cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 26/10/2015 18:40:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\anthony\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18053)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,88 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 59,57% Memory free
5,65 Gb Paging File | 3,27 Gb Available in Paging File | 57,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 438,38 Gb Total Space | 244,82 Gb Free Space | 55,85% Space Free | Partition Type: NTFS

Computer Name: PCANTHO | User Name: anthony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/10/26 18:39:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\anthony\Desktop\OTL.exe
PRC - [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/10/05 08:48:46 | 001,135,416 | ---- | M] (Malwarebytes) -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2015/10/05 08:48:44 | 001,513,784 | ---- | M] (Malwarebytes) -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2015/10/05 08:48:34 | 009,832,760 | ---- | M] (Malwarebytes) -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\Malwarebytes Anti-Malware\mbam.exe
PRC - [2015/09/16 13:54:20 | 000,188,192 | ---- | M] (IObit) -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\IObit Uninstaller\UninstallMonitor.exe
PRC - [2015/08/05 08:57:56 | 000,821,024 | ---- | M] (IObit) -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\Advanced SystemCare 8\ASCService.exe
PRC - [2015/07/29 15:43:54 | 002,909,472 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2015/07/23 14:04:48 | 000,059,928 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2015/07/17 13:21:14 | 000,882,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2015/03/12 12:04:48 | 000,129,168 | ---- | M] (Razer Inc.) -- C:\Users\anthony\Desktop\Autres\Razer Cortex\RzKLService.exe
PRC - [2015/03/04 17:02:59 | 000,296,520 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2015/02/03 15:37:40 | 000,794,328 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
PRC - [2015/02/03 15:35:44 | 000,388,824 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2014/12/03 11:04:28 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2014/12/03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/11/10 12:12:42 | 000,409,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2014/11/10 12:12:38 | 000,158,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2014/11/10 12:12:38 | 000,132,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2014/10/26 22:59:24 | 000,039,568 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/11/21 08:31:44 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/11/21 08:31:44 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/02/06 04:30:12 | 000,483,864 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2013/02/06 04:26:36 | 000,740,376 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
PRC - [2012/11/23 23:38:00 | 000,186,832 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2012/11/23 23:38:00 | 000,067,536 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/10/20 15:08:24 | 001,532,744 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
MOD - [2015/10/20 15:08:22 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
MOD - [2015/10/16 20:30:38 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\67bdc09fa286920c1f42f2a98c400f95\System.Core.ni.dll
MOD - [2015/10/16 20:30:30 | 010,030,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\1c5fe4cb68f67046baec4c3a854f722f\System.ni.dll
MOD - [2015/09/12 12:48:03 | 012,898,304 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\09785c0df09bdf24e579cceaa2428fad\System.Windows.Forms.ni.dll
MOD - [2015/09/12 12:47:51 | 001,639,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\7449ed83cff59f33ab4875d4b771fe70\System.Drawing.ni.dll
MOD - [2015/08/28 15:57:06 | 007,785,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\43edd630a9f8cd6ac38c527b106ec94f\System.Xml.ni.dll
MOD - [2015/08/28 15:56:59 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\6281ab590224520bad7c4f5b3ef37575\System.Xaml.ni.dll
MOD - [2015/08/28 15:54:55 | 019,567,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\662aae610c401a254416904a4861b189\System.ServiceModel.ni.dll
MOD - [2015/08/28 15:54:28 | 002,803,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ab763e7f2c7532e9fe8f587995105156\System.Runtime.Serialization.ni.dll
MOD - [2015/08/28 15:54:03 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\814dd462b742d7c16c620e79397b2463\System.Configuration.ni.dll
MOD - [2015/01/18 19:50:45 | 000,118,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\1c09d6db83322a23a1744d75c4836f85\SMDiagnostics.ni.dll
MOD - [2015/01/17 20:42:15 | 000,786,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7159bb28e23de8ed898a2acb1dbfef6c\System.ServiceModel.Internals.ni.dll
MOD - [2014/09/24 16:35:40 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2013/01/15 17:48:26 | 000,348,992 | ---- | M] () -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\IObit Uninstaller\madExcept_.bpl
MOD - [2013/01/15 17:48:26 | 000,051,008 | ---- | M] () -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\IObit Uninstaller\madDisAsm_.bpl
MOD - [2013/01/15 17:48:24 | 000,183,616 | ---- | M] () -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\IObit Uninstaller\madBasic_.bpl


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/09/16 14:30:31 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2015/08/26 12:11:42 | 000,413,336 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe -- (USER_ESRV_SVC)
SRV:[b]64bit:[/b] - [2015/08/26 12:11:42 | 000,413,336 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe -- (ESRV_SVC)
SRV:[b]64bit:[/b] - [2015/07/31 15:12:28 | 001,653,272 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\vuagent.exe -- (VUAgent)
SRV:[b]64bit:[/b] - [2015/07/23 14:04:48 | 000,059,928 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:[b]64bit:[/b] - [2015/07/22 14:52:08 | 001,633,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/07/07 10:39:32 | 000,366,552 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/07/07 10:39:32 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/05/30 20:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2015/05/12 14:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2015/05/07 16:21:51 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2015/02/21 00:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2014/12/27 10:22:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/10/29 04:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/10/29 03:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2014/10/29 03:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2014/10/29 03:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2014/10/29 03:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2014/10/29 03:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2014/10/29 02:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/29 02:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2014/10/29 02:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2014/10/29 02:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2014/10/29 02:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2014/10/29 02:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 02:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2014/10/29 02:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/10/29 02:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2014/10/29 02:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/10/29 02:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2014/10/29 02:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2014/10/29 02:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/10/29 02:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2014/10/29 02:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2014/10/29 01:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2014/10/29 01:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2014/10/29 01:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2014/10/15 11:42:46 | 002,820,424 | ---- | M] (CybelSoft) [Auto | Running] -- C:\Program Files\ma-config.com\MaConfigAgent.exe -- (MaConfigAgent)
SRV:[b]64bit:[/b] - [2014/10/01 19:54:24 | 000,319,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2014/09/24 17:44:44 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2013/11/21 08:31:44 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2013/09/26 05:50:12 | 002,252,504 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\WINDOWS\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:[b]64bit:[/b] - [2013/09/04 20:13:04 | 000,976,600 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2013/03/14 10:30:15 | 000,048,640 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE -- (wltrysvc)
SRV:[b]64bit:[/b] - [2013/01/30 23:35:08 | 000,477,792 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:[b]64bit:[/b] - [2012/06/19 18:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2011/12/01 09:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2015/10/05 08:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/10/05 08:48:44 | 001,513,784 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2015/09/25 22:47:08 | 000,178,312 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe -- (iumsvc)
SRV - [2015/09/16 17:27:29 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/08/05 08:57:56 | 000,821,024 | ---- | M] (IObit) [Auto | Running] -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\Advanced SystemCare 8\ASCService.exe -- (AdvancedSystemCareService8)
SRV - [2015/07/29 15:43:54 | 002,909,472 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2015/07/17 13:21:14 | 000,882,464 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2015/05/07 16:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2015/03/12 12:04:48 | 000,129,168 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Users\anthony\Desktop\Autres\Razer Cortex\RzKLService.exe -- (RzKLService)
SRV - [2015/03/10 18:20:22 | 000,187,072 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe -- (Razer Game Scanner Service)
SRV - [2015/03/04 17:03:02 | 001,141,848 | ---- | M] (RealNetworks, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Cloud Service)
SRV - [2015/02/03 15:37:40 | 000,794,328 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc)
SRV - [2015/02/03 15:35:44 | 000,388,824 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2015/02/03 15:35:16 | 000,409,304 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2014/12/03 11:04:28 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2014/12/03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/11/10 12:12:42 | 000,409,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2014/11/10 12:12:38 | 000,158,496 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2014/11/10 12:12:38 | 000,132,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2014/10/30 05:41:44 | 000,031,856 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2014/10/29 02:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 02:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/26 22:59:24 | 000,039,568 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2014/10/01 19:54:28 | 000,281,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/09/24 17:44:44 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/10/16 12:29:30 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe -- (McComponentHostServiceSony)
SRV - [2013/09/28 04:38:22 | 000,629,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport)
SRV - [2013/03/01 15:49:18 | 000,463,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/02/06 04:30:12 | 000,483,864 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2013/01/29 16:27:44 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/29 16:27:42 | 000,124,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2013/01/06 15:30:54 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2012/11/23 23:38:00 | 000,067,536 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/10/26 13:55:03 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2015/10/22 17:32:20 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:[b]64bit:[/b] - [2015/10/11 19:37:31 | 000,029,352 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\semav6msr64.sys -- (semav6msr64)
DRV:[b]64bit:[/b] - [2015/10/05 08:50:22 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:[b]64bit:[/b] - [2015/10/05 08:50:06 | 000,025,816 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2015/09/06 18:13:52 | 000,013,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\semav6thermal64ro.sys -- (semav6thermal64ro)
DRV:[b]64bit:[/b] - [2015/07/07 10:40:12 | 000,044,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2015/07/07 10:40:05 | 000,270,168 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/07/07 10:40:05 | 000,114,520 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/05/27 10:13:24 | 000,626,888 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2015/05/27 10:13:24 | 000,042,696 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:[b]64bit:[/b] - [2015/04/16 07:17:07 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2015/03/20 02:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2015/03/17 18:26:06 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2015/03/13 05:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2015/03/10 18:18:47 | 000,037,184 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rzpmgrk.sys -- (rzpmgrk)
DRV:[b]64bit:[/b] - [2015/03/09 03:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2015/03/04 11:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/01/22 18:48:04 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:[b]64bit:[/b] - [2015/01/22 18:20:31 | 000,056,680 | ---- | M] (Kingsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ksapi64.sys -- (ksapi64)
DRV:[b]64bit:[/b] - [2014/12/24 18:20:01 | 008,469,680 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BCMWL63a.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2014/12/05 00:10:20 | 000,799,944 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2014/12/05 00:10:20 | 000,150,536 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\klflt.sys -- (klflt)
DRV:[b]64bit:[/b] - [2014/12/05 00:10:20 | 000,077,512 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\klwtp.sys -- (Klwtp)
DRV:[b]64bit:[/b] - [2014/12/05 00:10:20 | 000,068,616 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\klwfp.sys -- (klwfp)
DRV:[b]64bit:[/b] - [2014/11/10 19:06:59 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2014/11/10 12:12:38 | 000,129,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2014/11/04 20:33:40 | 000,058,176 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2014/10/29 04:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2014/10/29 04:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/10/29 04:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2014/10/29 03:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2014/10/29 03:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2014/10/29 03:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/10/29 03:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2014/10/29 03:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2014/10/17 05:56:23 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2014/10/17 04:35:04 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2014/10/15 09:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2014/10/07 07:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2014/10/07 07:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2014/10/01 19:54:16 | 003,828,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2014/09/24 17:03:16 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/09/24 16:34:55 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2014/09/24 16:34:37 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2014/09/24 16:34:36 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2014/09/24 16:34:36 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/09/24 16:34:36 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2014/09/24 16:34:36 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2014/09/24 16:03:40 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2014/08/26 14:31:52 | 000,874,712 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:[b]64bit:[/b] - [2014/08/15 01:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/08/12 17:32:58 | 000,247,480 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\klhk.sys -- (klhk)
DRV:[b]64bit:[/b] - [2014/08/01 21:18:33 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2014/07/09 15:23:54 | 000,179,776 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\kneps.sys -- (kneps)
DRV:[b]64bit:[/b] - [2014/07/02 15:10:42 | 000,046,144 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\kldisk.sys -- (kldisk)
DRV:[b]64bit:[/b] - [2014/03/31 10:47:10 | 000,468,576 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\kl1.sys -- (kl1)
DRV:[b]64bit:[/b] - [2014/03/28 16:51:02 | 000,028,768 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:[b]64bit:[/b] - [2014/02/25 12:09:02 | 000,030,304 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2014/02/24 17:33:46 | 000,017,568 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys -- (ma-config_amd64)
DRV:[b]64bit:[/b] - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2014/01/22 07:52:12 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:[b]64bit:[/b] - [2013/12/19 06:12:22 | 000,356,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:[b]64bit:[/b] - [2013/11/21 08:31:28 | 000,632,168 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/09/26 05:50:12 | 000,228,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2013/09/26 05:50:12 | 000,186,584 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2013/09/26 05:50:12 | 000,166,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:[b]64bit:[/b] - [2013/09/26 05:50:12 | 000,040,248 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2013/09/26 05:50:12 | 000,038,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2013/09/26 05:50:06 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/08/08 16:11:00 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/04/12 14:34:48 | 000,015,456 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\klpd.sys -- (klpd)
DRV:[b]64bit:[/b] - [2013/03/14 10:29:45 | 000,023,760 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:[b]64bit:[/b] - [2013/03/14 04:30:58 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2013/01/14 20:10:52 | 000,238,288 | ---- | M] (Kaspersky Lab UK Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\cm_km_w.sys -- (cm_km_w)
DRV:[b]64bit:[/b] - [2012/07/27 17:38:24 | 000,029,616 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\klelam.sys -- (klelam)
DRV:[b]64bit:[/b] - [2012/07/11 13:33:28 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:[b]64bit:[/b] - [2012/06/25 09:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:[b]64bit:[/b] - [2012/06/22 03:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2011/02/11 22:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\npf.sys -- (npf)
DRV - [2015/09/16 16:22:43 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/03/25 18:07:34 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2015/02/03 15:35:32 | 000,122,072 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu [binary data]
IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://vaioportal.sony.eu [binary data]
IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/
IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\..\SearchScopes\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\..\SearchScopes\{9DD96290-BD06-4B75-8418-85D0433B4F6E}: "URL" = http://rover.ebay.com/rover/1/709-42536-16445-33/4?mpre=http://shop.ebay.fr/?oemInLn=ieSrch-&_nkw={searchTerms}
IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\..\SearchScopes\{ACDC8191-C610-4973-B7A7-E37F6518A508}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..extensions.enabledAddons: iobitascsurfingprotection%40iobit.com:2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.1
FF - prefs.js..keyword.enabled: false
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Users\anthony\Desktop\Picasa3\npPicasa3.dll File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com File not found
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com File not found
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.15: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUpx64: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{338950EA-82DB-44C1-930D-0C28E023C9F0}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2015/03/04 17:03:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Users\anthony\Desktop\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Users\anthony\Desktop\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.6.0\extensions\\Components: C:\Users\anthony\Desktop\Navigateur Web\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.6.0\extensions\\Plugins: C:\Users\anthony\Desktop\Navigateur Web\plugins

[2015/01/22 20:58:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anthony\AppData\Roaming\mozilla\Extensions
[2015/01/22 20:58:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anthony\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2015/10/23 21:08:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anthony\AppData\Roaming\mozilla\Firefox\Profiles\gqe0eho8.default\extensions
[2015/10/21 10:20:19 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\anthony\AppData\Roaming\mozilla\Firefox\Profiles\gqe0eho8.default\extensions\iobitascsurfingprotection@iobit.com
[2015/10/23 14:56:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anthony\AppData\Roaming\mozilla\Firefox\Profiles\gqe0eho8.default\extensions\staged
[2015/01/22 20:58:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anthony\AppData\Roaming\mozilla\Sunbird\Profiles\ceyzbdy5.default\extensions
[2015/10/22 04:07:47 | 000,010,946 | ---- | M] () (No name found) -- C:\Users\anthony\AppData\Roaming\mozilla\firefox\profiles\gqe0eho8.default\extensions\{7d84a17e-5b95-49ab-a200-d7c78c571d3a}.xpi
[2015/01/21 15:43:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/09/16 17:27:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho\4.0.9.130_0\
CHR - Extension: No name found = C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.0_0\
CHR - Extension: No name found = C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\

O1 HOSTS File: ([2013/08/22 14:25:41 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [Bluetooth] C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe (Broadcom Corporation.)
O4:[b]64bit:[/b] - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe (Broadcom Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [Intel AppUp(R) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001..\Run: [Advanced SystemCare 8] C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\Advanced SystemCare 8\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001..\Run: [CCleaner Monitoring] C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001..\Run: [GUDelayStartup] C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
O4 - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001..\Run: [Spotify Web Helper] C:\Users\anthony\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\SysWow64\GPhotos.scr (Google Inc.)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\..Trusted Domains: localhost ([]http in Trusted sites)
O15 - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\..Trusted Domains: ma-config.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\..Trusted Domains: ma-config.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-4097387549-3906644338-2296366363-1001\..Trusted Domains: touslesdrivers.com ([]http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C67C1F7-1D6F-4E41-84CC-D0EA92AB50B0}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BE7D9D1-D894-4F05-A8B8-28F728B31EB2}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] lfsvc - C:\WINDOWS\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] wlidsvc - C:\WINDOWS\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DsmSvc - C:\WINDOWS\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NcaSvc - C:\WINDOWS\SysNative\NcaSvc.dll (Microsoft Corporation)


SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] BasicDisplay.sys - C:\WINDOWS\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] BasicRender.sys - C:\WINDOWS\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] BrokerInfrastructure - C:\WINDOWS\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] EFS - C:\WINDOWS\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] KeyIso - C:\WINDOWS\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] LSM - C:\WINDOWS\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Netlogon - C:\WINDOWS\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] SystemEventsBroker - C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] TBS - Service
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] BasicDisplay.sys - C:\WINDOWS\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] BasicRender.sys - C:\WINDOWS\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] BrokerInfrastructure - C:\WINDOWS\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] EFS - C:\WINDOWS\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] KeyIso - C:\WINDOWS\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] LSM - C:\WINDOWS\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Netlogon - C:\WINDOWS\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] netprofm - C:\WINDOWS\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdpencdd.sys - Driver
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] SmartcardSimulator - Driver
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] SystemEventsBroker - C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] TBS - Service
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] VaultSvc - C:\WINDOWS\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] VirtualSmartcardReader - Driver
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] Wcmsvc - C:\WINDOWS\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\WINDOWS\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {78E345F7-E976-3595-9C30-2458D6A8EC32} - .NET Framework
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\WINDOWS\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EC43E638-09F0-38CC-A585-72FCCDDF035C} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:[/b] VIDC.FICV - ficvdec_x64.dll ()
Drivers32:[b]64bit:[/b] vidc.tsc2 - C:\WINDOWS\SysWOW64\tsc2_codec64.dll (TechSmith Corporation)
Drivers32:[b]64bit:[/b] vidc.tscc - C:\WINDOWS\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\SysWow64\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: VIDC.FICV - C:\WINDOWS\SysWow64\ficvdec_x86.dll ()
Drivers32: vidc.tsc2 - C:\WINDOWS\SysWOW64\tsc2_codec32.dll (TechSmith Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\SysWOW64\tsccvid.dll (TechSmith Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/10/26 18:38:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\anthony\Desktop\OTL.exe
[2015/10/26 13:49:55 | 000,000,000 | ---D | C] -- C:\Users\anthony\AppData\Roaming\Sony Creative Software Inc
[2015/10/25 14:38:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2015/10/24 17:18:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/10/24 17:18:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skype
[2015/10/24 17:18:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/10/24 17:10:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2015/10/23 21:24:30 | 000,109,272 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2015/10/23 21:24:30 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2015/10/23 21:24:30 | 000,025,816 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/10/23 14:56:58 | 000,000,000 | ---D | C] -- C:\Users\anthony\AppData\Roaming\Promotion Software GmbH
[2015/10/23 12:02:58 | 000,000,000 | ---D | C] -- C:\Users\anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2015/10/23 09:51:56 | 000,000,000 | ---D | C] -- C:\Users\anthony\AppData\Roaming\.Paladium
[2015/10/23 08:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2015/10/22 17:32:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Daemon Tools Images
[2015/10/22 17:31:20 | 000,030,264 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtlitescsibus.sys
[2015/10/22 17:31:18 | 000,000,000 | ---D | C] -- C:\Users\anthony\AppData\Roaming\DAEMON Tools Lite
[2015/10/22 17:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2015/10/21 10:20:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2015/10/20 18:42:20 | 000,810,488 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/10/20 18:42:20 | 000,176,632 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/10/18 22:21:55 | 000,000,000 | ---D | C] -- C:\Users\anthony\AppData\Local\FMScout.com_in_associatio
[2015/10/15 16:31:31 | 001,290,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/10/15 16:31:31 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/10/15 16:31:30 | 001,163,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/10/15 16:31:30 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/10/15 16:31:30 | 000,699,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/10/15 16:31:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2015/10/15 16:31:30 | 000,035,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2015/10/14 13:49:06 | 005,990,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015/10/14 13:49:00 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2015/10/14 13:49:00 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2015/10/14 13:48:59 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2015/10/14 13:48:58 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015/10/14 13:48:58 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015/10/14 13:48:58 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2015/10/14 13:48:57 | 002,126,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2015/10/14 13:48:57 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2015/10/14 13:48:57 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015/10/14 13:48:57 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2015/10/14 13:48:57 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015/10/14 13:48:57 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2015/10/14 13:48:57 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2015/10/14 13:48:55 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015/10/14 13:48:55 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2015/10/14 13:48:55 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2015/10/14 13:48:54 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015/10/14 13:48:50 | 007,457,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/10/14 13:48:49 | 001,658,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2015/10/14 13:48:49 | 001,519,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2015/10/14 13:48:49 | 001,487,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2015/10/14 13:48:49 | 001,355,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2015/10/14 13:48:49 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2015/10/14 13:48:45 | 002,243,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/10/14 13:48:45 | 000,891,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/10/14 13:48:45 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015/10/14 13:48:44 | 000,136,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/10/14 13:48:43 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/10/14 13:48:43 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/10/14 13:48:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/10/14 13:48:43 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/10/14 13:48:43 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/10/14 13:48:43 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/10/14 13:48:43 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/10/11 19:41:00 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
[2015/10/08 16:38:43 | 000,000,000 | ---D | C] -- C:\Users\anthony\Desktop\Manon
[2015/10/08 16:38:31 | 000,000,000 | ---D | C] -- C:\Users\anthony\Desktop\Fille
[2015/10/08 16:38:11 | 000,000,000 | ---D | C] -- C:\Users\anthony\Desktop\Emma
[2015/10/08 16:37:35 | 000,000,000 | ---D | C] -- C:\Users\anthony\Desktop\Alex
[2015/10/08 16:37:34 | 000,000,000 | ---D | C] -- C:\Users\anthony\Desktop\Angelique
[6 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Users\anthony\AppData\Roaming\*.tmp files -> C:\Users\anthony\AppData\Roaming\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/10/26 18:44:30 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/10/26 18:39:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\anthony\Desktop\OTL.exe
[2015/10/26 18:27:15 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/10/26 18:26:54 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/10/26 13:59:10 | 001,827,432 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/10/26 13:59:10 | 000,813,388 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat
[2015/10/26 13:59:10 | 000,723,514 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/10/26 13:59:10 | 000,159,948 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat
[2015/10/26 13:59:10 | 000,136,128 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/10/26 13:55:03 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2015/10/26 13:54:00 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize 5.job
[2015/10/26 13:52:43 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/10/26 13:50:28 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/10/23 22:52:12 | 000,001,160 | ---- | M] () -- C:\Users\anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2015/10/23 22:52:12 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\VAIO Update.lnk
[2015/10/23 22:51:21 | 000,002,358 | ---- | M] () -- C:\Users\anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/10/23 22:51:21 | 000,001,444 | ---- | M] () -- C:\Users\anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/10/23 22:51:21 | 000,000,352 | ---- | M] () -- C:\Users\anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2015/10/23 22:51:21 | 000,000,334 | ---- | M] () -- C:\Users\anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2015/10/23 21:08:21 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\ASC8_SkipUac_anthony.job
[2015/10/23 18:32:07 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\Uninstaller_SkipUac_anthony.job
[2015/10/23 09:51:56 | 000,000,048 | ---- | M] () -- C:\Users\anthony\.sutmp
[2015/10/23 08:40:46 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015/10/22 17:32:20 | 000,030,264 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtlitescsibus.sys
[2015/10/16 05:51:29 | 000,810,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/10/16 05:51:29 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/10/11 19:37:31 | 000,029,352 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\semav6msr64.sys
[2015/10/11 19:37:31 | 000,010,324 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\semav6msr64.cat
[2015/10/05 08:50:22 | 000,064,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2015/10/05 08:50:10 | 000,109,272 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2015/10/05 08:50:06 | 000,025,816 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/09/29 13:31:36 | 007,457,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/09/29 13:31:12 | 001,658,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2015/09/29 13:31:12 | 001,519,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2015/09/29 13:31:12 | 001,487,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2015/09/29 13:31:12 | 001,355,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2015/09/29 13:29:21 | 000,136,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/09/28 19:26:03 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/09/28 19:25:44 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/09/28 19:25:43 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/09/28 19:25:43 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/09/28 19:22:02 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/09/28 19:22:01 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/09/28 19:22:01 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/09/28 19:15:18 | 002,243,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/09/28 19:13:46 | 000,891,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/09/28 19:12:13 | 000,721,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[6 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Users\anthony\AppData\Roaming\*.tmp files -> C:\Users\anthony\AppData\Roaming\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/10/26 18:44:30 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/10/23 21:08:31 | 000,000,857 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2015/10/23 18:25:04 | 000,000,360 | ---- | C] () -- C:\WINDOWS\tasks\Uninstaller_SkipUac_anthony.job
[2015/10/23 12:03:24 | 000,001,160 | ---- | C] () -- C:\Users\anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2015/10/23 09:51:56 | 000,000,048 | ---- | C] () -- C:\Users\anthony\.sutmp
[2015/10/23 08:40:46 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015/10/11 19:41:19 | 000,029,352 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\semav6msr64.sys
[2015/10/11 19:41:19 | 000,010,324 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\semav6msr64.cat
[2015/10/11 19:41:00 | 000,002,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
[2015/10/11 19:40:59 | 000,002,092 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
[2015/09/27 18:14:35 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\VAIO Update.lnk
[2015/09/27 18:14:29 | 000,001,032 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2015/06/25 19:34:54 | 000,005,005 | ---- | C] () -- C:\ProgramData\wmzddnmb.cix
[2015/06/20 14:04:21 | 000,001,456 | ---- | C] () -- C:\Users\anthony\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
[2015/03/24 19:54:08 | 000,165,376 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2015/02/16 23:30:28 | 000,000,034 | ---- | C] () -- C:\Users\anthony\AppData\Roaming\AdobeWLCMCache.dat
[2015/01/22 19:25:00 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\SysWow64\407E21.dll
[2015/01/22 18:36:00 | 000,003,698 | ---- | C] () -- C:\Users\anthony\.ganttproject
[2015/01/21 21:33:38 | 000,000,125 | ---- | C] () -- C:\Users\anthony\AppData\Roaming\burnaware.ini
[2014/12/27 12:20:33 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/12/27 12:20:08 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2014/12/26 21:55:57 | 000,007,659 | ---- | C] () -- C:\Users\anthony\AppData\Local\Resmon.ResmonCfg
[2014/12/26 19:59:31 | 001,839,260 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/10/01 19:54:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/10/01 19:54:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/09/24 16:35:16 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2013/10/26 18:47:31 | 000,074,703 | ---- | C] () -- C:\WINDOWS\SysWow64\mfc45.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2015/02/10 13:54:18 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2015/08/27 03:43:09 | 022,372,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/27 03:42:51 | 019,795,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2014/10/29 02:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 01:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2014/10/29 02:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2015/02/20 18:11:43 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\.ascentia
[2015/10/25 23:37:50 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\.minecraft
[2015/04/17 21:47:28 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\.mono
[2015/10/23 09:56:47 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\.Paladium
[2015/01/21 19:15:40 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\360desktop
[2015/02/18 18:47:58 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Adobe
[2015/01/22 18:51:17 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\AlauxSoft
[2015/09/16 13:54:28 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Apple Computer
[2015/02/13 19:28:04 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Ashampoo Slideshow Studio HD 3
[2015/10/23 13:14:37 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Audacity
[2015/09/13 14:21:40 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Battle.net
[2015/09/13 12:03:36 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\BitTorrent
[2015/01/22 18:19:02 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Canneverbe Limited
[2015/10/25 23:40:29 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\ClassicShell
[2015/04/17 21:47:25 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Colossal Order
[2015/02/18 17:25:51 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\com.adobe.AdobeMuseCC.2014.3
[2015/07/14 19:13:54 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Curse
[2015/07/22 15:08:50 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Curse Client
[2015/10/22 17:32:27 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\DAEMON Tools Lite
[2015/01/22 18:48:02 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\DiskDefrag
[2015/10/23 12:03:28 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Dropbox
[2015/03/08 13:52:41 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\dvdcss
[2015/09/13 11:59:58 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\FileZilla
[2015/01/22 18:48:02 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\GlarySoft
[2015/10/26 18:57:52 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\HandBrake
[2015/02/16 21:10:00 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Identities
[2014/12/24 18:20:03 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\InstallShield
[2014/12/26 19:59:22 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Intel Corporation
[2015/10/21 10:20:01 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\IObit
[2014/12/26 11:27:34 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\iolo
[2015/02/18 21:38:05 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\java
[2015/10/19 16:00:23 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\LolClient
[2014/12/24 16:43:06 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Macromedia
[2015/06/12 17:33:53 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\MAXON
[2015/09/13 11:59:58 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Media Player Classic
[2015/09/18 22:40:19 | 000,000,000 | --SD | M] -- C:\Users\anthony\AppData\Roaming\Microsoft
[2015/07/10 11:12:04 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Mirillis
[2015/06/25 19:39:17 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Movavi
[2015/01/22 20:58:09 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Mozilla
[2015/02/09 16:31:32 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\MusicBee
[2015/09/13 11:59:57 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Notepad++
[2015/02/27 18:22:26 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\OBS
[2015/04/08 16:24:46 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\openElement
[2015/02/16 23:29:47 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\PDAppFlex
[2015/02/16 21:13:26 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\PhotoFiltre Studio X
[2015/09/16 13:55:35 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\ProductData
[2015/10/23 14:56:58 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Promotion Software GmbH
[2015/06/15 18:32:17 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Publish Providers
[2015/07/02 12:55:19 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Real
[2015/03/04 17:03:57 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\RealNetworks
[2015/07/03 22:20:48 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Red Giant
[2015/07/03 16:33:57 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Red Giant Link
[2015/04/04 18:06:08 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Riot Games
[2015/01/22 19:08:32 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\RobotSoft
[2015/01/21 21:40:02 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Runiter
[2015/10/25 23:18:55 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Skype
[2015/07/06 17:32:41 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\skyz
[2015/10/25 18:32:03 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Sony
[2014/12/26 11:24:29 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Sony Corporation
[2015/10/26 13:49:55 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Sony Creative Software Inc
[2015/10/17 16:30:52 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Spotify
[2015/04/17 21:47:23 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Steam
[2015/03/04 18:48:42 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\TechSmith
[2015/06/10 17:09:31 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Thunderbird
[2015/01/22 19:12:09 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Todae
[2015/02/17 03:39:37 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\TS3Client
[2015/10/22 22:13:19 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\uTorrent
[2015/10/26 18:33:36 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\vlc
[2015/09/11 16:02:03 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Wargaming.net
[2015/02/04 17:14:40 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\WinRAR
[2015/03/14 17:28:36 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\Wondershare
[2015/06/22 20:40:45 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\XnViewMP
[2015/10/25 13:37:12 | 000,000,000 | ---D | M] -- C:\Users\anthony\AppData\Roaming\ZHP

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2015/02/26 21:18:23 | 001,743,960 | ---- | M] (BitTorrent Inc.) -- C:\Users\anthony\AppData\Roaming\BitTorrent\updates\7.9.2_38759.exe
[2015/07/06 22:09:10 | 010,180,488 | ---- | M] (Coherent Labs) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe
[2015/07/22 15:07:40 | 000,037,768 | ---- | M] () -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\Curse.Companion.FriendsHelper.exe
[2015/07/22 15:07:49 | 007,148,424 | ---- | M] (Curse, Inc) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\Curse.exe
[2015/07/22 15:07:53 | 000,014,216 | ---- | M] () -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\Curse.OverlayHelper.exe
[2015/07/06 22:11:30 | 000,722,480 | ---- | M] (Curse) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\CurseClientUpdater.exe
[2015/07/22 15:08:11 | 000,049,032 | ---- | M] () -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\CurseOverlayBridge.exe
[2015/07/22 15:08:11 | 000,609,160 | ---- | M] (Curse, Inc.) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\CurseSetupHelper.exe
[2015/06/24 22:36:46 | 000,292,184 | ---- | M] (Microsoft Corporation) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\dxwebsetup.exe
[2015/07/06 22:09:10 | 000,014,216 | ---- | M] (easyhook.codeplex.com) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\EasyHook32Svc.exe
[2015/07/06 22:09:11 | 000,014,216 | ---- | M] (easyhook.codeplex.com) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\EasyHook64Svc.exe
[2015/07/22 15:08:32 | 036,229,512 | ---- | M] (Coherent Labs) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\Coherent2\Win32\host\CoherentUI_Host.exe
[2015/07/06 22:09:10 | 010,180,488 | ---- | M] (Coherent Labs) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\Overlay\v6.2.5679.37592\CoherentUI_Host.exe
[2015/07/22 15:08:11 | 000,049,032 | ---- | M] () -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\Overlay\v6.2.5679.37592\CurseOverlayBridge.exe
[2015/07/06 22:09:10 | 000,014,216 | ---- | M] (easyhook.codeplex.com) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\Overlay\v6.2.5679.37592\EasyHook32Svc.exe
[2015/07/06 22:09:11 | 000,014,216 | ---- | M] (easyhook.codeplex.com) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\Overlay\v6.2.5679.37592\EasyHook64Svc.exe
[2015/07/22 15:08:32 | 036,229,512 | ---- | M] (Coherent Labs) -- C:\Users\anthony\AppData\Roaming\Curse Client\Bin\Overlay\v6.2.5679.37592\Coherent2\Win32\host\CoherentUI_Host.exe
[2015/10/13 00:37:44 | 036,711,472 | ---- | M] (Dropbox, Inc.) -- C:\Users\anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2015/10/13 00:37:56 | 000,165,568 | ---- | M] (Dropbox, Inc.) -- C:\Users\anthony\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2015/02/17 22:28:54 | 000,054,432 | ---- | M] (Adobe Systems Inc.) -- C:\Users\anthony\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2015/07/14 19:14:36 | 000,295,646 | R--- | M] () -- C:\Users\anthony\AppData\Roaming\Microsoft\Installer\{F36ED29E-33E1-48AB-95DA-2498AD41A9A0}\CurseClient.exe
[2015/02/10 13:57:47 | 000,252,928 | ---- | M] (obsproject.com) -- C:\Users\anthony\AppData\Roaming\OBS\updates\updater.exe
[2015/04/08 16:19:04 | 051,622,336 | ---- | M] (openElement) -- C:\Users\anthony\AppData\Roaming\openElement\updates\openElement\openElement.exe
[2015/07/02 12:55:21 | 000,580,688 | ---- | M] (RealNetworks, Inc.) -- C:\Users\anthony\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2015/07/09 08:37:15 | 000,580,688 | ---- | M] (RealNetworks, Inc.) -- C:\Users\anthony\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe
[2015/07/20 10:01:48 | 000,580,688 | ---- | M] (RealNetworks, Inc.) -- C:\Users\anthony\AppData\Roaming\Real\Update\temp\~Upg2\rnupgagent.exe
[2015/09/04 17:49:00 | 000,700,192 | ---- | M] (RealNetworks, Inc.) -- C:\Users\anthony\AppData\Roaming\Real\Update\temp\~Upg3\rnupgagent.exe
[2015/09/16 17:49:07 | 000,700,192 | ---- | M] (RealNetworks, Inc.) -- C:\Users\anthony\AppData\Roaming\Real\Update\temp\~Upg4\rnupgagent.exe
[2015/09/04 17:49:00 | 000,700,192 | ---- | M] (RealNetworks, Inc.) -- C:\Users\anthony\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.00\agent\rnupgagent.exe
[2015/09/04 20:49:42 | 001,335,984 | ---- | M] (RealNetworks, Inc.) -- C:\Users\anthony\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.00\agent\stub_exe\RealTimes-RealPlayer_fr.exe
[2015/07/03 16:33:37 | 000,271,360 | ---- | M] () -- C:\Users\anthony\AppData\Roaming\Red Giant Link\tools\RGLicenseCheck.exe
[2015/07/15 15:26:04 | 007,334,968 | ---- | M] (Spotify Ltd) -- C:\Users\anthony\AppData\Roaming\Spotify\Spotify.exe
[2015/07/15 15:26:05 | 000,838,200 | ---- | M] (Spotify Ltd) -- C:\Users\anthony\AppData\Roaming\Spotify\SpotifyCrashService.exe
[2015/07/15 15:26:05 | 000,098,360 | ---- | M] (Spotify Ltd) -- C:\Users\anthony\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2015/07/15 15:26:06 | 002,008,632 | ---- | M] (Spotify Ltd) -- C:\Users\anthony\AppData\Roaming\Spotify\SpotifyWebHelper.exe
[2015/07/15 15:26:07 | 000,073,272 | ---- | M] () -- C:\Users\anthony\AppData\Roaming\Spotify\wow_helper.exe
[2015/10/22 16:45:36 | 001,822,048 | ---- | M] (BitTorrent Inc.) -- C:\Users\anthony\AppData\Roaming\uTorrent\uTorrent.exe
[2014/12/31 16:43:44 | 001,688,656 | ---- | M] (BitTorrent Inc.) -- C:\Users\anthony\AppData\Roaming\uTorrent\updates\3.4.2_37594.exe
[2015/02/04 16:50:12 | 001,374,032 | ---- | M] (BitTorrent Inc.) -- C:\Users\anthony\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe
[2015/06/03 18:41:27 | 001,694,560 | ---- | M] (BitTorrent Inc.) -- C:\Users\anthony\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe
[2015/08/27 23:09:04 | 001,696,096 | ---- | M] (BitTorrent Inc.) -- C:\Users\anthony\AppData\Roaming\uTorrent\updates\3.4.4_40911.exe
[2015/10/22 16:45:36 | 001,822,048 | ---- | M] (BitTorrent Inc.) -- C:\Users\anthony\AppData\Roaming\uTorrent\updates\3.4.5_41202.exe
[2015/10/22 18:04:35 | 000,336,896 | ---- | M] (BitTorrent Inc.) -- C:\Users\anthony\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
[2015/10/25 13:28:12 | 001,867,776 | ---- | M] () -- C:\Users\anthony\AppData\Roaming\ZHP\ZHPCleaner.exe
[2015/10/24 09:32:57 | 001,958,912 | ---- | M] () -- C:\Users\anthony\AppData\Roaming\ZHP\ZHPDiag3.exe
[2015/10/18 22:33:28 | 001,059,840 | ---- | M] (Boxore OU) -- C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\boxore.exe
[2015/10/18 19:46:26 | 001,706,784 | ---- | M] (Boxore OU) -- C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\BoxoreService.exe
[99 C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\*.tmp files -> C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\*.tmp -> ]
[2015/10/16 20:50:56 | 005,529,472 | ---- | M] (Joyent, Inc) -- C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\Boxore.DIR\Boxore\node.exe
[2015/10/18 17:39:24 | 000,238,592 | ---- | M] () -- C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\Boxore.DIR\Boxore\UninstallOffers.exe
[2015/10/18 19:46:16 | 000,268,352 | ---- | M] (Boxore OU) -- C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\Boxore.DIR\Boxore\LSP\BoxoreLSP.exe
[2015/10/18 19:46:26 | 001,706,784 | ---- | M] (Boxore OU) -- C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\Boxore.DIR\Boxore\LSP\BoxoreService.exe
[2015/10/18 19:46:16 | 000,268,352 | ---- | M] (Boxore OU) -- C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\Boxore\LSP\BoxoreLSP.exe
[2015/10/22 17:09:52 | 000,113,240 | ---- | M] (The Software Group) -- C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\Software\Update\1.3.25.0\SoftwareCrashHandler.exe
[2015/10/22 17:09:52 | 000,113,240 | ---- | M] (The Software Group) -- C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\Software\Update\1.3.25.0\SoftwareUpdate.exe
[2015/10/22 17:09:53 | 000,049,752 | ---- | M] (The Software Group) -- C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\Software\Update\1.3.25.0\SoftwareUpdateBroker.exe
[2015/10/22 17:09:53 | 000,049,752 | ---- | M] (The Software Group) -- C:\Users\anthony\AppData\Roaming\ZHP\Quarantine\Software\Update\1.3.25.0\SoftwareUpdateOnDemand.exe

[color=#A23BEC]< %temp%\*.exe /s >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\consrv.dll >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2015/09/10 17:00:52 | 012,853,760 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ieframe.dll

[color=#A23BEC]< %windir%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2015/03/15 15:06:51 | 000,087,190 | ---- | M] () MD5=1BF154F7BFAE2B9E0545FB09946C1817 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2014/12/27 18:47:24 | 000,395,976 | ---- | M] () MD5=45DD8FAA7B53ABD29BCB9BACABFFC818 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2015/03/15 15:21:32 | 000,107,122 | ---- | M] () MD5=52063502D4A2E28FEBEA781D0EE5C453 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2014/12/27 18:47:20 | 000,406,070 | ---- | M] () MD5=76F6C93DAB026F37CBAA577B16597B08 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_42a32f914d8ea09c\explorer.exe
[2015/01/28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\WINDOWS\SysWOW64\explorer.exe
[2015/01/28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2015/01/13 19:18:16 | 000,338,811 | ---- | M] () MD5=9E110FC1BA4AB7CB5F2F9D27DB534223 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2015/01/28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\WINDOWS\explorer.exe
[2015/01/28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
[2015/01/13 19:18:08 | 000,350,621 | ---- | M] () MD5=C77F19C2FD32D2C15FD8978D0A3BAF70 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_4cf7d9e381ef6297\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2015/01/11 14:18:30 | 000,099,046 | ---- | M] () MD5=6B5BDEEB170D0DA2C56753F0347809DD -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17084_none_2fd708ffd09a6815\services.exe
[2015/05/18 19:26:42 | 000,073,764 | ---- | M] () MD5=AB48952896280CE4CF1048334F6463DC -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17415_none_3023c055d060b271\services.exe
[2015/04/08 23:55:21 | 000,410,128 | ---- | M] (Microsoft Corporation) MD5=E0C7813A97CA7947FF5C18A8F3B61A45 -- C:\WINDOWS\SysNative\services.exe
[2015/04/08 23:55:21 | 000,410,128 | ---- | M] (Microsoft Corporation) MD5=E0C7813A97CA7947FF5C18A8F3B61A45 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17794_none_2fcc465dd0a27017\services.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2014/10/29 02:25:54 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=A570A64292214C43E0BA50E6A72A6380 -- C:\WINDOWS\SysNative\wininit.exe
[2014/10/29 02:25:54 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=A570A64292214C43E0BA50E6A72A6380 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.3.9600.17415_none_21fdb3b5d80e199e\wininit.exe
[2015/01/11 20:59:48 | 000,026,215 | ---- | M] () MD5=DCF5C72FC1D8BE1165975F1339DC92DA -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.3.9600.16384_none_21b118d9d847ad16\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2015/01/11 20:59:52 | 000,100,951 | ---- | M] () MD5=A176623494AF009927242266EF51DCFB -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2015/10/05 08:48:32 | 000,893,752 | ---- | M] (MalwareBytes) MD5=E9A75E4B409A01E52055CE7CCA7FF925 -- C:\Users\anthony\Desktop\Anti-virus, restoration, nettoyeur\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014/10/29 02:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/10/29 02:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet \Services\lanmanserver\parameters /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\SubSystems /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\AppCertDlls /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s >[/color]
"Default" = %SystemDrive%\Users\Default -- [2014/12/27 10:59:59 | 000,000,000 | RH-D | M]
"ProfilesDirectory" = %SystemDrive%\Users -- [2015/09/18 22:40:29 | 000,000,000 | R--D | M]
"ProgramData" = %SystemDrive%\ProgramData -- [2015/10/25 14:38:35 | 000,000,000 | -H-D | M]
"Public" = %SystemDrive%\Users\Public -- [2015/09/18 22:40:29 | 000,000,000 | R--D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18]
"Flags" = 12
"ProfileImagePath" = %systemroot%\system32\config\systemprofile -- [2013/08/22 16:36:31 | 000,000,000 | ---D | M]
"Sid" = 01 01 00 00 00 00 00 05 12 00 00 00 [binary data]
"RefCount" = 1
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19]
"ProfileImagePath" = C:\Windows\ServiceProfiles\LocalService -- [2015/10/26 13:51:00 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20]
"ProfileImagePath" = C:\Windows\ServiceProfiles\NetworkService -- [2015/10/26 13:50:48 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-4097387549-3906644338-2296366363-1001]
"ProfileImagePath" = C:\Users\anthony -- [2015/10/26 13:53:42 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 1D 2C 39 F4 72 A9 DA E8 1B C5 DF 88 E9 03 00 00 [binary data]
"Migrated" = A0 DC 06 48 B9 21 D0 01 [binary data]
"ProfileAttemptedProfileDownloadTimeLow" = 0
"ProfileAttemptedProfileDownloadTimeHigh" = 0
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 4
"RunLogonScriptSync" = 0

[color=#A23BEC]< HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s >[/color]
"PathCompletionChar" = 64
"EnableExtensions" = 1
"CompletionChar" = 64
"DefaultColor" = 0

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s >[/color]
"PathCompletionChar" = 9
"EnableExtensions" = 1
"CompletionChar" = 9
"DefaultColor" = 0

[color=#A23BEC]< nslookup http://www.google.fr /c >[/color]
DNS request timed out.
timeout was 2 seconds.
Serveur : UnKnown
Address: 192.168.1.1
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2015/09/16 17:27:26 | 000,924,136 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2015/09/16 17:27:26 | 000,924,136 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2015/09/16 17:27:26 | 000,924,136 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [2015/09/16 17:27:31 | 000,376,944 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2015/09/16 17:27:31 | 000,376,944 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2015/09/16 17:27:31 | 000,376,944 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2015/05/28 00:19:17 | 000,814,256 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2015/05/28 00:19:17 | 000,814,256 | ---- | M] (Microsoft Corporation)

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color]
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2015/09/16 17:27:26 | 000,924,136 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2015/09/16 17:27:26 | 000,924,136 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2015/09/16 17:27:26 | 000,924,136 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" [2015/09/16 17:27:31 | 000,376,944 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2015/09/16 17:27:31 | 000,376,944 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2015/09/16 17:27:31 | 000,376,944 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2015/09/10 17:19:16 | 000,720,896 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2015/09/10 17:19:16 | 000,720,896 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2015/09/10 17:19:16 | 000,720,896 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2015/05/28 00:19:17 | 000,814,256 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2015/05/28 00:19:17 | 000,814,256 | ---- | M] (Microsoft Corporation)

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2015/07/04 19:38:15 | 000,000,000 | ---D | M](C:\Users\anthony\AppData\Roaming\?Adobe) -- C:\Users\anthony\AppData\Roaming\õØAdobe
[2015/07/04 19:38:15 | 000,000,000 | ---D | M](C:\Users\anthony\AppData\Roaming\?Adobe) -- C:\Users\anthony\AppData\Roaming\õØAdobe
[2015/07/04 19:14:02 | 000,000,000 | ---D | M](C:\Users\anthony\AppData\Roaming\?Adobe) -- C:\Users\anthony\AppData\Roaming\+Adobe
[2015/07/04 19:14:02 | 000,000,000 | ---D | M](C:\Users\anthony\AppData\Roaming\?Adobe) -- C:\Users\anthony\AppData\Roaming\+Adobe
[2015/07/04 16:05:20 | 000,000,000 | ---D | M](C:\Users\anthony\AppData\Roaming\?Adobe) -- C:\Users\anthony\AppData\Roaming\Ð Adobe
[2015/07/04 16:05:20 | 000,000,000 | ---D | M](C:\Users\anthony\AppData\Roaming\?Adobe) -- C:\Users\anthony\AppData\Roaming\Ð Adobe
[2015/07/03 22:59:18 | 000,000,000 | ---D | M](C:\Users\anthony\AppData\Roaming\?Adobe) -- C:\Users\anthony\AppData\Roaming\ÙAdobe
[2015/07/03 22:59:18 | 000,000,000 | ---D | M](C:\Users\anthony\AppData\Roaming\?Adobe) -- C:\Users\anthony\AppData\Roaming\ÙAdobe
(C:\Users\anthony\AppData\Roaming\?Adobe) -- C:\Users\anthony\AppData\Roaming\+Adobe
(C:\Users\anthony\AppData\Roaming\?Adobe) -- C:\Users\anthony\AppData\Roaming\Ð Adobe
(C:\Users\anthony\AppData\Roaming\?Adobe) -- C:\Users\anthony\AppData\Roaming\õØAdobe

< End of report >

Publicité


Signaler le contenu de ce document

Publicité