cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 26/03/2015 15:35:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pc\Downloads\Programs
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,91 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 29,37% Memory free
5,81 Gb Paging File | 3,31 Gb Available in Paging File | 56,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 18,78 Gb Free Space | 38,55% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 158,00 Gb Free Space | 80,90% Space Free | Partition Type: NTFS
Drive E: | 221,62 Gb Total Space | 217,36 Gb Free Space | 98,08% Space Free | Partition Type: NTFS
Drive G: | 6,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 1,83 Gb Total Space | 0,06 Gb Free Space | 3,13% Space Free | Partition Type: FAT32

Computer Name: PC-PC | User Name: Pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/03/26 15:31:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pc\Downloads\Programs\OTL.exe
PRC - [2015/03/22 00:10:34 | 000,376,944 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2015/02/25 13:35:10 | 001,206,784 | ---- | M] (Informer Technologies, Inc.) -- C:\Program Files\Software Informer\softinfo.exe
PRC - [2015/02/25 04:26:06 | 009,797,416 | ---- | M] (Visicom Media Inc.) -- C:\Program Files\ManyCam\ManyCam.exe
PRC - [2015/02/24 16:13:30 | 000,439,040 | ---- | M] (Diagonal) -- C:\Program Files\Le Robert Correcteur\Le Robert Correcteur Edit.exe
PRC - [2015/02/24 16:13:30 | 000,291,584 | ---- | M] (Diagonal) -- C:\Program Files\Le Robert Correcteur\Le Robert Correcteur.exe
PRC - [2015/02/19 04:33:10 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
PRC - [2014/11/25 20:36:54 | 000,838,752 | ---- | M] (MyPCBackup.com) -- C:\Program Files\MyPC Backup\MyPC Backup.exe
PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/02/19 17:52:44 | 000,178,688 | ---- | M] (ultracopier.first-world.info) -- C:\Program Files\Supercopier\supercopier.exe
PRC - [2013/11/06 17:54:44 | 000,427,264 | ---- | M] () -- C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe
PRC - [2013/11/06 17:54:44 | 000,426,752 | ---- | M] () -- C:\ProgramData\ZDSupport\ZDServ\CancelAutoPlay_Server.exe
PRC - [2013/11/06 17:54:43 | 000,510,208 | ---- | M] () -- C:\Program Files\Hostless Modem\MOBICONNECT\ShowTip.exe
PRC - [2013/09/27 17:14:26 | 003,665,488 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2013/06/26 10:02:38 | 000,513,048 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMGrHlp.exe
PRC - [2012/12/12 14:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2010/03/23 14:53:06 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/03/23 14:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
PRC - [2009/09/22 17:09:58 | 000,869,688 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
PRC - [2009/08/17 16:47:50 | 000,231,840 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files\DrWeb\spiderui.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/06/01 15:03:10 | 000,447,728 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files\DrWeb\SpIDerAgent.exe
PRC - [2009/03/02 18:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/02/24 16:13:48 | 000,258,304 | ---- | M] () -- C:\Program Files\Le Robert Correcteur\Libs\DiagonalLib.dll
MOD - [2015/02/19 04:33:10 | 016,852,144 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_16_0_0_305.dll
MOD - [2014/11/25 20:30:07 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll
MOD - [2014/11/25 20:29:08 | 000,060,928 | ---- | M] () -- C:\Program Files\MyPC Backup\LinqBridge.dll
MOD - [2014/11/25 20:29:07 | 000,270,336 | ---- | M] () -- C:\Program Files\MyPC Backup\AlphaFS.dll
MOD - [2014/06/11 22:51:24 | 040,622,592 | ---- | M] () -- C:\Program Files\Software Informer\cef\libcef.dll
MOD - [2014/02/19 17:52:44 | 001,026,560 | ---- | M] () -- C:\Program Files\Supercopier\qt-plugins\platforms\qwindows.dll
MOD - [2014/02/19 17:52:44 | 000,377,856 | ---- | M] () -- C:\Program Files\Supercopier\libstdc++-6.dll
MOD - [2014/02/19 17:52:44 | 000,052,224 | ---- | M] () -- C:\Program Files\Supercopier\libgcc_s_sjlj-1.dll
MOD - [2013/11/06 17:54:44 | 000,426,752 | ---- | M] () -- C:\ProgramData\ZDSupport\ZDServ\CancelAutoPlay_Server.exe
MOD - [2013/11/06 17:54:43 | 000,510,208 | ---- | M] () -- C:\Program Files\Hostless Modem\MOBICONNECT\ShowTip.exe
MOD - [2012/11/14 04:23:14 | 000,241,152 | ---- | M] () -- C:\Program Files\ManyCam\opencv_objdetect220.dll
MOD - [2012/11/14 04:23:14 | 000,201,216 | ---- | M] () -- C:\Program Files\ManyCam\opencv_video220.dll
MOD - [2012/11/14 04:23:08 | 000,775,680 | ---- | M] () -- C:\Program Files\ManyCam\opencv_highgui220.dll
MOD - [2012/11/14 04:23:04 | 001,241,088 | ---- | M] () -- C:\Program Files\ManyCam\opencv_imgproc220.dll
MOD - [2012/11/14 04:22:32 | 002,010,624 | ---- | M] () -- C:\Program Files\ManyCam\opencv_core220.dll
MOD - [2009/07/14 09:39:06 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/07/14 05:43:29 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c299b012a3fe92ae56d60fe415f63fff\System.EnterpriseServices.ni.dll
MOD - [2009/07/14 05:43:29 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\97adf9fccd70327b839a92c3d038b101\System.Transactions.ni.dll
MOD - [2009/07/14 05:43:28 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\7f457271e765b5d72f081942b829469c\System.Data.ni.dll
MOD - [2009/07/14 05:43:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2009/07/14 05:42:57 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2009/07/14 05:42:40 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2009/07/14 05:42:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll
MOD - [2009/07/14 05:42:36 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2009/07/14 05:42:30 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll
MOD - [2009/06/10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/06/10 22:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2004/01/26 11:41:00 | 000,077,824 | ---- | M] () -- C:\PROGRA~1\CFWEBA~1\vs_resize.dll
MOD - [2003/10/28 17:44:24 | 001,613,824 | ---- | M] () -- C:\PROGRA~1\CFWEBA~1\libavcodec.dll
MOD - [2002/04/22 03:45:36 | 000,663,552 | ---- | M] () -- C:\PROGRA~1\CFWEBA~1\FreeImage.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2015/03/22 00:10:34 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/03/17 06:14:08 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/03/17 06:14:06 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2015/01/02 19:45:12 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/11/25 20:36:54 | 000,053,320 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2013/11/06 17:54:44 | 000,427,264 | ---- | M] () [Auto | Running] -- C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe -- (ZDServ)
SRV - [2010/03/23 14:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe -- (STacSV)
SRV - [2009/09/22 17:09:58 | 000,869,688 | ---- | M] (Doctor Web, Ltd.) [Auto | Running] -- C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe -- (DrWebEngine)
SRV - [2009/08/17 16:47:50 | 000,231,328 | ---- | M] (Doctor Web, Ltd.) [Auto | Stopped] -- C:\PROGRA~1\DrWeb\spidernt.exe -- (SPIDERNT)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/03/02 18:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe -- (AESTFilters)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | Disabled | Unknown] -- C:\Windows\System32\drivers\dwshd.sys -- (dwshd)
DRV - [2015/03/24 08:13:44 | 000,043,152 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{13e8d46d-09b8-4fd6-b75a-25c04a0db747}Gw.sys -- ({13e8d46d-09b8-4fd6-b75a-25c04a0db747}Gw)
DRV - [2015/03/23 19:10:08 | 000,043,152 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{06146dd6-a059-4c4d-9840-35b694aad4ae}Gw.sys -- ({06146dd6-a059-4c4d-9840-35b694aad4ae}Gw)
DRV - [2015/03/17 06:15:36 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2015/03/17 06:15:22 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2014/12/29 05:07:34 | 000,048,280 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2014/12/29 04:57:08 | 000,030,488 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2013/06/27 10:57:42 | 000,104,928 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2012/06/20 09:43:02 | 002,957,312 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2012/04/15 22:32:14 | 001,068,216 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\wcmvcam.sys -- (WCMVCAM)
DRV - [2011/10/24 05:39:40 | 000,278,528 | ---- | M] (AVEO) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVEOdcnt.sys -- (AVEO)
DRV - [2010/03/23 14:53:06 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/09/21 13:47:30 | 000,105,080 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\dwprot.sys -- (DwProt)
DRV - [2009/08/17 16:47:48 | 000,306,464 | ---- | M] (Doctor Web, Ltd.) [File_System | Auto | Stopped] -- C:\PROGRA~1\DrWeb\spider.sys -- (SPIDER)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-search.net/search?sid=492&aid=303&itype=n&ver=15583&tm=627&src=ds&p={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3405818196-1375284309-57739625-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKU\S-1-5-21-3405818196-1375284309-57739625-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKU\S-1-5-21-3405818196-1375284309-57739625-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKU\S-1-5-21-3405818196-1375284309-57739625-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3405818196-1375284309-57739625-1000\..\SearchScopes,DefaultScope = {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
IE - HKU\S-1-5-21-3405818196-1375284309-57739625-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXMK5055GSX_X97ES46LSXXX97ES46LS&ts=1425602801&type=default&q={searchTerms}
IE - HKU\S-1-5-21-3405818196-1375284309-57739625-1000\..\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXMK5055GSX_X97ES46LSXXX97ES46LS&ts=1425602801&type=default&q={searchTerms}
IE - HKU\S-1-5-21-3405818196-1375284309-57739625-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXMK5055GSX_X97ES46LSXXX97ES46LS&ts=1425602801&type=default&q={searchTerms}
IE - HKU\S-1-5-21-3405818196-1375284309-57739625-1000\..\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXMK5055GSX_X97ES46LSXXX97ES46LS&ts=1425602801&type=default&q={searchTerms}
IE - HKU\S-1-5-21-3405818196-1375284309-57739625-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "DZ"
FF - prefs.js..browser.search.hiddenOneOffs: "mystartsearch"
FF - prefs.js..browser.search.order.1: "default-search.net"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "DZ"
FF - prefs.js..browser.search.searchengine.alias: "mystartsearch"
FF - prefs.js..browser.search.searchengine.desc: "this is my first firefox searchEngine"
FF - prefs.js..browser.search.searchengine.iconURL: "http://www.mystartsearch.com/web/favicon.ico"
FF - prefs.js..browser.search.searchengine.name: "mystartsearch"
FF - prefs.js..browser.search.searchengine.ptid: "smt"
FF - prefs.js..browser.search.searchengine.uid: "TOSHIBAXMK5055GSX_X97ES46LSXXX97ES46LS"
FF - prefs.js..browser.search.searchengine.url: "http://www.mystartsearch.com/web/?type=dspp&ts=1425602740&from=smt&uid=TOSHIBAXMK5055GSX_X97ES46LSXXX97ES46LS&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.3
FF - prefs.js..extensions.enabledAddons: coralietab%40mozdev.org:2.04.20110724
FF - prefs.js..extensions.enabledAddons: %7B1BC9BA34-1EED-42ca-A505-6D2F1A935BBB%7D:5.12.12.1
FF - prefs.js..extensions.enabledAddons: support%40real-hide-ip.com:1.0
FF - prefs.js..extensions.enabledAddons: zzoomit%40zoom.com:1.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Pc\AppData\Roaming\IDM\idmmzcc5 [2015/03/20 22:06:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Pc\AppData\Roaming\IDM\idmmzcc5 [2015/03/20 22:06:54 | 000,000,000 | ---D | M]

[2012/08/15 21:34:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\mozilla\Extensions
[2015/03/24 22:40:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\kfmf9zi5.default\extensions
[2015/03/04 00:26:25 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\kfmf9zi5.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2015/03/03 23:16:33 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\kfmf9zi5.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2015/03/04 00:19:26 | 000,000,000 | ---D | M] (IE Tab +) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\kfmf9zi5.default\extensions\coralietab@mozdev.org
[2015/03/04 00:16:35 | 000,000,000 | ---D | M] (Camfrog Web Plugin for Mozilla Firefox) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\kfmf9zi5.default\extensions\NPCamfrogWeb@camfrogweb.com
[2015/03/21 13:31:23 | 000,000,000 | ---D | M] ("Zoom It") -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\kfmf9zi5.default\extensions\zzoomit@zoom.com
[2015/03/06 00:51:25 | 000,004,527 | ---- | M] () (No name found) -- C:\Users\Pc\AppData\Roaming\mozilla\firefox\profiles\kfmf9zi5.default\extensions\support@real-hide-ip.com.xpi
[2015/02/18 13:48:19 | 000,619,291 | ---- | M] () (No name found) -- C:\Users\Pc\AppData\Roaming\mozilla\firefox\profiles\kfmf9zi5.default\extensions\testpilot@labs.mozilla.com.xpi
[2015/02/18 21:08:11 | 000,006,057 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\mozilla\firefox\profiles\kfmf9zi5.default\searchplugins\bingp.xml
[2015/03/14 12:23:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2015/03/14 12:23:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015/03/26 12:45:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\updated\browser\extensions
[2015/03/26 12:45:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\akfphecggdoefopaooikpjihabjbmjea\1.4.0_0\
CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jelhjlihbglokmcmbpdjkiiilecidfog\1.0.0.0_1\
CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_1\
CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [SpIDerAgent] C:\Program Files\DrWeb\SpIDerAgent.exe (Doctor Web, Ltd.)
O4 - HKLM..\Run: [SpIDerMail] C:\Program Files\DrWeb\spiderml.exe (Doctor Web, Ltd.)
O4 - HKLM..\Run: [SpIDerNT] C:\PROGRA~1\DrWeb\spiderui.exe /agent File not found
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-3405818196-1375284309-57739625-1000..\Run: [DevidAgent] C:\Users\Pc\Downloads\Programs\SCI_Agent_Setup.exe (DevID)
O4 - HKU\S-1-5-21-3405818196-1375284309-57739625-1000..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3405818196-1375284309-57739625-1000..\Run: [ManyCam] C:\Program Files\ManyCam\ManyCam.exe (Visicom Media Inc.)
O4 - HKU\S-1-5-21-3405818196-1375284309-57739625-1000..\Run: [Real Hide IP] C:\Program Files\RealHideIP\RealHideIP.exe File not found
O4 - HKU\S-1-5-21-3405818196-1375284309-57739625-1000..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)
O4 - HKU\S-1-5-21-3405818196-1375284309-57739625-1000..\Run: [ultracopier] C:\Program Files\Supercopier\supercopier.exe (ultracopier.first-world.info)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger avec IDM des videos FLV parmi les 10 dernières demandées - C:\Program Files\Internet Download Manager\IEGetVL2.htm ()
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://sevencam.eu/telecharger/cfweb_activex.camfrogweb.com-advanced-2.0.2.23_instmodule.exe (CamfrogWEB Advanced Unicode Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DFEE202-15AB-4564-A160-CB9C19D2B17A}: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB78B08F-CA00-4B9D-ACE3-ED67BC5935C6}: DhcpNameServer = 192.168.0.1 192.168.0.1
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/11/06 17:54:44 | 000,425,728 | R--- | M] () - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2013/09/29 23:01:45 | 000,000,046 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2013/11/06 17:54:44 | 000,000,084 | R--- | M] () - G:\Autorun.lan -- [ CDFS ]
O33 - MountPoints2\{4804b30a-e70d-11e1-ab10-00269e8f7dec}\Shell - "" = AutoRun
O33 - MountPoints2\{4804b30a-e70d-11e1-ab10-00269e8f7dec}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013/11/06 17:54:44 | 000,425,728 | R--- | M] ()
O33 - MountPoints2\{c8ca9227-b76b-11e4-a50e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c8ca9227-b76b-11e4-a50e-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013/11/06 17:54:44 | 000,425,728 | R--- | M] ()
O33 - MountPoints2\{c8ca9282-b76b-11e4-a50e-344b50b7efb4}\Shell - "" = AutoRun
O33 - MountPoints2\{c8ca9282-b76b-11e4-a50e-344b50b7efb4}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013/11/06 17:54:44 | 000,425,728 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2015/03/25 21:59:34 | 000,000,000 | ---D | C] -- C:\Users\Pc\Desktop\DCIM
[2015/03/24 20:06:10 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\CrashDumps
[2015/03/24 16:30:04 | 000,043,152 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{13e8d46d-09b8-4fd6-b75a-25c04a0db747}Gw.sys
[2015/03/24 12:37:39 | 000,000,000 | ---D | C] -- C:\Users\Pc\ultracopier
[2015/03/24 12:37:34 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supercopier
[2015/03/24 12:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\Supercopier
[2015/03/24 12:27:59 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2015/03/24 12:26:29 | 000,043,152 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{06146dd6-a059-4c4d-9840-35b694aad4ae}Gw.sys
[2015/03/24 12:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2015/03/24 12:00:22 | 000,000,000 | ---D | C] -- C:\Users\Pc\Desktop\Chanson
[2015/03/23 22:08:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Informer Technologies, Inc
[2015/03/23 22:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
[2015/03/23 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Software Informer
[2015/03/23 22:08:37 | 000,000,000 | ---D | C] -- C:\Program Files\Software Informer
[2015/03/22 23:17:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2015/03/22 23:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2015/03/22 23:16:08 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2015/03/22 23:16:08 | 000,140,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2015/03/22 23:16:08 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2015/03/22 23:16:07 | 012,628,060 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2015/03/22 23:16:07 | 003,354,624 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2015/03/22 23:16:07 | 000,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe
[2015/03/22 23:16:07 | 000,495,708 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray.exe
[2015/03/22 23:16:07 | 000,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AESTCom.dll
[2015/03/22 23:16:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs
[2015/03/22 23:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2015/03/22 23:14:13 | 000,000,000 | ---D | C] -- C:\Intel
[2015/03/22 22:10:06 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2015/03/22 22:10:04 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/03/22 22:10:03 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/03/22 21:10:56 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\GeoGebra 5.0
[2015/03/22 21:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 5
[2015/03/22 21:03:15 | 000,000,000 | ---D | C] -- C:\Program Files\GeoGebra 5.0
[2015/03/22 20:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015/03/22 20:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2015/03/22 20:22:03 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\Google
[2015/03/22 00:43:28 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2015/03/21 18:35:53 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\DriverToolkit
[2015/03/21 13:49:51 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\ManyCam
[2015/03/21 13:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
[2015/03/21 13:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ManyCam
[2015/03/21 13:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\ManyCam
[2015/03/21 13:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visicom Media
[2015/03/21 13:25:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Visicom Media
[2015/03/18 00:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2015/03/14 12:23:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015/03/13 17:40:16 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Canon
[2015/03/08 00:05:26 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\ManyCam
[2015/03/07 00:46:33 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/03/07 00:42:03 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\6AA55058.sys
[2015/03/07 00:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/03/07 00:41:30 | 000,092,888 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015/03/07 00:41:30 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015/03/07 00:41:30 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2015/03/07 00:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015/03/07 00:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/03/06 12:59:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2015/03/06 01:48:02 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\globalUpdate
[2015/03/06 01:48:02 | 000,000,000 | ---D | C] -- C:\Program Files\globalUpdate
[2015/03/06 01:46:40 | 000,000,000 | ---D | C] -- C:\Program Files\XTab
[2015/03/06 01:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC Free Anonymous Proxy
[2015/03/06 01:16:01 | 000,000,000 | ---D | C] -- C:\Users\Pc\Desktop\Tor Browser
[2015/03/06 01:04:24 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Se7en Soft
[2015/03/06 01:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Se7en Soft
[2015/03/06 00:51:01 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\RealHideIP
[2015/03/06 00:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\RealHideIP
[2015/03/04 17:29:05 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Diagonal
[2015/03/04 17:28:49 | 000,000,000 | ---D | C] -- C:\ProgramData\License_LRC
[2015/03/04 17:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\Le Robert Correcteur
[2015/03/03 19:49:16 | 000,000,000 | R--D | C] -- C:\Users\Pc\Documents\Notes
[2015/02/27 19:33:01 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\Apps
[2015/02/27 16:26:58 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2015/02/26 23:36:40 | 000,000,000 | ---D | C] -- C:\Users\Pc\DoctorWeb
[2015/02/26 23:36:38 | 000,105,080 | ---- | C] (Doctor Web, Ltd.) -- C:\Windows\System32\drivers\dwprot.sys
[2015/02/26 23:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Doctor Web
[2015/02/26 23:36:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Doctor Web
[2015/02/26 23:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\DrWeb
[2015/02/26 23:32:05 | 000,000,000 | ---D | C] -- C:\Users\Pc\Documents\Remote Assistance Logs
[2015/02/26 02:43:27 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\GRETECH
[2015/02/26 00:40:24 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Media Player Classic
[2015/02/24 20:10:40 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\ZoomBrowser EX
[2015/02/24 19:21:40 | 000,000,000 | ---D | C] -- C:\Users\Pc\Desktop\R43js4i8AX
[2015/02/24 19:21:17 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\ElevatedDiagnostics
[2015/02/24 17:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser
[2015/02/24 14:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2015/02/24 14:56:42 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2015/02/24 14:11:15 | 000,000,000 | ---D | C] -- C:\Users\Pc\Desktop\Nouveau dossier
[2015/02/24 12:51:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon
[2015/02/23 19:31:42 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Foxit Software
[2015/02/22 15:37:46 | 000,000,000 | ---D | C] -- C:\Users\Pc\Desktop\Samir
[2015/02/20 14:27:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector
[2015/02/20 14:22:41 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\systweak
[2015/02/20 14:16:49 | 000,000,000 | ---D | C] -- C:\Users\Pc\Documents\Java
[2015/02/19 20:47:56 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\Macromedia
[2015/02/19 04:05:51 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\Programs
[2015/02/18 23:20:12 | 000,701,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/02/18 22:41:09 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\CamfrogWEB
[2015/02/18 21:06:41 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\Skype
[2015/02/18 21:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/02/18 21:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2015/02/18 21:06:26 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2015/02/18 19:32:46 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\Diagnostics
[2015/02/18 19:21:15 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\Linkey
[2015/02/18 19:20:59 | 000,000,000 | ---D | C] -- C:\Program Files\Assets Manager
[2015/02/18 14:20:29 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2015/02/18 14:20:29 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2015/02/18 14:20:21 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2015/02/18 14:20:21 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2015/02/18 14:20:21 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2015/02/18 14:20:15 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2015/02/18 14:20:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2015/02/18 13:52:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ZDSupport
[2015/02/18 13:52:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBICONNECT
[2015/02/18 13:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\Hostless Modem
[2015/02/18 12:23:28 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Camfrog Web
[2015/02/18 12:19:28 | 000,000,000 | ---D | C] -- C:\Program Files\CFWebAdvancedU2

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2015/03/26 15:27:42 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/03/26 15:17:39 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/03/26 15:17:39 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/03/26 11:17:11 | 000,000,874 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/03/26 11:17:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2015/03/26 11:17:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/03/26 11:16:59 | 2339,573,760 | -HS- | M] () -- C:\hiberfil.sys
[2015/03/26 00:54:05 | 000,695,004 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2015/03/26 00:54:05 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/03/26 00:54:05 | 000,127,684 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2015/03/26 00:54:05 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/03/24 20:03:37 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/03/24 19:22:05 | 000,614,400 | ---- | M] () -- C:\Windows\System32\Image20.dat
[2015/03/24 12:28:05 | 000,001,915 | ---- | M] () -- C:\Users\Pc\Desktop\Sync Folder.lnk
[2015/03/24 12:27:59 | 000,001,037 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2015/03/24 12:27:59 | 000,001,027 | ---- | M] () -- C:\Users\Pc\Desktop\MyPC Backup.lnk
[2015/03/24 08:13:44 | 000,043,152 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{13e8d46d-09b8-4fd6-b75a-25c04a0db747}Gw.sys
[2015/03/24 00:30:17 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/03/23 22:33:37 | 000,177,115 | ---- | M] () -- C:\Users\Pc\Desktop\Capture1.PNG
[2015/03/23 19:10:08 | 000,043,152 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{06146dd6-a059-4c4d-9840-35b694aad4ae}Gw.sys
[2015/03/22 23:29:14 | 000,002,223 | ---- | M] () -- C:\Users\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/03/22 23:17:27 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2015/03/22 21:03:32 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\GeoGebra.lnk
[2015/03/22 20:41:10 | 000,002,199 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/03/22 20:14:12 | 000,025,572 | ---- | M] () -- C:\Users\Pc\Desktop\Sans titre.png
[2015/03/21 13:44:36 | 000,000,973 | ---- | M] () -- C:\Users\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2015/03/21 13:44:36 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\ManyCam.lnk
[2015/03/18 00:02:22 | 000,000,979 | ---- | M] () -- C:\Users\Pc\Desktop\Internet Download Manager.lnk
[2015/03/17 06:15:36 | 000,051,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015/03/17 06:15:26 | 000,092,888 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015/03/17 06:15:22 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2015/03/11 21:45:31 | 000,024,353 | ---- | M] () -- C:\Users\Pc\Desktop\Capturffffe.PNG
[2015/03/11 18:52:23 | 000,023,188 | ---- | M] () -- C:\Users\Pc\Desktop\Capturep.PNG
[2015/03/11 18:50:53 | 000,022,559 | ---- | M] () -- C:\Users\Pc\Desktop\Captupre.PNG
[2015/03/08 01:09:06 | 000,033,766 | ---- | M] () -- C:\Users\Pc\Desktop\8576iii20.jpg
[2015/03/07 00:42:03 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\6AA55058.sys
[2015/03/06 12:34:00 | 000,000,496 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015/03/06 12:33:45 | 000,000,004 | ---- | M] () -- C:\Windows\System32\029B560A371F4E00AB32838EBC01B9E7
[2015/03/06 01:45:00 | 000,001,296 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/03/06 01:44:57 | 000,001,631 | ---- | M] () -- C:\Users\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/03/06 01:44:03 | 000,001,154 | ---- | M] () -- C:\Users\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk
[2015/03/04 23:35:25 | 000,010,217 | ---- | M] () -- C:\Users\Pc\Desktop\Capturee.PNG
[2015/03/04 17:28:52 | 000,000,979 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Le Robert Correcteur.lnk
[2015/02/28 00:12:10 | 000,001,776 | ---- | M] () -- C:\Users\Pc\Desktop\Captmure.PNG
[2015/02/26 23:32:04 | 000,001,647 | ---- | M] () -- C:\Users\Pc\Documents\Invitation.msrcIncident
[2015/02/24 22:45:05 | 000,004,081 | ---- | M] () -- C:\Users\Pc\Desktop\Capture.PNG
[2015/02/24 17:15:14 | 000,001,250 | ---- | M] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2015/02/24 14:58:11 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2015/02/24 14:57:18 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2015/02/23 19:35:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_UsbDr_01_09_00.Wdf
[2015/02/23 19:20:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2015/02/19 04:33:10 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/02/19 04:33:10 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015/02/18 21:06:28 | 000,002,685 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2015/02/18 20:24:11 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2015/02/18 13:52:55 | 000,001,874 | ---- | M] () -- C:\Users\Public\Desktop\MOBICONNECT.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/03/24 12:28:05 | 000,001,915 | ---- | C] () -- C:\Users\Pc\Desktop\Sync Folder.lnk
[2015/03/24 12:27:59 | 000,001,037 | ---- | C] () -- C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2015/03/24 12:27:59 | 000,001,027 | ---- | C] () -- C:\Users\Pc\Desktop\MyPC Backup.lnk
[2015/03/23 22:33:37 | 000,177,115 | ---- | C] () -- C:\Users\Pc\Desktop\Capture1.PNG
[2015/03/22 23:17:27 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2015/03/22 21:03:32 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\GeoGebra.lnk
[2015/03/22 20:41:10 | 000,002,223 | ---- | C] () -- C:\Users\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/03/22 20:41:10 | 000,002,199 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/03/22 20:22:12 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/03/22 20:22:11 | 000,000,874 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/03/22 01:22:42 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2015/03/21 13:44:36 | 000,000,973 | ---- | C] () -- C:\Users\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2015/03/21 13:44:36 | 000,000,949 | ---- | C] () -- C:\Users\Public\Desktop\ManyCam.lnk
[2015/03/18 00:01:37 | 000,000,979 | ---- | C] () -- C:\Users\Pc\Desktop\Internet Download Manager.lnk
[2015/03/11 21:45:31 | 000,024,353 | ---- | C] () -- C:\Users\Pc\Desktop\Capturffffe.PNG
[2015/03/11 18:52:23 | 000,023,188 | ---- | C] () -- C:\Users\Pc\Desktop\Capturep.PNG
[2015/03/11 18:50:53 | 000,022,559 | ---- | C] () -- C:\Users\Pc\Desktop\Captupre.PNG
[2015/03/08 01:09:24 | 000,033,766 | ---- | C] () -- C:\Users\Pc\Desktop\8576iii20.jpg
[2015/03/07 00:41:33 | 000,001,060 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/03/06 12:34:00 | 000,000,496 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015/03/06 02:48:13 | 000,000,004 | ---- | C] () -- C:\Windows\System32\029B560A371F4E00AB32838EBC01B9E7
[2015/03/06 01:44:03 | 000,001,154 | ---- | C] () -- C:\Users\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk
[2015/03/04 23:35:25 | 000,010,217 | ---- | C] () -- C:\Users\Pc\Desktop\Capturee.PNG
[2015/03/04 17:28:52 | 000,000,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Le Robert Correcteur.lnk
[2015/02/28 00:12:10 | 000,001,776 | ---- | C] () -- C:\Users\Pc\Desktop\Captmure.PNG
[2015/02/26 23:31:59 | 000,001,647 | ---- | C] () -- C:\Users\Pc\Documents\Invitation.msrcIncident
[2015/02/24 22:45:05 | 000,004,081 | ---- | C] () -- C:\Users\Pc\Desktop\Capture.PNG
[2015/02/24 17:15:14 | 000,001,250 | ---- | C] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2015/02/24 14:58:11 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2015/02/24 14:57:18 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2015/02/23 19:35:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_UsbDr_01_09_00.Wdf
[2015/02/23 19:20:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2015/02/20 14:26:58 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2015/02/18 22:08:10 | 000,025,572 | ---- | C] () -- C:\Users\Pc\Desktop\Sans titre.png
[2015/02/18 20:24:11 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2015/02/18 14:39:35 | 000,614,400 | ---- | C] () -- C:\Windows\System32\Image20.dat
[2015/02/18 13:52:55 | 000,001,874 | ---- | C] () -- C:\Users\Public\Desktop\MOBICONNECT.lnk
[2015/02/18 11:54:10 | 2339,573,760 | -HS- | C] () -- C:\hiberfil.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2014/03/01 01:16:46 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Adobe
[2015/02/18 14:36:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Camfrog Web
[2015/03/25 13:05:51 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\CamfrogWEB
[2015/03/13 17:40:16 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Canon
[2015/03/04 21:34:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Diagonal
[2015/03/26 01:15:48 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\DMCache
[2015/02/23 19:31:42 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Foxit Software
[2015/03/22 21:10:56 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\GeoGebra 5.0
[2015/02/26 02:43:27 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\GRETECH
[2012/08/15 21:17:46 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Identities
[2015/03/23 03:03:07 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\IDM
[2014/03/01 01:16:46 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Macromedia
[2015/03/08 00:05:26 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ManyCam
[2009/07/14 10:00:32 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Media Center Programs
[2015/02/26 00:40:24 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Media Player Classic
[2015/03/23 01:24:01 | 000,000,000 | --SD | M] -- C:\Users\Pc\AppData\Roaming\Microsoft
[2012/08/15 21:34:21 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Mozilla
[2015/03/06 00:51:01 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\RealHideIP
[2015/03/06 01:04:24 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Se7en Soft
[2015/03/26 13:26:25 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Skype
[2015/03/26 15:47:47 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Software Informer
[2015/02/20 14:37:21 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\systweak
[2015/02/24 20:10:40 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ZoomBrowser EX

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2007/03/22 11:46:40 | 000,126,976 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2015/03/20 23:11:07 | 000,010,240 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2015/03/06 22:34:14 | 000,966,703 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Pc\AppData\Roaming\IDM\DwnlData\Pc\malwarebytes-anti-malware_2-04_81\malwarebytes-anti-malware_2-04.exe
[2015/03/06 22:32:08 | 001,203,879 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\IDM\DwnlData\Pc\malwarebytes-anti-malware_2-04_81\malwarebytes-anti-malware_2-04.exe1
[2015/03/06 22:34:09 | 001,278,584 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\IDM\DwnlData\Pc\malwarebytes-anti-malware_2-04_81\malwarebytes-anti-malware_2-04.exe2
[2015/03/06 22:34:14 | 000,961,737 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\IDM\DwnlData\Pc\malwarebytes-anti-malware_2-04_81\malwarebytes-anti-malware_2-04.exe3

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

[color=#A23BEC]< MD5 for: ALG.EXE >[/color]
[2009/07/14 02:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=18A54E132947CD98FEA9ACCC57F98F13 -- C:\Windows\System32\alg.exe
[2009/07/14 02:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=18A54E132947CD98FEA9ACCC57F98F13 -- C:\Windows\winsxs\x86_microsoft-windows-alg_31bf3856ad364e35_6.1.7600.16385_none_a8bfa843bc721ead\alg.exe

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[color=#A23BEC]< MD5 for: CSRSS.EXE >[/color]
[2009/07/14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009/07/14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe

[color=#A23BEC]< MD5 for: CTFMON.EXE >[/color]
[2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\System32\ctfmon.exe
[2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

[color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys
[2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys
[2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2009/07/14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\drivers\i8042prt.sys
[2009/07/14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_x86_neutral_0c4a1880f2aa5a72\i8042prt.sys
[2009/07/14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_x86_neutral_7a9084e0177406eb\i8042prt.sys
[2009/07/14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_9724c3fc3a4c81ef\i8042prt.sys
[2009/07/14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_4e0a61a033aec8c3\i8042prt.sys

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

[color=#A23BEC]< MD5 for: INTELIDE.SYS >[/color]
[2009/07/14 02:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) MD5=A0F12F2C9BA6C72F3987CE780E77C130 -- C:\Windows\System32\drivers\intelide.sys
[2009/07/14 02:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) MD5=A0F12F2C9BA6C72F3987CE780E77C130 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\intelide.sys
[2009/07/14 02:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) MD5=A0F12F2C9BA6C72F3987CE780E77C130 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\intelide.sys

[color=#A23BEC]< MD5 for: MOUNTMGR.SYS >[/color]
[2009/07/14 02:20:44 | 000,078,416 | ---- | M] (Microsoft Corporation) MD5=921C18727C5920D6C0300736646931C2 -- C:\Windows\System32\drivers\mountmgr.sys
[2009/07/14 02:20:44 | 000,078,416 | ---- | M] (Microsoft Corporation) MD5=921C18727C5920D6C0300736646931C2 -- C:\Windows\winsxs\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7600.16385_none_f26e7ae968595905\mountmgr.sys

[color=#A23BEC]< MD5 for: MRXSMB.SYS >[/color]
[2009/07/14 00:14:26 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=F4A054BE78AF7F410129C4B64B07DC9B -- C:\Windows\System32\drivers\mrxsmb.sys
[2009/07/14 00:14:26 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=F4A054BE78AF7F410129C4B64B07DC9B -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16385_none_7f67c358b2710494\mrxsmb.sys

[color=#A23BEC]< MD5 for: MRXSMB10.SYS >[/color]
[2009/07/14 00:14:37 | 000,221,184 | ---- | M] (Microsoft Corporation) MD5=DEFFA295BD1895C6ED8E3078412AC60B -- C:\Windows\System32\drivers\mrxsmb10.sys
[2009/07/14 00:14:37 | 000,221,184 | ---- | M] (Microsoft Corporation) MD5=DEFFA295BD1895C6ED8E3078412AC60B -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7600.16385_none_887ae1acacc242f6\mrxsmb10.sys

[color=#A23BEC]< MD5 for: MRXSMB20.SYS >[/color]
[2009/07/14 00:14:31 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=24D76ABE5DCAD22F19D105F76FDF0CE1 -- C:\Windows\System32\drivers\mrxsmb20.sys
[2009/07/14 00:14:31 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=24D76ABE5DCAD22F19D105F76FDF0CE1 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7600.16385_none_8ab14bbeeb197667\mrxsmb20.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

[color=#A23BEC]< MD5 for: RASACD.SYS >[/color]
[2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\System32\drivers\rasacd.sys
[2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys

[color=#A23BEC]< MD5 for: RDPCDD.SYS >[/color]
[2009/07/14 01:01:40 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=1E016846895B15A99F9A176A05029075 -- C:\Windows\System32\drivers\RDPCDD.sys
[2009/07/14 01:01:40 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=1E016846895B15A99F9A176A05029075 -- C:\Windows\winsxs\x86_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.1.7600.16385_none_d4b17a3e9f928d55\RDPCDD.sys

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

[color=#A23BEC]< MD5 for: SMSS.EXE >[/color]
[2009/07/14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009/07/14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2009/07/14 02:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) MD5=49B6DD6AB3715B7A67965F17194E98A9 -- C:\Windows\System32\spoolsv.exe
[2009/07/14 02:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) MD5=49B6DD6AB3715B7A67965F17194E98A9 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_d621f94522dc5a87\spoolsv.exe

[color=#A23BEC]< MD5 for: STORPORT.SYS >[/color]
[2009/07/14 02:19:04 | 000,144,960 | ---- | M] (Microsoft Corporation) MD5=55DCA8693ED545FD7F2F93776E294AE2 -- C:\Windows\System32\drivers\storport.sys
[2009/07/14 02:19:04 | 000,144,960 | ---- | M] (Microsoft Corporation) MD5=55DCA8693ED545FD7F2F93776E294AE2 -- C:\Windows\winsxs\x86_microsoft-windows-storport_31bf3856ad364e35_6.1.7600.16385_none_2752a4cc91827b44\storport.sys

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2015/03/17 06:13:56 | 000,878,392 | ---- | M] (MalwareBytes) MD5=F831DDAE2842929B9B40C571C5EB723A -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe

[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys

[color=#A23BEC]< MD5 for: TERMDD.SYS >[/color]
[2009/07/14 02:19:10 | 000,051,776 | ---- | M] (Microsoft Corporation) MD5=C36F41EE20E6999DBF4B0425963268A5 -- C:\Windows\System32\drivers\termdd.sys
[2009/07/14 02:19:10 | 000,051,776 | ---- | M] (Microsoft Corporation) MD5=C36F41EE20E6999DBF4B0425963268A5 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\termdd.sys
[2009/07/14 02:19:10 | 000,051,776 | ---- | M] (Microsoft Corporation) MD5=C36F41EE20E6999DBF4B0425963268A5 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\termdd.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[color=#A23BEC]< MD5 for: WIN32K.SYS >[/color]
[2009/07/14 00:26:52 | 002,326,528 | ---- | M] (Microsoft Corporation) MD5=34999766FBCAB11BA5C4D26CE0378903 -- C:\Windows\System32\win32k.sys
[2009/07/14 00:26:52 | 002,326,528 | ---- | M] (Microsoft Corporation) MD5=34999766FBCAB11BA5C4D26CE0378903 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16385_none_b8c9cfddfbda5f31\win32k.sys

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2015/03/17 06:13:56 | 000,878,392 | ---- | M] (MalwareBytes) MD5=F831DDAE2842929B9B40C571C5EB723A -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtmsft.dll
[2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtrans.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

< End of report >

Publicité


Signaler le contenu de ce document

Publicité