otl.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 05/01/2014 09:25:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\A\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

7,92 Gb Total Physical Memory | 5,99 Gb Available Physical Memory | 75,60% Memory free
15,84 Gb Paging File | 13,93 Gb Available in Paging File | 87,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,19 Gb Total Space | 216,48 Gb Free Space | 74,09% Space Free | Partition Type: NTFS
Drive D: | 639,22 Gb Total Space | 520,78 Gb Free Space | 81,47% Space Free | Partition Type: NTFS
Drive H: | 1863,01 Gb Total Space | 372,35 Gb Free Space | 19,99% Space Free | Partition Type: NTFS

Computer Name: A-PC | User Name: A | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014/01/05 00:20:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\A\Desktop\OTL.exe
PRC - [2013/12/10 20:43:42 | 000,395,888 | ---- | M] (Tlapia) -- C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe
PRC - [2013/12/10 20:43:42 | 000,394,352 | ---- | M] (Tlapia) -- C:\Program Files (x86)\sysTPL\sysTPLService.exe
PRC - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2013/11/07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/07/08 20:46:02 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/06/28 00:55:46 | 000,067,584 | ---- | M] (PasswordBox, Inc.) -- C:\Program Files (x86)\PasswordBox\pbbtnService.exe
PRC - [2013/06/12 15:00:02 | 013,446,464 | ---- | M] (Orange) -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\ST2.exe
PRC - [2013/06/12 15:00:00 | 000,149,824 | ---- | M] (Orange) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe
PRC - [2013/06/10 16:58:38 | 001,966,960 | ---- | M] () -- C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe
PRC - [2013/05/30 07:02:17 | 000,109,784 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/16 02:07:06 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/11/22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2012/11/22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2009/03/03 10:02:24 | 000,135,168 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\OrangeHSS\Systray\SystrayApp.exe
PRC - [2009/03/03 10:02:06 | 000,602,864 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\OrangeHSS\Launcher\Launcher.exe
PRC - [2009/03/03 10:02:04 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
PRC - [2009/03/03 10:01:52 | 000,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\OrangeHSS\Connectivity\corecom\OraConfigRecover.exe
PRC - [2009/03/03 10:01:50 | 000,364,544 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\OrangeHSS\Connectivity\corecom\CoreCom.exe
PRC - [2009/03/03 10:01:48 | 000,712,704 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\OrangeHSS\Connectivity\ConnectivityManager.exe
PRC - [2009/03/03 10:01:42 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2008/02/28 18:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2006/12/19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/12/12 18:17:16 | 004,774,248 | ---- | M] () -- c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll
MOD - [2013/06/12 14:59:42 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\Tools.dll
MOD - [2013/06/12 14:59:42 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\rt\bin\zip.dll
MOD - [2013/06/12 14:59:42 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\rt\bin\jetvm\jvm.dll
MOD - [2013/06/12 14:59:42 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\NetWPSAPI.dll
MOD - [2013/06/12 14:59:40 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\rt\jetrt\baseline720.dll
MOD - [2013/06/12 14:59:40 | 000,132,608 | ---- | M] () -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\NetworkAPI.dll
MOD - [2013/06/12 14:59:38 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\rt\bin\java.dll
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/03/03 10:02:14 | 000,589,824 | ---- | M] () -- C:\Program Files (x86)\OrangeHSS\Launcher\Plugins\PluginLnhPromptManager2.dll
MOD - [2009/03/03 10:02:12 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\OrangeHSS\Launcher\Plugins\PluginLnhRecovery.dll
MOD - [2009/02/27 16:38:22 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2009/02/03 16:08:00 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\OrangeHSS\Launcher\WatchClient.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/04/01 11:21:52 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2013/12/21 20:34:45 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/10 21:34:30 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/10 20:43:42 | 000,395,888 | ---- | M] (Tlapia) [Auto | Running] -- C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe -- (sysTPLMonitor.exe)
SRV - [2013/12/10 20:43:42 | 000,394,352 | ---- | M] (Tlapia) [Auto | Running] -- C:\Program Files (x86)\sysTPL\sysTPLService.exe -- (sysTPLService.exe)
SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/08/29 15:10:30 | 001,073,160 | ---- | M] (Orange SA) [Auto | Stopped] -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service)
SRV - [2013/06/28 00:55:46 | 000,067,584 | ---- | M] (PasswordBox, Inc.) [Auto | Running] -- C:\Program Files (x86)\PasswordBox\pbbtnService.exe -- (PasswordBox)
SRV - [2013/06/10 16:58:38 | 001,966,960 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe -- (Dedicarz Service)
SRV - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/16 02:07:06 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/12/14 01:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/11/22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012/11/22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/03 10:02:04 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2007/05/31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/12/19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2013/11/11 12:34:52 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:[b]64bit:[/b] - [2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:[b]64bit:[/b] - [2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:[b]64bit:[/b] - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:[b]64bit:[/b] - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:[b]64bit:[/b] - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:[b]64bit:[/b] - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:[b]64bit:[/b] - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:[b]64bit:[/b] - [2013/09/01 09:06:13 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2013/08/01 15:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:[b]64bit:[/b] - [2013/07/25 15:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2013/06/28 07:03:06 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:[b]64bit:[/b] - [2012/12/24 15:45:48 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtAudioBusSrv)
DRV:[b]64bit:[/b] - [2012/12/24 15:42:26 | 000,031,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (IvtPanBusSrv)
DRV:[b]64bit:[/b] - [2012/12/14 01:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/06/26 21:38:32 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:[/b] - [2012/06/26 21:38:32 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2012/06/26 21:38:32 | 000,023,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:[b]64bit:[/b] - [2012/04/01 04:52:30 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2012/04/01 04:52:26 | 000,594,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:[b]64bit:[/b] - [2012/04/01 04:52:24 | 000,163,368 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:[b]64bit:[/b] - [2012/03/05 13:29:42 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2012/03/05 13:29:40 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/01/06 09:59:48 | 000,084,608 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:[b]64bit:[/b] - [2012/01/06 09:59:48 | 000,059,392 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:[b]64bit:[/b] - [2011/12/21 13:47:08 | 000,025,056 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:[b]64bit:[/b] - [2011/09/17 02:38:52 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2011/03/23 03:20:32 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C60x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/02/16 16:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:[b]64bit:[/b] - [2011/02/11 22:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:[b]64bit:[/b] - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877

IE - HKU\S-1-5-21-2639464874-859707105-36392234-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2639464874-859707105-36392234-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2639464874-859707105-36392234-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-2639464874-859707105-36392234-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 42 5A 7D 70 BB CD 01 [binary data]
IE - HKU\S-1-5-21-2639464874-859707105-36392234-1000\..\SearchScopes,DefaultScope = {96393E5E-7896-428d-A498-8FA1C9087CE1}
IE - HKU\S-1-5-21-2639464874-859707105-36392234-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-2639464874-859707105-36392234-1000\..\SearchScopes\{59AE4CAC-AF24-4e2c-836E-3EF5408F4901}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKU\S-1-5-21-2639464874-859707105-36392234-1000\..\SearchScopes\{75B79468-43A1-450b-9CD5-994006C6A70E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
IE - HKU\S-1-5-21-2639464874-859707105-36392234-1000\..\SearchScopes\{96393E5E-7896-428d-A498-8FA1C9087CE1}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKU\S-1-5-21-2639464874-859707105-36392234-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=cr&ei=-JS6UvStOKTQygPY74H4AQ"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: FFPDFArchitectConverter%40pdfarchitect.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\adslTV\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\adslTV\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012/12/14 21:17:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/07/08 20:46:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2013/05/30 07:03:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/07/08 20:46:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/15 21:02:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/15 21:02:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/08/24 22:13:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firefox@passwordbox.com: C:\Program Files (x86)\PasswordBox\Firefox [2013/09/09 21:00:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/15 21:02:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/15 21:02:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/08/24 22:13:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Omnis Firefox\extensions\\Plugins: C:\Users\A\AppData\LocalLow\TigerLogic\webclient [2013/05/31 18:39:17 | 000,000,000 | ---D | M]

[2012/11/05 23:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A\AppData\Roaming\mozilla\Extensions
[2013/11/12 08:44:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A\AppData\Roaming\mozilla\Firefox\Profiles\tamiuvr0.default-1383291910541\extensions
[2013/11/12 08:44:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\A\AppData\Roaming\mozilla\Firefox\Profiles\tamiuvr0.default-1383291910541\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/10/31 08:17:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A\AppData\Roaming\mozilla\Firefox\Profiles\zz5ugaok.default\extensions
[2013/11/01 08:55:24 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\A\AppData\Roaming\mozilla\firefox\profiles\tamiuvr0.default-1383291910541\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/12/22 22:07:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/01/03 11:09:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/01/03 11:09:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/12/14 21:17:23 | 000,000,000 | ---D | M] (PDF Architect Converter For Firefox) -- C:\PROGRAM FILES (X86)\PDF ARCHITECT\FFPDFARCHITECTEXT

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=12176626F0992CE4A1824651CD27575A
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Application Manager (Enabled) = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - plugin: Error reading preferences file
CHR - Extension: YouTube = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Recherche Google = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: RealDownloader = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: Gmail = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (PasswordBox Helper) - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (PasswordBox Toolbar) - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files (x86)\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2639464874-859707105-36392234-1000..\Run: [CCleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2639464874-859707105-36392234-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-2639464874-859707105-36392234-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-2639464874-859707105-36392234-1000..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: &Download by Orbit - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: &Grab video by Orbit - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: Barre RoboForm - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:[b]64bit:[/b] - Extra context menu item: Do&wnload selected by Orbit - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: Down&load all by Orbit - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: Enregistrer les formulaires - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:[b]64bit:[/b] - Extra context menu item: Personnaliser le menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:[b]64bit:[/b] - Extra context menu item: Remplir les formulaires - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: &Download by Orbit - Reg Error: Value error. File not found
O8 - Extra context menu item: &Grab video by Orbit - Reg Error: Value error. File not found
O8 - Extra context menu item: Barre RoboForm - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Do&wnload selected by Orbit - Reg Error: Value error. File not found
O8 - Extra context menu item: Down&load all by Orbit - Reg Error: Value error. File not found
O8 - Extra context menu item: Enregistrer les formulaires - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Personnaliser le menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Remplir les formulaires - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9:[b]64bit:[/b] - Extra Button: Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:[b]64bit:[/b] - Extra Button: Sauvegarder - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Enregistrer les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:[b]64bit:[/b] - Extra Button: Afficher la barret d'outils - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Sauvegarder - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Enregistrer les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Afficher la barret d'outils - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2639464874-859707105-36392234-1000\..Trusted Domains: mappy.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2639464874-859707105-36392234-1000\..Trusted Domains: orange.fr ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2639464874-859707105-36392234-1000\..Trusted Domains: voila.fr ([rw.search.ke] http in Trusted sites)
O15 - HKU\S-1-5-21-2639464874-859707105-36392234-1000\..Trusted Domains: weborama.fr ([orange] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5327E085-FE55-4C9E-A19B-2335F5B8D31E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BB07CA5-650E-451C-95F5-B6B775EE9CE5}: DhcpNameServer = 172.20.10.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014/01/05 00:20:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\A\Desktop\OTL.exe
[2014/01/03 15:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2014/01/03 15:55:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2014/01/03 15:55:05 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\ZHP
[2013/12/23 22:57:34 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2013/12/23 22:57:34 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2013/12/23 22:57:33 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2013/12/23 22:57:33 | 000,014,464 | ---- | C] (Western Digital Technologies) -- C:\Windows\SysNative\drivers\wdcsam64.sys.bak
[2013/12/23 22:57:31 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2013/12/23 22:57:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2013/12/23 22:57:29 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2013/12/23 22:57:29 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2013/12/23 22:57:28 | 000,054,784 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys.bak
[2013/12/23 22:57:28 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2013/12/23 22:57:28 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2013/12/23 22:57:27 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2013/12/23 22:57:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2013/12/23 22:57:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2013/12/23 22:57:25 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2013/12/23 22:57:25 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2013/12/23 22:57:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2013/12/23 22:57:25 | 000,024,656 | ---- | C] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2013/12/23 22:57:24 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2013/12/23 22:57:24 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2013/12/23 22:57:22 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2013/12/23 22:57:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2013/12/23 22:57:21 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2013/12/23 22:57:21 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2013/12/23 22:57:18 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2013/12/23 22:57:18 | 000,046,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\point64.sys.bak
[2013/12/23 22:57:17 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2013/12/23 22:57:17 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys.bak
[2013/12/23 22:57:15 | 000,035,344 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys.bak
[2013/12/23 22:57:15 | 000,023,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nuidfltr.sys.bak
[2013/12/23 22:57:14 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2013/12/23 22:57:14 | 000,023,040 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\drivers\netaapl64.sys.bak
[2013/12/23 22:57:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2013/12/23 22:57:09 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2013/12/23 22:57:08 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2013/12/23 22:57:07 | 000,076,912 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C60x64.sys.bak
[2013/12/23 22:57:06 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2013/12/23 22:57:06 | 000,027,256 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\drivers\IvtBtBus.sys.bak
[2013/12/23 22:57:04 | 005,353,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2013/12/23 22:57:04 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2013/12/23 22:57:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2013/12/23 22:57:03 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2013/12/23 22:57:03 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2013/12/23 22:57:02 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2013/12/23 22:57:02 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys.bak
[2013/12/23 22:57:02 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2013/12/23 22:57:02 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys.bak
[2013/12/23 22:57:01 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2013/12/23 22:57:00 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2013/12/23 22:57:00 | 000,084,608 | ---- | C] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronXHCI.sys.bak
[2013/12/23 22:57:00 | 000,059,392 | ---- | C] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronHub3.sys.bak
[2013/12/23 22:56:59 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2013/12/23 22:56:59 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2013/12/23 22:56:59 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2013/12/23 22:56:59 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2013/12/23 22:56:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2013/12/23 22:56:58 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys.bak
[2013/12/23 22:56:58 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2013/12/23 22:56:58 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2013/12/23 22:56:57 | 000,052,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dc3d.sys.bak
[2013/12/23 22:56:57 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2013/12/23 22:56:56 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2013/12/23 22:56:55 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2013/12/23 22:56:55 | 000,210,984 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys.bak
[2013/12/23 22:56:55 | 000,184,872 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys.bak
[2013/12/23 22:56:55 | 000,039,976 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys.bak
[2013/12/23 22:56:55 | 000,021,544 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys.bak
[2013/12/23 22:56:54 | 000,594,472 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwampfl.sys.bak
[2013/12/23 22:56:54 | 000,031,480 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\drivers\btnetBus.sys.bak
[2013/12/23 22:56:54 | 000,025,056 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\drivers\BtHidBus.sys.bak
[2013/12/23 22:56:52 | 000,163,368 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\bcbtums.sys.bak
[2013/12/23 22:56:51 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2013/12/23 22:56:51 | 000,251,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak
[2013/12/23 22:56:51 | 000,123,704 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak
[2013/12/23 22:56:51 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak
[2013/12/23 22:56:51 | 000,031,544 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak
[2013/12/23 22:56:51 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2013/12/23 22:56:50 | 000,294,712 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys.bak
[2013/12/23 22:56:50 | 000,240,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak
[2013/12/23 22:56:50 | 000,212,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak
[2013/12/23 22:56:50 | 000,194,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys.bak
[2013/12/23 22:56:50 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2013/12/23 22:56:50 | 000,150,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys.bak
[2013/12/23 22:56:49 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2013/12/23 22:56:49 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2013/12/23 22:56:49 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2013/12/23 22:56:46 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2013/12/22 22:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/12/22 22:15:19 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/12/22 22:15:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/12/21 15:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/12/21 15:21:06 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/12/21 15:20:58 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/12/21 15:20:58 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/12/21 15:20:58 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/12/21 15:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/12/21 15:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/12/12 09:11:54 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/12/12 09:11:53 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/12/12 09:11:53 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/12/12 09:11:52 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/12/12 09:10:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/12/12 09:10:48 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/12 09:10:48 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/12 09:10:48 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/12 09:10:48 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/12 09:10:48 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/12/12 09:10:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/12/12 09:10:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/12/12 09:10:48 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/12/12 09:10:47 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/12/12 09:10:47 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/12/12 09:10:47 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/12/12 09:10:47 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/12/12 09:10:46 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/12 09:10:46 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/12 09:10:45 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/12 08:17:53 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013/12/12 08:17:53 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013/12/12 08:17:51 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/12 08:17:51 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/12 08:17:50 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/12 08:17:46 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/12 08:17:46 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/12 08:17:44 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/12 08:17:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/12 08:17:44 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/12 08:17:44 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/12 08:17:44 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/12 08:17:43 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014/01/05 09:18:53 | 000,029,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/05 09:18:53 | 000,029,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/05 09:11:36 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2014/01/05 09:09:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/05 09:08:56 | 2082,398,207 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/05 00:20:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\A\Desktop\OTL.exe
[2014/01/05 00:16:35 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/04 13:09:42 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2014/01/04 09:31:48 | 000,001,983 | ---- | M] () -- C:\Users\A\Desktop\ZHPFix.lnk
[2014/01/04 09:31:48 | 000,001,856 | ---- | M] () -- C:\Users\A\Desktop\ZHPDiag.lnk
[2014/01/03 16:03:04 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2014/01/03 11:09:51 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/01/03 09:28:27 | 001,661,710 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/03 09:28:27 | 000,745,056 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014/01/03 09:28:27 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/03 09:28:27 | 000,148,574 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014/01/03 09:28:27 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/26 09:29:43 | 000,321,730 | ---- | M] () -- C:\Users\A\Desktop\Antares 8 JANVIER 9 FEVRIER 2014.pdf
[2013/12/23 22:57:35 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2013/12/23 22:57:34 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2013/12/23 22:57:34 | 000,014,464 | ---- | M] (Western Digital Technologies) -- C:\Windows\SysNative\drivers\wdcsam64.sys.bak
[2013/12/23 22:57:33 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2013/12/23 22:57:32 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2013/12/23 22:57:30 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2013/12/23 22:57:30 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2013/12/23 22:57:29 | 000,007,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2013/12/23 22:57:28 | 000,054,784 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys.bak
[2013/12/23 22:57:28 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2013/12/23 22:57:28 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2013/12/23 22:57:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2013/12/23 22:57:27 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2013/12/23 22:57:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2013/12/23 22:57:26 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2013/12/23 22:57:25 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2013/12/23 22:57:25 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2013/12/23 22:57:25 | 000,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2013/12/23 22:57:24 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2013/12/23 22:57:24 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2013/12/23 22:57:22 | 000,171,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2013/12/23 22:57:22 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2013/12/23 22:57:22 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2013/12/23 22:57:21 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2013/12/23 22:57:19 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2013/12/23 22:57:18 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2013/12/23 22:57:18 | 000,046,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\point64.sys.bak
[2013/12/23 22:57:17 | 000,025,600 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys.bak
[2013/12/23 22:57:16 | 000,023,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nuidfltr.sys.bak
[2013/12/23 22:57:15 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys.bak
[2013/12/23 22:57:14 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2013/12/23 22:57:14 | 000,023,040 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\drivers\netaapl64.sys.bak
[2013/12/23 22:57:09 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2013/12/23 22:57:09 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2013/12/23 22:57:08 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2013/12/23 22:57:07 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C60x64.sys.bak
[2013/12/23 22:57:06 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2013/12/23 22:57:06 | 000,027,256 | ---- | M] (IVT Corporation.) -- C:\Windows\SysNative\drivers\IvtBtBus.sys.bak
[2013/12/23 22:57:05 | 005,353,888 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2013/12/23 22:57:04 | 000,078,720 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2013/12/23 22:57:03 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2013/12/23 22:57:03 | 000,056,344 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2013/12/23 22:57:03 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2013/12/23 22:57:02 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2013/12/23 22:57:02 | 000,033,240 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys.bak
[2013/12/23 22:57:02 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2013/12/23 22:57:02 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys.bak
[2013/12/23 22:57:01 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2013/12/23 22:57:00 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2013/12/23 22:57:00 | 000,265,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2013/12/23 22:57:00 | 000,084,608 | ---- | M] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronXHCI.sys.bak
[2013/12/23 22:57:00 | 000,059,392 | ---- | M] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronHub3.sys.bak
[2013/12/23 22:56:59 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys.bak
[2013/12/23 22:56:59 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2013/12/23 22:56:59 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2013/12/23 22:56:59 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2013/12/23 22:56:59 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2013/12/23 22:56:58 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2013/12/23 22:56:58 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2013/12/23 22:56:57 | 000,052,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dc3d.sys.bak
[2013/12/23 22:56:57 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2013/12/23 22:56:56 | 000,179,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2013/12/23 22:56:55 | 000,594,472 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwampfl.sys.bak
[2013/12/23 22:56:55 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2013/12/23 22:56:55 | 000,210,984 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys.bak
[2013/12/23 22:56:55 | 000,184,872 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys.bak
[2013/12/23 22:56:55 | 000,039,976 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys.bak
[2013/12/23 22:56:55 | 000,021,544 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys.bak
[2013/12/23 22:56:54 | 000,031,480 | ---- | M] (IVT Corporation.) -- C:\Windows\SysNative\drivers\btnetBus.sys.bak
[2013/12/23 22:56:54 | 000,025,056 | ---- | M] (IVT Corporation.) -- C:\Windows\SysNative\drivers\BtHidBus.sys.bak
[2013/12/23 22:56:52 | 000,163,368 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\bcbtums.sys.bak
[2013/12/23 22:56:52 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2013/12/23 22:56:51 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys.bak
[2013/12/23 22:56:51 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2013/12/23 22:56:51 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak
[2013/12/23 22:56:51 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak
[2013/12/23 22:56:51 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak
[2013/12/23 22:56:51 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak
[2013/12/23 22:56:50 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak
[2013/12/23 22:56:50 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak
[2013/12/23 22:56:50 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys.bak
[2013/12/23 22:56:50 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2013/12/23 22:56:50 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys.bak
[2013/12/23 22:56:49 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2013/12/23 22:56:49 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2013/12/23 22:56:49 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2013/12/23 22:56:46 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2013/12/21 15:20:51 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/12/21 15:20:50 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/12/21 15:20:50 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/12/21 15:20:50 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/12/16 22:22:55 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\Orange Portail.lnk
[2013/12/12 18:07:58 | 000,311,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/10 21:34:30 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/10 21:34:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/08 23:52:39 | 000,003,736 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/01/03 16:03:04 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2014/01/03 15:55:07 | 000,001,983 | ---- | C] () -- C:\Users\A\Desktop\ZHPFix.lnk
[2014/01/03 15:55:07 | 000,001,856 | ---- | C] () -- C:\Users\A\Desktop\ZHPDiag.lnk
[2014/01/03 11:09:51 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/01/03 11:09:51 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/12/26 09:29:42 | 000,321,730 | ---- | C] () -- C:\Users\A\Desktop\Antares 8 JANVIER 9 FEVRIER 2014.pdf
[2013/09/26 06:56:28 | 000,003,736 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2013/06/23 18:46:17 | 000,000,098 | ---- | C] () -- C:\Windows\wininit.ini
[2013/01/08 15:43:32 | 000,311,032 | ---- | C] () -- C:\Windows\SysWow64\IVTCredentialProvider.dll
[2012/12/20 21:06:59 | 000,000,434 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012/12/20 21:06:59 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012/12/20 21:00:58 | 000,286,818 | ---- | C] () -- C:\Windows\SysWow64\bandclockext.dll
[2012/12/14 01:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 01:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 01:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/11/16 23:13:01 | 000,000,142 | ---- | C] () -- C:\Windows\SoftWriting.ini
[2012/11/16 08:30:12 | 001,639,320 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/11/12 08:34:51 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\NMOCOD.DLL
[2012/11/08 08:26:06 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2012/11/08 08:26:00 | 000,001,024 | ---- | C] () -- C:\Users\A\.rnd
[2012/11/05 16:41:33 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/11/05 16:41:33 | 000,557,476 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/11/05 16:21:07 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012/06/29 21:15:24 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\VMProtectSDK32.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2012/12/14 21:17:31 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\APP_NAME_NON_STRING
[2012/11/12 20:08:42 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Audacity
[2013/09/26 06:58:44 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\AVG2014
[2013/06/25 08:11:38 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\calibre
[2012/11/21 20:39:14 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\cYo
[2013/11/10 18:16:23 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\DAEMON Tools Lite
[2013/07/30 19:10:04 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\fr.orange.assistancelivebox
[2013/09/25 17:27:58 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\FreeAudioPack
[2012/11/06 17:39:28 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\GetRightToGo
[2013/06/24 23:05:57 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Orbit
[2012/12/19 15:02:00 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\PDF Architect
[2012/11/10 19:30:03 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\ProgSense
[2012/11/08 08:29:03 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Simple Star
[2012/11/20 23:16:56 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Spacejock Software
[2012/11/16 22:00:09 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\SumatraPDF
[2012/11/11 20:03:42 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Thunderbird
[2013/07/29 13:23:59 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Todae
[2012/11/05 21:41:46 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\TuneUp Software
[2014/01/04 11:53:16 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\ZHP
[2012/11/08 20:26:31 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012/11/08 20:26:31 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2014/01/05 09:08:56 | 2082,398,207 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/05 09:08:56 | 4208,189,439 | -HS- | M] () -- C:\pagefile.sys
[2014/01/03 16:03:04 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2013/11/26 08:26:42 | 011,221,504 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ieframe.dll

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[color=#A23BEC]< MD5 for: IEXPLORE.EXE >[/color]
[2013/01/09 02:53:45 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=0100BCF23941C83462E4A70F94C3392E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_0d2c5bc980874648\iexplore.exe
[2013/11/14 23:20:37 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Program Files\Internet Explorer\iexplore.exe
[2013/11/14 23:20:37 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_7b0d6f67c2d3f97a\iexplore.exe
[2013/05/17 03:32:12 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_20d88bb252a3770f\iexplore.exe
[2012/11/14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_178ed6e5b4dd3857\iexplore.exe
[2013/07/26 07:23:39 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=133CEF30905806A35606652D409EEEBA -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_16893df21e3dcd43\iexplore.exe
[2013/08/10 07:31:28 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=1F3B062444AD6F667B5336E78D5A02B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_ffb36d2837eafb72\iexplore.exe
[2012/11/05 22:06:24 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_1787d4dfb4e386f6\iexplore.exe
[2013/02/22 08:04:50 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=25B53709A37C3FD814B68EA0A92D18F9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_0d238c71808d94e7\iexplore.exe
[2012/10/08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_178cd651b4df05a9\iexplore.exe
[2013/06/12 05:41:27 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=2A5F565327BFD679EC5F790DC15BBF25 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_0a0343986c500b78\iexplore.exe
[2012/11/05 22:06:22 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=2D53C5F71653EF94E7829846405D4ED2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_0d332a8d8082c4fb\iexplore.exe
[2013/04/05 06:55:38 | 000,770,624 | ---- | M] (Microsoft Corporation) MD5=2DC6BD1047553611DAEF97C751131A5D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20681_none_0a122b746c443b42\iexplore.exe
[2013/06/12 01:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_20da757e52a1c35e\iexplore.exe
[2013/02/22 05:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_177836c3b4ee56e2\iexplore.exe
[2013/08/10 07:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=351657C79B62B91E16A95AD23EA3710D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_168ab5d61e3c99b7\iexplore.exe
[2013/08/10 05:18:11 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=37287D98A1BF5D56AA729CEB9B27C6B1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_20df6028529d5bb2\iexplore.exe
[2013/05/17 02:57:28 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=3902E280F6117A468D5573343A7AA1F6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_09ffa3426c5372da\iexplore.exe
[2013/10/12 22:42:28 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=39D0074C59F6D1A62731942C7FA8B60B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_167ae4781e4936f5\iexplore.exe
[2013/10/12 10:49:48 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=3C8C00380462B1023C9F8EA2A9A7A137 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_ffa340aa37f7ff34\iexplore.exe
[2013/02/22 05:10:31 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=4145E2B5663F6FACC08EFDB17B658BB2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_17f703a2ce14129d\iexplore.exe
[2013/08/10 06:13:42 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=48A1306191216997F717C451B8D15139 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_0a08177a6c4bbd6d\iexplore.exe
[2012/10/08 13:29:46 | 000,754,848 | ---- | M] (Microsoft Corporation) MD5=49442BA6DCE4B4E3C1CB0AB193FE29AD -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_0d382bff807e43ae\iexplore.exe
[2013/05/02 08:14:52 | 000,775,216 | ---- | M] (Microsoft Corporation) MD5=6554208814632C25C77EE02355EB8E95 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16540_none_16920d4a1e377ea4\iexplore.exe
[2013/01/08 23:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_1781061bb4e80843\iexplore.exe
[2013/07/26 04:49:06 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=7BA1862B8A5698DC5FCFDFF3BC359DE9 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_20dde844529e8f3e\iexplore.exe
[2013/02/02 09:09:12 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=7C2923004FFC497E54F38E835F108EE8 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_0d9c579499b8b898\iexplore.exe
[2010/11/21 04:24:43 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
[2013/07/26 06:47:06 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=8D805B4EEEE0ECF6B604BE284978F135 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_ffb0112a37ee15f1\iexplore.exe
[2013/05/17 04:02:08 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=8F00471CA24ADF8D2AFAACF856EB70A4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_ffaaf8f037f2b0df\iexplore.exe
[2013/06/12 03:28:00 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=98C6F2A9A981A54222602B87C6310BDE -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_1685cb2c1e410163\iexplore.exe
[2013/10/12 08:16:06 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=9DFE1678738DD968D7BA5559B52706D1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_09f7eafc6c58c12f\iexplore.exe
[2013/02/02 05:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_17f101e6ce197a93\iexplore.exe
[2013/02/02 08:37:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=A8EBEBCD9F5C49475194099FCD276992 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_0d1d8ab58092fcdd\iexplore.exe
[2013/04/05 07:02:26 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_20e92fca5296266a\iexplore.exe
[2012/11/16 04:08:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=AC4957E154F750DF54F36ADC8E3E040D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_0db6f8de99a3ff69\iexplore.exe
[2013/02/22 08:17:45 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=B21A57AA4CB928059A0C0C58A9E77A02 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_0da2595099b350a2\iexplore.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe
[2010/11/21 04:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
[2013/11/14 23:20:38 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2013/11/14 23:20:38 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_856219b9f734bb75\iexplore.exe
[2013/06/12 08:51:43 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=CA88A25280B1D85ED0BC26B042ABBCCF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_ffae994637ef497d\iexplore.exe
[2013/04/05 08:53:33 | 000,775,232 | ---- | M] (Microsoft Corporation) MD5=CEA304830B4770BDA3572B87D0841848 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_169485781e35646f\iexplore.exe
[2012/10/08 09:22:05 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=CECB15F834FC2B4B150449717ADE18DD -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_1808a252ce07755f\iexplore.exe
[2013/09/23 00:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_20cf006852aa5f74\iexplore.exe
[2013/10/12 08:44:13 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_20cf8eca52a9f8f0\iexplore.exe
[2013/09/23 01:01:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=DB352EBF77E8655E0C46B6923F3C9950 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_09f78a2a6c58f471\iexplore.exe
[2013/02/02 05:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_17723507b4f3bed8\iexplore.exe
[2013/04/05 08:23:03 | 000,775,216 | ---- | M] (Microsoft Corporation) MD5=DE751E18F8DBF7BCCE46989CBA4A9828 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20681_none_ffbd812237e37947\iexplore.exe
[2013/05/02 08:14:53 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=E4F6125ED5185F8FA37CC4F449B85526 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16540_none_20e6b79c5298409f\iexplore.exe
[2013/07/26 06:09:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=E70D60B3A350BD09D86CDAD9CF55F36B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_0a04bb7c6c4ed7ec\iexplore.exe
[2013/09/23 02:55:58 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=E9F843E7E412AE9A507FD5ABBBD06462 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_ffa2dfd837f83276\iexplore.exe
[2013/05/17 04:30:45 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=EDC77CF787FA015205936C9A3228486E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_1683e1601e42b514\iexplore.exe
[2013/01/09 01:51:57 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=EF1F6F41FB2C9BBB484B21017F380201 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_0daa285e99ade8ac\iexplore.exe
[2013/01/08 22:32:42 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F05982E56ABD835AA8DF260EEC873E5B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_17fed2b0ce0eaaa7\iexplore.exe
[2012/10/08 12:09:10 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=F61714ABCF9BF0CEF0A6249AD4FD490B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_0db3f80099a6b364\iexplore.exe
[2012/11/14 03:19:28 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F691418EE9A6344AEB5C1B0518FBF8AE -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_180ba330ce04c164\iexplore.exe
[2013/09/23 02:25:59 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=F6A7D9C0BC326F695526069C1DA1E8B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_167a56161e499d79\iexplore.exe
[2012/11/14 08:11:18 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=FD0D2E1FAEBAE5031BE2EB8000D973F1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_0d3a2c93807c765c\iexplore.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[color=#A23BEC]< MD5 for: WUAUCLT.EXE >[/color]
[2010/11/21 04:24:25 | 000,051,200 | ---- | M] (Microsoft Corporation) MD5=7FBFAA84FE176D9AE932ABC585AB68D5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.5.7601.17514_none_1f3413afc64d10c5\wuauclt.exe
[2012/06/02 23:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) MD5=C1C03EA437EDDA8A7D4D8786E5AE6751 -- C:\Windows\SysNative\wuauclt.exe
[2012/06/02 23:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) MD5=C1C03EA437EDDA8A7D4D8786E5AE6751 -- C:\Windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_d5f513f25190f276\wuauclt.exe

< End of report >

Signaler le contenu de ce document