cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Kelok (administrator) on PC-MAXIME on 25-03-2015 22:09:16
Running from C:\Users\maxim_000\Desktop\LOL (2)\GBA
Loaded Profiles: Kelok (Available profiles: Kelok & Invité)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\WNetEnhance\WNetEnhance Internet Enhancer\InternetEnhancerService.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(XTab system) C:\Program Files (x86)\XTab\HPNotify.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files (x86)\WNetEnhance\WNetEnhance Internet Enhancer\InternetEnhancer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Users\maxim_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(GeorgieLabs) C:\Program Files (x86)\SoundWire Server\SoundWireServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\maxim_000\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-11-05] (LogMeIn, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [tuto4pc_fr_56] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [60640 2014-09-11] (Razer Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2728472 2014-12-15] (Sony Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-02-15] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-08-14] (NEXON Inc.)
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-05] (Microsoft Corporation)
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [Google Update] => "C:\Users\maxim_000\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\maxim_000\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [Spotify Web Helper] => "C:\Users\maxim_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [Amazon Cloud Player] => C:\Users\maxim_000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [Exetender_148] => "C:\Program Files (x86)\FreeRide Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-02-18] (Electronic Arts)
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [BitComet] => "C:\Program Files (x86)\BitComet\BitComet.exe" /tray
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [uTorrent] => C:\Users\maxim_000\AppData\Roaming\uTorrent\uTorrent.exe [1389648 2014-11-23] (BitTorrent Inc.)
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [10824704 2014-12-03] (Sand Studio)
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Run: [Spotify] => C:\Users\maxim_000\AppData\Roaming\Spotify\Spotify.exe [6701624 2015-03-21] (Spotify Ltd)
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\MountPoints2: {575c8921-ee52-11e2-be6f-b888e3c06b23} - "E:\setup.exe"
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs: , c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\maxim_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\maxim_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\maxim_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
Startup: C:\Users\maxim_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\maxim_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\maxim_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\maxim_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\maxim_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\maxim_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\maxim_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\maxim_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\maxim_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\maxim_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\maxim_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:30062;https=127.0.0.1:30062
ProxyEnable: [S-1-5-21-2937794695-4284454974-3808427824-1002] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-2937794695-4284454974-3808427824-1002] => http=127.0.0.1:30062;https=127.0.0.1:30062
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hp&ts=1425297323&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hp&ts=1425297323&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=ds&ts=1425297323&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=ds&ts=1425297323&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hp&ts=1425297323&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hp&ts=1425297323&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=ds&ts=1425297323&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=ds&ts=1425297323&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ&q={searchTerms}
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hp&ts=1425297323&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hp&ts=1425297323&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2937794695-4284454974-3808427824-1002 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=corna&utm_campaign=install_ie&utm_content=ds&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ&ts=1425297379&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2937794695-4284454974-3808427824-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=corna&utm_campaign=install_ie&utm_content=ds&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ&ts=1425297379&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2937794695-4284454974-3808427824-1002 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=corna&utm_campaign=install_ie&utm_content=ds&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ&ts=1425297379&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2937794695-4284454974-3808427824-1002 -> {24E10674-9793-4456-A5E8-BD93F06CD10B} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=corna&utm_campaign=install_ie&utm_content=ds&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ&ts=1425297379&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2937794695-4284454974-3808427824-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=corna&utm_campaign=install_ie&utm_content=ds&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ&ts=1425297379&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2937794695-4284454974-3808427824-1002 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=corna&utm_campaign=install_ie&utm_content=ds&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ&ts=1425297379&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2937794695-4284454974-3808427824-1002 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=corna&utm_campaign=install_ie&utm_content=ds&from=corna&uid=WDCXWD7500BPVT-22HXZT3_WD-WXS1E32PJTTZPJTTZ&ts=1425297379&type=default&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-06-24] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-25] (Oracle Corporation)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-01-16] (Thinknice Co. Limited)
BHO-x32: DigiHelp -> {62903c60-3492-4ecf-b14c-683b478ff885} -> C:\Program Files (x86)\DigiHelp\DigiHelpbho.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-24] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-25] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\maxim_000\AppData\Roaming\Mozilla\Firefox\Profiles\oetupw4y.default
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_40\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2013-08-14] (Nexon)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2014-04-25] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2012-04-05] (Dassault Systèmes)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2937794695-4284454974-3808427824-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\maxim_000\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin HKU\S-1-5-21-2937794695-4284454974-3808427824-1002: @talk.google.com/O1DPlugin -> C:\Users\maxim_000\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF Plugin HKU\S-1-5-21-2937794695-4284454974-3808427824-1002: @tools.google.com/Google Update;version=3 -> C:\Users\maxim_000\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2937794695-4284454974-3808427824-1002: @tools.google.com/Google Update;version=9 -> C:\Users\maxim_000\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2937794695-4284454974-3808427824-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\maxim_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-30] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\maxim_000\AppData\Roaming\Mozilla\Firefox\Profiles\oetupw4y.default\user.js [2015-03-25]
FF Plugin ProgramFiles/Appdata: C:\Users\maxim_000\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\maxim_000\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\key-find.xml [2015-03-02]
FF Extension: Fast Start - C:\Users\maxim_000\AppData\Roaming\Mozilla\Firefox\Profiles\oetupw4y.default\Extensions\istart_ffnt@gmail.com [2015-03-02]
FF Extension: DigiHelp - C:\Users\maxim_000\AppData\Roaming\Mozilla\Firefox\Profiles\oetupw4y.default\Extensions\firefox@digihelp.info.xpi [2014-11-25]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
FF HKLM-x32\...\Firefox\Extensions: [istart_ffnt@gmail.com] - C:\Users\maxim_000\AppData\Roaming\Mozilla\Firefox\Profiles\oetupw4y.default\extensions\istart_ffnt@gmail.com
FF HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-11]
CHR Extension: (Google Search) - C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-11]
CHR Extension: (Toggle Fullscreen in Hangout) - C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekfhcmpmchbhkdeplplcljcggddkffb [2013-12-11]
CHR Extension: (AdBlock) - C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-27]
CHR Extension: (Chrome to Mobile) - C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-05-18]
CHR Extension: (Pocket) - C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2014-07-10]
CHR Extension: (Save to Pocket) - C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2014-07-10]
CHR Extension: (Kindle Cloud Reader) - C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlnambgcbojdeagknjljhiafpjaiacad [2014-07-18]
CHR Extension: (Google Wallet) - C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Vine Client) - C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojohjpgmcfnholboljmkbcchbipcbci [2014-08-17]
CHR Extension: (Gmail) - C:\Users\maxim_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-11]
CHR HKU\S-1-5-21-2937794695-4284454974-3808427824-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hmcfhjdnbgekhbdnkjdpkjgejbpiheon] - C:\Users\maxim_000\AppData\Local\CRE\hmcfhjdnbgekhbdnkjdpkjgejbpiheon.crx [2014-04-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-24]
CHR HKLM-x32\...\Chrome\Extension: [hmcfhjdnbgekhbdnkjdpkjgejbpiheon] - C:\Users\maxim_000\AppData\Local\CRE\hmcfhjdnbgekhbdnkjdpkjgejbpiheon.crx [2014-04-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-02-15] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-24] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-22] (Acer Incorporated)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5179760 2014-06-18] (Binary Fortress Software)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [234344 2015-03-21] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-11-05] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-08] (Electronic Arts)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2014-12-15] (Sony Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2013-12-09] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-13] (Dritek System INC.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-09-11] (Razer Inc.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [493712 2015-03-02] (SysTool PasSame LIMITED)
R2 WNetEnhance Service; C:\Program Files (x86)\WNetEnhance\WNetEnhance Internet Enhancer\InternetEnhancerService.exe [678912 2015-03-18] () [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 WefiEngSvc; "C:\Program Files (x86)\WeFi\WefiEngSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-24] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-07] (BlueStack Systems)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-07-16] (DT Soft Ltd)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-02-17] (LogMeIn Inc.)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-11-05] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-13] (Dritek System Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 22:09 - 2015-03-25 22:09 - 00000000 ____D () C:\FRST
2015-03-25 18:59 - 2015-03-13 17:16 - 06861968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-03-25 18:59 - 2015-03-13 17:16 - 03526856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-03-25 18:59 - 2015-03-13 17:16 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-03-25 18:59 - 2015-03-13 17:16 - 01099408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-03-25 18:59 - 2015-03-13 17:16 - 00935056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-03-25 18:59 - 2015-03-13 17:16 - 00386248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-03-25 18:59 - 2015-03-13 17:16 - 00075976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-03-25 18:59 - 2015-03-13 17:16 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-03-25 18:59 - 2015-03-11 14:10 - 04246327 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-03-25 18:55 - 2015-03-13 20:41 - 32114888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 18580512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 17258024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 16022016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 14121624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-03-25 18:55 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 03303448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 02906928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434788.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434788.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 00997856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 00944784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 00878328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 00178512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 00164568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-03-25 18:55 - 2015-03-13 20:41 - 00032456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-03-25 18:55 - 2015-03-13 20:41 - 00027441 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-03-25 18:08 - 2015-03-25 18:08 - 00000000 ____D () C:\Users\maxim_000\Desktop\PC-MAXIME
2015-03-24 23:32 - 2015-03-24 23:32 - 00000000 ____D () C:\Users\maxim_000\Desktop\Nouveau dossier
2015-03-24 22:57 - 2015-03-24 23:33 - 00000000 ____D () C:\Users\maxim_000\Desktop\PORTA
2015-03-21 18:59 - 2015-03-21 18:59 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-03-21 18:59 - 2015-03-21 18:59 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-03-21 13:49 - 2015-03-21 13:49 - 00021341 _____ () C:\Users\maxim_000\Downloads\La.Vie.D.Adele.2013.FRENCH.BRRip.AC3.XviD-2T.avi.torrent
2015-03-19 22:51 - 2015-03-19 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WNetEnhance
2015-03-19 22:51 - 2015-03-19 22:51 - 00000000 ____D () C:\Program Files (x86)\WNetEnhance
2015-03-19 22:51 - 2015-03-19 22:51 - 00000000 ____D () C:\Program Files (x86)\Wajam
2015-03-19 22:50 - 2015-03-19 22:50 - 00000102 _____ () C:\Users\maxim_000\Desktop\Crossy Road pour PC.url
2015-03-14 23:28 - 2015-03-14 23:28 - 00053151 _____ () C:\Users\maxim_000\Downloads\patch_fr-cities_in_motion_2 (1).rar
2015-03-14 23:19 - 2015-03-14 23:19 - 00000000 ____D () C:\Users\maxim_000\AppData\Local\Steam
2015-03-14 23:10 - 2015-03-14 23:10 - 00001118 _____ () C:\Users\maxim_000\Desktop\Cities in Motion 2 Collection.lnk
2015-03-14 23:10 - 2015-03-14 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities in Motion 2 Collection
2015-03-14 23:08 - 2015-03-14 23:29 - 00000000 ____D () C:\Program Files (x86)\Cities in Motion 2 Collection
2015-03-14 22:47 - 2015-03-14 22:47 - 00002056 _____ () C:\Users\maxim_000\Downloads\Cities in Motion 2 Collection-PLAZA.torrent
2015-03-14 17:05 - 2015-03-14 17:05 - 00000000 ____D () C:\Users\maxim_000\Documents\Colossal Order
2015-03-14 17:05 - 2015-03-14 17:05 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\Steam
2015-03-14 17:05 - 2015-03-14 17:05 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\Colossal Order
2015-03-14 17:05 - 2015-03-14 17:05 - 00000000 ____D () C:\Users\maxim_000\AppData\Local\Colossal Order
2015-03-14 17:02 - 2015-03-14 17:02 - 00001032 _____ () C:\Users\maxim_000\Desktop\Cities Skylines.lnk
2015-03-14 16:59 - 2015-03-14 17:05 - 00000000 ____D () C:\Program Files (x86)\Cities Skylines
2015-03-14 16:31 - 2015-03-14 16:31 - 00003008 _____ () C:\Users\maxim_000\Downloads\Cities.Skylines-CODEX.torrent
2015-03-14 13:07 - 2015-03-14 13:07 - 00019359 _____ () C:\Users\maxim_000\Downloads\Les.yeux.jaunes.des.crocodiles.HDrip.720p.X264.AC3.mkv.torrent
2015-03-14 12:17 - 2015-03-14 12:17 - 00024700 _____ () C:\Users\maxim_000\Downloads\agenda 21.zip
2015-03-14 12:08 - 2015-03-14 12:08 - 00019251 _____ () C:\Users\maxim_000\Downloads\Good bye, Lenin !.mp4.torrent
2015-03-11 21:33 - 2015-03-11 21:33 - 00015135 _____ () C:\Users\maxim_000\Downloads\Playtime.mkv.torrent
2015-03-06 18:23 - 2015-03-06 18:42 - 00027724 _____ () C:\Users\maxim_000\Documents\Tout l'avis.odt
2015-03-02 22:20 - 2015-03-02 22:20 - 00435979 _____ () C:\Users\maxim_000\Downloads\Xpadder5-3.zip
2015-03-02 15:43 - 2015-03-02 15:43 - 00125041 _____ () C:\Users\maxim_000\Downloads\XRay-1.8-v2.15.2.jar
2015-03-02 15:38 - 2015-03-02 15:38 - 00167342 _____ () C:\Users\maxim_000\Downloads\Simple_Xray_Mod_thehen101_2.0.1(mc1.8).zip
2015-03-02 14:30 - 2015-03-02 14:30 - 00006558 _____ () C:\Users\maxim_000\Documents\star wars battlefront.joystick.amgp
2015-03-02 14:24 - 2015-03-02 14:35 - 00000000 ____D () C:\Users\maxim_000\AppData\Local\antimicro
2015-03-02 14:22 - 2015-03-02 14:22 - 00002457 _____ () C:\Users\Public\Desktop\AntiMicro.lnk
2015-03-02 14:22 - 2015-03-02 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiMicro
2015-03-02 14:22 - 2015-03-02 14:22 - 00000000 ____D () C:\Program Files (x86)\AntiMicro
2015-03-02 14:21 - 2015-03-02 14:22 - 29597696 _____ () C:\Users\maxim_000\Downloads\antimicro-2.11.1-win64.msi
2015-03-02 14:19 - 2015-03-02 14:19 - 00000000 ____D () C:\Users\maxim_000\Downloads\antimicro-master
2015-03-02 14:18 - 2015-03-02 14:18 - 00942487 _____ () C:\Users\maxim_000\Downloads\antimicro-master.zip
2015-03-02 14:14 - 2015-03-02 14:14 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\PowerUp Software
2015-03-02 14:13 - 2015-03-25 14:04 - 00119296 _____ () C:\WINDOWS\SysWOW64\zlib.dll
2015-03-02 14:13 - 2015-03-02 14:13 - 00002098 _____ () C:\Users\Public\Desktop\Pinnacle Game Profiler.lnk
2015-03-02 14:13 - 2015-03-02 14:13 - 00000000 ____D () C:\ProgramData\PowerUp Software
2015-03-02 14:13 - 2015-03-02 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Game Profiler
2015-03-02 14:13 - 2015-03-02 14:13 - 00000000 ____D () C:\Program Files (x86)\PowerUp Software
2015-03-02 14:13 - 2013-12-31 14:11 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dx8vb.dll
2015-03-02 14:13 - 2012-10-12 18:04 - 00045056 _____ (vbAccelerator) C:\WINDOWS\SysWOW64\SSubTmr6.dll
2015-03-02 14:13 - 2008-01-13 16:36 - 00091632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsofile.dll
2015-03-02 14:13 - 2007-12-26 22:33 - 00608448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMCTL32.OCX
2015-03-02 14:13 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capicom.dll
2015-03-02 14:13 - 2004-07-14 17:26 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2015-03-02 14:13 - 2002-08-09 11:18 - 00045056 ____N (Microsoft) C:\WINDOWS\SysWOW64\NTSVC.ocx
2015-03-02 14:13 - 2001-04-05 06:43 - 00094208 ___RS (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstkprp.dll
2015-03-02 14:13 - 2000-12-06 02:00 - 00109248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswinsck.ocx
2015-03-02 14:13 - 2000-04-03 20:52 - 00164144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comct232.ocx
2015-03-02 14:13 - 1999-05-17 13:55 - 00057344 ____N () C:\WINDOWS\SysWOW64\ADsSecurity.dll
2015-03-02 14:13 - 1998-06-18 00:00 - 00089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2015-03-02 14:12 - 2015-03-02 14:12 - 11926454 _____ (InstallShield Software Corporation) C:\Users\maxim_000\Downloads\pinnacle-setup.exe
2015-03-02 12:57 - 2015-03-02 12:57 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-03-02 12:56 - 2015-03-02 12:57 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-03-02 12:56 - 2015-03-02 12:56 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-03-02 12:55 - 2015-03-02 12:55 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\key-find
2015-03-02 12:55 - 2015-03-02 12:54 - 01097362 _____ () C:\Users\maxim_000\Downloads\xpadder-5.7 [1].exe
2015-03-02 12:54 - 2015-03-02 12:54 - 00751792 _____ (Internet application ) C:\Users\maxim_000\Downloads\xpadder-5.7.exe
2015-03-02 12:39 - 2015-03-02 12:40 - 39013721 _____ (Igor Pavlov) C:\Users\maxim_000\Downloads\xpadder_53_fr.exe
2015-02-24 16:29 - 2015-02-24 16:29 - 02680717 _____ () C:\Users\maxim_000\Downloads\OneDrive-2015-02-24.zip
2015-02-24 16:25 - 2015-02-24 16:27 - 00000000 ____D () C:\Users\maxim_000\Downloads\World Downloader
2015-02-23 16:49 - 2015-02-24 17:57 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\.PixelArea
2015-02-23 16:37 - 2015-03-25 17:52 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\.minecraft
2015-02-23 16:25 - 2015-02-23 16:25 - 00000000 ____D () C:\Users\maxim_000\Downloads\pxlmn
2015-02-23 14:08 - 2015-02-23 14:12 - 220123583 _____ () C:\Users\maxim_000\Downloads\mods.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 22:08 - 2013-10-13 19:29 - 00001114 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2937794695-4284454974-3808427824-1002UA.job
2015-03-25 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-25 21:20 - 2013-07-16 15:41 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-25 21:18 - 2013-12-07 20:03 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-25 20:42 - 2013-07-16 15:37 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2937794695-4284454974-3808427824-1002
2015-03-25 20:31 - 2014-10-15 21:16 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 20:28 - 2013-11-30 11:59 - 01336255 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-25 19:19 - 2013-07-17 21:14 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\Skype
2015-03-25 19:09 - 2013-07-16 15:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-25 18:59 - 2013-11-30 11:58 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-25 18:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-03-25 18:59 - 2012-09-13 10:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-25 18:57 - 2014-09-27 11:26 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-03-25 18:39 - 2013-07-16 17:50 - 00000000 ____D () C:\Users\maxim_000\AppData\Local\CrashDumps
2015-03-25 18:37 - 2014-10-06 20:31 - 00000000 ___RD () C:\Users\maxim_000\Dropbox
2015-03-25 18:37 - 2014-06-24 22:22 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\Dropbox
2015-03-25 18:36 - 2013-07-17 16:24 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\uTorrent
2015-03-25 18:33 - 2014-10-28 21:07 - 00000992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-03-25 18:33 - 2014-10-28 21:07 - 00000976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-03-25 18:33 - 2013-07-17 13:42 - 00000000 ____D () C:\Users\maxim_000\AppData\Local\LogMeIn Hamachi
2015-03-25 18:32 - 2014-02-10 21:36 - 00000328 _____ () C:\WINDOWS\Tasks\WefiStartup.job
2015-03-25 18:32 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-25 18:32 - 2013-07-16 15:41 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-25 18:30 - 2013-11-30 12:06 - 00000000 ____D () C:\Users\maxim_000
2015-03-25 18:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-25 17:32 - 2013-11-30 22:44 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-25 17:29 - 2013-08-18 16:58 - 00000000 ____D () C:\Program Files\Java
2015-03-25 17:27 - 2013-09-04 16:52 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-25 17:24 - 2014-12-13 19:36 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-03-25 17:24 - 2014-12-13 19:36 - 00207272 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-03-25 17:24 - 2014-12-13 19:36 - 00206760 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-03-25 17:24 - 2014-04-18 13:17 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-03-25 17:22 - 2014-08-14 15:35 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-03-25 17:22 - 2013-11-30 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-25 17:03 - 2013-12-29 16:24 - 00000000 ____D () C:\Users\maxim_000\Documents\SimCity 4
2015-03-25 14:19 - 2013-09-30 05:16 - 00006030 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-25 14:19 - 2013-09-30 04:56 - 02227562 _____ () C:\WINDOWS\system32\perfh00C.dat
2015-03-25 14:19 - 2013-09-30 04:56 - 00608138 _____ () C:\WINDOWS\system32\perfc00C.dat
2015-03-25 14:04 - 2013-10-06 13:11 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-03-25 14:02 - 2013-09-29 20:05 - 00324138 _____ () C:\WINDOWS\PFRO.log
2015-03-25 14:02 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-25 00:11 - 2013-08-18 16:30 - 00000000 ___RD () C:\Users\maxim_000\Desktop\LOL (2)
2015-03-24 23:50 - 2013-08-22 15:46 - 00369084 _____ () C:\WINDOWS\setupact.log
2015-03-22 13:08 - 2013-10-13 19:29 - 00001062 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2937794695-4284454974-3808427824-1002Core.job
2015-03-21 22:38 - 2013-07-25 20:02 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\vlc
2015-03-21 19:00 - 2013-07-25 20:24 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-21 19:00 - 2013-07-16 15:29 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\Adobe
2015-03-21 18:58 - 2013-08-18 13:51 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-21 18:55 - 2013-07-25 20:24 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-21 18:52 - 2014-08-28 20:19 - 00000000 ____D () C:\Users\maxim_000\AppData\Local\Adobe
2015-03-21 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-03-21 17:47 - 2013-12-22 16:46 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2015-03-21 17:45 - 2013-12-22 16:46 - 00107392 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIRfsClientNP.dll
2015-03-21 17:45 - 2013-12-22 16:46 - 00092520 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIinit.dll
2015-03-21 17:45 - 2013-12-22 16:46 - 00035688 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIport.dll
2015-03-21 16:26 - 2014-01-29 18:24 - 00000000 ____D () C:\Users\maxim_000\AppData\Local\Spotify
2015-03-21 16:26 - 2014-01-29 18:23 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\Spotify
2015-03-14 23:14 - 2013-07-16 17:40 - 00261076 _____ () C:\WINDOWS\DirectX.log
2015-03-14 17:59 - 2015-02-01 21:21 - 00000000 ___RD () C:\Users\maxim_000\Documents\IMPORTANT
2015-03-13 18:43 - 2013-10-06 19:01 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-03-11 17:27 - 2014-10-06 20:25 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-10 23:06 - 2014-11-29 14:16 - 00000000 ____D () C:\Users\maxim_000\Documents\Lycée
2015-03-08 00:25 - 2014-07-14 18:24 - 00000000 ____D () C:\ProgramData\Origin
2015-03-08 00:23 - 2014-07-14 18:24 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-04 11:12 - 2013-07-17 21:14 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-04 11:12 - 2013-07-17 21:14 - 00000000 ____D () C:\ProgramData\Skype
2015-03-02 18:39 - 2014-04-05 16:42 - 00000000 ____D () C:\Program Files (x86)\Star Wars - Battlefront II
2015-03-02 14:21 - 2013-12-15 13:57 - 00000000 ____D () C:\Users\maxim_000\Documents\Visual Studio 2010
2015-03-02 14:13 - 2012-09-13 10:40 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-25 14:37 - 2014-10-12 11:24 - 00001090 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-25 14:08 - 2013-12-01 13:41 - 00000000 ____D () C:\Users\maxim_000\AppData\Roaming\TS3Client

==================== Files in the root of some directories =======

2013-09-20 22:11 - 2013-09-20 18:31 - 0012005 _____ () C:\Users\maxim_000\AppData\Roaming\alsoft.ini
2014-09-20 11:49 - 2014-09-30 19:36 - 0000004 _____ () C:\Users\maxim_000\AppData\Roaming\appdataFr2.bin
2013-08-18 16:53 - 2013-08-18 16:53 - 0000468 _____ () C:\Users\maxim_000\AppData\Roaming\Bubble Dock.installation.log
2015-01-25 02:04 - 2014-11-12 00:22 - 2586624 _____ () C:\Users\maxim_000\AppData\Roaming\rer.exe
2012-05-03 12:12 - 2012-05-03 12:12 - 0000532 _____ () C:\Users\maxim_000\AppData\Local\datos.txt
2014-01-26 19:19 - 2014-01-26 19:19 - 0003584 _____ () C:\Users\maxim_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-21 15:22 - 2013-08-21 15:22 - 0000097 _____ () C:\Users\maxim_000\AppData\Local\fusioncache.dat

Some content of TEMP:
====================
C:\Users\maxim_000\AppData\Local\Temp\aacenc.exe
C:\Users\maxim_000\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\maxim_000\AppData\Local\Temp\BackupSetup.exe
C:\Users\maxim_000\AppData\Local\Temp\bi_cleaner.exe
C:\Users\maxim_000\AppData\Local\Temp\BoxoreInstaller.exe
C:\Users\maxim_000\AppData\Local\Temp\bstrapInstall.exe
C:\Users\maxim_000\AppData\Local\Temp\CloudBackup9033.exe
C:\Users\maxim_000\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\maxim_000\AppData\Local\Temp\D012.tmpcrt.dll
C:\Users\maxim_000\AppData\Local\Temp\D0EE.tmpcrt.dll
C:\Users\maxim_000\AppData\Local\Temp\drm_dialogs.dll
C:\Users\maxim_000\AppData\Local\Temp\drm_dyndata_7330016.dll
C:\Users\maxim_000\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\maxim_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpslvm5n.dll
C:\Users\maxim_000\AppData\Local\Temp\ICReinstall_FreeHDConverterSetup-r0-n-bf.exe
C:\Users\maxim_000\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\maxim_000\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.9-R0.1-10-g8688bd4-b3092jnks.dll
C:\Users\maxim_000\AppData\Local\Temp\jansi-32-git-Spigot-1502.dll
C:\Users\maxim_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R1.0-b2788jnks.dll
C:\Users\maxim_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-b2879jnks.dll
C:\Users\maxim_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\maxim_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.1-10-g8688bd4-b3092jnks.dll
C:\Users\maxim_000\AppData\Local\Temp\jansi-64-git-Spigot-1502.dll
C:\Users\maxim_000\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\maxim_000\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\maxim_000\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\maxim_000\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\maxim_000\AppData\Local\Temp\npp.6.5.2.Installer.exe
C:\Users\maxim_000\AppData\Local\Temp\npp.6.5.5.Installer.exe
C:\Users\maxim_000\AppData\Local\Temp\nsb1D1.exe
C:\Users\maxim_000\AppData\Local\Temp\nsgD476.exe
C:\Users\maxim_000\AppData\Local\Temp\nshD7D2.exe
C:\Users\maxim_000\AppData\Local\Temp\nsm4CF.exe
C:\Users\maxim_000\AppData\Local\Temp\nsvC43.exe
C:\Users\maxim_000\AppData\Local\Temp\nsw4B4E.exe
C:\Users\maxim_000\AppData\Local\Temp\nswF51.exe
C:\Users\maxim_000\AppData\Local\Temp\nsz5206.exe
C:\Users\maxim_000\AppData\Local\Temp\optprosetup.exe
C:\Users\maxim_000\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\maxim_000\AppData\Local\Temp\Quarantine.exe
C:\Users\maxim_000\AppData\Local\Temp\SDL_0.dll
C:\Users\maxim_000\AppData\Local\Temp\SetupUtil.exe
C:\Users\maxim_000\AppData\Local\Temp\SIntf16.dll
C:\Users\maxim_000\AppData\Local\Temp\SIntf32.dll
C:\Users\maxim_000\AppData\Local\Temp\SIntfNT.dll
C:\Users\maxim_000\AppData\Local\Temp\SkypeSetup.exe
C:\Users\maxim_000\AppData\Local\Temp\SPSetup.exe
C:\Users\maxim_000\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\maxim_000\AppData\Local\Temp\tmp60D2.tmp.exe
C:\Users\maxim_000\AppData\Local\Temp\tmpE3E7.tmp.exe
C:\Users\maxim_000\AppData\Local\Temp\Uninstall.exe
C:\Users\maxim_000\AppData\Local\Temp\UNTBDC1.tmp.exe
C:\Users\maxim_000\AppData\Local\Temp\UNTBDC2.tmp.exe
C:\Users\maxim_000\AppData\Local\Temp\UNTBDC3.tmp.exe
C:\Users\maxim_000\AppData\Local\Temp\UNTBDC4.tmp.exe
C:\Users\maxim_000\AppData\Local\Temp\UNTBDC5.tmp.exe
C:\Users\maxim_000\AppData\Local\Temp\UNTBDC6.tmp.exe
C:\Users\maxim_000\AppData\Local\Temp\UNTBDC7.tmp.exe
C:\Users\maxim_000\AppData\Local\Temp\UNTBDD7.tmp.exe
C:\Users\maxim_000\AppData\Local\Temp\UNTBDD8.tmp.exe
C:\Users\maxim_000\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\maxim_000\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\maxim_000\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-25 20:43

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité