cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 02/08/2015 21:54:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

11,95 Gb Total Physical Memory | 8,26 Gb Available Physical Memory | 69,06% Memory free
23,91 Gb Paging File | 19,80 Gb Available in Paging File | 82,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,41 Gb Total Space | 130,71 Gb Free Space | 18,71% Space Free | Partition Type: NTFS
Drive F: | 59,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 1,62 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 1,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SKYUP-PORTABLE | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/08/02 21:54:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Downloads\OTL.exe
PRC - [2015/07/25 10:46:43 | 000,813,896 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/07/22 23:16:30 | 002,269,184 | ---- | M] (The OpenVPN Project) -- C:\Program Files (x86)\SurfEasy VPN\openvpn\openvpn.exe
PRC - [2015/07/22 23:16:28 | 013,868,400 | ---- | M] () -- C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyVPN.exe
PRC - [2015/07/22 23:16:26 | 003,517,808 | ---- | M] () -- C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
PRC - [2015/07/16 15:55:15 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
PRC - [2015/07/10 12:11:20 | 000,216,576 | ---- | M] () -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/06/24 15:01:16 | 005,515,496 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015/06/24 11:53:50 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015/06/18 08:39:34 | 006,554,424 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2015/05/28 05:52:26 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2015/05/21 14:48:02 | 000,063,968 | ---- | M] (CyberGhost S.R.L) -- C:\Program Files\CyberGhost 5\Service.exe
PRC - [2015/04/13 20:06:24 | 000,794,008 | ---- | M] (OpenVPN Technologies, Inc) -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptcore.exe
PRC - [2015/01/29 19:43:06 | 000,017,816 | ---- | M] (OpenVPN Technologies, Inc) -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe
PRC - [2015/01/29 19:43:02 | 000,872,344 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\PrivateTunnel.exe
PRC - [2014/11/30 12:12:39 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014/11/17 22:04:08 | 002,465,088 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/11/17 22:04:03 | 001,796,928 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/10/30 00:25:46 | 004,673,432 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/07/10 19:33:26 | 002,321,624 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2012/06/07 15:12:06 | 000,162,456 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2012/06/07 15:12:06 | 000,090,832 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2012/02/29 12:08:34 | 001,121,448 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012/02/16 12:37:16 | 000,322,176 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012/02/15 18:38:10 | 000,174,720 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012/02/07 12:12:52 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/01/20 10:35:26 | 000,045,696 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe
PRC - [2011/11/21 15:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2011/10/24 18:20:38 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009/06/19 11:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2008/12/22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2000/01/01 02:00:00 | 002,029,056 | ---- | M] () -- C:\Users\Chris\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
PRC - [2000/01/01 02:00:00 | 000,338,432 | ---- | M] (Mozilla Corporation) -- C:\Users\Chris\Desktop\Tor Browser\Browser\firefox.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/07/25 10:46:41 | 001,405,768 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
MOD - [2015/07/25 10:46:40 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll
MOD - [2015/07/22 23:16:28 | 013,868,400 | ---- | M] () -- C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyVPN.exe
MOD - [2015/07/22 23:16:28 | 000,089,456 | ---- | M] () -- C:\Program Files (x86)\SurfEasy VPN\client\zlib.dll
MOD - [2015/06/24 11:53:58 | 000,104,400 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015/06/24 11:53:58 | 000,104,400 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\log.dll
MOD - [2015/06/24 11:53:52 | 000,081,728 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015/06/24 11:53:52 | 000,081,728 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\JsonRpcServer.dll
MOD - [2015/03/23 15:01:01 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/01/29 19:43:02 | 000,872,344 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\PrivateTunnel.exe
MOD - [2015/01/26 19:29:28 | 038,713,856 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\libcef.dll
MOD - [2015/01/26 19:29:28 | 000,880,128 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\libGLESv2.dll
MOD - [2015/01/26 19:29:28 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\libEGL.dll
MOD - [2012/06/07 15:12:04 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
MOD - [2012/01/31 10:25:12 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
MOD - [2000/01/01 02:00:00 | 005,066,766 | ---- | M] () -- C:\Users\Chris\Desktop\Tor Browser\Browser\mozjs.dll
MOD - [2000/01/01 02:00:00 | 002,029,056 | ---- | M] () -- C:\Users\Chris\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
MOD - [2000/01/01 02:00:00 | 000,714,452 | ---- | M] () -- C:\Users\Chris\Desktop\Tor Browser\Browser\TorBrowser\Tor\libevent-2-0-5.dll
MOD - [2000/01/01 02:00:00 | 000,517,814 | ---- | M] () -- C:\Users\Chris\Desktop\Tor Browser\Browser\TorBrowser\Tor\libgcc_s_sjlj-1.dll
MOD - [2000/01/01 02:00:00 | 000,110,592 | ---- | M] () -- C:\Users\Chris\Desktop\Tor Browser\Browser\TorBrowser\Tor\zlib1.dll
MOD - [2000/01/01 02:00:00 | 000,092,087 | ---- | M] () -- C:\Users\Chris\Desktop\Tor Browser\Browser\TorBrowser\Tor\libssp-0.dll
MOD - [2000/01/01 02:00:00 | 000,092,087 | ---- | M] () -- C:\Users\Chris\Desktop\Tor Browser\Browser\libssp-0.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/06/24 11:53:50 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2015/06/24 11:53:03 | 004,034,896 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:[b]64bit:[/b] - [2015/06/20 21:34:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/05/25 20:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/05/21 14:48:02 | 000,063,968 | ---- | M] (CyberGhost S.R.L) [Auto | Running] -- C:\Program Files\CyberGhost 5\Service.exe -- (CGVPNCliService)
SRV:[b]64bit:[/b] - [2015/04/10 18:14:34 | 002,823,496 | ---- | M] (CybelSoft) [Auto | Running] -- C:\Program Files\ma-config.com\MaConfigAgent.exe -- (MaConfigAgent)
SRV:[b]64bit:[/b] - [2014/11/17 22:04:03 | 001,149,760 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:[b]64bit:[/b] - [2014/11/17 22:04:02 | 019,821,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2013/12/11 15:59:12 | 001,050,904 | ---- | M] () [Auto | Stopped] -- C:\Program Files\KMSpico\Service_KMS.exe -- (Service KMSELDI)
SRV:[b]64bit:[/b] - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/01/20 17:15:14 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2012/01/11 18:34:44 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:[b]64bit:[/b] - [2012/01/09 06:19:34 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:[b]64bit:[/b] - [2011/12/27 15:24:08 | 000,514,048 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:[b]64bit:[/b] - [2011/12/27 15:18:34 | 000,979,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:[b]64bit:[/b] - [2011/12/08 11:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:[b]64bit:[/b] - [2011/12/08 11:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2011/12/08 11:43:48 | 000,618,256 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2011/12/08 11:43:44 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2015/07/22 23:16:26 | 003,517,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe -- (SurfEasyVPN)
SRV - [2015/07/10 12:11:20 | 000,216,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe -- (DirMngr)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:39:50 | 001,133,880 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/05/28 05:52:26 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2015/01/29 19:43:06 | 000,017,816 | ---- | M] (OpenVPN Technologies, Inc) [Auto | Running] -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe -- (ptservice)
SRV - [2015/01/02 20:45:12 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/11/30 12:12:39 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014/11/17 22:04:03 | 001,796,928 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/04/12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012/01/20 10:35:26 | 000,045,696 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe -- (FanChkService)
SRV - [2011/11/21 15:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2011/11/21 15:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/08/02 21:46:32 | 000,079,064 | ---- | M] (Malwarebytes Corporation) [Kernel | Boot | Unknown] -- C:\Windows\SysNative\drivers\ampijcp.sys -- (sprw)
DRV:[b]64bit:[/b] - [2015/08/02 21:34:36 | 000,113,880 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2015/07/22 23:16:28 | 000,039,096 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tapse01.sys -- (tapse01)
DRV:[b]64bit:[/b] - [2015/06/30 09:56:32 | 000,442,264 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2015/06/24 11:54:29 | 000,137,288 | ---- | M] (Avast Software s.r.o.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2015/06/24 11:54:27 | 000,272,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2015/06/24 11:54:27 | 000,089,944 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2015/06/24 11:54:27 | 000,065,736 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2015/06/24 11:54:27 | 000,029,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2015/06/24 11:54:25 | 000,093,528 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2015/06/24 11:53:35 | 001,047,320 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2015/06/24 11:53:03 | 000,273,824 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:[b]64bit:[/b] - [2015/06/18 08:41:56 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:[b]64bit:[/b] - [2015/06/18 08:41:40 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2015/05/28 09:04:11 | 000,195,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2015/01/26 19:29:28 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ptun0901.sys -- (ptun0901)
DRV:[b]64bit:[/b] - [2014/11/29 16:03:28 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2014/11/17 22:04:02 | 000,020,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2014/10/03 21:23:02 | 000,038,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/02/24 17:33:46 | 000,017,568 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys -- (ma-config_amd64)
DRV:[b]64bit:[/b] - [2013/08/22 14:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2012/10/03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/29 12:08:34 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:[b]64bit:[/b] - [2012/02/07 12:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012/02/07 12:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012/02/07 12:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012/01/20 17:14:34 | 000,016,128 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2012/01/09 06:13:12 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:[b]64bit:[/b] - [2012/01/09 06:13:12 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:[b]64bit:[/b] - [2011/12/23 11:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011/12/01 18:37:48 | 000,084,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:[b]64bit:[/b] - [2011/11/23 00:13:10 | 002,796,544 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011/09/19 15:54:46 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/09/07 15:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/02/29 12:08:34 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AiCharger.sys -- (AiCharger)
DRV - [2011/09/07 10:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO_)
DRV - [2010/09/07 15:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Google (avast)"
FF - prefs.js..browser.search.defaultenginename: "Google (avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Google (avast)"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search/?trackid=sp-006"
FF - prefs.js..browser.search.order.1: "Google (avast)"
FF - prefs.js..browser.search.selectedEngine: "Google (avast)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/?trackid=sp-006"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1.1
FF - prefs.js..keyword.URL: "https://www.google.com/search/?trackid=sp-006"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/06/24 11:53:39 | 000,000,000 | ---D | M]

[2014/11/22 01:29:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2014/11/30 16:24:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\bif0hkzr.default\extensions
[2014/11/30 16:25:00 | 000,002,428 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\bif0hkzr.default\searchplugins\google-avast.xml
[2012/10/01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O4:[b]64bit:[/b] - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:[b]64bit:[/b] - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [SurfEasy] C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyVPN.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moniteur de la technologie Intel® Turbo Boost 2.5.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:[b]64bit:[/b] - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O8:[b]64bit:[/b] - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.9.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23D57273-80A8-4372-A2A8-F1A5B5C727D0}: DhcpNameServer = 10.9.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{458E9CBF-D868-4649-85AB-6091D9F5630D}: DhcpNameServer = 10.9.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47BA666E-4DCF-4B9D-AB9A-0F6C36CC0606}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/05/08 21:42:08 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2013/01/01 01:00:00 | 000,000,065 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2013/04/05 20:01:24 | 000,000,043 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{cef023dd-789d-11e4-99c6-dc85de5ea138}\Shell - "" = AutoRun
O33 - MountPoints2\{cef023dd-789d-11e4-99c6-dc85de5ea138}\Shell\AutoRun\command - "" = F:\setup.exe -- [2015/05/08 21:42:37 | 000,911,955 | R--- | M] ( )
O33 - MountPoints2\{cef023f4-789d-11e4-99c6-dc85de5ea138}\Shell - "" = AutoRun
O33 - MountPoints2\{cef023f4-789d-11e4-99c6-dc85de5ea138}\Shell\AutoRun\command - "" = G:\setup.exe -- [2013/01/01 01:00:00 | 000,687,720 | R--- | M] (Team17 Digital Ltd )
O33 - MountPoints2\{cef023f8-789d-11e4-99c6-dc85de5ea138}\Shell - "" = AutoRun
O33 - MountPoints2\{cef023f8-789d-11e4-99c6-dc85de5ea138}\Shell\AutoRun\command - "" = H:\setup.exe -- [2013/04/05 20:01:40 | 000,458,739 | R--- | M] ( )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/08/02 21:46:32 | 000,079,064 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\ampijcp.sys
[2015/08/01 19:25:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SurfEasy VPN
[2015/08/01 19:25:05 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\com.surfeasy.se0200
[2015/08/01 19:24:38 | 000,000,000 | ---D | C] -- C:\ProgramData\SurfEasyService
[2015/08/01 19:24:35 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SurfEasy VPN
[2015/08/01 19:24:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SurfEasy VPN
[2015/08/01 18:33:05 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\pgp
[2015/07/31 17:49:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN Technologies
[2015/07/31 17:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenVPN Technologies
[2015/07/31 17:20:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SecurityKISS Tunnel
[2015/07/31 17:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\SecurityKISS Tunnel
[2015/07/31 16:35:00 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\GNU
[2015/07/31 16:34:57 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\.kde
[2015/07/31 16:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
[2015/07/31 16:22:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\Documentation de Gpg4win
[2015/07/31 16:22:27 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\gnupg
[2015/07/31 16:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\GNU
[2015/07/31 16:22:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GNU
[2015/07/31 16:13:16 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\CyberGhost
[2015/07/31 16:12:53 | 000,000,000 | ---D | C] -- C:\Program Files\TAP-Windows
[2015/07/31 16:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
[2015/07/31 16:12:46 | 000,000,000 | ---D | C] -- C:\Program Files\CyberGhost 5
[2015/07/31 14:57:43 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Tor Browser
[2015/07/31 00:03:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015/07/28 12:12:32 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/07/28 12:12:32 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/07/28 12:12:32 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/07/28 12:12:32 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/07/28 12:12:32 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/07/28 12:12:31 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/07/28 12:12:31 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/07/28 12:12:31 | 000,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015/07/27 22:24:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
[2015/07/22 23:16:28 | 000,039,096 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tapse01.sys
[2015/07/21 10:00:31 | 000,372,224 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/07/21 10:00:31 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/07/21 10:00:31 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/07/21 10:00:31 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/07/21 10:00:30 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/07/21 10:00:30 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/07/21 10:00:30 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/07/21 10:00:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015/07/20 22:20:02 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\CEF
[2015/07/15 10:50:40 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cewmdm.dll
[2015/07/15 10:50:40 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cewmdm.dll
[2015/07/15 10:50:37 | 003,154,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/07/15 10:50:37 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/07/15 10:50:37 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/07/15 10:50:37 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/07/15 10:50:37 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/07/15 10:50:37 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/07/15 10:50:37 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/07/15 10:50:37 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/07/15 10:50:37 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/07/15 10:50:37 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/07/15 10:50:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/07/15 10:50:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/07/15 10:50:37 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/07/15 10:50:37 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/07/15 10:50:37 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/07/15 10:50:26 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015/07/15 10:50:23 | 005,923,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/07/15 10:50:23 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/07/15 10:50:22 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/07/15 10:50:05 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/07/15 10:50:04 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/07/15 10:48:27 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/07/15 10:48:27 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/07/15 10:48:27 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/07/15 10:48:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/07/15 10:48:27 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/07/15 10:48:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/07/15 10:48:26 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/07/15 10:48:26 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/07/15 10:48:26 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/07/15 10:48:26 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/07/15 10:48:25 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/07/15 10:48:25 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/07/15 10:48:25 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/07/15 10:48:25 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/07/15 10:48:25 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/07/15 10:48:25 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/07/15 10:48:25 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/07/15 10:48:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/07/15 10:48:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/07/15 10:48:24 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/07/15 10:48:24 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/07/15 10:48:24 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/07/15 10:48:23 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/07/15 10:48:23 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/07/15 10:48:23 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/07/15 10:48:23 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/07/15 10:48:23 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/07/15 10:48:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/07/15 10:48:22 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/07/15 10:48:22 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/07/15 10:48:22 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/07/15 10:48:21 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/07/15 10:48:21 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/07/15 10:48:21 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/07/15 10:45:26 | 002,087,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015/07/15 10:45:21 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015/07/15 10:45:21 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015/07/15 10:45:21 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015/07/15 10:45:19 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/07/15 10:45:19 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015/07/15 10:45:19 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/07/15 10:45:19 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/07/15 10:45:19 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/07/15 10:45:19 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/07/15 10:45:19 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/07/15 10:45:19 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/07/15 10:45:19 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/07/15 10:45:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/07/15 10:45:19 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015/07/15 10:45:19 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/07/15 10:45:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/07/15 10:45:18 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/07/15 10:45:18 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/07/15 10:45:11 | 003,242,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2015/07/15 10:45:10 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2015/07/15 10:45:10 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2015/07/15 10:45:10 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2015/07/15 10:45:10 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2015/07/15 10:45:10 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2015/07/15 10:45:10 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2015/07/15 10:45:10 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2015/07/10 19:02:57 | 000,000,000 | -H-D | C] -- C:\$Windows.~BT
[2015/07/06 20:12:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Popcorn-Time
[2015/07/06 20:11:56 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Popcorn Time
[1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/08/02 21:46:32 | 000,079,064 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\ampijcp.sys
[2015/08/02 21:38:19 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/08/02 21:38:19 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/08/02 21:34:36 | 000,113,880 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/08/02 21:31:38 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/08/02 21:31:12 | 001,668,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/08/02 21:31:12 | 000,747,570 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2015/08/02 21:31:12 | 000,654,140 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/08/02 21:31:12 | 000,150,062 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2015/08/02 21:31:12 | 000,122,012 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/08/02 21:25:39 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/08/02 21:24:59 | 000,000,380 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\sp_data.sys
[2015/08/02 21:24:51 | 000,000,022 | ---- | M] () -- C:\Windows\S.dirmngr
[2015/08/02 21:24:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/08/02 21:24:08 | 1036,943,358 | -HS- | M] () -- C:\hiberfil.sys
[2015/08/02 21:00:16 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/08/01 19:24:36 | 000,001,165 | ---- | M] () -- C:\Users\Chris\Desktop\SurfEasy VPN.lnk
[2015/07/31 17:49:37 | 000,002,248 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk
[2015/07/31 17:49:37 | 000,002,230 | ---- | M] () -- C:\Users\Public\Desktop\Private Tunnel.lnk
[2015/07/31 17:23:36 | 000,000,107 | ---- | M] () -- C:\Users\Chris\SecurityKISSTunnel.config
[2015/07/31 17:20:21 | 000,000,865 | ---- | M] () -- C:\Users\Chris\Desktop\SecurityKISS Tunnel.lnk
[2015/07/31 16:22:35 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Kleopatra.lnk
[2015/07/31 16:12:47 | 000,001,728 | ---- | M] () -- C:\Users\Chris\Desktop\CyberGhost 5.lnk
[2015/07/31 16:12:47 | 000,000,874 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\CyberGhost 5.lnk
[2015/07/31 14:57:58 | 000,000,787 | ---- | M] () -- C:\Users\Chris\Desktop\Start Tor Browser.lnk
[2015/07/31 13:52:19 | 000,147,239 | ---- | M] () -- C:\Users\Chris\Desktop\11800221_1456545781337330_4319659536054439428_n.jpg
[2015/07/31 12:41:20 | 001,260,545 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_n4mui8O61Q1r539hzo1_250.gif
[2015/07/31 12:41:12 | 000,132,355 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_n4mujaYNXT1r539hzo1_500.jpg
[2015/07/31 12:41:06 | 000,168,536 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_n4l1o0JCYE1r539hzo1_500.jpg
[2015/07/31 11:36:12 | 000,009,092 | ---- | M] () -- C:\Users\Chris\Desktop\iban_M_VINCENT_MASSEROT_00020609601 (2).pdf
[2015/07/30 14:00:26 | 000,083,664 | ---- | M] () -- C:\Users\Chris\Desktop\19.jpg
[2015/07/30 13:59:29 | 000,084,603 | ---- | M] () -- C:\Users\Chris\Desktop\1.jpg
[2015/07/29 21:00:55 | 002,028,757 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_na7vo77ec51r539hzo1_250.gif
[2015/07/29 20:58:55 | 001,021,167 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_naatdmirZ11r539hzo1_400.gif
[2015/07/29 18:41:48 | 000,032,815 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_ncpiltu0mb1r539hzo1_500.jpg
[2015/07/29 18:24:51 | 001,018,854 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_neac9tqYhL1r539hzo1_400.gif
[2015/07/29 18:24:18 | 000,249,698 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_nedu1jWC0d1r539hzo1_500.png
[2015/07/29 18:23:05 | 000,126,330 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_nem05sKHJt1r539hzo1_400.png
[2015/07/29 18:20:07 | 000,083,661 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_nf0uttWAub1r539hzo1_500.jpg
[2015/07/29 18:12:24 | 002,070,469 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_ng8md7M1tn1r539hzo1_500.gif
[2015/07/29 17:56:58 | 000,068,538 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_nj3ol09QhV1r539hzo1_500.jpg
[2015/07/29 17:52:11 | 000,102,870 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_njcqhnfblC1r539hzo1_500.jpg
[2015/07/29 09:08:18 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/07/26 19:05:40 | 000,433,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/07/25 20:07:17 | 000,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015/07/25 20:04:16 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/07/25 20:04:05 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/07/25 20:03:59 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/07/25 20:03:58 | 001,085,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/07/25 20:03:57 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/07/25 20:03:57 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/07/25 19:55:04 | 001,145,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/07/23 11:33:09 | 000,053,077 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_inline_n5a1rpGKxE1rlobmo.jpg
[2015/07/22 23:16:28 | 000,039,096 | ---- | M] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tapse01.sys
[2015/07/17 18:10:15 | 000,109,419 | ---- | M] () -- C:\Users\Chris\Desktop\tumblr_nr33a3pKy91qzmopno1_1280.jpg
[2015/07/15 10:50:30 | 000,035,904 | ---- | M] () -- C:\Users\Chris\Desktop\11748833_10153629735827481_1576130538_n-1.jpg
[2015/07/15 05:19:54 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/07/15 05:19:50 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/07/15 05:19:46 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015/07/15 05:19:45 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/07/15 04:55:37 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/07/15 04:55:32 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/07/15 03:59:42 | 000,372,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/07/15 03:52:35 | 000,299,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/07/13 14:11:46 | 000,030,805 | ---- | M] () -- C:\Users\Chris\Desktop\moyen-emily---revolve.jpg
[2015/07/10 07:49:55 | 075,815,969 | ---- | M] () -- C:\Users\Chris\Desktop\Entrevue N 180.pdf
[2015/07/09 19:58:56 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/07/09 19:58:56 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/07/09 19:58:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/07/09 19:58:55 | 003,154,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/07/09 19:58:55 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/07/09 19:58:55 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/07/09 19:58:34 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/07/09 19:58:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/07/09 19:58:20 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/07/09 19:58:20 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/07/09 19:43:25 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/07/09 19:43:25 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/07/09 19:43:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/07/09 19:43:24 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/07/09 19:42:47 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/07/08 11:20:08 | 000,099,329 | ---- | M] () -- C:\Users\Chris\Desktop\img-mais-qui-es-tu-le-championnat-chinois-1323776929_620_400_crop_articles-150853.jpg
[2015/07/04 20:07:11 | 002,087,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/08/02 21:24:51 | 000,000,022 | ---- | C] () -- C:\Windows\S.dirmngr
[2015/08/01 19:24:36 | 000,001,165 | ---- | C] () -- C:\Users\Chris\Desktop\SurfEasy VPN.lnk
[2015/07/31 17:49:37 | 000,002,248 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk
[2015/07/31 17:49:37 | 000,002,230 | ---- | C] () -- C:\Users\Public\Desktop\Private Tunnel.lnk
[2015/07/31 17:20:46 | 000,000,107 | ---- | C] () -- C:\Users\Chris\SecurityKISSTunnel.config
[2015/07/31 17:20:21 | 000,000,865 | ---- | C] () -- C:\Users\Chris\Desktop\SecurityKISS Tunnel.lnk
[2015/07/31 16:22:35 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Kleopatra.lnk
[2015/07/31 16:12:47 | 000,001,728 | ---- | C] () -- C:\Users\Chris\Desktop\CyberGhost 5.lnk
[2015/07/31 16:12:47 | 000,000,874 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\CyberGhost 5.lnk
[2015/07/31 16:11:47 | 000,004,033 | ---- | C] () -- C:\Users\Chris\Desktop\vpnbook-euro1-udp25000.ovpn
[2015/07/31 16:11:47 | 000,004,029 | ---- | C] () -- C:\Users\Chris\Desktop\vpnbook-euro1-tcp443.ovpn
[2015/07/31 16:11:47 | 000,004,027 | ---- | C] () -- C:\Users\Chris\Desktop\vpnbook-euro1-udp53.ovpn
[2015/07/31 16:11:47 | 000,004,027 | ---- | C] () -- C:\Users\Chris\Desktop\vpnbook-euro1-tcp80.ovpn
[2015/07/31 14:57:58 | 000,000,835 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
[2015/07/31 14:57:58 | 000,000,787 | ---- | C] () -- C:\Users\Chris\Desktop\Start Tor Browser.lnk
[2015/07/31 13:52:18 | 000,147,239 | ---- | C] () -- C:\Users\Chris\Desktop\11800221_1456545781337330_4319659536054439428_n.jpg
[2015/07/31 12:41:19 | 001,260,545 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_n4mui8O61Q1r539hzo1_250.gif
[2015/07/31 12:41:12 | 000,132,355 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_n4mujaYNXT1r539hzo1_500.jpg
[2015/07/31 12:41:05 | 000,168,536 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_n4l1o0JCYE1r539hzo1_500.jpg
[2015/07/31 11:36:12 | 000,009,092 | ---- | C] () -- C:\Users\Chris\Desktop\iban_M_VINCENT_MASSEROT_00020609601 (2).pdf
[2015/07/30 14:00:26 | 000,083,664 | ---- | C] () -- C:\Users\Chris\Desktop\19.jpg
[2015/07/30 13:59:28 | 000,084,603 | ---- | C] () -- C:\Users\Chris\Desktop\1.jpg
[2015/07/29 21:00:55 | 002,028,757 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_na7vo77ec51r539hzo1_250.gif
[2015/07/29 20:58:55 | 001,021,167 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_naatdmirZ11r539hzo1_400.gif
[2015/07/29 18:41:48 | 000,032,815 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_ncpiltu0mb1r539hzo1_500.jpg
[2015/07/29 18:24:51 | 001,018,854 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_neac9tqYhL1r539hzo1_400.gif
[2015/07/29 18:24:18 | 000,249,698 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_nedu1jWC0d1r539hzo1_500.png
[2015/07/29 18:23:05 | 000,126,330 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_nem05sKHJt1r539hzo1_400.png
[2015/07/29 18:20:07 | 000,083,661 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_nf0uttWAub1r539hzo1_500.jpg
[2015/07/29 18:12:23 | 002,070,469 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_ng8md7M1tn1r539hzo1_500.gif
[2015/07/29 17:56:58 | 000,068,538 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_nj3ol09QhV1r539hzo1_500.jpg
[2015/07/29 17:52:10 | 000,102,870 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_njcqhnfblC1r539hzo1_500.jpg
[2015/07/23 11:33:08 | 000,053,077 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_inline_n5a1rpGKxE1rlobmo.jpg
[2015/07/20 22:19:52 | 075,815,969 | ---- | C] () -- C:\Users\Chris\Desktop\Entrevue N 180.pdf
[2015/07/17 18:10:14 | 000,109,419 | ---- | C] () -- C:\Users\Chris\Desktop\tumblr_nr33a3pKy91qzmopno1_1280.jpg
[2015/07/15 10:50:27 | 000,035,904 | ---- | C] () -- C:\Users\Chris\Desktop\11748833_10153629735827481_1576130538_n-1.jpg
[2015/07/13 14:11:41 | 000,030,805 | ---- | C] () -- C:\Users\Chris\Desktop\moyen-emily---revolve.jpg
[2015/07/08 11:20:04 | 000,099,329 | ---- | C] () -- C:\Users\Chris\Desktop\img-mais-qui-es-tu-le-championnat-chinois-1323776929_620_400_crop_articles-150853.jpg
[2015/06/01 02:24:50 | 037,741,712 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2015/03/24 21:52:34 | 122,962,266 | ---- | C] () -- C:\Program Files (x86)\angers.sav
[2015/03/18 22:35:03 | 242,668,768 | ---- | C] () -- C:\Program Files (x86)\milan ac.sav
[2015/03/10 12:59:58 | 242,525,340 | ---- | C] () -- C:\Program Files (x86)\annule.sav
[2015/03/09 18:20:52 | 202,223,116 | ---- | C] () -- C:\Program Files (x86)\paris.sav
[2015/03/04 15:27:26 | 196,699,710 | ---- | C] () -- C:\Program Files (x86)\nono.sav
[2015/03/04 03:43:26 | 196,667,331 | ---- | C] () -- C:\Program Files (x86)\vin.sav
[2015/03/03 23:00:01 | 000,000,535 | ---- | C] () -- C:\Program Files (x86)\game.cfg
[2015/01/17 11:12:19 | 000,005,120 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/11/30 12:01:32 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/11/30 12:01:27 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/11/30 12:01:26 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2014/11/22 13:49:29 | 001,643,324 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/11/22 00:54:59 | 000,000,380 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\sp_data.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

Publicité


Signaler le contenu de ce document

Publicité