\VideoMeetingPlus.exe
FirewallRules: [TCP Query User{A0B7C153-0106-4A7E-BFC2-04CC8D425688}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe
FirewallRules: [UDP Query User{1BB3F5DC-7EA1-4E00-85C7-7C7C673BAB5C}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe
FirewallRules: [{72BA96A6-4C47-442E-A295-ABB2BFB78B27}] => (Allow) LPort=8317
FirewallRules: [TCP Query User{8DD57366-12B8-486D-9664-99A06E90FC6C}C:\program files (x86)\wondershare\freeyoutubedownloader\freeyoutubedownloader.exe] => (Allow) C:\program files (x86)\wondershare\freeyoutubedownloader\freeyoutubedownloader.exe
FirewallRules: [UDP Query User{A07BB9A5-B21C-444F-955E-006BDFB175C8}C:\program files (x86)\wondershare\freeyoutubedownloader\freeyoutubedownloader.exe] => (Allow) C:\program files (x86)\wondershare\freeyoutubedownloader\freeyoutubedownloader.exe
FirewallRules: [{AD435325-E850-4443-93E4-2D0ACE583859}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe
FirewallRules: [{691765E0-2ABF-4A74-8FDE-8F1E313D6CA3}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe
FirewallRules: [TCP Query User{A80137C5-6CBA-412B-A1EC-D75758F79773}C:\Users\Jean-Marie\Desktop\pre-scan_6_28.03.2016.1.exe] => (Allow) C:\Users\Jean-Marie\Desktop\pre-scan_6_28.03.2016.1.exe
FirewallRules: [UDP Query User{8086F52E-78FA-489A-B2C4-2651DAE624EB}C:\Users\Jean-Marie\Desktop\pre-scan_6_28.03.2016.1.exe] => (Allow) C:\Users\Jean-Marie\Desktop\pre-scan_6_28.03.2016.1.exe
FirewallRules: [TCP Query User{A3BDEC14-B179-4440-9834-5D41B38E829F}C:\users\jean-marie\desktop\pre-scan_6_28.03.2016.1.exe] => (Allow) C:\users\jean-marie\desktop\pre-scan_6_28.03.2016.1.exe
FirewallRules: [UDP Query User{3C08A014-898B-4822-B652-C1D7EF186167}C:\users\jean-marie\desktop\pre-scan_6_28.03.2016.1.exe] => (Allow) C:\users\jean-marie\desktop\pre-scan_6_28.03.2016.1.exe
FirewallRules: [{48DEE5A7-ECA9-403E-AD9E-53C14316B92A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{20899C56-9680-4B3F-8932-C9329B3AA29B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{3D706CF7-E2BB-49ED-84B2-15C698E5A13D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{D6DD555C-A195-451E-903C-1238D6F13389}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{34D06595-C508-4DBB-936B-EBED359789FE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{16D990B6-0B58-4EFB-B773-7171BF771895}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [TCP Query User{1E7F02A1-31C4-4D2A-9B94-1D97DD4837D0}C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe] => (Allow) C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe
FirewallRules: [UDP Query User{8ADA29F3-5747-4226-B4BC-85527AA1368E}C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe] => (Allow) C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe
FirewallRules: [{7F114386-3545-4CF6-82E6-C58C174BBD00}] => (Allow) C:\Users\Jean-Marie\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{4FF15636-2FF1-4D8D-9051-A7E2DC389261}] => (Allow) C:\Users\Jean-Marie\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{38B486F5-7243-44F6-B1BB-712030CA0A41}] => (Allow) C:\Users\Jean-Marie\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe
FirewallRules: [{B78325BF-CFBD-43D7-B705-55CC7EA95292}] => (Allow) C:\Users\Jean-Marie\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
FirewallRules: [{CCB3EF03-C6B2-4E52-BED3-5D2C7BE2DA2E}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{62355084-F0AA-455A-9D47-89EAF5DC0691}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{64643B99-028D-4D19-908F-926FF3A57BB1}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{49089926-D8EB-4B03-88A7-7055FACA2754}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe

==================== Points de restauration =========================

04-04-2016 08:01:54 Snagit 12
04-04-2016 09:20:47 Point de contrôle créé par HitmanPro
04-04-2016 19:17:54 Installed Paragon Partition Manager™ 14 Free.
05-04-2016 09:05:37 Driver Booster : Contrôleur Fast Ethernet Qualcomm Atheros AR8152 PCI-E (NDIS 6.30)
05-04-2016 20:50:21 Programme d’installation pour les modules Windows
06-04-2016 09:59:57 Installed 7-Zip 9.20 (x64 edition)
06-04-2016 19:26:27 Point de contrôle créé par HitmanPro
07-04-2016 08:42:47 Installed CCleaner Cloud Installer
07-04-2016 10:31:45 Installed PDF Architect 4 View Module
07-04-2016 10:36:14 Installed PDF Architect 4 Edit Module
07-04-2016 10:45:56 Installed PDF Architect 4 Create Module
07-04-2016 10:59:24 Installed Manager
07-04-2016 14:05:18 Point de contrôle créé par HitmanPro
07-04-2016 17:17:35 Installed Boost
07-04-2016 17:29:50 Before Boost
07-04-2016 17:50:51 Installed Nero CoverDesigner.
07-04-2016 18:12:11 Installed Nero MediaHome Free.
07-04-2016 19:00:10 Installed Nero 2015 Content Pack.

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (04/08/2016 02:47:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LFS_ULTRA)
Description: Échec de l’activation de l’application Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (04/08/2016 02:47:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LFS_ULTRA)
Description: Échec de l’activation de l’application Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (04/08/2016 02:47:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LFS_ULTRA)
Description: Échec de l’activation de l’application Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (04/08/2016 02:47:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LFS_ULTRA)
Description: Échec de l’activation de l’application Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (04/08/2016 02:47:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LFS_ULTRA)
Description: Échec de l’activation de l’application Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (04/08/2016 02:46:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LFS_ULTRA)
Description: Échec de l’activation de l’application Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (04/08/2016 02:46:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LFS_ULTRA)
Description: Échec de l’activation de l’application Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (04/08/2016 02:46:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LFS_ULTRA)
Description: Échec de l’activation de l’application Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (04/08/2016 02:46:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LFS_ULTRA)
Description: Échec de l’activation de l’application Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (04/08/2016 02:46:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LFS_ULTRA)
Description: Échec de l’activation de l’application Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.


Erreurs système:
=============
Error: (04/08/2016 02:47:44 PM) (Source: DCOM) (EventID: 10010) (User: LFS_ULTRA)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca

Error: (04/08/2016 02:47:42 PM) (Source: DCOM) (EventID: 10010) (User: LFS_ULTRA)
Description: {889CA1C3-E115-47E1-88EC-20DF644E982A}

Error: (04/08/2016 02:47:34 PM) (Source: DCOM) (EventID: 10010) (User: LFS_ULTRA)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca

Error: (04/08/2016 02:47:24 PM) (Source: DCOM) (EventID: 10010) (User: LFS_ULTRA)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca

Error: (04/08/2016 02:47:13 PM) (Source: DCOM) (EventID: 10010) (User: LFS_ULTRA)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca

Error: (04/08/2016 02:47:07 PM) (Source: DCOM) (EventID: 10010) (User: LFS_ULTRA)
Description: {889CA1C3-E115-47E1-88EC-20DF644E982A}

Error: (04/08/2016 02:47:02 PM) (Source: DCOM) (EventID: 10010) (User: LFS_ULTRA)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca

Error: (04/08/2016 02:46:51 PM) (Source: DCOM) (EventID: 10010) (User: LFS_ULTRA)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca

Error: (04/08/2016 02:46:48 PM) (Source: DCOM) (EventID: 10010) (User: LFS_ULTRA)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca

Error: (04/08/2016 02:46:37 PM) (Source: DCOM) (EventID: 10010) (User: LFS_ULTRA)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca


CodeIntegrity:
===================================
  Date: 2016-04-08 14:41:15.236
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-08 14:32:51.080
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-08 14:27:19.899
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-08 14:18:33.096
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-08 14:08:21.409
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-08 14:02:16.377
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-08 13:57:17.714
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-08 13:33:20.610
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-08 13:27:06.093
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-08 13:23:39.171
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Infos Mémoire ===========================

Processeur: AMD E1-1200 APU with Radeon™ HD Graphics
Pourcentage de mémoire utilisée: 71%
Mémoire physique - RAM - totale: 3659.73 MB
Mémoire physique - RAM - disponible: 1031.73 MB
Mémoire virtuelle totale: 3915.73 MB
Mémoire virtuelle disponible: 706.77 MB

==================== Lecteurs ================================

Drive c: (OS) (Fixed) (Total:916.54 GB) (Free:824.37 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive d: (Recovery Image) (Fixed) (Total:13.06 GB) (Free:1.6 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive e: (carbide slim) (Removable) (Total:476.71 GB) (Free:111.67 GB) NTFS
Drive f: (roguekiller&webc) (CDROM) (Total:0.79 GB) (Free:0 GB) UDF
Drive h: (my disk) (Fixed) (Total:931.48 GB) (Free:63.48 GB) NTFS
Drive k: (STYLO ESPIO) (Removable) (Total:3.69 GB) (Free:0.78 GB) FAT32
Drive l: (emsisoft emergency kit usb) (Removable) (Total:15.01 GB) (Free:12.74 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 56FE4A1F)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 56A53A02)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: AB053324)

Partition: GPT.

========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 15 GB) (Disk ID: 4A4A3988)
Partition 1: (Not Active) - (Size=15 GB) - (Type=OF Extended)

========================================================
Disk: 4 (Size: 3.7 GB) (Disk ID: E0B94BCB)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)

========================================================
Disk: 5 (Size: 476.7 GB) (Disk ID: BDC7CD51)

==================== Fin de Addition.txt ============================



#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 09 April 2016 - 09:35 PM

It looks to me like you still have Emsisoft Anti-Malware and COMODO Internet Security installed. I already warned you about the dangers of having two Antiviruses installed at once on a system, so I would suggest once more to uninstall one and keep the other, but I can't force you to.

Follow the instructions below please.

lv0mVRW.pngJunkware Removal Tool (JRT)
  • Download Junkware Removal Tool (JRT) and move it to your Desktop;
  • Right-click on JRT.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Press on any key to launch the scan and let it complete;
    tLsXbWy.png
    Credits : BleepingComputer.com
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop;
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the EULA (I accept), let the database update, then click on Scan;
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Cleaning button. This will kill all the active processes;
    CfdTLN1.png
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it;
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply;
cvMlKv6.pngESET Online Scanner
Note : If you use Internet Explorer to get the ESET Online Scanner, you won't have to download, nor install the tool, as everything will be ran in a contextual (pop-up) window of Internet Explorer. However, for every other browsers, you will have to download and install ESET Online Scanner. In this set of instruction, I'll use Google Chrome to download it and run it (since a lot of people will do it), however, except for the download and installation procedure, the same instructions applies if you use Internet Explorer. Please note that two or three prompts will appear if you use Internet Explorer asking you to reload the page, authorize the application, execute it, etc. Accept all of them in order to run ESET Online Scanner.
  • Download and execute ESET Online Scanner (on this window, click on ESET Smart Installer to trigger the download). People accessing this URL via Internet Explorer will start the integration process of ESET Online Scanner in their browser;
  • Once the installation is done (it requires Admin Rights), check the following settings (two of them are under Advanced Settings, click on it to display them) :
    • Enable detection of potentially unwanted applications;
    • Scan archives;
    • Scan for potentially unsafe applications;
    • Optional : If you want to scan more drives, click on Change... and select the drives you want to include in the scan;
  • After you're done checking these options, click on "Start" and ESET Online Scanner will download it's virus signature database before starting the scan;
  • Once done, the scan will start automatically. Detections will appear at the bottom of the window. ESET Online Scanner can have an extremely long scan time that can last between 2 or 3 hours. So if you start the scan, do not interrupt it, let it complete until the end;
  • After the scan is finished, a summary window will appear to give you the information about the scan. Then you'll have to the option to see what threads were found and to manage the threats that were quarantined;
  • Click on List of found threats, it'll display every threat identified during that scan, their type and what action was taken against them. Click on Copy to clipboard to copy these results on our clipboard and post them in your next reply;
  • Once you're done, click on the Back button, then click on the Finish button;
Your next reply(ies) should therefore contain:
  • Copy/pasted JRT log;
  • Copy/pasted AdwCleaner clean log;
  • Copy/pasted ESET Online Cleaner clean log;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 datwin-bordo

datwin-bordo
  • Topic Starter

  • Banned
  • 60 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 10 April 2016 - 06:54 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Home x64
Ran by Jean-Marie (Administrator) on 10/04/2016 at  8:15:10,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 18

Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\ProgramData\pdfforge (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\ProgramData\update~1 (Folder)
Successfully deleted: C:\Users\Jean-Marie\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Users\Jean-Marie\AppData\Roaming\software informer (Folder)
Successfully deleted: C:\Users\Jean-Marie\AppData\Roaming\update~1 (Folder)
Successfully deleted: C:\Program Files (x86)\update~1 (Folder)
Successfully deleted: C:\Program Files\software informer (Folder)
Successfully deleted: C:\Program Files\update~1 (Folder)
Successfully deleted: C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\52644D7B (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C5FIQW8L (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDZZOOR0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RV04BYQO (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\52644D7B (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C5FIQW8L (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDZZOOR0 (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RV04BYQO (Temporary Internet Files Folder)



Registry: 5

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/04/2016 at  9:01:32,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


# AdwCleaner v5.109 - Rapport créé le 10/04/2016 à 07:59:45
# Mis à jour le 04/04/2016 par Xplode
# Base de données : 2016-04-04.2 [Locale]
# Système d'exploitation : Windows 10 Home  (x64)
# Nom d'utilisateur : Jean-Marie - LFS_ULTRA
# Exécuté depuis : C:\Users\Jean-Marie\Desktop\AdwCleaner(2).exe
# Option : Nettoyer
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service supprimé : SafetyBrowsingService

***** [ Dossiers ] *****

[-] Dossier supprimé : C:\Program Files (x86)\Elex-tech
[-] Dossier supprimé : C:\Program Files (x86)\WinZip Driver Updater
[#] Dossier supprimé : C:\ProgramData\mntemp
[-] Dossier supprimé : C:\ProgramData\torchcrashhandler
[#] Dossier supprimé : C:\ProgramData\Application Data\mntemp
[#] Dossier supprimé : C:\ProgramData\Application Data\torchcrashhandler
[-] Dossier supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Driver Updater
[-] Dossier supprimé : C:\Users\Jean-Marie\AppData\Local\torch
[-] Dossier supprimé : C:\Users\Jean-Marie\AppData\Roaming\Elex-tech
[-] Dossier supprimé : C:\Users\Jean-Marie\AppData\Roaming\SafetyBrowsing

***** [ Fichiers ] *****

[-] Fichier supprimé : C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
[-] Fichier supprimé : C:\Users\Jean-Marie\Desktop\Torch.lnk
[-] Fichier supprimé : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[-] Fichier supprimé : C:\WINDOWS\SysNative\sasnative64.exe

***** [ DLLs ] *****


***** [ Raccourcis ] *****


***** [ Tâches planifiées ] *****


***** [ Registre ] *****

[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Clé supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Clé supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Clé supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
[-] Clé supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}
[-] Clé supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1
[-] Valeur supprimée : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{7F114386-3545-4CF6-82E6-C58C174BBD00}]
[-] Valeur supprimée : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4FF15636-2FF1-4D8D-9051-A7E2DC389261}]
[-] Valeur supprimée : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{38B486F5-7243-44F6-B1BB-712030CA0A41}]
[-] Valeur supprimée : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{CCB3EF03-C6B2-4E52-BED3-5D2C7BE2DA2E}]

***** [ Navigateurs ] *****


*************************

:: Clés "Image File Execution Options" supprimées
:: Clés "Tracing" supprimées
:: Fichiers "Prefetch" supprimés
:: Paramètres Proxy réinitialisés
:: Paramètres Winsock réinitialisés
:: Paramètres TCP/IP réinitialisés
:: Paramètres Firewall réinitialisés
:: Paramètres IPSec réinitialisés
:: File BITS réinitialisée
:: IE policies supprimées
:: Chrome policies supprimées

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3506 octets] - [10/04/2016 07:59:45]
C:\AdwCleaner\AdwCleaner[S1].txt - [3195 octets] - [10/04/2016 07:41:41]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3654 octets] ##########
 



#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 11 April 2016 - 09:33 AM

Thank you for the logs, I only need the one for ESET Online Scanner now :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users