cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Naturi (administrator) on NATURI on 28-05-2014 10:12:59
Running from C:\Users\Naturi\Desktop
Platform: Windows 8.1 (Update 1) (X64) OS Language: French Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft) C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft) C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe
() C:\Windows\jmesoft\Service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Wistron Corporation) C:\Program Files\VolumeOSD\VolumeCtlSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
(BitTorrent Inc.) C:\Users\Naturi\AppData\Roaming\uTorrent\uTorrent.exe
(Dropbox, Inc.) C:\Users\Naturi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13219984 2012-11-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1234064 2012-10-29] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] => C:\WINDOWS\jmesoft\hotkey.exe [118784 2011-06-08] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-15] ()
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [270680 2012-07-19] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [293720 2012-07-19] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-23] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2014-02-24] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-14] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1385283556-1998687792-779195733-1002\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-05] (Microsoft Corporation)
HKU\S-1-5-21-1385283556-1998687792-779195733-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1385283556-1998687792-779195733-1002\...\Run: [BIBLauncher] => C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [3950384 2013-10-24] ()
HKU\S-1-5-21-1385283556-1998687792-779195733-1002\...\Run: [uTorrent] => C:\Users\Naturi\AppData\Roaming\uTorrent\uTorrent.exe [904272 2014-02-03] (BitTorrent Inc.)
Startup: C:\Users\Naturi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Naturi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM - {D7E389C2-1DB7-4893-BBE1-BD41B85F56AA} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {D7E389C2-1DB7-4893-BBE1-BD41B85F56AA} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - {D7E389C2-1DB7-4893-BBE1-BD41B85F56AA} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Naturi\AppData\Roaming\Mozilla\Firefox\Profiles\r549vd1m.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: SQLite Manager - C:\Users\Naturi\AppData\Roaming\Mozilla\Firefox\Profiles\r549vd1m.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2014-01-15]
FF Extension: Adblock Plus - C:\Users\Naturi\AppData\Roaming\Mozilla\Firefox\Profiles\r549vd1m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-10]
FF Extension: FrameFox - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF} [2014-05-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-21]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-24] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 Dashboard Service; C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe [24880 2013-01-15] (Microsoft)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
R2 IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [7680 2012-05-17] (Microsoft)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] ()
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-06-17] (Nitro PDF Software)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 VolumeCtlSrv; C:\Program Files\VolumeOSD\VolumeCtlSrv.exe [211968 2012-05-11] (Wistron Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-24] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-04-02] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 PQAWRwa; C:\Program Files\VolumeOSD\PQAWDrv.sys [12384 2008-03-01] ()
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-04-02] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [232448 2012-08-24] (Vimicro Corporation)
R3 vmuacflt; C:\Windows\System32\Drivers\vmuacflt.sys [13696 2012-05-02] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}w64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys [61120 2014-05-06] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 10:12 - 2014-05-28 10:13 - 00020162 _____ () C:\Users\Naturi\Desktop\FRST.txt
2014-05-28 10:12 - 2014-05-28 10:12 - 02066944 _____ (Farbar) C:\Users\Naturi\Desktop\FRST64.exe
2014-05-28 10:12 - 2014-05-28 10:12 - 00000000 ____D () C:\FRST
2014-05-26 16:59 - 2014-05-26 16:59 - 00000000 ____D () C:\Users\Hery\Desktop\hery
2014-05-25 09:24 - 2014-05-25 09:24 - 00028300 _____ () C:\Users\Naturi\Desktop\ZHPDiag.txt
2014-05-25 09:15 - 2014-05-25 09:15 - 00002041 _____ () C:\Users\Naturi\Desktop\ZHPFix[R3].txt
2014-05-25 09:14 - 2014-05-25 09:14 - 00002041 _____ () C:\Users\Naturi\Desktop\ZHPFixReport.txt
2014-05-24 00:32 - 2014-05-24 00:32 - 00007830 _____ () C:\Users\Naturi\Desktop\mam.txt
2014-05-24 00:27 - 2014-05-27 08:20 - 00003284 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1385283556-1998687792-779195733-1002
2014-05-23 23:21 - 2014-05-24 00:30 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-23 23:21 - 2014-05-23 23:21 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-23 23:21 - 2014-05-23 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-23 23:20 - 2014-05-23 23:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-23 23:20 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-23 23:20 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-05-23 23:20 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-05-23 23:17 - 2014-05-23 23:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Naturi\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-23 23:14 - 2014-05-23 23:14 - 00000748 _____ () C:\Users\Naturi\Desktop\JRT.txt
2014-05-23 22:48 - 2014-05-23 22:48 - 01016261 _____ (Thisisu) C:\Users\Naturi\Desktop\JRT.exe
2014-05-23 22:45 - 2014-05-23 22:45 - 00014618 _____ () C:\Users\Naturi\Desktop\AdwCleaner[S0].txt
2014-05-23 22:38 - 2014-05-28 08:45 - 00003306 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1385283556-1998687792-779195733-1002
2014-05-23 22:32 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-05-23 22:29 - 2014-05-23 22:34 - 00000000 ____D () C:\AdwCleaner
2014-05-23 22:28 - 2014-05-23 22:28 - 01326389 _____ () C:\Users\Naturi\Desktop\AdwCleaner.exe
2014-05-23 22:25 - 2014-05-23 22:26 - 00000000 _____ () C:\Users\Naturi\Desktop\adwcleaner_3.210.exe
2014-05-23 19:34 - 2014-05-23 19:34 - 00000000 _____ () C:\Users\Naturi\Desktop\IMG_0454.MOV
2014-05-23 18:37 - 2014-05-25 09:18 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-23 18:37 - 2014-05-23 18:41 - 00002014 _____ () C:\Users\Naturi\Desktop\ZHPFix.lnk
2014-05-23 18:37 - 2014-05-23 18:41 - 00001883 _____ () C:\Users\Naturi\Desktop\ZHPDiag.lnk
2014-05-23 18:37 - 2014-05-23 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-23 18:35 - 2014-05-23 18:35 - 06780575 _____ (Nicolas Coolman ) C:\Users\Hery\Downloads\ZHPDiag2(6).exe
2014-05-23 08:31 - 2014-05-23 08:31 - 00233134 _____ () C:\Users\Hery\Downloads\Image 22.05.2014 00.31.28 0073.jpeg
2014-05-20 22:03 - 2014-05-06 15:39 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys
2014-05-20 01:11 - 2014-05-17 18:06 - 209123168 _____ () C:\Users\Naturi\Desktop\MVI_4135.MOV
2014-05-17 09:34 - 2014-05-17 09:34 - 00000000 __SHD () C:\Users\Naturi\AppData\Local\EmieUserList
2014-05-17 09:34 - 2014-05-17 09:34 - 00000000 __SHD () C:\Users\Naturi\AppData\Local\EmieSiteList
2014-05-16 23:17 - 2014-05-16 23:17 - 00000000 ____D () C:\Users\Naturi\AppData\Roaming\DropboxMaster
2014-05-16 17:35 - 2014-05-16 17:41 - 00000000 ____D () C:\Users\Naturi\Desktop\Nouveau dossier (2)
2014-05-16 14:52 - 2014-05-16 14:52 - 676078960 _____ () C:\Users\Naturi\Desktop\MVI_4086.MOV
2014-05-16 14:50 - 2014-05-16 14:50 - 1892076980 _____ () C:\Users\Naturi\Desktop\MVI_4085.MOV
2014-05-16 14:35 - 2014-05-16 14:35 - 147402900 _____ () C:\Users\Naturi\Desktop\MVI_4084.MOV
2014-05-16 14:31 - 2014-05-16 14:31 - 873329864 _____ () C:\Users\Naturi\Desktop\MVI_4082.MOV
2014-05-16 10:35 - 2014-05-16 10:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-16 09:57 - 2014-05-16 09:57 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-16 09:57 - 2014-05-16 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-16 09:53 - 2014-05-16 09:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-16 09:53 - 2014-05-16 09:57 - 00000000 ____D () C:\Program Files\iTunes
2014-05-16 09:53 - 2014-05-16 09:57 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-16 09:53 - 2014-05-16 09:53 - 00000000 ____D () C:\Program Files\iPod
2014-05-16 08:13 - 2014-05-22 17:14 - 00000000 ____D () C:\Users\Naturi\Desktop\Etiquettes def
2014-05-15 08:10 - 2014-05-01 22:30 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-15 08:10 - 2014-05-01 22:30 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 10:38 - 2014-05-14 10:38 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-05-14 10:38 - 2014-05-14 10:38 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 09:50 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-14 09:50 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-14 09:50 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-14 09:50 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-14 09:50 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-14 09:49 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 09:49 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-14 09:49 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-14 09:49 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-14 09:49 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-14 09:49 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-14 09:49 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-14 09:49 - 2014-04-11 05:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-14 09:49 - 2014-04-11 05:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-14 09:49 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-14 09:49 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 09:49 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-14 09:49 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 09:49 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-14 09:49 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-14 09:49 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-14 09:49 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-14 09:49 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-14 09:49 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 09:49 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-14 09:49 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-14 09:49 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-14 09:49 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-14 09:49 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-14 09:49 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-14 09:49 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 09:49 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-14 09:48 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-14 09:48 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-14 09:48 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-14 09:47 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-14 09:44 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-14 09:44 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-14 09:44 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-14 09:44 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-14 09:44 - 2014-03-27 11:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-14 09:44 - 2014-03-27 09:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-13 14:16 - 2014-05-13 14:17 - 00000000 ____D () C:\Users\Naturi\Desktop\Livre
2014-05-06 12:02 - 2014-05-16 00:18 - 00000000 ____D () C:\Users\Naturi\Desktop\Etiqu mod
2014-05-06 11:58 - 2014-05-06 11:58 - 00028017 _____ () C:\Users\Naturi\Downloads\Pièces jointes_201456.zip
2014-05-03 01:08 - 2014-05-03 01:08 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-03 01:07 - 2014-05-03 01:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-30 11:56 - 2014-04-30 12:01 - 00000000 ____D () C:\Users\Naturi\Desktop\oli
2014-04-30 11:55 - 2014-04-30 11:57 - 29174723 _____ () C:\Users\Naturi\Downloads\wetransfer3004.zip
2014-04-29 20:47 - 2014-04-29 20:47 - 00001879 _____ () C:\Users\Hery\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk

==================== One Month Modified Files and Folders =======

2014-05-28 10:13 - 2014-05-28 10:12 - 00020162 _____ () C:\Users\Naturi\Desktop\FRST.txt
2014-05-28 10:13 - 2013-08-31 20:32 - 00000000 ____D () C:\Users\Naturi\AppData\Roaming\uTorrent
2014-05-28 10:12 - 2014-05-28 10:12 - 02066944 _____ (Farbar) C:\Users\Naturi\Desktop\FRST64.exe
2014-05-28 10:12 - 2014-05-28 10:12 - 00000000 ____D () C:\FRST
2014-05-28 10:03 - 2014-04-15 11:59 - 00003932 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{432E6470-E404-409E-8F83-C44B9F5DA49D}
2014-05-28 10:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-28 09:19 - 2013-10-06 13:14 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 09:16 - 2013-07-18 01:51 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-28 09:13 - 2014-04-02 18:04 - 01515572 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-28 08:56 - 2013-07-30 12:10 - 00000000 ____D () C:\ProgramData\Skype
2014-05-28 08:47 - 2013-10-28 16:43 - 00000000 ___RD () C:\Users\Naturi\Dropbox
2014-05-28 08:47 - 2013-10-28 16:37 - 00000000 ____D () C:\Users\Naturi\AppData\Roaming\Dropbox
2014-05-28 08:46 - 2014-04-02 18:17 - 00000000 __RDO () C:\Users\Naturi\SkyDrive
2014-05-28 08:46 - 2013-07-19 17:19 - 00000000 ____D () C:\Users\Naturi\Tracing
2014-05-28 08:45 - 2014-05-23 22:38 - 00003306 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1385283556-1998687792-779195733-1002
2014-05-28 08:45 - 2013-10-06 13:14 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 23:09 - 2014-02-05 14:20 - 00000000 ____D () C:\Users\Naturi\Desktop\Nouveau dossier
2014-05-27 08:20 - 2014-05-24 00:27 - 00003284 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1385283556-1998687792-779195733-1002
2014-05-26 18:52 - 2013-08-16 22:51 - 00000000 ____D () C:\Users\Naturi\AppData\Roaming\Skype
2014-05-26 16:59 - 2014-05-26 16:59 - 00000000 ____D () C:\Users\Hery\Desktop\hery
2014-05-26 16:50 - 2014-04-25 09:39 - 00000000 ___RD () C:\Users\Hery\OneDrive
2014-05-26 11:32 - 2013-07-18 01:43 - 00000000 ____D () C:\Users\Naturi\AppData\Local\Mozilla
2014-05-25 09:24 - 2014-05-25 09:24 - 00028300 _____ () C:\Users\Naturi\Desktop\ZHPDiag.txt
2014-05-25 09:20 - 2013-10-17 11:12 - 00000000 ____D () C:\Users\Naturi\AppData\Roaming\ZHP
2014-05-25 09:18 - 2014-05-23 18:37 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-25 09:15 - 2014-05-25 09:15 - 00002041 _____ () C:\Users\Naturi\Desktop\ZHPFix[R3].txt
2014-05-25 09:14 - 2014-05-25 09:14 - 00002041 _____ () C:\Users\Naturi\Desktop\ZHPFixReport.txt
2014-05-24 08:29 - 2013-07-19 09:28 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1385283556-1998687792-779195733-1005
2014-05-24 08:29 - 2013-07-17 18:58 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1385283556-1998687792-779195733-1002
2014-05-24 07:24 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-24 00:33 - 2013-11-14 09:32 - 01824010 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-24 00:33 - 2013-11-14 09:13 - 00811108 _____ () C:\WINDOWS\system32\perfh00C.dat
2014-05-24 00:33 - 2013-11-14 09:13 - 00159206 _____ () C:\WINDOWS\system32\perfc00C.dat
2014-05-24 00:32 - 2014-05-24 00:32 - 00007830 _____ () C:\Users\Naturi\Desktop\mam.txt
2014-05-24 00:30 - 2014-05-23 23:21 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 00:26 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-24 00:25 - 2014-04-02 18:19 - 00000000 ___DC () C:\WINDOWS\Panther
2014-05-24 00:25 - 2013-11-14 00:22 - 00090238 _____ () C:\WINDOWS\PFRO.log
2014-05-24 00:25 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-23 23:32 - 2013-07-18 17:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-23 23:21 - 2014-05-23 23:21 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-23 23:21 - 2014-05-23 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-23 23:21 - 2014-05-23 23:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-23 23:20 - 2013-10-17 23:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-23 23:19 - 2014-05-23 23:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Naturi\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-23 23:14 - 2014-05-23 23:14 - 00000748 _____ () C:\Users\Naturi\Desktop\JRT.txt
2014-05-23 22:48 - 2014-05-23 22:48 - 01016261 _____ (Thisisu) C:\Users\Naturi\Desktop\JRT.exe
2014-05-23 22:45 - 2014-05-23 22:45 - 00014618 _____ () C:\Users\Naturi\Desktop\AdwCleaner[S0].txt
2014-05-23 22:34 - 2014-05-23 22:29 - 00000000 ____D () C:\AdwCleaner
2014-05-23 22:34 - 2012-07-26 07:26 - 00000301 _____ () C:\WINDOWS\win.ini
2014-05-23 22:33 - 2014-04-02 17:32 - 00000000 ____D () C:\Users\Naturi
2014-05-23 22:33 - 2014-04-02 17:32 - 00000000 ____D () C:\Users\Hery
2014-05-23 22:33 - 2014-03-18 04:29 - 00000000 ____D () C:\Users\Naturi\AppData\Roaming\Common
2014-05-23 22:28 - 2014-05-23 22:28 - 01326389 _____ () C:\Users\Naturi\Desktop\AdwCleaner.exe
2014-05-23 22:26 - 2014-05-23 22:25 - 00000000 _____ () C:\Users\Naturi\Desktop\adwcleaner_3.210.exe
2014-05-23 22:24 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-23 22:23 - 2013-07-17 18:47 - 00000000 ____D () C:\Users\Naturi\AppData\Local\Packages
2014-05-23 19:34 - 2014-05-23 19:34 - 00000000 _____ () C:\Users\Naturi\Desktop\IMG_0454.MOV
2014-05-23 18:41 - 2014-05-23 18:37 - 00002014 _____ () C:\Users\Naturi\Desktop\ZHPFix.lnk
2014-05-23 18:41 - 2014-05-23 18:37 - 00001883 _____ () C:\Users\Naturi\Desktop\ZHPDiag.lnk
2014-05-23 18:41 - 2014-05-23 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-23 18:35 - 2014-05-23 18:35 - 06780575 _____ (Nicolas Coolman ) C:\Users\Hery\Downloads\ZHPDiag2(6).exe
2014-05-23 16:01 - 2013-10-28 17:16 - 00000000 ____D () C:\Users\Naturi\Documents\Mes écrits
2014-05-23 08:31 - 2014-05-23 08:31 - 00233134 _____ () C:\Users\Hery\Downloads\Image 22.05.2014 00.31.28 0073.jpeg
2014-05-22 17:14 - 2014-05-16 08:13 - 00000000 ____D () C:\Users\Naturi\Desktop\Etiquettes def
2014-05-22 16:06 - 2014-02-23 17:18 - 00000000 ____D () C:\Users\Naturi\Desktop\kemita
2014-05-18 21:49 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-05-18 08:54 - 2013-07-18 01:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-17 22:36 - 2013-11-05 20:29 - 00000000 ____D () C:\Users\Hery\AppData\Roaming\Apple Computer
2014-05-17 18:06 - 2014-05-20 01:11 - 209123168 _____ () C:\Users\Naturi\Desktop\MVI_4135.MOV
2014-05-17 09:34 - 2014-05-17 09:34 - 00000000 __SHD () C:\Users\Naturi\AppData\Local\EmieUserList
2014-05-17 09:34 - 2014-05-17 09:34 - 00000000 __SHD () C:\Users\Naturi\AppData\Local\EmieSiteList
2014-05-16 23:17 - 2014-05-16 23:17 - 00000000 ____D () C:\Users\Naturi\AppData\Roaming\DropboxMaster
2014-05-16 23:17 - 2013-10-28 16:43 - 00001080 _____ () C:\Users\Naturi\Desktop\Dropbox.lnk
2014-05-16 23:17 - 2013-10-28 16:39 - 00000000 ____D () C:\Users\Naturi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-16 23:17 - 2013-07-17 18:50 - 00000000 ___RD () C:\Users\Naturi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 17:41 - 2014-05-16 17:35 - 00000000 ____D () C:\Users\Naturi\Desktop\Nouveau dossier (2)
2014-05-16 14:52 - 2014-05-16 14:52 - 676078960 _____ () C:\Users\Naturi\Desktop\MVI_4086.MOV
2014-05-16 14:50 - 2014-05-16 14:50 - 1892076980 _____ () C:\Users\Naturi\Desktop\MVI_4085.MOV
2014-05-16 14:35 - 2014-05-16 14:35 - 147402900 _____ () C:\Users\Naturi\Desktop\MVI_4084.MOV
2014-05-16 14:31 - 2014-05-16 14:31 - 873329864 _____ () C:\Users\Naturi\Desktop\MVI_4082.MOV
2014-05-16 13:17 - 2014-03-14 03:15 - 00000000 ____D () C:\Users\Naturi\Desktop\make
2014-05-16 10:36 - 2014-05-16 10:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-16 09:57 - 2014-05-16 09:57 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-16 09:57 - 2014-05-16 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-16 09:57 - 2014-05-16 09:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-16 09:57 - 2014-05-16 09:53 - 00000000 ____D () C:\Program Files\iTunes
2014-05-16 09:57 - 2014-05-16 09:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-16 09:53 - 2014-05-16 09:53 - 00000000 ____D () C:\Program Files\iPod
2014-05-16 09:21 - 2013-07-19 09:20 - 00000000 ___RD () C:\Users\Hery\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 09:21 - 2013-07-19 09:20 - 00000000 ___RD () C:\Users\Hery\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 00:18 - 2014-05-06 12:02 - 00000000 ____D () C:\Users\Naturi\Desktop\Etiqu mod
2014-05-15 20:26 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-15 16:33 - 2014-01-10 19:37 - 00085328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-05-15 16:33 - 2013-10-21 18:58 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-05-15 16:33 - 2013-10-21 18:58 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-05-15 08:20 - 2013-10-08 10:48 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 08:12 - 2013-07-17 18:50 - 00000000 ___RD () C:\Users\Naturi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 02:10 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-15 02:10 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 02:10 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 02:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-15 02:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-15 02:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 02:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 10:43 - 2013-10-17 18:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 10:38 - 2014-05-14 10:38 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-05-14 10:38 - 2014-05-14 10:38 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 10:35 - 2013-08-15 18:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 10:27 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-14 10:27 - 2013-07-18 08:57 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-13 20:18 - 2013-07-18 01:51 - 00003890 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-05-13 14:17 - 2014-05-13 14:16 - 00000000 ____D () C:\Users\Naturi\Desktop\Livre
2014-05-13 00:53 - 2014-03-21 19:16 - 00000000 ____D () C:\Users\Naturi\Desktop\teint
2014-05-12 07:26 - 2014-05-23 23:20 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-23 23:20 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-23 23:20 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-05-06 15:39 - 2014-05-20 22:03 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys
2014-05-06 11:58 - 2014-05-06 11:58 - 00028017 _____ () C:\Users\Naturi\Downloads\Pièces jointes_201456.zip
2014-05-06 06:40 - 2014-05-14 09:48 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-06 05:25 - 2014-05-14 09:48 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-06 05:00 - 2014-05-14 09:48 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 09:47 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-03 01:08 - 2014-05-03 01:08 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-03 01:07 - 2014-05-03 01:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-02 10:00 - 2013-07-30 12:11 - 00000000 ____D () C:\Users\Hery\AppData\Roaming\Skype
2014-05-01 22:30 - 2014-05-15 08:10 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:30 - 2014-05-15 08:10 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-30 12:01 - 2014-04-30 11:56 - 00000000 ____D () C:\Users\Naturi\Desktop\oli
2014-04-30 11:57 - 2014-04-30 11:55 - 29174723 _____ () C:\Users\Naturi\Downloads\wetransfer3004.zip
2014-04-29 20:47 - 2014-04-29 20:47 - 00001879 _____ () C:\Users\Hery\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-04-28 18:25 - 2014-01-22 03:48 - 00000000 ____D () C:\Users\Naturi\Documents\Youcam

Files to move or delete:
====================
C:\ProgramData\Lenovo-29051.vbs
C:\ProgramData\Lenovo-29123.vbs


Some content of TEMP:
====================
C:\Users\Naturi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprzj4ov.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-25 10:03

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité