cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 12/04/2015 15:49:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\IVOIRE\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,84 Gb Total Physical Memory | 0,59 Gb Available Physical Memory | 15,29% Memory free
7,68 Gb Paging File | 3,85 Gb Available in Paging File | 50,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,16 Gb Total Space | 374,80 Gb Free Space | 83,63% Space Free | Partition Type: NTFS

Computer Name: IVOIRE-PC | User Name: IVOIRE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/04/12 15:47:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\IVOIRE\Downloads\OTL.exe
PRC - [2015/04/12 14:24:16 | 000,081,920 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\EC969C00-1428848644-815C-2101-4C72B939536B\instA298.tmp
PRC - [2015/04/12 13:37:44 | 000,560,368 | ---- | M] () -- C:\Program Files (x86)\Common Files\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\Updater.exe
PRC - [2015/04/12 13:37:40 | 000,640,240 | ---- | M] () -- C:\ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\PluginContainer.exe
PRC - [2015/04/12 12:05:26 | 000,322,048 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\EC969C00-1428848644-815C-2101-4C72B939536B\jnsj9B58.exe
PRC - [2015/04/12 05:37:34 | 000,476,912 | ---- | M] () -- C:\ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\3\Plugin.exe
PRC - [2015/04/12 02:36:00 | 001,218,048 | ---- | M] (Cinema PlusV11.04) -- C:\Program Files (x86)\Cinema PlusV11.04-ntf\050cd641-277c-420a-9f54-2f6d96ab4660-10.exe
PRC - [2015/04/11 18:52:38 | 003,984,328 | ---- | M] () -- C:\Program Files (x86)\gmsd_fr_416\gmsd_fr_416.exe
PRC - [2015/04/11 18:52:38 | 003,306,440 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\gmsd_fr_416\upgmsd_fr_416.exe
PRC - [2015/04/11 18:21:59 | 000,151,552 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\EC969C00-1428523173-815C-2101-4C72B939536B\nsr24DA.tmp
PRC - [2015/04/10 18:58:00 | 001,387,008 | ---- | M] (Cinema PlusV10.04) -- C:\Program Files (x86)\Cinema PlusV10.04-ntf\0709795e-2766-4624-8403-41d12fdcc850-10.exe
PRC - [2015/04/09 21:08:29 | 001,417,216 | ---- | M] (FileProperties_CompanyName) -- C:\Program Files (x86)\suprize\suprize_notification_service.exe
PRC - [2015/04/09 16:03:22 | 000,644,376 | ---- | M] (Pay By Ads LTD) -- C:\Program Files (x86)\StartPoint\startpoint\1.3.23.0\startpoint.exe
PRC - [2015/04/08 22:00:15 | 000,185,856 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\EC969C00-1428523173-815C-2101-4C72B939536B\jnsc6355.tmp
PRC - [2015/04/07 17:43:38 | 001,873,960 | ---- | M] (CC Corporation) -- C:\Program Files (x86)\IGS\CCL.exe
PRC - [2015/04/06 21:46:33 | 000,493,712 | ---- | M] (SysTool PasSame LIMITED) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
PRC - [2015/04/02 05:39:38 | 000,673,888 | ---- | M] (XTab system) -- C:\Program Files (x86)\XTab\HPNotify.exe
PRC - [2015/04/02 05:39:38 | 000,158,816 | ---- | M] (XTab system) -- C:\Program Files (x86)\XTab\ProtectService.exe
PRC - [2015/04/02 05:39:38 | 000,048,224 | ---- | M] (SearchProtect) -- C:\Program Files (x86)\XTab\CmdShell.exe
PRC - [2015/03/30 23:07:57 | 000,809,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/03/20 15:27:08 | 001,551,872 | ---- | M] (Boxore OU) -- C:\Program Files (x86)\Boxore\Boxore Client\boxore.exe
PRC - [2015/02/17 13:00:10 | 000,270,368 | ---- | M] (SoftBrain Technologies Ltd.) -- C:\Users\IVOIRE\AppData\Local\SmartWeb\SmartWebHelper.exe
PRC - [2015/02/17 13:00:06 | 000,557,088 | ---- | M] (SoftBrain Technologies Ltd.) -- C:\Users\IVOIRE\AppData\Local\SmartWeb\SmartWebApp.exe
PRC - [2014/12/19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
PRC - [2013/11/01 14:37:14 | 000,173,272 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2013/02/06 08:10:16 | 000,238,160 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2012/03/23 11:33:46 | 000,419,408 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012/03/23 11:33:44 | 000,355,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012/03/23 11:33:44 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2012/02/29 15:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
PRC - [2012/02/26 21:01:56 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/07 02:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2011/12/16 06:38:48 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/12/16 06:38:46 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/12/16 06:38:24 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/05/20 18:44:32 | 000,986,208 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2011/03/30 00:33:08 | 000,598,312 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/04/12 12:05:26 | 000,322,048 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\EC969C00-1428848644-815C-2101-4C72B939536B\jnsj9B58.exe
MOD - [2015/04/12 05:37:34 | 000,476,912 | ---- | M] () -- C:\ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\3\Plugin.exe
MOD - [2015/04/11 18:52:38 | 003,984,328 | ---- | M] () -- C:\Program Files (x86)\gmsd_fr_416\gmsd_fr_416.exe
MOD - [2015/04/11 18:52:38 | 003,306,440 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\gmsd_fr_416\upgmsd_fr_416.exe
MOD - [2015/03/30 23:07:56 | 014,974,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll
MOD - [2015/03/30 23:07:56 | 009,279,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
MOD - [2015/03/30 23:07:54 | 001,174,856 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
MOD - [2015/03/30 23:07:54 | 000,080,200 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/02/20 04:35:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/01/30 04:15:10 | 000,366,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2015/01/30 04:15:10 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/02/07 17:53:48 | 000,871,296 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:[b]64bit:[/b] - [2012/02/07 02:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Live Updater Service)
SRV:[b]64bit:[/b] - [2011/12/08 16:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2009/07/14 03:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV - [2015/04/12 14:24:16 | 000,081,920 | ---- | M] () [Auto | Running] -- C:\Users\IVOIRE\AppData\Local\EC969C00-1428848644-815C-2101-4C72B939536B\instA298.tmp -- (goxihosu)
SRV - [2015/04/12 13:37:44 | 000,560,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\Updater.exe -- (Update Mgr browsepulse)
SRV - [2015/04/12 13:37:40 | 000,640,240 | ---- | M] () [Auto | Running] -- C:\ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\PluginContainer.exe -- (Service Mgr browsepulse)
SRV - [2015/04/12 02:36:20 | 000,119,408 | ---- | M] (The Software Group) [On_Demand | Stopped] -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe -- (Software_update_m)
SRV - [2015/04/12 02:36:20 | 000,119,408 | ---- | M] (The Software Group) [Auto | Stopped] -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe -- (Software_update)
SRV - [2015/04/11 18:21:59 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Users\IVOIRE\AppData\Roaming\EC969C00-1428523173-815C-2101-4C72B939536B\nsr24DA.tmp -- (ticutimo)
SRV - [2015/04/08 22:00:15 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Users\IVOIRE\AppData\Roaming\EC969C00-1428523173-815C-2101-4C72B939536B\jnsc6355.tmp -- (fogezyny)
SRV - [2015/04/07 17:43:38 | 001,873,960 | ---- | M] (CC Corporation) [Auto | Running] -- C:\Program Files (x86)\IGS\CCL.exe -- (CCL)
SRV - [2015/04/06 21:46:33 | 000,493,712 | ---- | M] (SysTool PasSame LIMITED) [Auto | Running] -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -- (WindowsMangerProtect)
SRV - [2015/04/02 05:39:38 | 000,158,816 | ---- | M] (XTab system) [Auto | Running] -- C:\Program Files (x86)\XTab\ProtectService.exe -- (IHProtect Service)
SRV - [2015/03/17 23:31:46 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/02/18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/24 23:04:16 | 000,227,904 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2014/04/24 23:00:06 | 000,203,344 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2014/04/12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/11/01 14:37:14 | 000,173,272 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/02/06 08:10:36 | 000,351,824 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2012/03/23 11:33:44 | 000,355,920 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/02/29 15:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
SRV - [2012/02/19 14:18:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011/12/16 06:38:48 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/12/16 06:38:46 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/12/16 06:38:24 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/30 05:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/08/31 15:11:40 | 002,425,960 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/03/30 00:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/11/21 05:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2009/07/14 03:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/04/10 05:29:08 | 000,048,776 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{d1bdfa01-5a9a-448b-bb7a-b6dc6b34803d}Gw64.sys -- ({d1bdfa01-5a9a-448b-bb7a-b6dc6b34803d}Gw64)
DRV:[b]64bit:[/b] - [2014/11/15 15:46:08 | 000,124,560 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2014/08/11 06:20:50 | 000,061,584 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys -- ({c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64)
DRV:[b]64bit:[/b] - [2014/08/07 13:27:58 | 000,061,584 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{49ae2e47-5ec4-48ed-9fbc-0a5ab39ede5a}Gw64.sys -- ({49ae2e47-5ec4-48ed-9fbc-0a5ab39ede5a}Gw64)
DRV:[b]64bit:[/b] - [2014/01/25 15:05:56 | 000,013,344 | ---- | M] (Rsupport Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrvd5.sys -- (vrvd5)
DRV:[b]64bit:[/b] - [2013/10/02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2013/07/25 17:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2013/03/04 10:32:48 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:[b]64bit:[/b] - [2013/03/04 10:32:48 | 000,091,648 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:[b]64bit:[/b] - [2013/03/04 10:32:48 | 000,077,312 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV:[b]64bit:[/b] - [2013/03/04 10:32:48 | 000,030,720 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:[b]64bit:[/b] - [2013/01/25 03:16:40 | 000,109,568 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:[b]64bit:[/b] - [2012/12/22 03:46:11 | 000,014,976 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:[b]64bit:[/b] - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/26 21:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012/02/26 21:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012/02/26 21:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012/02/14 04:47:36 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/01/10 21:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011/12/05 21:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2011/11/30 04:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011/10/14 07:49:22 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2011/09/21 12:08:10 | 000,376,144 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:[b]64bit:[/b] - [2011/09/02 05:46:28 | 000,339,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:[b]64bit:[/b] - [2011/08/17 10:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2011/08/17 10:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:[b]64bit:[/b] - [2011/08/17 10:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:[b]64bit:[/b] - [2011/08/17 10:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:[b]64bit:[/b] - [2011/07/14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/07/14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.luckysearches.com/?type=hp&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.luckysearches.com/web/?type=ds&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.luckysearches.com/web/?type=ds&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.luckysearches.com/?type=hp&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_11_ie&cd=2XzuyEtN2Y1L1QzuyE0CyBtB0BzytAzyyDtAyC0B0ByEtCyEtN0D0Tzu0SzztDyDtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyB0DtCyC0EzyyE0BtG0DzztA0AtGzyyDyCtCtG0FtAzy0AtGyD0D0ByByB0E0DzyyBtCzy0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0A0CtA0ByDyE0CtGtBtAyC0CtG0AtC0A0BtGtA0FyDyBtGyCyEyDyByD0DyE0AzzzzyE0E2Q&cr=168366458&ir=
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.luckysearches.com/web/?type=ds&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.luckysearches.com/?type=hp&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.luckysearches.com/web/?type=ds&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.luckysearches.com/web/?type=ds&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=38268&home=true&tid=77
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.luckysearches.com/?type=hp&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=38268&home=true&tid=77
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=38268&home=true&tid=77
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.luckysearches.com/web/?type=ds&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.luckysearches.com/?type=hp&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=dspp&ts=1428349591&from=tugs&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&q={searchTerms}
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=dspp&ts=1428349591&from=tugs&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&q={searchTerms}
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.istartsurf.com/?type=hp [Binary data over 200 bytes]
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.luckysearches.com/?type=hp&ts=1428798978&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=38268&home=true&tid=77
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=38268&home=true&tid=77
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\..\SearchScopes,DefaultScope = {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.luckysearches.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&ts=1428799067&type=default&q={searchTerms}
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\..\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}: "URL" = http://www.luckysearches.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&ts=1428799067&type=default&q={searchTerms}
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.luckysearches.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&ts=1428799067&type=default&q={searchTerms}
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\..\SearchScopes\{9899AC95-F44E-4E9F-9E5E-A8727F9E7833}: "URL" = http://www.luckysearches.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&ts=1428799067&type=default&q={searchTerms}
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\..\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}: "URL" = http://www.luckysearches.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8&ts=1428799067&type=default&q={searchTerms}
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin: C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.Software.com/Software Update;version=3: C:\Program Files (x86)\Software\Update\1.3.25.0\npSoftwareUpdate3.dll (The Software Group)
FF - HKLM\Software\MozillaPlugins\@tools.Software.com/Software Update;version=9: C:\Program Files (x86)\Software\Update\1.3.25.0\npSoftwareUpdate3.dll (The Software Group)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



[color=#E56717]========== Chrome ==========[/color]

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\IVOIRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\IVOIRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\IVOIRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\IVOIRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\IVOIRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\IVOIRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\engaigpbgdjjmanonjcjkcmomgibneba\2.5_0\
CHR - Extension: No name found = C:\Users\IVOIRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\IVOIRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\
CHR - Extension: No name found = C:\Users\IVOIRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\IVOIRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (browse pulse) - {ed8e593d-1965-4e45-9d55-d56162dcde14} - C:\Program Files (x86)\browse pulse\Extensions\ed8e593d-1965-4e45-9d55-d56162dcde14.dll ()
O2 - BHO: (Boxore Client) - {EFA7A511-B491-4312-BB35-4586B99E45ED} - C:\Program Files (x86)\Boxore\Boxore Client\IE\AdRotate32.dll (Boxore)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Boxore Client] C:\Program Files (x86)\Boxore\Boxore Client\boxore.exe (Boxore OU)
O4 - HKLM..\Run: [gmsd_fr_416] C:\Program Files (x86)\gmsd_fr_416\gmsd_fr_416.exe ()
O4 - HKLM..\Run: [SmartWeb] C:\Users\IVOIRE\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2913280506-1945110618-3153893059-1000..\Run: [GoogleChromeAutoLaunch_59A1FC51073682EE7C05A7BBEA3F9175] "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window File not found
O4 - HKLM..\RunOnce: [upgmsd_fr_416.exe] C:\Users\IVOIRE\AppData\Local\gmsd_fr_416\upgmsd_fr_416.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\IVOIRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk = C:\ProgramData\{dc72d1ab-cec9-5119-dc72-2d1abcec46af}\hqghumeaylnlf.exe (Super PC Tools Ltd)
O4 - Startup: C:\Users\IVOIRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk = C:\Users\IVOIRE\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\CCL.dll (CC Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\CCL.dll (CC Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\CCL.dll (CC Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\CCL.dll (CC Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\CCL.dll (CC Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FEC5624-3E27-4405-BE6A-E1BCA98FCAB1}: DhcpNameServer = 192.168.8.1 192.168.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C2D6C59-9E3D-4144-965E-7960F6B45667}: DhcpNameServer = 192.168.8.1 192.168.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{701CFA05-895F-47D1-920E-B578A4FCF62C}: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0a736886-3de8-11e4-aa67-4c72b939536b}\Shell - "" = AutoRun
O33 - MountPoints2\{0a736886-3de8-11e4-aa67-4c72b939536b}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{0a7368a1-3de8-11e4-aa67-4c72b939536b}\Shell - "" = AutoRun
O33 - MountPoints2\{0a7368a1-3de8-11e4-aa67-4c72b939536b}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{0a7368d5-3de8-11e4-aa67-4c72b939536b}\Shell - "" = AutoRun
O33 - MountPoints2\{0a7368d5-3de8-11e4-aa67-4c72b939536b}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]BingDesktop[/b] - hkey= - key= - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
MsConfig:64bit - StartUpReg: [b]gmsd_fr_389[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]gmsd_fr_397[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]gmsd_fr_401[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]gmsd_fr_407[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]gmsd_fr_416[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]LManager[/b] - hkey= - key= - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
MsConfig:64bit - StartUpReg: [b]OOTag[/b] - hkey= - key= - C:\Program Files (x86)\Packard Bell\OOBEOffer\OOTag.exe (Microsoft)
MsConfig:64bit - StartUpReg: [b]Power Management[/b] - hkey= - key= - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: CCL - C:\Program Files (x86)\IGS\CCL.exe (CC Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Reg Error: Key error.
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Reg Error: Key error.
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

Drivers32:[b]64bit:[/b] aux - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midimapper - midimap.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:[/b] msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/04/12 14:40:40 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
[2015/04/12 14:37:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnyProtectEx
[2015/04/12 14:24:04 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\EC969C00-1428848644-815C-2101-4C72B939536B
[2015/04/12 14:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
[2015/04/12 14:22:00 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\gmsd_fr_416
[2015/04/12 14:21:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gmsd_fr_416
[2015/04/12 14:16:16 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Roaming\1H1Q1V1N1N1O1R
[2015/04/12 14:16:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15
[2015/04/12 14:16:05 | 000,000,000 | ---D | C] -- C:\ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15
[2015/04/12 14:16:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\browse pulse
[2015/04/12 14:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
[2015/04/12 14:15:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Speed Maximizer
[2015/04/12 14:15:41 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
[2015/04/12 14:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony
[2015/04/12 14:15:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiPony
[2015/04/12 14:06:43 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Roaming\ZHP
[2015/04/12 02:53:59 | 000,000,000 | ---D | C] -- C:\ProgramData\89fa7968000035e4
[2015/04/12 02:38:45 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\Boxore
[2015/04/12 02:38:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Boxore
[2015/04/12 02:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IGS
[2015/04/12 02:36:29 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\Software
[2015/04/12 02:36:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2015/04/12 02:36:00 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\Crossbrowse
[2015/04/12 02:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015/04/12 02:23:16 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\Apps
[2015/04/12 02:23:15 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\Deployment
[2015/04/12 02:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{dc72d1ab-cec9-5119-dc72-2d1abcec46af}
[2015/04/12 00:15:15 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\UnicoBrowser
[2015/04/12 00:11:04 | 001,923,584 | ---- | C] (Cinema PlusV11.04) -- C:\Users\IVOIRE\AppData\Roaming\WZPDKPXK.exe
[2015/04/12 00:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cinema PlusV11.04-ntf
[2015/04/11 23:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\T122078ED
[2015/04/10 19:01:23 | 000,048,776 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{d1bdfa01-5a9a-448b-bb7a-b6dc6b34803d}Gw64.sys
[2015/04/10 18:56:42 | 001,853,440 | ---- | C] (Cinema PlusV10.04) -- C:\Users\IVOIRE\AppData\Roaming\EBOI.exe
[2015/04/10 18:56:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cinema PlusV10.04-ntf
[2015/04/09 22:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\2077f76000004abb
[2015/04/09 21:08:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\suprize
[2015/04/09 21:00:41 | 001,973,760 | ---- | C] (System NotifierV10.03) -- C:\Users\IVOIRE\AppData\Roaming\QJNFZ.exe
[2015/04/09 16:03:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StartPoint
[2015/04/09 16:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\shopperz
[2015/04/09 15:59:05 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\BoBrowser
[2015/04/09 15:21:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GUPlayer
[2015/04/09 15:17:28 | 000,000,000 | ---D | C] -- C:\ProgramData\1aa2898d00001aac
[2015/04/09 15:17:05 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Roaming\WTools
[2015/04/09 01:11:11 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\SupTab
[2015/04/09 01:09:48 | 000,000,000 | -HSD | C] -- C:\Users\IVOIRE\AppData\Roaming\AnyProtectEx
[2015/04/09 01:08:40 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\Documents\Optimizer Pro
[2015/04/08 22:38:44 | 000,341,696 | ---- | C] (CC Corporation) -- C:\Windows\SysWow64\CCL.dll
[2015/04/08 22:31:16 | 001,953,792 | ---- | C] (Cinema PlusV08.04) -- C:\Users\IVOIRE\AppData\Roaming\JWLDG.exe
[2015/04/08 22:31:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cinema PlusV08.04-ntf
[2015/04/08 22:17:27 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\SmartWeb
[2015/04/08 22:05:05 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\EC969C00-1428530705-815C-2101-4C72B939536B
[2015/04/08 21:59:33 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Roaming\EC969C00-1428523173-815C-2101-4C72B939536B
[2015/04/06 21:46:48 | 000,000,000 | ---D | C] -- C:\ProgramData\IHProtectUpDate
[2015/04/06 21:46:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XTab
[2015/04/06 21:45:49 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Local\globalUpdate
[2015/04/06 21:45:31 | 000,000,000 | ---D | C] -- C:\ProgramData\atjs
[2015/04/06 21:45:18 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Roaming\EafLPrz
[2015/04/06 21:45:04 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Roaming\UW7Vvmg
[2015/04/06 21:44:51 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\AppData\Roaming\gsO7soD
[2015/04/06 21:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\4d0801eee76440b5aa8e9e9bd8f25f47
[2015/04/06 21:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\7b2a98c5c3a9485689cfb0f9c7e387ba
[2015/04/06 21:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\LolliScan
[2015/04/01 17:15:07 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX
[2015/04/01 17:15:06 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX
[2015/03/25 18:00:32 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/03/25 18:00:32 | 000,943,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/03/25 18:00:32 | 000,760,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/03/25 18:00:32 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/03/25 18:00:32 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/03/25 18:00:32 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/03/25 18:00:31 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/03/25 18:00:31 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/03/20 02:57:27 | 000,000,000 | R--D | C] -- C:\Users\IVOIRE\Documents\Scanned Documents
[2015/03/20 02:57:26 | 000,000,000 | ---D | C] -- C:\Users\IVOIRE\Documents\Fax
[6 C:\Users\IVOIRE\AppData\Local\*.tmp files -> C:\Users\IVOIRE\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/04/12 16:42:07 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2015/04/12 16:36:00 | 000,002,114 | ---- | M] () -- C:\Windows\tasks\050cd641-277c-420a-9f54-2f6d96ab4660-10_user.job
[2015/04/12 16:33:31 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/12 16:33:31 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/04/12 16:33:15 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat
[2015/04/12 16:17:02 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\Digital Sites.job
[2015/04/12 16:08:00 | 000,001,298 | ---- | M] () -- C:\Windows\tasks\suprize_notification_service.job
[2015/04/12 16:01:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/04/12 15:58:00 | 000,002,114 | ---- | M] () -- C:\Windows\tasks\0709795e-2766-4624-8403-41d12fdcc850-10_user.job
[2015/04/12 15:46:51 | 000,008,712 | ---- | M] () -- C:\Windows\SysWow64\CCLOff.ini
[2015/04/12 15:46:51 | 000,008,712 | ---- | M] () -- C:\Windows\SysNative\CCLOff.ini
[2015/04/12 15:41:21 | 000,000,239 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\recently-fix.db
[2015/04/12 15:37:25 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/04/12 15:37:25 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/04/12 15:28:12 | 000,000,435 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2015/04/12 15:26:39 | 000,001,340 | ---- | M] () -- C:\Windows\tasks\JWLDG.job
[2015/04/12 15:26:39 | 000,000,660 | ---- | M] () -- C:\Windows\tasks\suprize_updating_service.job
[2015/04/12 15:26:09 | 000,001,340 | ---- | M] () -- C:\Windows\tasks\QJNFZ.job
[2015/04/12 15:26:08 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2015/04/12 15:26:08 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/12 15:26:03 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\029B560A371F4E00AB32838EBC01B9E7
[2015/04/12 15:26:00 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP3.job
[2015/04/12 15:26:00 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP2.job
[2015/04/12 15:25:35 | 3092,533,248 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/12 15:01:16 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP1.job
[2015/04/12 14:40:40 | 000,001,061 | ---- | M] () -- C:\Users\IVOIRE\Desktop\AnyProtect.lnk
[2015/04/12 14:15:46 | 000,001,133 | ---- | M] () -- C:\Users\IVOIRE\Desktop\PC Speed Maximizer.lnk
[2015/04/12 14:15:46 | 000,001,011 | ---- | M] () -- C:\Users\IVOIRE\Desktop\MiPony.lnk
[2015/04/12 14:15:41 | 000,001,019 | ---- | M] () -- C:\Users\IVOIRE\Application Data\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
[2015/04/12 03:04:12 | 000,002,293 | ---- | M] () -- C:\Users\IVOIRE\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/04/12 02:55:35 | 000,002,110 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/04/12 02:55:33 | 000,001,469 | ---- | M] () -- C:\Users\IVOIRE\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/04/12 02:36:29 | 000,001,690 | ---- | M] () -- C:\Windows\tasks\WZPDKPXK.job
[2015/04/12 02:36:26 | 001,923,584 | ---- | M] (Cinema PlusV11.04) -- C:\Users\IVOIRE\AppData\Roaming\WZPDKPXK.exe
[2015/04/12 02:33:46 | 000,001,116 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
[2015/04/12 02:15:16 | 000,001,965 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk
[2015/04/12 01:25:03 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Number of results
[2015/04/12 01:23:12 | 000,002,076 | ---- | M] () -- C:\Users\IVOIRE\Desktop\Continue GamesDesktop Uninstaller.lnk
[2015/04/12 01:16:59 | 000,000,000 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\.a852.db
[2015/04/10 18:58:04 | 000,001,338 | ---- | M] () -- C:\Windows\tasks\EBOI.job
[2015/04/10 18:58:02 | 001,853,440 | ---- | M] (Cinema PlusV10.04) -- C:\Users\IVOIRE\AppData\Roaming\EBOI.exe
[2015/04/10 18:23:21 | 000,000,434 | ---- | M] () -- C:\Windows\wininit.ini
[2015/04/10 05:29:08 | 000,048,776 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{d1bdfa01-5a9a-448b-bb7a-b6dc6b34803d}Gw64.sys
[2015/04/09 22:45:58 | 000,003,372 | ---- | M] () -- C:\Windows\SysWow64\${LOGFILE}
[2015/04/09 21:00:41 | 001,973,760 | ---- | M] (System NotifierV10.03) -- C:\Users\IVOIRE\AppData\Roaming\QJNFZ.exe
[2015/04/09 16:01:02 | 000,000,045 | ---- | M] () -- C:\user.js
[2015/04/09 00:21:02 | 000,002,257 | ---- | M] () -- C:\Windows\patsearch.bin
[2015/04/09 00:21:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webTinstMKTN_01009.Wdf
[2015/04/08 22:36:37 | 000,000,000 | ---- | M] () -- C:\END
[2015/04/08 22:34:32 | 001,953,792 | ---- | M] (Cinema PlusV08.04) -- C:\Users\IVOIRE\AppData\Roaming\JWLDG.exe
[2015/04/08 22:34:29 | 000,002,114 | ---- | M] () -- C:\Windows\tasks\df8c5481-2888-4c8f-b1f5-6ac74a4f1a8e-10_user.job
[2015/04/07 17:43:38 | 000,341,696 | ---- | M] (CC Corporation) -- C:\Windows\SysWow64\CCL.dll
[2015/04/06 21:23:25 | 000,007,598 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Resmon.ResmonCfg
[2015/04/02 15:51:08 | 001,684,668 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/04/02 15:51:08 | 000,753,136 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2015/04/02 15:51:08 | 000,659,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/04/02 15:51:08 | 000,153,044 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2015/04/02 15:51:08 | 000,124,338 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/04/01 17:27:47 | 001,659,736 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/03/26 21:14:08 | 000,005,542 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\WZPDKPXK
[2015/03/26 21:14:08 | 000,005,542 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\JWLDG
[2015/03/26 21:14:08 | 000,005,542 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\EBOI
[2015/03/17 23:31:45 | 000,778,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/03/17 23:31:45 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[6 C:\Users\IVOIRE\AppData\Local\*.tmp files -> C:\Users\IVOIRE\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/04/12 16:01:54 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/04/12 14:40:40 | 000,001,061 | ---- | C] () -- C:\Users\IVOIRE\Desktop\AnyProtect.lnk
[2015/04/12 14:15:46 | 000,001,133 | ---- | C] () -- C:\Users\IVOIRE\Desktop\PC Speed Maximizer.lnk
[2015/04/12 14:15:46 | 000,001,011 | ---- | C] () -- C:\Users\IVOIRE\Desktop\MiPony.lnk
[2015/04/12 14:15:41 | 000,001,019 | ---- | C] () -- C:\Users\IVOIRE\Application Data\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
[2015/04/12 02:45:57 | 000,002,110 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/04/12 02:45:54 | 000,002,293 | ---- | C] () -- C:\Users\IVOIRE\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/04/12 02:36:45 | 000,001,088 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2015/04/12 02:36:43 | 000,001,084 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2015/04/12 02:33:46 | 000,001,116 | ---- | C] () -- C:\Users\IVOIRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
[2015/04/12 02:24:57 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/12 02:24:56 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/12 02:15:16 | 000,001,965 | ---- | C] () -- C:\Users\IVOIRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk
[2015/04/12 01:25:03 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Number of results
[2015/04/12 01:23:12 | 000,002,076 | ---- | C] () -- C:\Users\IVOIRE\Desktop\Continue GamesDesktop Uninstaller.lnk
[2015/04/12 01:16:59 | 000,000,000 | ---- | C] () -- C:\Users\IVOIRE\AppData\Local\.a852.db
[2015/04/12 00:11:05 | 000,001,690 | ---- | C] () -- C:\Windows\tasks\WZPDKPXK.job
[2015/04/12 00:11:00 | 000,002,114 | ---- | C] () -- C:\Windows\tasks\050cd641-277c-420a-9f54-2f6d96ab4660-10_user.job
[2015/04/10 18:56:43 | 000,001,338 | ---- | C] () -- C:\Windows\tasks\EBOI.job
[2015/04/10 18:56:39 | 000,002,114 | ---- | C] () -- C:\Windows\tasks\0709795e-2766-4624-8403-41d12fdcc850-10_user.job
[2015/04/09 21:09:15 | 000,000,660 | ---- | C] () -- C:\Windows\tasks\suprize_updating_service.job
[2015/04/09 21:08:29 | 000,001,298 | ---- | C] () -- C:\Windows\tasks\suprize_notification_service.job
[2015/04/09 21:00:44 | 000,001,340 | ---- | C] () -- C:\Windows\tasks\QJNFZ.job
[2015/04/09 20:07:56 | 000,000,434 | ---- | C] () -- C:\Windows\wininit.ini
[2015/04/09 16:01:02 | 000,000,045 | ---- | C] () -- C:\user.js
[2015/04/09 15:34:02 | 000,003,372 | ---- | C] () -- C:\Windows\SysWow64\${LOGFILE}
[2015/04/09 15:11:40 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP3.job
[2015/04/09 15:11:39 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP2.job
[2015/04/09 15:11:36 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP1.job
[2015/04/09 00:21:02 | 000,002,257 | ---- | C] () -- C:\Windows\patsearch.bin
[2015/04/09 00:21:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webTinstMKTN_01009.Wdf
[2015/04/08 22:39:02 | 000,008,712 | ---- | C] () -- C:\Windows\SysWow64\CCLOff.ini
[2015/04/08 22:39:02 | 000,008,712 | ---- | C] () -- C:\Windows\SysNative\CCLOff.ini
[2015/04/08 22:31:17 | 000,001,340 | ---- | C] () -- C:\Windows\tasks\JWLDG.job
[2015/04/08 22:31:09 | 000,002,114 | ---- | C] () -- C:\Windows\tasks\df8c5481-2888-4c8f-b1f5-6ac74a4f1a8e-10_user.job
[2015/04/06 22:45:02 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\029B560A371F4E00AB32838EBC01B9E7
[2015/04/06 21:46:03 | 000,000,239 | ---- | C] () -- C:\Users\IVOIRE\AppData\Local\recently-fix.db
[2015/04/06 21:23:25 | 000,007,598 | ---- | C] () -- C:\Users\IVOIRE\AppData\Local\Resmon.ResmonCfg
[2015/03/26 21:14:08 | 000,005,542 | ---- | C] () -- C:\Users\IVOIRE\AppData\Roaming\WZPDKPXK
[2015/03/26 21:14:08 | 000,005,542 | ---- | C] () -- C:\Users\IVOIRE\AppData\Roaming\JWLDG
[2015/03/26 21:14:08 | 000,005,542 | ---- | C] () -- C:\Users\IVOIRE\AppData\Roaming\EBOI
[2015/03/11 17:44:50 | 000,103,424 | ---- | C] () -- C:\Windows\SysWow64\mfps.dll
[2015/03/09 23:30:14 | 000,005,487 | ---- | C] () -- C:\Users\IVOIRE\AppData\Roaming\QJNFZ
[2014/08/20 18:00:39 | 000,000,000 | ---- | C] () -- C:\Users\IVOIRE\AppData\Local\{C3999E5E-02DB-4FD7-9FA9-17E02F6AA032}
[2014/03/15 18:34:44 | 000,000,042 | ---- | C] () -- C:\Users\IVOIRE\AppData\Roaming\WB.CFG
[2013/12/10 05:17:42 | 001,659,736 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2014/03/15 18:34:48 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
[2015/04/12 14:16:16 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\1H1Q1V1N1N1O1R
[2014/04/07 15:52:27 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Adobe
[2015/04/09 01:09:48 | 000,000,000 | -HSD | M] -- C:\Users\IVOIRE\AppData\Roaming\AnyProtectEx
[2013/05/03 17:30:01 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Apple Computer
[2014/08/10 00:42:57 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\BabSolution
[2014/04/06 01:11:40 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\CyberLink
[2014/03/15 18:33:43 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\DigitalSites
[2015/04/06 21:45:30 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\EafLPrz
[2015/04/11 18:22:00 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\EC969C00-1428523173-815C-2101-4C72B939536B
[2013/01/28 01:54:14 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\FloodLightGames
[2015/04/06 21:45:30 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\gsO7soD
[2012/10/03 09:08:20 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Identities
[2012/10/25 23:21:30 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\iWing
[2013/01/26 07:27:32 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Jewel Match 3
[2013/01/25 19:19:15 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Macromedia
[2010/11/21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Media Center Programs
[2015/04/09 15:15:54 | 000,000,000 | --SD | M] -- C:\Users\IVOIRE\AppData\Roaming\Microsoft
[2014/01/25 20:35:05 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Nero
[2015/04/11 23:25:50 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Nosibay
[2014/08/10 00:39:42 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\OfferBox
[2012/10/03 09:08:53 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Screensaver
[2015/04/11 02:04:59 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Skype
[2015/01/25 01:02:40 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\SNS
[2013/01/18 03:51:46 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\SoftGrid Client
[2015/04/09 22:48:32 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Store
[2014/03/15 18:39:48 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\systweak
[2013/01/17 01:15:51 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\TP
[2015/04/06 21:45:18 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\UW7Vvmg
[2013/01/25 19:27:24 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\WildTangent
[2012/10/06 05:48:44 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\Windows Live Writer
[2015/04/11 23:28:29 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\WTools
[2015/04/12 14:48:27 | 000,000,000 | ---D | M] -- C:\Users\IVOIRE\AppData\Roaming\ZHP

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2015/04/10 18:58:02 | 001,853,440 | ---- | M] (Cinema PlusV10.04) -- C:\Users\IVOIRE\AppData\Roaming\EBOI.exe
[2015/04/08 22:34:32 | 001,953,792 | ---- | M] (Cinema PlusV08.04) -- C:\Users\IVOIRE\AppData\Roaming\JWLDG.exe
[2015/04/09 21:00:41 | 001,973,760 | ---- | M] (System NotifierV10.03) -- C:\Users\IVOIRE\AppData\Roaming\QJNFZ.exe
[2015/04/12 02:36:26 | 001,923,584 | ---- | M] (Cinema PlusV11.04) -- C:\Users\IVOIRE\AppData\Roaming\WZPDKPXK.exe
[2013/01/30 15:45:44 | 001,114,624 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Zip Opener Packages\uninstaller.exe
[2015/02/26 22:18:38 | 000,597,951 | ---- | M] (Web Application program ) -- C:\Users\IVOIRE\AppData\Roaming\1H1Q1V1N1N1O1R\Download Manager Packages\uninstaller.exe
[2015/04/12 14:16:52 | 000,127,488 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe
[2015/04/06 21:45:22 | 000,039,752 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Roaming\EafLPrz\VmeqzCb.exe
[2015/04/08 22:00:06 | 000,052,736 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\EC969C00-1428523173-815C-2101-4C72B939536B\rnsm54A1.exe
[2015/04/08 21:59:34 | 000,080,032 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Roaming\EC969C00-1428523173-815C-2101-4C72B939536B\Uninstall.exe
[4 C:\Users\IVOIRE\AppData\Roaming\EC969C00-1428523173-815C-2101-4C72B939536B\*.tmp files -> C:\Users\IVOIRE\AppData\Roaming\EC969C00-1428523173-815C-2101-4C72B939536B\*.tmp -> ]
[2015/04/06 21:44:56 | 000,031,560 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Roaming\gsO7soD\YLFtmi1.exe
[2012/04/21 12:10:08 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\IVOIRE\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2014/01/21 16:12:56 | 000,644,552 | ---- | M] (Systweak Software ) -- C:\Users\IVOIRE\AppData\Roaming\systweak\ssd\SSDPTstub.exe
[2015/04/06 21:45:06 | 000,007,496 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Roaming\UW7Vvmg\oApBHPo.exe
[2014/07/03 00:22:26 | 001,133,176 | ---- | M] (WildTangent) -- C:\Users\IVOIRE\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-packardbell.exe
[2012/10/19 01:53:24 | 000,000,179 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-wildgames.exe_filedata
[2014/07/03 00:22:19 | 000,000,181 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-packardbell.exe_filedata
[2012/10/19 01:53:42 | 000,192,512 | ---- | M] () -- C:\Users\IVOIRE\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-wildgames.exe_cache
[2012/11/29 03:52:32 | 000,572,064 | ---- | M] (WildTangent, Inc.) -- C:\Users\IVOIRE\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe

[color=#A23BEC]< %temp%\*.exe /s >[/color]
[2015/04/09 00:20:37 | 000,476,160 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\0F189807-58EC-3BEB-7DED-5A630FA4BA52.exe
[2015/04/10 18:56:12 | 012,544,138 | ---- | M] (Cinema PlusV10.04) -- C:\Users\IVOIRE\AppData\Local\Temp\1445.exe
[2015/04/08 22:30:04 | 013,315,725 | ---- | M] (Cinema PlusV08.04) -- C:\Users\IVOIRE\AppData\Local\Temp\1735.exe
[2015/04/06 21:48:55 | 001,417,728 | ---- | M] (BrowserV06.04) -- C:\Users\IVOIRE\AppData\Local\Temp\2298.exe
[2015/04/12 01:24:40 | 001,218,048 | ---- | M] (Cinema PlusV11.04) -- C:\Users\IVOIRE\AppData\Local\Temp\3029.exe
[2015/04/12 02:33:55 | 001,819,104 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\312.exe
[2015/04/10 18:57:42 | 012,544,138 | ---- | M] (Cinema PlusV10.04) -- C:\Users\IVOIRE\AppData\Local\Temp\3171.exe
[2015/04/12 01:23:22 | 001,405,440 | ---- | M] (Corporate Inc) -- C:\Users\IVOIRE\AppData\Local\Temp\3310.exe
[2015/04/12 01:23:22 | 001,405,440 | ---- | M] (Corporate Inc) -- C:\Users\IVOIRE\AppData\Local\Temp\3359.exe
[2015/04/09 00:20:39 | 000,475,648 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\35024D4C-29E1-09AB-7A9E-1B0A9529B86D.exe
[2015/04/06 21:48:34 | 009,560,888 | ---- | M] (BrowserV06.04) -- C:\Users\IVOIRE\AppData\Local\Temp\3552.exe
[2015/04/12 00:13:02 | 012,615,139 | ---- | M] (Cinema PlusV11.04) -- C:\Users\IVOIRE\AppData\Local\Temp\3904.exe
[2015/04/12 00:06:47 | 001,819,104 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\4251.exe
[2015/04/12 02:35:57 | 001,218,048 | ---- | M] (Cinema PlusV11.04) -- C:\Users\IVOIRE\AppData\Local\Temp\4629.exe
[2015/04/12 02:37:12 | 012,615,139 | ---- | M] (Cinema PlusV11.04) -- C:\Users\IVOIRE\AppData\Local\Temp\5096.exe
[2015/04/06 21:47:13 | 009,560,888 | ---- | M] (BrowserV06.04) -- C:\Users\IVOIRE\AppData\Local\Temp\5685.exe
[2015/04/12 01:22:49 | 001,819,104 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\6377.exe
[2015/04/06 21:43:58 | 001,819,104 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\7330.exe
[2015/04/08 22:34:06 | 013,315,725 | ---- | M] (Cinema PlusV08.04) -- C:\Users\IVOIRE\AppData\Local\Temp\7588.exe
[2015/04/12 00:10:40 | 012,615,139 | ---- | M] (Cinema PlusV11.04) -- C:\Users\IVOIRE\AppData\Local\Temp\8354.exe
[2015/04/08 22:18:00 | 001,819,104 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\8470.exe
[2015/04/10 18:54:24 | 001,819,104 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\8578.exe
[2015/04/12 01:24:19 | 012,615,139 | ---- | M] (Cinema PlusV11.04) -- C:\Users\IVOIRE\AppData\Local\Temp\908.exe
[2015/04/12 02:35:35 | 012,615,139 | ---- | M] (Cinema PlusV11.04) -- C:\Users\IVOIRE\AppData\Local\Temp\9158.exe
[2015/04/06 21:20:55 | 000,297,672 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\CloudBackup1814.exe
[2015/04/10 19:06:34 | 000,782,376 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Local\Temp\ebacabfbcabbi.exe
[2015/04/09 22:35:52 | 000,782,376 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Local\Temp\ejcabfbcabbj.exe
[2015/04/09 15:42:50 | 000,782,376 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Local\Temp\ejcabfbcaed.exe
[2015/04/09 15:56:09 | 000,372,864 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\Install_BubbleDock.exe
[2015/04/12 01:27:51 | 002,997,760 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\jue1EC6.exe
[2015/04/12 02:38:51 | 002,997,760 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\jue4308.exe
[2015/04/09 23:37:24 | 002,997,760 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\jue4A2.exe
[2015/04/12 00:17:58 | 002,997,760 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\jue7F7C.exe
[2015/04/10 18:58:29 | 002,997,760 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\jue8C57.exe
[2015/04/12 14:26:59 | 002,998,272 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\jueADEB.exe
[2015/04/11 23:16:12 | 002,997,760 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\jueB0F7.exe
[2015/04/10 19:06:30 | 000,590,024 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\mytmpinstaller.exe
[2015/04/12 01:17:40 | 001,119,188 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\OnlineBackup.exe
[2015/04/10 18:21:49 | 006,850,560 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\rt-update.exe
[2015/04/09 15:57:00 | 001,041,560 | ---- | M] (Infonaut) -- C:\Users\IVOIRE\AppData\Local\Temp\setup.exe
[2015/04/08 21:44:23 | 000,301,337 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Local\Temp\Setup_194413.exe
[2015/04/12 02:36:18 | 000,621,168 | ---- | M] (The Software Group) -- C:\Users\IVOIRE\AppData\Local\Temp\setup_296.exe
[2015/04/12 01:27:41 | 000,152,160 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\setup_608.exe
[2015/04/05 16:27:36 | 045,209,696 | ---- | M] (Skype Technologies S.A.) -- C:\Users\IVOIRE\AppData\Local\Temp\SkypeSetup.exe
[2015/04/09 15:56:28 | 001,305,880 | ---- | M] ( CH ) -- C:\Users\IVOIRE\AppData\Local\Temp\startpoint_1.exe
[2015/04/09 16:03:22 | 000,448,280 | ---- | M] (Pay By Ads LTD) -- C:\Users\IVOIRE\AppData\Local\Temp\startup.exe
[2015/04/12 02:15:16 | 006,003,296 | ---- | M] (Super PC Tools ltd ) -- C:\Users\IVOIRE\AppData\Local\Temp\supoptsetup.exe
[2015/04/12 16:01:12 | 000,061,980 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\Uninstall.exe
[236 C:\Users\IVOIRE\AppData\Local\Temp\*.tmp files -> C:\Users\IVOIRE\AppData\Local\Temp\*.tmp -> ]
[2015/03/20 20:16:20 | 000,639,192 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\1042015182856\Selection Tools Uninstall.exe
[2015/04/03 15:26:20 | 000,715,680 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\1042015183150\Bubble Dock Uninstall.exe
[2015/04/10 16:13:33 | 000,533,712 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Local\Temp\1042015183150\Solimba Uninstaller.exe
[2015/04/03 15:26:20 | 000,715,680 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\1042015183208\Bubble Dock Uninstall.exe
[2015/04/03 15:26:20 | 000,715,680 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\1142015232527\Bubble Dock Uninstall.exe
[2015/04/11 23:23:47 | 000,533,712 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Local\Temp\1142015232527\Solimba Uninstaller.exe
[2015/04/03 15:26:20 | 000,715,680 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\1142015232545\Bubble Dock Uninstall.exe
[2015/03/20 20:16:20 | 000,639,192 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\1142015232751\Selection Tools Uninstall.exe
[2015/04/06 21:43:48 | 000,381,090 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\1b62421a-0e6b-4c90-a2d6-80209b9d4c0d\pp_so.exe
[2015/04/06 21:43:56 | 000,760,557 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\2ad9bf8e-21b0-46c0-98a9-bb4b5b012b58\setup.exe
[2015/04/06 21:44:32 | 004,224,990 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\2cd35b31-bdc5-45a6-9e37-bda84474a305\speedcheck fm.exe
[2015/04/06 21:43:42 | 000,722,528 | ---- | M] (BaiSix) -- C:\Users\IVOIRE\AppData\Local\Temp\47754c88-467f-4619-9cf1-bf3bf4c5bc56\lly_istartsurf.exe
[2014/05/30 10:07:49 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Users\IVOIRE\AppData\Local\Temp\4A3C0451-6A86-42DA-AF16-0A847A950A21\DismHost.exe
[2015/04/12 01:24:42 | 000,913,408 | ---- | M] (Crossbrowse) -- C:\Users\IVOIRE\AppData\Local\Temp\5926\setup.exe
[2015/04/06 21:43:52 | 000,202,752 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\5ca6e5bf-169d-4400-b05d-8a3ee79a9fbc\setup.exe
[2015/04/09 15:43:00 | 000,050,225 | ---- | M] (OperaChecker) -- C:\Users\IVOIRE\AppData\Local\Temp\81428586970\TlJEUFFM10700.exe
[2015/04/10 19:06:43 | 000,050,225 | ---- | M] (OperaChecker) -- C:\Users\IVOIRE\AppData\Local\Temp\81428685594\TlJEUFFM10700.exe
[2015/03/20 20:16:20 | 000,639,192 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\942015152031\Selection Tools Uninstall.exe
[2015/04/09 15:17:10 | 000,533,712 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Local\Temp\942015152031\Solimba Uninstaller.exe
[2015/03/20 20:16:20 | 000,639,192 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\942015152051\Selection Tools Uninstall.exe
[2015/04/03 15:26:20 | 000,715,680 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\942015153313\Bubble Dock Uninstall.exe
[2015/04/03 15:26:20 | 000,715,680 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\942015224423\Bubble Dock Uninstall.exe
[2015/03/20 20:16:20 | 000,639,192 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\942015224638\Selection Tools Uninstall.exe
[2015/03/20 20:23:14 | 000,609,008 | ---- | M] (Nosibay) -- C:\Users\IVOIRE\AppData\Local\Temp\942015224753\WindApp Uninstall.exe
[2014/05/30 10:07:49 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Users\IVOIRE\AppData\Local\Temp\C2A14956-0EE3-4B87-9214-3F44C811F3B7\DismHost.exe
[2015/04/12 00:20:23 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.11995\GoogleCrashHandler.exe
[2015/04/12 00:20:23 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.11995\GoogleUpdate.exe
[2015/04/12 00:20:23 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.11995\GoogleUpdateBroker.exe
[2015/04/12 00:20:33 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.11995\GoogleUpdateOnDemand.exe
[2015/04/10 18:58:01 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.160847\GoogleCrashHandler.exe
[2015/04/10 18:58:01 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.160847\GoogleUpdate.exe
[2015/04/10 18:58:01 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.160847\GoogleUpdateBroker.exe
[2015/04/10 18:58:01 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.160847\GoogleUpdateOnDemand.exe
[2015/04/10 18:56:40 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.222934\GoogleCrashHandler.exe
[2015/04/10 18:56:40 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.222934\GoogleUpdate.exe
[2015/04/10 18:56:40 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.222934\GoogleUpdateBroker.exe
[2015/04/10 18:56:40 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.222934\GoogleUpdateOnDemand.exe
[2015/04/06 21:48:55 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.304440\GoogleCrashHandler.exe
[2015/04/06 21:48:55 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.304440\GoogleUpdate.exe
[2015/04/06 21:48:55 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.304440\GoogleUpdateBroker.exe
[2015/04/06 21:48:56 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.304440\GoogleUpdateOnDemand.exe
[2015/04/12 00:11:01 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.344696\GoogleCrashHandler.exe
[2015/04/12 00:11:01 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.344696\GoogleUpdate.exe
[2015/04/12 00:11:01 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.344696\GoogleUpdateBroker.exe
[2015/04/12 00:11:01 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.344696\GoogleUpdateOnDemand.exe
[2015/04/12 01:24:43 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.345977\GoogleCrashHandler.exe
[2015/04/12 01:24:43 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.345977\GoogleUpdate.exe
[2015/04/12 01:24:43 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.345977\GoogleUpdateBroker.exe
[2015/04/12 01:24:44 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.345977\GoogleUpdateOnDemand.exe
[2015/04/08 22:31:11 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.376988\GoogleCrashHandler.exe
[2015/04/08 22:31:11 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.376988\GoogleUpdate.exe
[2015/04/08 22:31:11 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.376988\GoogleUpdateBroker.exe
[2015/04/08 22:31:11 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.376988\GoogleUpdateOnDemand.exe
[2015/04/06 21:47:46 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.391588\GoogleCrashHandler.exe
[2015/04/06 21:47:46 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.391588\GoogleUpdate.exe
[2015/04/06 21:47:46 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.391588\GoogleUpdateBroker.exe
[2015/04/06 21:47:46 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.391588\GoogleUpdateOnDemand.exe
[2015/04/08 22:34:30 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.412300\GoogleCrashHandler.exe
[2015/04/08 22:34:30 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.412300\GoogleUpdate.exe
[2015/04/08 22:34:31 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.412300\GoogleUpdateBroker.exe
[2015/04/08 22:34:31 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.412300\GoogleUpdateOnDemand.exe
[2015/04/12 00:13:25 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.429579\GoogleCrashHandler.exe
[2015/04/12 00:13:25 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.429579\GoogleUpdate.exe
[2015/04/12 00:13:25 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.429579\GoogleUpdateBroker.exe
[2015/04/12 00:13:25 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.429579\GoogleUpdateOnDemand.exe
[2015/04/09 21:00:04 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.460393\GoogleCrashHandler.exe
[2015/04/09 21:00:04 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.460393\GoogleUpdate.exe
[2015/04/09 21:00:04 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.460393\GoogleUpdateBroker.exe
[2015/04/09 21:00:04 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.460393\GoogleUpdateOnDemand.exe
[2015/04/12 02:36:00 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.461967\GoogleCrashHandler.exe
[2015/04/12 02:36:00 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.461967\GoogleUpdate.exe
[2015/04/12 02:36:00 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.461967\GoogleUpdateBroker.exe
[2015/04/12 02:36:00 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.461967\GoogleUpdateOnDemand.exe
[2015/04/06 21:45:48 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.488739\GoogleCrashHandler.exe
[2015/04/06 21:45:48 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.488739\GoogleUpdate.exe
[2015/04/06 21:45:48 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.488739\GoogleUpdateBroker.exe
[2015/04/06 21:45:48 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.488739\GoogleUpdateOnDemand.exe
[2015/04/12 01:23:28 | 000,072,872 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.56400\GoogleCrashHandler.exe
[2015/04/12 01:23:28 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.56400\GoogleUpdate.exe
[2015/04/12 01:23:28 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.56400\GoogleUpdateBroker.exe
[2015/04/12 01:23:29 | 000,046,080 | ---- | M] (globalUpdate) -- C:\Users\IVOIRE\AppData\Local\Temp\comh.56400\GoogleUpdateOnDemand.exe
[2015/04/12 00:17:56 | 011,273,679 | ---- | M] (iCinema) -- C:\Users\IVOIRE\AppData\Local\Temp\DwlTempFolder\temp.exe
[2014/05/30 10:07:49 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Users\IVOIRE\AppData\Local\Temp\E0AC3420-5097-4A92-9A8C-97FB06F8C536\DismHost.exe
[2015/04/06 21:43:58 | 001,819,104 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\f014ea66-814f-4ac4-9b4f-54e18832b93e\installer.exe
[2015/04/06 21:44:00 | 000,880,784 | ---- | M] (Google Inc.) -- C:\Users\IVOIRE\AppData\Local\Temp\f7f6b1b8-fff8-4c7b-b838-6382a8f43f0d\chromesetup.exe
[2015/04/12 14:30:34 | 000,305,664 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe
[2015/04/12 14:33:00 | 000,397,010 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\Extracted\adv_79.exe
[2015/04/09 09:37:42 | 007,786,760 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Local\Temp\is-45G1L.tmp\gentlemjmp_ieu.exe
[2015/04/03 20:08:52 | 007,957,806 | ---- | M] (System NotifierV10.03) -- C:\Users\IVOIRE\AppData\Local\Temp\is-5RINI.tmp\382.exe
[2015/04/03 20:09:34 | 007,906,138 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\is-5RINI.tmp\382_.exe
[2015/02/18 19:15:26 | 000,603,648 | ---- | M] (Igor Pavlov) -- C:\Users\IVOIRE\AppData\Local\Temp\is-5RINI.tmp\7za.exe
[2015/04/12 14:15:16 | 003,967,459 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\is765589038\099CF4B0_stp.EXE
[2015/04/12 14:14:54 | 000,299,256 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\is765589038\26618C40_stp.EXE
[2015/04/12 14:16:54 | 019,558,400 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\is765589038\7DD354DE_stp.EXE
[2015/02/26 22:18:38 | 000,597,951 | ---- | M] (Web Application program ) -- C:\Users\IVOIRE\AppData\Local\Temp\is765589038\5D4B7A38_stp\Uninstaller.exe
[2014/12/04 20:17:14 | 001,517,816 | ---- | M] (Smart PC Solutions ) -- C:\Users\IVOIRE\AppData\Local\Temp\is765589038\654AB563_stp\PCSpeedMaximizer_AQFR_AFD_PPI_PCSM_4TR_NO_AVG_bis.exe
[2015/04/08 19:16:28 | 007,786,712 | ---- | M] ( ) -- C:\Users\IVOIRE\AppData\Local\Temp\is-77LDF.tmp\gentlemjmp_ieu.exe
[2015/04/09 09:26:32 | 000,484,600 | ---- | M] (Software ) -- C:\Users\IVOIRE\AppData\Local\Temp\is-E81DJ.tmp\382.exe
[2015/04/09 09:32:10 | 000,485,808 | ---- | M] (Software ) -- C:\Users\IVOIRE\AppData\Local\Temp\is-E81DJ.tmp\package_quickref_p_installer_multilang.exe
[2015/02/19 15:14:00 | 000,603,648 | ---- | M] (Igor Pavlov) -- C:\Users\IVOIRE\AppData\Local\Temp\is-LNI06.tmp\7za.exe
[2015/04/01 10:16:05 | 001,038,032 | ---- | M] (Quick Ref) -- C:\Users\IVOIRE\AppData\Local\Temp\is-LNI06.tmp\quickref_p.exe
[2015/04/01 10:30:08 | 000,928,954 | ---- | M] () -- C:\Users\IVOIRE\AppData\Local\Temp\is-LNI06.tmp\quickref_p_.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\consrv.dll >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2015/02/21 02:41:09 | 012,827,648 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ieframe.dll
[2013/10/12 04:03:31 | 000,163,840 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\scrrun.dll
[2015/02/13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\shell32.dll

[color=#A23BEC]< %windir%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/07/14 07:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/07/14 07:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/07/14 07:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/07/14 07:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/07/14 07:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/07/14 07:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet \Services\lanmanserver\parameters /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\SubSystems /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\AppCertDlls /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s >[/color]
"ProfilesDirectory" = %SystemDrive%\Users -- [2012/10/03 09:05:41 | 000,000,000 | R--D | M]
"Default" = %SystemDrive%\Users\Default -- [2012/10/03 09:05:35 | 000,000,000 | RH-D | M]
"Public" = %SystemDrive%\Users\Public -- [2013/11/08 18:14:16 | 000,000,000 | R--D | M]
"ProgramData" = %SystemDrive%\ProgramData -- [2015/04/12 14:16:05 | 000,000,000 | -H-D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18]
"Flags" = 12
"State" = 0
"RefCount" = 1
"Sid" = 01 01 00 00 00 00 00 05 12 00 00 00 [binary data]
"ProfileImagePath" = %systemroot%\system32\config\systemprofile -- [2014/08/10 00:49:42 | 000,000,000 | ---D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19]
"ProfileImagePath" = C:\Windows\ServiceProfiles\LocalService -- [2015/04/06 16:46:42 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20]
"ProfileImagePath" = C:\Windows\ServiceProfiles\NetworkService -- [2015/04/06 16:46:38 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2913280506-1945110618-3153893059-1000]
"ProfileImagePath" = C:\Users\IVOIRE -- [2015/04/09 01:11:11 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 FA 21 A5 AD 5A 08 F0 73 C3 96 FC BB E8 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 4
"RunLogonScriptSync" = 0

[color=#A23BEC]< HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 64
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 64

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9

[color=#A23BEC]< nslookup http://www.google.fr /c >[/color]
DNS request timed out.
timeout was 2 seconds.
Serveur : UnKnown
Address: 192.168.1.254
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Crossbrowse\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --make-default-browser
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Crossbrowse\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --hide-icons
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Crossbrowse\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --show-icons
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Crossbrowse\shell\open\command\\: "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2015/03/30 23:07:57 | 000,809,288 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2015/03/30 23:07:57 | 000,809,288 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2015/03/30 23:07:57 | 000,809,288 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2015/03/30 23:07:57 | 000,809,288 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2015/02/24 05:15:54 | 000,813,736 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1428349475&from=tugs&uid=ST9500325AS_5VEV8JC8XXXX5VEV8JC8 [2015/02/24 05:15:54 | 000,813,736 | ---- | M] (Microsoft Corporation)

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color]
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Crossbrowse\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\CROSSBROWSE\CROSSBROWSE\APPLICATION\CROSSBROWSE.EXE" --MAKE-DEFAULT-BROWSER
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Crossbrowse\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\CROSSBROWSE\CROSSBROWSE\APPLICATION\CROSSBROWSE.EXE" --HIDE-ICONS
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Crossbrowse\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\CROSSBROWSE\CROSSBROWSE\APPLICATION\CROSSBROWSE.EXE" --SHOW-ICONS
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Crossbrowse\shell\open\command\\: "C:\PROGRAM FILES (X86)\CROSSBROWSE\CROSSBROWSE\APPLICATION\CROSSBROWSE.EXE"
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2015/03/30 23:07:57 | 000,809,288 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2015/03/30 23:07:57 | 000,809,288 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2015/03/30 23:07:57 | 000,809,288 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2015/03/30 23:07:57 | 000,809,288 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2015/02/20 03:49:33 | 000,718,848 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2015/02/20 03:49:33 | 000,718,848 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2015/02/20 03:49:33 | 000,718,848 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2015/02/24 05:15:54 | 000,813,736 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE HTTP://WWW.ISTARTSURF.COM/?TYPE=SC&TS=1428349475&FROM=TUGS&UID=ST9500325AS_5VEV8JC8XXXX5VEV8JC8 [2015/02/24 05:15:54 | 000,813,736 | ---- | M] (Microsoft Corporation)

< End of report >

Publicité


Signaler le contenu de ce document

Publicité