cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 05/11/2015 11:30:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\info\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,49 Gb Total Physical Memory | 0,27 Gb Available Physical Memory | 17,98% Memory free
6,42 Gb Paging File | 4,64 Gb Available in Paging File | 72,30% Paging File free
Paging file location(s): C:\pagefile.sys 5200 8000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 66,52 Gb Total Space | 13,92 Gb Free Space | 20,93% Space Free | Partition Type: NTFS
Drive D: | 41,24 Gb Total Space | 34,82 Gb Free Space | 84,42% Space Free | Partition Type: NTFS
Drive E: | 41,28 Gb Total Space | 24,92 Gb Free Space | 60,38% Space Free | Partition Type: NTFS
Drive H: | 49,10 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: AKRAM-NIHEL | User Name: info | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/11/05 11:23:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\info\Bureau\OTL.exe
PRC - [2015/11/05 11:19:26 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\info\Local Settings\Temp\nsm97.tmp\ns9A.tmp
PRC - [2015/11/01 12:49:22 | 005,515,496 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015/11/01 12:47:49 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015/10/29 19:22:21 | 000,301,704 | ---- | M] (DTools LIMITED) -- C:\Documents and Settings\All Users\Application Data\7WMiniPro7\WMiniPro.exe
PRC - [2015/10/29 19:20:08 | 000,157,696 | ---- | M] () -- C:\Documents and Settings\info\Local Settings\Application Data\FFFFFFFF-1446146358-FFFF-FFFF-FFFFFFFFFFFF\snsk133.tmp
PRC - [2015/10/29 19:16:01 | 000,624,640 | ---- | M] () -- C:\Program Files\FFFFFFFF-1446142492-FFFF-FFFF-FFFFFFFFFFFF\hnsc108.tmp
PRC - [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2015/10/16 18:21:38 | 001,630,208 | ---- | M] (Smadsoft) -- C:\Program Files\Smadav\SM”RTP.exe
PRC - [2015/10/16 13:26:26 | 003,911,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2015/04/07 20:34:52 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Documents and Settings\info\Local Settings\Application Data\Microsoft\BingSvc\BingSvc.exe
PRC - [2015/02/04 11:05:36 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2014/11/28 19:27:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2014/11/28 19:27:43 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2014/11/28 19:27:42 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014/11/28 19:27:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/06/12 18:32:48 | 000,043,336 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2014/03/04 10:19:52 | 003,696,912 | ---- | M] (Disc Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2013/06/29 17:10:58 | 000,233,472 | ---- | M] () -- C:\Program Files\HSPA USB Modem\HSPALauncher.exe
PRC - [2012/12/03 13:49:32 | 002,571,704 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2010/12/09 16:00:00 | 001,386,192 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNACBSWK.EXE
PRC - [2010/10/14 16:00:00 | 000,226,784 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAP2LAK.EXE
PRC - [2010/10/14 16:00:00 | 000,181,696 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAP2RPK.EXE
PRC - [2010/07/04 20:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2010/04/12 09:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/08/16 20:36:06 | 000,955,392 | ---- | M] (SFX TEAM) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
PRC - [2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 13:00:00 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2007/03/12 12:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/03/12 12:49:46 | 000,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
PRC - [2007/03/12 12:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/11/05 11:19:26 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\info\Local Settings\Temp\nsm97.tmp\ns9A.tmp
MOD - [2015/11/05 11:18:26 | 002,990,080 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\15110500\algo.dll
MOD - [2015/11/05 00:06:48 | 002,990,080 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\15110401\algo.dll
MOD - [2015/11/01 12:48:04 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/11/01 12:47:55 | 000,104,400 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015/11/01 12:47:49 | 000,081,728 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015/10/29 19:20:08 | 000,157,696 | ---- | M] () -- C:\Documents and Settings\info\Local Settings\Application Data\FFFFFFFF-1446146358-FFFF-FFFF-FFFFFFFFFFFF\snsk133.tmp
MOD - [2015/10/29 19:16:01 | 000,624,640 | ---- | M] () -- C:\Program Files\FFFFFFFF-1446142492-FFFF-FFFF-FFFFFFFFFFFF\hnsc108.tmp
MOD - [2015/10/16 18:21:38 | 001,630,208 | ---- | M] () -- C:\Program Files\Smadav\SM?RTP.exe
MOD - [2015/10/09 11:48:45 | 001,836,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\674dd5e02f9461bd08979fc94f3fb362\Microsoft.VisualBasic.ni.dll
MOD - [2015/10/09 11:33:49 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a4b5a1a06d2d7f77258943c8c228a5e0\System.Core.ni.dll
MOD - [2015/10/09 11:33:18 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2015/10/09 11:32:12 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2014/11/28 19:27:51 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2014/07/31 11:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll
MOD - [2014/07/31 11:16:12 | 001,044,776 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll
MOD - [2014/02/10 12:44:24 | 004,592,128 | ---- | M] () -- C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014/02/10 12:44:24 | 000,112,128 | ---- | M] () -- C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2013/06/29 17:10:58 | 000,233,472 | ---- | M] () -- C:\Program Files\HSPA USB Modem\HSPALauncher.exe
MOD - [2010/07/04 22:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010/07/04 22:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2010/07/04 20:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2008/04/14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\FFFFFFFF-1446142492-FFFF-FFFF-FFFFFFFFFFFF\knsv5BF.tmp -- (xybipowi)
SRV - File not found [Auto | Stopped] -- C:\Program Files\FFFFFFFF-1446142492-FFFF-FFFF-FFFFFFFFFFFF\knsrB8.tmp -- (webejiku)
SRV - File not found [Auto | Stopped] -- C:\Program Files\FFFFFFFF-1446142492-FFFF-FFFF-FFFFFFFFFFFF\jnsh105.tmp -- (vihinosu)
SRV - File not found [Auto | Stopped] -- C:\Program Files\SFK\SSFK.exe -- (SSFK)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe -- (ReimageRealTimeProtector)
SRV - File not found [Auto | Stopped] -- C:\Program Files\FFFFFFFF-1446142492-FFFF-FFFF-FFFFFFFFFFFF\knsf588.tmp -- (pitefycy)
SRV - File not found [Auto | Stopped] -- C:\Program Files\FFFFFFFF-1446142492-FFFF-FFFF-FFFFFFFFFFFF\knstF7.tmpfs -- (nedyfeny)
SRV - File not found [Auto | Stopped] -- C:\Program Files\FFFFFFFF-1446142492-FFFF-FFFF-FFFFFFFFFFFF\knss772.tmp -- (meruxody)
SRV - File not found [Auto | Stopped] -- C:\Program Files\FFFFFFFF-1446142492-FFFF-FFFF-FFFFFFFFFFFF\knsr19C.tmp -- (lipiliru)
SRV - File not found [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2015/11/01 12:47:49 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2015/10/29 19:22:21 | 000,301,704 | ---- | M] (DTools LIMITED) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\7WMiniPro7\WMiniPro.exe -- (WdsManPro)
SRV - [2015/10/29 19:20:08 | 000,157,696 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\info\Local Settings\Application Data\FFFFFFFF-1446146358-FFFF-FFFF-FFFFFFFFFFFF\snsk133.tmp -- (comukiny)
SRV - [2015/10/29 19:16:01 | 000,624,640 | ---- | M] () [Auto | Running] -- C:\Program Files\FFFFFFFF-1446142492-FFFF-FFFF-FFFFFFFFFFFF\hnsc108.tmp -- (ninefyci)
SRV - [2015/10/06 18:13:30 | 000,089,424 | ---- | M] (Mindspark) [Auto | Stopped] -- C:\Program Files\HeroicPlay_6o\bar\1.bin\6obarsvc.exe -- (HeroicPlay_6oService)
SRV - [2015/09/30 02:31:01 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/03/03 19:32:04 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2014/11/28 19:27:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/11/28 19:27:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/06/12 18:32:48 | 000,043,336 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2013/10/23 07:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/03 13:49:32 | 002,571,704 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2011/07/20 04:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/03/12 12:49:46 | 000,271,920 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys -- (iSafeKrnlR3)
DRV - File not found [File_System | System | Stopped] -- C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys -- (iSafeKrnlMon)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys -- (iSafeKrnlKit)
DRV - File not found [File_System | System | Stopped] -- C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys -- (iSafeKrnl)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\info\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2015/11/01 12:49:22 | 000,428,120 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2015/11/01 12:48:05 | 000,209,048 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2015/11/01 12:48:05 | 000,074,976 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2015/11/01 12:48:05 | 000,057,888 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2015/11/01 12:48:05 | 000,055,200 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2015/11/01 12:48:05 | 000,049,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2015/11/01 12:48:05 | 000,024,144 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015/11/01 12:47:37 | 000,787,760 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2015/10/31 19:05:39 | 000,026,096 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2015/10/31 19:05:15 | 000,256,160 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2015/10/31 19:05:15 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2015/10/22 17:32:15 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2015/10/06 19:38:30 | 000,157,888 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswStmXP.sys -- (aswStmXP)
DRV - [2015/06/12 03:00:58 | 000,128,528 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2015/04/16 09:55:45 | 000,048,784 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iSafeKrnlBoot.sys -- (iSafeKrnlBoot)
DRV - [2015/04/14 10:01:35 | 000,056,232 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\iSafeNetFilter.sys -- (iSafeNetFilter)
DRV - [2014/11/28 19:27:52 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2014/11/28 19:27:52 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2014/05/29 10:59:26 | 000,320,120 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2013/06/29 17:10:58 | 000,103,552 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmusbser.sys -- (cmusbser)
DRV - [2013/05/15 07:50:12 | 000,403,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2013/04/17 13:11:38 | 005,427,784 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011/09/16 15:11:32 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/07/04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/06/17 13:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/04/12 09:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/11/18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/05/24 21:09:10 | 000,073,728 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2008/04/14 13:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/14 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008/04/14 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008/04/14 13:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2001/08/17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {19AA2E80-2AD9-4E31-B334-03E9C7F9029B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{19AA2E80-2AD9-4E31-B334-03E9C7F9029B}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{37691517-3ce2-45ca-bae1-b680b16f10ea}: "URL" = http://int.search.tb.ask.com/search/GGmain.jhtml?p2=^AFD^xdm007^YYA^fr&si=CKCGvq6IxcgCFQjgGwodEIAJdA&ptb=FF16D302-5BF9-40EA-86DC-B5F970E5BDAB&ind=2015101514&n=781c024a&psa=&st=sb&searchfor={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&iwk=%iwk&%language
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.gamehitzone.com/?utm_ [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.com/index.jhtml?n=781C024F&p2=^AFD^xdm007^YYA^fr&ptb=FF16D302-5BF9-40EA-86DC-B5F970E5BDAB&si=CKCGvq6IxcgCFQjgGwodEIAJdA
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\URLSearchHook: {a8625cb7-85fe-4936-92a4-b2a7c925209e} - No CLSID value found
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\URLSearchHook: {e370e2de-e5dd-4367-a0e5-44e5ce550e35} - No CLSID value found
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\SearchScopes,DefaultScope = {19AA2E80-2AD9-4E31-B334-03E9C7F9029B}
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=FXTV5&o=101699&src=crm&q={searchTerms}&locale=fr_FR&apn_ptnrs=^F4&apn_dtid=^YYYYYY^YY^DZ&apn_uid=E735F2BF-3654-41A4-BDD0-6748B54BE0F6&apn_sauid=8303E855-1855-4B99-B77B-015E5637947A
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\SearchScopes\{19AA2E80-2AD9-4E31-B334-03E9C7F9029B}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\SearchScopes\{37691517-3ce2-45ca-bae1-b680b16f10ea}: "URL" = http://int.search.tb.ask.com/search/GGmain.jhtml?p2=^AFD^xdm007^YYA^fr&si=CKCGvq6IxcgCFQjgGwodEIAJdA&ptb=FF16D302-5BF9-40EA-86DC-B5F970E5BDAB&ind=2015101514&n=781c024a&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://my.myplaycity.com/results.php?category=web&s={searchTerms}
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}: "URL" = http://start.myplaycity.com/results.php?category=web&s={searchTerms}
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\SearchScopes\{A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD}: "URL" = http://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=10027&iwk=&lng=en
IE - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..Keyword.Enabled: "true"
FF - prefs.js..browser.search.countryCode: "DZ"
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo,Bing ,Amazon.fr,Bing,DuckDuckGo,eBay France,MyPlayCity,Portail Lexical - CNRTL,Wikipédia (fr)"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "DZ"
FF - prefs.js..browser.search.searchengine.alias: "istartsurf"
FF - prefs.js..browser.search.searchengine.desc: "this is my first firefox searchEngine"
FF - prefs.js..browser.search.searchengine.iconURL: "http://www.istartsurf.com/favicon.ico"
FF - prefs.js..browser.search.searchengine.name: "istartsurf"
FF - prefs.js..browser.search.searchengine.ptid: "obw"
FF - prefs.js..browser.search.searchengine.uid: "HitachiXHDS721616PLA320_PVG904ZFT4274VT4274VX"
FF - prefs.js..browser.search.searchengine.url: "http://www.istartsurf.com/web/?type=ds&ts=1446142830&z=948966e541b631cd69c2138gfz1z9q6g0z5o6w3q0g&from=obw&uid=HitachiXHDS721616PLA320_PVG904ZFT4274VT4274VX&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.istartsurf.com/?type=hp&ts=1446142830&z=948966e541b631cd69c2138gfz1z9q6g0z5o6w3q0g&from=obw&uid=HitachiXHDS721616PLA320_PVG904ZFT4274VT4274VX"
FF - prefs.js..extensions.enabledAddons: deskCutv2%40gmail.com:0.0.10
FF - prefs.js..extensions.enabledAddons: defsearchp%40gmail.com:1.0.0.1039
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:10.2.0.187
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:41.0.1
FF - prefs.js..extensions.enabledItems: wcapturex@deskperience.com:5.0.4406
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1474
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll File not found
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/11/01 12:48:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\defsearchp@gmail.com: C:\Documents and Settings\info\Application Data\Mozilla\Firefox\Profiles\8zp5sjdc.default\extensions\defsearchp@gmail.com [2015/10/29 19:21:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\deskCutv2@gmail.com: C:\Documents and Settings\info\Application Data\Mozilla\Firefox\Profiles\8zp5sjdc.default\extensions\deskCutv2@gmail.com [2015/10/29 19:21:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/05/31 10:49:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/11/30 20:36:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015/10/02 13:35:54 | 000,030,178 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\info\Application Data\IDM\idmmzcc5 [2015/11/05 11:11:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015/10/02 13:35:54 | 000,030,178 | ---- | M] ()

[2014/05/31 10:49:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\info\Application Data\Mozilla\Extensions
[2015/10/29 19:21:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\info\Application Data\Mozilla\Firefox\Profiles\8zp5sjdc.default\extensions
[2015/10/23 18:18:35 | 000,000,000 | ---D | M] ("Video AdBlock for Firefox") -- C:\Documents and Settings\info\Application Data\Mozilla\Firefox\Profiles\8zp5sjdc.default\extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92}
[2015/10/29 19:21:18 | 000,000,000 | ---D | M] (Default SearchProtected) -- C:\Documents and Settings\info\Application Data\Mozilla\Firefox\Profiles\8zp5sjdc.default\extensions\defsearchp@gmail.com
[2015/10/29 19:21:48 | 000,000,000 | ---D | M] ("deskCut") -- C:\Documents and Settings\info\Application Data\Mozilla\Firefox\Profiles\8zp5sjdc.default\extensions\deskCutv2@gmail.com
[2015/09/22 17:41:43 | 000,006,057 | ---- | M] () -- C:\Documents and Settings\info\Application Data\Mozilla\Firefox\Profiles\8zp5sjdc.default\searchplugins\bingp.xml
[2014/05/31 10:49:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2015/10/06 19:47:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015/10/06 19:47:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015/11/01 12:48:07 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2010/09/14 22:32:19 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/09/14 22:32:19 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/09/14 22:32:19 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/09/14 22:32:19 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/09/14 22:32:19 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.0_0\
CHR - Extension: No name found = C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2008/04/14 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {4DB74D06-491C-440D-305E-012400990F3E} - C:\WINDOWS\system32\dpplayx.dll File not found
O2 - BHO: (Toolbar BHO) - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\PROGRA~1\GAMING~1\bar\1.bin\gtbar.dll File not found
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\5.bin\A5SRCHAS.DLL File not found
O2 - BHO: (Search Assistant BHO) - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files\GamingWonderland\bar\1.bin\gtSrcAs.dll File not found
O2 - BHO: (Toolbar BHO) - {b3ed322a-cfe9-4caf-9483-f5dc9426fb55} - C:\Program Files\HeroicPlay_6o\bar\1.bin\6obar.dll (Mindspark)
O2 - BHO: (Search Assistant BHO) - {c58a3344-a12f-4670-a3dd-e1bfc9ebda96} - C:\Program Files\HeroicPlay_6o\bar\1.bin\6oSrcAs.dll (Mindspark)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\5.bin\ASKTBAR.DLL File not found
O3 - HKLM\..\Toolbar: (HeroicPlay) - {8263c693-5672-4a25-8860-1c9a6dc80835} - C:\Program Files\HeroicPlay_6o\bar\1.bin\6obar.dll (Mindspark)
O3 - HKLM\..\Toolbar: (GamingWonderland) - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files\GamingWonderland\bar\1.bin\gtbar.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\5.bin\ASKTBAR.DLL File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\Toolbar\ShellBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\Toolbar\ShellBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\5.bin\ASKTBAR.DLL File not found
O3 - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\Toolbar\WebBrowser: (GamingWonderland) - {A899079D-206F-43A6-BE6A-07E0FA648EA0} - C:\Program Files\GamingWonderland\bar\1.bin\gtbar.dll File not found
O3 - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\5.bin\ASKTBAR.DLL File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CNAP2 Launcher] C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAP2LAK.EXE (CANON INC.)
O4 - HKLM..\Run: [HSPALauncher] C:\Program Files\HSPA USB Modem\HSPALauncher.exe ()
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PPRX] C:\Program Files\PPRX\start.vbs File not found
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SM”RT-Protection] C:\Program Files\Smadav\SM”RTP.exe (Smadsoft)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003..\Run: [BingSvc] C:\Documents and Settings\info\Local Settings\Application Data\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe (SFX TEAM)
O4 - HKLM..\RunOnce: [WIAWizardMenu] C:\WINDOWS\System32\sti_ci.dll (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\PhraseExpress.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\#HB'* 'D5D').lnk = File not found
O4 - Startup: C:\Documents and Settings\info\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-1547161642-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://buttons.heroicplay.com/one-toolbaredits/menusearch.jhtml?s=209122664&p2=^AFD^xdm007^YYA^fr&si=CKCGvq6IxcgCFQjgGwodEIAJdA&a=FF16D302-5BF9-40EA-86DC-B5F970E5BDAB&n=2015101514&cv=4 File not found
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFF656F0-8FB7-44F1-8F51-ED9B8122B4DF}: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\info\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\info\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/01/10 00:56:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - Unable to obtain root file information for disk E:\
O32 - AutoRun File - [2007/03/12 19:19:44 | 000,000,052 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{04dd6c22-a041-11db-bc5b-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{04dd6c22-a041-11db-bc5b-806d6172696f}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{175c96c0-e056-11e3-99d9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{175c96c0-e056-11e3-99d9-806d6172696f}\Shell\AutoRun\command - "" = G:\Abtal_1.exe
O33 - MountPoints2\{1b3cbb42-78d5-11e5-bf48-001c25dc2298}\Shell - "" = AutoRun
O33 - MountPoints2\{1b3cbb42-78d5-11e5-bf48-001c25dc2298}\Shell\AutoRun\command - "" = H:\jeux.exe -- [2007/03/25 16:41:18 | 003,616,634 | R--- | M] (Macromedia, Inc.)
O33 - MountPoints2\{2be91344-af8a-11e4-999b-001c25dc2298}\Shell - "" = AutoRun
O33 - MountPoints2\{2be91344-af8a-11e4-999b-001c25dc2298}\Shell\AutoRun\command - "" = G:\jeux.exe
O33 - MountPoints2\{4c8d2541-771e-11e4-b753-001c25dc2298}\Shell - "" = AutoRun
O33 - MountPoints2\{4c8d2541-771e-11e4-b753-001c25dc2298}\Shell\AutoRun\command - "" = M:\autorun.exe
O33 - MountPoints2\{5d607545-4903-11e5-a626-001c25dc2298}\Shell - "" = AutoRun
O33 - MountPoints2\{5d607545-4903-11e5-a626-001c25dc2298}\Shell\AutoRun\command - "" = J:\Lenovo_Suite.exe
O33 - MountPoints2\{ea58b240-7df8-11e4-9c1e-001c25dc2298}\Shell - "" = AutoRun
O33 - MountPoints2\{ea58b240-7df8-11e4-9c1e-001c25dc2298}\Shell\AutoRun\command - "" = M:\autorun.exe
O33 - MountPoints2\{ea58b243-7df8-11e4-9c1e-001c25dc2298}\Shell - "" = AutoRun
O33 - MountPoints2\{ea58b243-7df8-11e4-9c1e-001c25dc2298}\Shell\AutoRun\command - "" = M:\autorun.exe
O33 - MountPoints2\{ea58b245-7df8-11e4-9c1e-001c25dc2298}\Shell - "" = AutoRun
O33 - MountPoints2\{ea58b245-7df8-11e4-9c1e-001c25dc2298}\Shell\AutoRun\command - "" = M:\autorun.exe
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: nm.sys - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {282C71BA-8F2B-6F77-C73A-35F5CF2AF05F} - NetShow
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3010972F-2B80-9260-DB6F-FB8CCD0F95E6} - Liaison de données Dynamic HTML pour Java
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {59389E50-CFD3-330E-97C8-601CC5B530EE} - Liaison de données Dynamic HTML pour Java
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5A9C4A75-6ADC-9D40-FF16-CF6E514BD0ED} - Microsoft Windows Media Player
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {836BE15B-1E67-49FD-9873-0C3F7A8C9B38} - NetShow
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\46.0.2490.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {B7D74D7A-30C7-B26B-A669-B06C9279F504} - Lecteur Windows Media Microsoft 6.4
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C323A176-2468-E8E8-F230-0A84B4F3C1A3} - Rendu VML (Vector Graphics Rendering)
ActiveX: {C53049E2-66C6-6610-8133-E6DF084FCACB} - NetShow
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E4D5B699-3300-0C02-20A6-1DC889DA4627} - Internet Explorer
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F064C72B-7FFA-CFCD-B489-B3CB0530B14F} - Liaison de données Dynamic HTML pour Java
ActiveX: {F4C87980-0B78-CBE6-F09D-167E57A519D8} - Personnalisation du navigateur
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.LAGS - C:\WINDOWS\System32\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\WINDOWS\System32\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/11/05 11:23:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\info\Bureau\OTL.exe
[2015/11/04 22:20:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Bureau\coco
[2015/11/04 10:37:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Bureau\rundll32fromAkramAl-azzanee_2
[2015/11/03 18:56:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Menu Démarrer\Programmes\NirSoft Wireless Network Watcher
[2015/11/03 18:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2015/11/03 18:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\DarkWolf
[2015/11/03 17:23:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2015/11/02 19:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PS3 Media Server
[2015/11/02 19:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\PMS
[2015/11/02 19:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\PS3 Media Server
[2015/11/02 13:48:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Mes documents\Mes fichiers reçus
[2015/11/01 20:53:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Bureau\beIN Sport + SKY
[2015/11/01 13:23:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\jumpshot.com
[2015/11/01 12:48:12 | 000,291,312 | ---- | C] (Avast Software s.r.o.) -- C:\WINDOWS\System32\aswBoot.exe
[2015/11/01 12:47:56 | 000,043,112 | ---- | C] (Avast Software s.r.o.) -- C:\WINDOWS\avastSS.scr
[2015/11/01 12:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2015/10/31 19:09:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
[2015/10/31 19:06:56 | 000,026,096 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2015/10/31 19:06:55 | 000,256,160 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2015/10/31 19:05:15 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2015/10/31 18:21:47 | 000,010,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\rundll32.exe
[2015/10/31 11:47:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\Bazwise
[2015/10/31 11:46:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\Bazwise
[2015/10/31 11:46:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Zipware
[2015/10/31 11:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\Zipware
[2015/10/31 11:46:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Zipware
[2015/10/31 10:38:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2015/10/31 10:34:32 | 000,000,000 | ---D | C] -- C:\Program Files\DLLSuite
[2015/10/30 22:45:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logs
[2015/10/30 22:44:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2015/10/30 22:44:31 | 000,017,344 | ---- | C] (Dll-Files.com) -- C:\WINDOWS\System32\roboot.exe
[2015/10/30 22:24:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\rundll32
[2015/10/30 18:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Templates
[2015/10/29 20:22:43 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2015/10/29 19:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\7WMiniPro7
[2015/10/29 19:22:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\istartsurf
[2015/10/29 19:19:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\FFFFFFFF-1446146358-FFFF-FFFF-FFFFFFFFFFFF
[2015/10/29 19:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\Logo Browser
[2015/10/29 19:14:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\VOPackage
[2015/10/29 19:14:52 | 000,000,000 | ---D | C] -- C:\Program Files\FFFFFFFF-1446142492-FFFF-FFFF-FFFFFFFFFFFF
[2015/10/25 21:29:46 | 000,000,000 | ---D | C] -- C:\Program Files\internet explorer
[2015/10/23 18:21:20 | 000,000,000 | ---D | C] -- C:\Mes Sites Web
[2015/10/23 18:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\AutoHideIP
[2015/10/23 18:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AutoHideIP
[2015/10/23 11:12:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
[2015/10/23 11:12:41 | 000,473,088 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2015/10/23 11:12:40 | 003,591,680 | ---- | C] (x264vfw project) -- C:\WINDOWS\System32\x264vfw.dll
[2015/10/23 11:12:37 | 000,122,880 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2015/10/23 11:05:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Mes documents\_Getintopc.com_K-Lite_Codec_Pack_11.4.0_Mega_Full_Standard_Basic
[2015/10/23 11:04:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Martau
[2015/10/22 20:07:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Mes documents\BETAT
[2015/10/22 17:31:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
[2015/10/22 17:31:46 | 000,243,128 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2015/10/22 17:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2015/10/19 06:45:54 | 019,581,288 | ---- | C] (Gavrila Martau ) -- C:\Documents and Settings\info\Mes documents\_Getintopc.com_Total-Uninstall-Setup-6.15.0.exe
[2015/10/17 17:56:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2015/10/17 17:45:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\IDM
[2015/10/17 17:45:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IDM
[2015/10/17 17:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\DMCache
[2015/10/17 17:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Menu Démarrer\Programmes\Internet Download Manager
[2015/10/17 17:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Internet Download Manager
[2015/10/17 17:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2015/10/17 14:16:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FreeGamePick
[2015/10/17 14:16:07 | 000,000,000 | ---D | C] -- C:\Program Files\FreeGamePick
[2015/10/16 20:15:21 | 000,000,000 | ---D | C] -- C:\GAMES
[2015/10/16 13:29:44 | 000,128,528 | ---- | C] (Tonec Inc.) -- C:\WINDOWS\System32\drivers\idmtdi.sys
[2015/10/15 20:17:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Bureau\supercar_road_trip
[2015/10/15 18:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\SlimWare Utilities Inc
[2015/10/15 18:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\Gametop
[2015/10/15 18:45:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SlimWare Utilities Inc
[2015/10/15 18:44:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\Downloaded Installers
[2015/10/15 18:42:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\GamingWonderland
[2015/10/15 18:08:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\HeroicPlay_6o
[2015/10/15 18:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\HeroicPlay_6o
[2015/10/14 17:55:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2015/10/13 20:54:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Reimage Protector
[2015/10/13 20:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Reimage Repair
[2015/10/13 20:53:45 | 000,000,000 | ---D | C] -- C:\rei
[2015/10/13 09:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Bureau\SAMSUNG
[2015/10/12 21:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TV 3L PC
[2015/10/12 18:39:46 | 000,000,000 | ---D | C] -- C:\Spacekace
[2015/10/11 18:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\TV 3L PC
[2015/10/11 15:01:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2015/10/11 14:46:36 | 000,929,872 | ---- | C] (Google Inc.) -- C:\Documents and Settings\info\Mes documents\ChromeSetup.exe
[2015/10/11 14:21:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\AskToolbar
[2015/10/11 13:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Menu Démarrer\Programmes\QQPlayer
[2015/10/11 13:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\Babylon
[2015/10/11 13:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\iLivid
[2015/10/11 13:53:51 | 000,000,000 | ---D | C] -- C:\Program Files\Free Video Converter
[2015/10/11 13:53:51 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2015/10/11 13:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\Babylon
[2015/10/11 13:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2015/10/11 13:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\Smadav
[2015/10/11 13:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\Readon_Technology
[2015/10/11 13:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Readon
[2015/10/11 13:30:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\TVU Networks
[2015/10/11 13:30:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TVU Networks
[2015/10/11 13:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Online TV Player 5
[2015/10/11 13:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Local Settings\Application Data\PCHealth
[2015/10/10 21:20:13 | 000,772,016 | ---- | C] (Reimage®) -- C:\Documents and Settings\info\Bureau\ReimageRepair.exe
[2015/10/10 17:42:05 | 044,895,824 | ---- | C] (Google Inc.) -- C:\Documents and Settings\info\Mes documents\ChromeStandaloneSetup.exe
[2015/10/09 22:24:53 | 000,056,232 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\WINDOWS\System32\drivers\iSafeNetFilter.sys
[2015/10/09 22:24:53 | 000,048,784 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\WINDOWS\System32\drivers\iSafeKrnlBoot.sys
[2015/10/09 22:19:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\Elex-tech
[2015/10/08 22:40:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\Google
[2015/10/08 22:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Mes documents\Readon Player
[2015/10/07 19:26:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\info\Application Data\MyTotalTV
[2015/10/07 11:59:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2015/10/06 20:04:40 | 000,000,000 | ---D | C] -- C:\Firefox
[2015/10/06 19:54:26 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2015/10/06 19:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2015/10/06 19:39:02 | 000,157,888 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswStmXP.sys
[2015/10/06 19:39:01 | 000,074,976 | ---- | C] (Avast Software s.r.o.) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/05/03 17:42:18 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\info\Application Data\pcouffin.sys
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/11/05 11:55:19 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8B031F7F-023F-420D-B2E8-AEC8FBEF28CA}.job
[2015/11/05 11:52:38 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/11/05 11:45:00 | 000,000,330 | ---- | M] () -- C:\WINDOWS\tasks\ReimageUpdater.job
[2015/11/05 11:37:52 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/11/05 11:26:23 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\Logo Browser.job
[2015/11/05 11:23:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\info\Bureau\OTL.exe
[2015/11/05 11:20:07 | 000,000,360 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2015/11/05 11:13:44 | 000,997,784 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2015/11/05 11:13:44 | 000,896,382 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2015/11/05 11:13:44 | 000,267,950 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2015/11/05 11:13:44 | 000,231,856 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2015/11/05 11:08:38 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/11/05 11:08:36 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
[2015/11/05 11:08:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/11/05 00:07:18 | 000,000,593 | ---- | M] () -- C:\Documents and Settings\info\expand.uif
[2015/11/05 00:00:59 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\cm-lock
[2015/11/04 20:30:58 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\info\expand
[2015/11/04 19:38:41 | 000,001,727 | ---- | M] () -- C:\Documents and Settings\info\.swfinfo
[2015/11/03 19:27:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2015/11/03 18:56:20 | 000,001,011 | ---- | M] () -- C:\Documents and Settings\info\Bureau\Wireless Network Watcher.lnk
[2015/11/03 18:17:07 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\info\Bureau\DarkWolf.lnk
[2015/11/02 19:27:23 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PS3 Media Server.lnk
[2015/11/02 13:41:58 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\info\Bureau\Profil Répertoire système Windows Avira Free Antivirus.LNK
[2015/11/01 12:49:22 | 000,428,120 | ---- | M] (Avast Software s.r.o.) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2015/11/01 12:48:05 | 000,209,048 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2015/11/01 12:48:05 | 000,074,976 | ---- | M] (Avast Software s.r.o.) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2015/11/01 12:48:05 | 000,057,888 | ---- | M] (Avast Software s.r.o.) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2015/11/01 12:48:05 | 000,055,200 | ---- | M] (Avast Software s.r.o.) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2015/11/01 12:48:05 | 000,049,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2015/11/01 12:48:05 | 000,024,144 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2015/11/01 12:47:56 | 000,291,312 | ---- | M] (Avast Software s.r.o.) -- C:\WINDOWS\System32\aswBoot.exe
[2015/11/01 12:47:56 | 000,043,112 | ---- | M] (Avast Software s.r.o.) -- C:\WINDOWS\avastSS.scr
[2015/11/01 12:47:37 | 000,787,760 | ---- | M] (Avast Software s.r.o.) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2015/10/31 19:49:00 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\TempWmicBatchFile.bat
[2015/10/31 19:05:39 | 000,026,096 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2015/10/31 19:05:15 | 000,256,160 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2015/10/31 19:05:15 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2015/10/30 23:01:38 | 000,354,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2015/10/30 22:54:13 | 000,990,224 | ---- | M] () -- C:\WINDOWS\System32\perfh040.dat
[2015/10/30 22:54:12 | 000,264,990 | ---- | M] () -- C:\WINDOWS\System32\perfc040.dat
[2015/10/29 22:30:45 | 000,000,148 | ---- | M] () -- C:\WINDOWS\Reimage.ini
[2015/10/29 22:05:07 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2015/10/29 20:23:02 | 000,001,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PC Scan & Repair by Reimage.lnk
[2015/10/29 19:22:52 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[2015/10/29 19:21:16 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2015/10/29 19:21:14 | 000,002,129 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2015/10/29 19:20:47 | 000,001,060 | ---- | M] () -- C:\Documents and Settings\info\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2015/10/29 19:20:40 | 000,002,147 | ---- | M] () -- C:\Documents and Settings\info\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/10/27 17:11:39 | 000,328,744 | ---- | M] () -- C:\Documents and Settings\info\Mes documents\wnetwatcher_setup_2.exe
[2015/10/26 22:37:26 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\info\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2015/10/25 20:09:26 | 000,002,575 | ---- | M] () -- C:\Documents and Settings\info\Bureau\Microsoft Office Word 2007.lnk
[2015/10/25 18:55:59 | 000,000,004 | ---- | M] () -- C:\WINDOWS\Future_H.CD
[2015/10/25 17:01:05 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\info\Local Settings\Application Data\{E5AA81AA-D0A1-45E6-B5E6-EF8D63EF404B}
[2015/10/23 18:33:41 | 000,000,739 | ---- | M] () -- C:\Documents and Settings\info\Application Data\Microsoft\Internet Explorer\Quick Launch\Total Uninstall 6.lnk
[2015/10/23 18:25:48 | 000,000,464 | ---- | M] () -- C:\WINDOWS\System32\ScannerSettings
[2015/10/23 11:13:03 | 000,000,656 | ---- | M] () -- C:\WINDOWS\tasks\klcp_update.job
[2015/10/23 11:04:18 | 000,000,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\mntemp
[2015/10/22 17:32:15 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2015/10/22 17:31:50 | 000,001,625 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools Lite.lnk
[2015/10/19 06:45:54 | 019,581,288 | ---- | M] (Gavrila Martau ) -- C:\Documents and Settings\info\Mes documents\_Getintopc.com_Total-Uninstall-Setup-6.15.0.exe
[2015/10/18 17:50:45 | 000,000,035 | ---- | M] () -- C:\WINDOWS\A4W.INI
[2015/10/17 14:29:00 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\info\Bureau\Coast Bike.lnk
[2015/10/17 14:16:50 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\info\Bureau\Sky Battle WW2.lnk
[2015/10/16 17:41:09 | 000,048,945 | ---- | M] () -- C:\WINDOWS\Aware40.mch
[2015/10/15 21:59:03 | 000,002,698 | ---- | M] () -- C:\WINDOWS\System32\ScanResults.xml
[2015/10/13 20:54:13 | 000,001,761 | ---- | M] () -- C:\Documents and Settings\info\Mes documents\PC Scan & Repair by Reimage.lnk
[2015/10/13 18:30:09 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2015/10/13 18:30:09 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2015/10/12 21:14:44 | 000,000,460 | ---- | M] () -- C:\Documents and Settings\info\Application Data\Microsoft\Internet Explorer\Quick Launch\TV 3L PC.lnk
[2015/10/12 21:14:43 | 000,000,460 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TV 3L PC.lnk
[2015/10/11 18:05:53 | 000,001,943 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2015/10/11 17:04:01 | 025,007,905 | ---- | M] (Smart PC Soft, Ltd. ) -- C:\Documents and Settings\info\Mes documents\tv3lpc.exe
[2015/10/11 16:17:19 | 000,000,816 | ---- | M] () -- C:\Documents and Settings\info\Application Data\Microsoft\Internet Explorer\Quick Launch\Lecteur Windows Media.lnk
[2015/10/11 14:46:39 | 000,929,872 | ---- | M] (Google Inc.) -- C:\Documents and Settings\info\Mes documents\ChromeSetup.exe
[2015/10/10 21:20:13 | 000,772,016 | ---- | M] (Reimage®) -- C:\Documents and Settings\info\Bureau\ReimageRepair.exe
[2015/10/09 16:13:20 | 044,895,824 | ---- | M] (Google Inc.) -- C:\Documents and Settings\info\Mes documents\ChromeStandaloneSetup.exe
[2015/10/07 19:11:15 | 000,000,010 | ---- | M] () -- C:\WINDOWS\System32\810429tv4-test.jun
[2015/10/06 19:55:33 | 000,001,701 | ---- | M] () -- C:\Documents and Settings\info\Mes documents\Avast Free Antivirus.lnk
[2015/10/06 19:38:30 | 000,157,888 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswStmXP.sys
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/11/05 11:37:52 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/11/05 00:07:30 | 000,011,853 | ---- | C] () -- C:\Documents and Settings\info\RUNDLL32.EX_
[2015/11/05 00:07:18 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\info\expand.uif
[2015/11/05 00:00:59 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\cm-lock
[2015/11/04 20:26:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\info\expand
[2015/11/04 10:40:24 | 000,011,853 | ---- | C] () -- C:\WINDOWS\System32\RUNDLL32.EX_
[2015/11/04 10:39:03 | 000,011,853 | ---- | C] () -- C:\RUNDLL32.EX_
[2015/11/03 18:56:20 | 000,001,011 | ---- | C] () -- C:\Documents and Settings\info\Bureau\Wireless Network Watcher.lnk
[2015/11/03 18:17:06 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\info\Bureau\DarkWolf.lnk
[2015/11/02 19:27:23 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PS3 Media Server.lnk
[2015/11/02 13:41:58 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\info\Bureau\Profil Répertoire système Windows Avira Free Antivirus.LNK
[2015/10/31 18:21:46 | 000,005,708 | ---- | C] () -- C:\WINDOWS\k9371937.DLL
[2015/10/31 11:24:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\TempWmicBatchFile.bat
[2015/10/30 22:54:13 | 000,990,224 | ---- | C] () -- C:\WINDOWS\System32\perfh040.dat
[2015/10/30 22:54:12 | 000,264,990 | ---- | C] () -- C:\WINDOWS\System32\perfc040.dat
[2015/10/30 22:25:42 | 000,005,708 | ---- | C] () -- C:\WINDOWS\System32\k9371937.DLL
[2015/10/29 20:23:02 | 000,001,761 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PC Scan & Repair by Reimage.lnk
[2015/10/29 19:22:52 | 000,000,174 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[2015/10/29 19:16:50 | 000,000,422 | ---- | C] () -- C:\WINDOWS\tasks\Logo Browser.job
[2015/10/27 17:11:39 | 000,328,744 | ---- | C] () -- C:\Documents and Settings\info\Mes documents\wnetwatcher_setup_2.exe
[2015/10/25 17:01:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\info\Local Settings\Application Data\{E5AA81AA-D0A1-45E6-B5E6-EF8D63EF404B}
[2015/10/23 11:13:03 | 000,000,656 | ---- | C] () -- C:\WINDOWS\tasks\klcp_update.job
[2015/10/23 11:12:41 | 000,000,415 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2015/10/23 11:12:40 | 000,655,872 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2015/10/23 11:12:40 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2015/10/23 11:12:40 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll
[2015/10/23 11:12:32 | 000,112,128 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2015/10/23 11:04:18 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\mntemp
[2015/10/23 11:04:10 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\info\Application Data\Microsoft\Internet Explorer\Quick Launch\Total Uninstall 6.lnk
[2015/10/22 17:31:50 | 000,001,625 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools Lite.lnk
[2015/10/17 14:29:00 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\info\Bureau\Coast Bike.lnk
[2015/10/17 14:16:49 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\info\Bureau\Sky Battle WW2.lnk
[2015/10/15 21:59:03 | 000,002,698 | ---- | C] () -- C:\WINDOWS\System32\ScanResults.xml
[2015/10/15 21:52:43 | 000,000,464 | ---- | C] () -- C:\WINDOWS\System32\ScannerSettings
[2015/10/13 20:54:58 | 000,000,330 | ---- | C] () -- C:\WINDOWS\tasks\ReimageUpdater.job
[2015/10/13 20:54:13 | 000,001,761 | ---- | C] () -- C:\Documents and Settings\info\Mes documents\PC Scan & Repair by Reimage.lnk
[2015/10/13 20:52:18 | 000,000,148 | ---- | C] () -- C:\WINDOWS\Reimage.ini
[2015/10/12 21:14:43 | 000,000,460 | ---- | C] () -- C:\Documents and Settings\info\Application Data\Microsoft\Internet Explorer\Quick Launch\TV 3L PC.lnk
[2015/10/12 21:14:43 | 000,000,460 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TV 3L PC.lnk
[2015/10/11 17:56:07 | 000,001,943 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2015/10/11 16:17:19 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\info\Application Data\Microsoft\Internet Explorer\Quick Launch\Lecteur Windows Media.lnk
[2015/10/11 16:17:19 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\info\Menu Démarrer\Programmes\Lecteur Windows Media.lnk
[2015/10/11 16:16:47 | 000,000,750 | ---- | C] () -- C:\Documents and Settings\info\Menu Démarrer\Programmes\Outlook Express.lnk
[2015/10/11 16:16:28 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\info\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2015/10/11 15:01:43 | 000,002,129 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2015/10/07 19:11:15 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\810429tv4-test.jun
[2015/10/06 19:55:33 | 000,001,701 | ---- | C] () -- C:\Documents and Settings\info\Mes documents\Avast Free Antivirus.lnk
[2015/10/06 19:48:43 | 000,001,042 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2015/10/06 19:48:42 | 000,001,048 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2015/10/06 19:40:26 | 000,001,056 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/10/06 19:40:25 | 000,001,052 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/10/06 19:39:02 | 000,209,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2015/10/06 19:39:01 | 000,049,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2015/10/06 19:39:00 | 000,024,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2015/09/22 17:05:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2015/04/11 17:47:17 | 000,022,193 | ---- | C] () -- C:\Documents and Settings\info\Menu Démarrer.uif
[2015/03/04 23:48:07 | 000,612,807 | ---- | C] () -- C:\Documents and Settings\info\AdobeFnt10.lst
[2015/02/16 21:02:31 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL
[2014/12/07 18:12:00 | 000,001,727 | ---- | C] () -- C:\Documents and Settings\info\.swfinfo
[2014/07/20 18:23:34 | 000,000,333 | ---- | C] () -- C:\WINDOWS\SYMGAMES.INI
[2014/06/04 19:57:24 | 000,129,024 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2014/06/01 21:24:03 | 000,000,353 | ---- | C] () -- C:\WINDOWS\GECKOS.INI
[2014/05/31 10:49:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2014/05/27 20:18:49 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2014/05/27 20:16:33 | 000,000,063 | ---- | C] () -- C:\WINDOWS\rodakg1.ini
[2014/05/26 22:33:56 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2014/05/25 21:18:36 | 000,000,095 | ---- | C] () -- C:\Documents and Settings\info\default.pls
[2014/05/25 21:18:02 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2014/05/24 21:37:37 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2014/05/15 22:01:58 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2014/05/15 20:53:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\asym.ini
[2014/05/14 20:34:36 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2014/05/12 20:01:25 | 042,448,896 | ---- | C] () -- C:\WINDOWS\System32\Dic.dll
[2014/05/06 20:55:51 | 000,000,059 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2014/05/06 20:55:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2014/05/06 20:33:32 | 000,000,114 | ---- | C] () -- C:\WINDOWS\BERLITZ.INI
[2014/05/06 20:30:08 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Quareeb.ini
[2014/05/05 22:40:42 | 000,000,081 | ---- | C] () -- C:\WINDOWS\A35W.INI
[2014/05/05 20:01:30 | 000,001,555 | ---- | C] () -- C:\WINDOWS\ata live update.ini
[2014/05/03 17:42:18 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\info\Application Data\ezpinst.exe
[2014/05/03 17:42:18 | 000,007,176 | ---- | C] () -- C:\Documents and Settings\info\Application Data\pcouffin.cat
[2014/05/03 17:42:18 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\info\Application Data\pcouffin.inf
[2014/04/27 20:33:43 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\info\DreamGame.cfg
[2007/01/10 00:52:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\clbcatexx.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2014/12/07 18:07:31 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013/09/23 08:39:55 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2014/08/13 20:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2015/10/29 19:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7WMiniPro7
[2015/10/23 18:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AutoHideIP
[2015/10/05 17:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2015/10/11 13:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2015/01/07 18:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Baidu
[2007/02/09 16:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canon
[2015/08/13 14:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CodeMeter
[2014/05/20 20:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2014/05/19 19:37:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Net
[2014/07/15 23:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DatacardService
[2007/02/15 01:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverGenius
[2015/10/17 17:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IDM
[2015/02/24 11:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leahs Animal Coloring
[2015/10/30 22:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logs
[2015/10/23 11:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Martau
[2014/05/06 20:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Meridian93
[2015/02/26 10:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2015/08/01 18:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2014/05/28 19:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhraseExpress
[2014/08/25 20:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2014/05/06 20:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2015/10/11 13:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Readon
[2015/10/13 20:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Reimage Protector
[2015/10/15 18:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlimWare Utilities Inc
[2014/08/25 20:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SugarGames
[2015/10/30 22:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2014/04/25 20:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tencent
[2015/10/31 11:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zipware
[2015/04/03 16:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Activision
[2014/08/20 20:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\AlderGames
[2015/10/23 18:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\AutoHideIP
[2015/10/05 19:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\AVAST Software
[2015/10/11 13:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Babylon
[2015/10/31 11:47:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Bazwise
[2014/08/20 19:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Camel101
[2015/10/05 19:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\DAEMON Tools Lite
[2015/11/05 11:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\DMCache
[2014/04/29 19:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\EleFun Games
[2015/10/09 22:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Elex-tech
[2015/10/15 18:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\GamingWonderland
[2015/10/15 18:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\HeroicPlay_6o
[2015/11/05 11:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\IDM
[2015/10/29 19:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\istartsurf
[2014/05/06 20:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Meridian93
[2015/10/07 19:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\MyTotalTV
[2014/04/28 19:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Nitreal Games
[2015/03/04 23:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Opera
[2015/03/03 19:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\PandoraRecovery
[2014/05/31 10:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\PhraseExpress
[2014/05/11 20:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Sahmon Games
[2015/10/16 18:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Smadav
[2014/05/05 08:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Tencent
[2015/11/02 13:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\VOPackage
[2014/05/03 17:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Vso
[2014/05/18 21:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\WordWeb

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\system32\dllcache\explorer.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2008/04/14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/04/14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008/04/14 13:00:00 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 13:00:00 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2004/05/17 20:54:18 | 000,304,640 | ---- | M] () -- C:\ProgramFolder.exe

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2014/08/13 20:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2015/10/29 19:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7WMiniPro7
[2015/03/03 19:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2015/03/03 19:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2014/08/13 20:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2014/08/13 20:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2015/10/23 18:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AutoHideIP
[2015/10/05 17:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/05/11 11:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2014/05/13 20:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2015/10/11 13:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2015/01/07 18:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Baidu
[2014/05/01 19:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BigFishCache
[2007/02/09 16:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canon
[2015/08/13 14:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CodeMeter
[2014/05/20 20:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2014/05/19 19:37:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Net
[2014/07/15 23:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DatacardService
[2007/02/15 01:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverGenius
[2015/10/06 19:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2015/10/17 17:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IDM
[2015/02/24 11:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leahs Animal Coloring
[2015/10/30 22:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logs
[2015/10/23 11:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Martau
[2014/05/06 20:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Meridian93
[2015/10/06 10:25:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2015/10/11 12:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2014/05/26 22:19:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2015/02/26 10:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2015/08/01 18:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2014/05/28 19:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhraseExpress
[2014/08/25 20:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2014/05/06 20:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2015/10/11 13:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Readon
[2015/10/13 20:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Reimage Protector
[2015/10/07 12:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2015/10/15 18:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlimWare Utilities Inc
[2014/08/25 20:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SugarGames
[2015/10/30 22:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2014/04/25 20:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tencent
[2015/10/11 13:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TVU Networks
[2015/10/01 18:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2015/10/31 11:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zipware

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[2012/08/21 12:01:28 | 001,977,816 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\GEARDIFx.exe
[2012/08/21 12:01:22 | 000,115,672 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DifXInst32.exe
[2015/10/29 19:22:21 | 000,301,704 | ---- | M] (DTools LIMITED) -- C:\Documents and Settings\All Users\Application Data\7WMiniPro7\WMiniPro.exe
[2013/09/05 16:53:27 | 000,364,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-AB0000000001}\setup.exe
[2014/08/05 11:52:38 | 000,077,136 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 11.3.1.2\SetupAdmin.exe
[2014/11/28 19:10:25 | 000,612,640 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\SELFUPDATE\update.exe
[2014/11/28 19:10:29 | 000,047,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\SELFUPDATE\updrgui.exe
[2014/03/06 01:00:12 | 000,172,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BigFishCache\Upgrade\stub\fantasy-mosaics_s1_l1_gF8794T1L1_d2300086479.exe
[2014/03/06 01:00:12 | 000,172,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BigFishCache\Upgrade\stub\fantasy-mosaics_s1_l1_gF8794T1L1_d2303569342.exe
[2014/03/06 01:00:12 | 000,172,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BigFishCache\Upgrade\stub\fruit-mania_s1_l1_gF6858T1L1_d2303564914.exe
[2014/03/06 01:00:12 | 000,172,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BigFishCache\Upgrade\stub\puzzle-hero_s1_l1_gF2588T1L1_d2300082957.exe
[2014/03/06 01:00:12 | 000,172,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BigFishCache\Upgrade\stub\royal-detective-queen-of-shadows-ce_s1_l1_gF8792T1L1_d2303568678.exe
[2014/03/06 01:00:12 | 000,172,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BigFishCache\Upgrade\stub\spongebobsquarepbr_s1_l1_gF1284T1L1_d2296997613.exe
[2014/03/06 01:00:12 | 000,172,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BigFishCache\Upgrade\stub\the-ultimate-easter-puzzler_s1_l1_gF7855T1L1_d2300086748.exe
[2014/03/06 01:00:12 | 000,172,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BigFishCache\Upgrade\stub\the-wall-medieval-heroes_s1_l1_gF8798T1L1_d2303569204.exe
[2014/03/06 01:00:12 | 000,172,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BigFishCache\Upgrade\stub\wonderland-adventures-planet-of-the-zbots_s1_l1_gF8264T1L1_d2300086526.exe
[2011/11/29 10:55:58 | 000,873,008 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DatacardService\Temp\MobiConnect\Setup.exe
[2015/02/25 19:44:52 | 000,455,592 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2015/04/03 16:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Activision
[2015/03/30 18:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Adobe
[2014/05/27 09:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Ahead
[2014/08/20 20:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\AlderGames
[2014/08/13 20:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Apple Computer
[2015/10/23 18:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\AutoHideIP
[2015/10/05 19:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\AVAST Software
[2014/05/11 11:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Avira
[2014/05/13 21:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\AVS4YOU
[2015/10/11 13:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Babylon
[2015/10/31 11:47:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Bazwise
[2014/08/20 19:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Camel101
[2015/10/05 19:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\DAEMON Tools Lite
[2015/11/05 11:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\DMCache
[2014/04/29 19:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\EleFun Games
[2015/10/09 22:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Elex-tech
[2015/10/15 18:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\GamingWonderland
[2015/10/11 18:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Google
[2014/04/26 11:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Help
[2015/10/15 18:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\HeroicPlay_6o
[2007/01/10 01:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Identities
[2015/11/05 11:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\IDM
[2015/10/29 19:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\istartsurf
[2007/02/10 20:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Macromedia
[2015/04/21 13:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Media Player Classic
[2014/05/06 20:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Meridian93
[2015/10/08 23:27:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\info\Application Data\Microsoft
[2014/05/31 10:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Mozilla
[2015/10/07 19:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\MyTotalTV
[2014/04/28 19:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Nitreal Games
[2015/03/04 23:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Opera
[2015/03/03 19:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\PandoraRecovery
[2014/05/31 10:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\PhraseExpress
[2014/05/11 20:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Sahmon Games
[2015/10/07 16:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Skype
[2015/10/16 18:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Smadav
[2014/05/05 08:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Tencent
[2015/11/04 23:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\vlc
[2015/11/02 13:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\VOPackage
[2014/05/03 17:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\Vso
[2014/05/03 17:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\WinRAR
[2014/05/18 21:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\info\Application Data\WordWeb

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2014/05/03 17:42:19 | 000,081,920 | ---- | M] () -- C:\Documents and Settings\info\Application Data\ezpinst.exe
[2015/09/17 04:23:02 | 000,373,248 | ---- | M] (TODO: <Company name>) -- C:\Documents and Settings\info\Application Data\istartsurf\UninstallManager.exe
[2015/10/08 22:35:59 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\info\Application Data\Microsoft\Installer\{03840E8D-A75E-4C49-ADFC-09A867C7F943}\_532EEF936FFAE0ABE2522D.exe
[2015/10/08 22:35:59 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\info\Application Data\Microsoft\Installer\{03840E8D-A75E-4C49-ADFC-09A867C7F943}\_A290953C7595C4E6A1FDBA.exe
[2015/10/16 18:21:35 | 001,018,873 | ---- | M] () -- C:\Documents and Settings\info\Application Data\Smadav\Update-Smadav.exe
[2014/03/10 13:23:20 | 000,073,728 | ---- | M] (Smadsoft) -- C:\Documents and Settings\info\Application Data\Smadav\Upd103\Smadav-Updater.exe
[2015/08/20 10:27:57 | 001,630,208 | ---- | M] (Smadsoft) -- C:\Documents and Settings\info\Application Data\Smadav\Upd103\Smadav103-Update.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\Application\chrome.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2015/09/30 04:24:23 | 000,916,728 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2015/09/30 04:24:23 | 000,916,728 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2015/09/30 04:24:23 | 000,916,728 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" http://www.istartsurf.com/?type=sc&ts=1446142830&z=948966e541b631cd69c2138gfz1z9q6g0z5o6w3q0g&from=obw&uid=HitachiXHDS721616PLA320_PVG904ZFT4274VT4274VX [2015/09/30 02:30:49 | 000,377,000 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2015/09/30 02:30:49 | 000,377,000 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2015/09/30 02:30:49 | 000,377,000 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=sc&ts=1446142830&z=948966e541b631cd69c2138gfz1z9q6g0z5o6w3q0g&from=obw&uid=HitachiXHDS721616PLA320_PVG904ZFT4274VT4274VX [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.5HPPGYHWKNDGNH3LLXN74RPGXI\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.5HPPGYHWKNDGNH3LLXN74RPGXI\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.5HPPGYHWKNDGNH3LLXN74RPGXI\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.5HPPGYHWKNDGNH3LLXN74RPGXI\shell\open\command\\: "C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\Application\chrome.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/09/23 22:36:50 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/09/23 22:36:50 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/09/23 22:36:50 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\Application\chrome.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2015/09/30 04:24:23 | 000,916,728 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2015/09/30 04:24:23 | 000,916,728 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2015/09/30 04:24:23 | 000,916,728 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" http://www.istartsurf.com/?type=sc&ts=1446142830&z=948966e541b631cd69c2138gfz1z9q6g0z5o6w3q0g&from=obw&uid=HitachiXHDS721616PLA320_PVG904ZFT4274VT4274VX [2015/09/30 02:30:49 | 000,377,000 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2015/09/30 02:30:49 | 000,377,000 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2015/09/30 02:30:49 | 000,377,000 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=sc&ts=1446142830&z=948966e541b631cd69c2138gfz1z9q6g0z5o6w3q0g&from=obw&uid=HitachiXHDS721616PLA320_PVG904ZFT4274VT4274VX [2015/10/20 15:08:28 | 000,811,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.5HPPGYHWKNDGNH3LLXN74RPGXI\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.5HPPGYHWKNDGNH3LLXN74RPGXI\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.5HPPGYHWKNDGNH3LLXN74RPGXI\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.5HPPGYHWKNDGNH3LLXN74RPGXI\shell\open\command\\: "C:\Documents and Settings\info\Local Settings\Application Data\Google\Chrome\Application\chrome.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/09/23 22:36:50 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/09/23 22:36:50 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/09/23 22:36:50 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe

[color=#A23BEC]< nslookup http://www.google.fr /c >[/color]
Serveur : UnKnown
Address: 192.168.1.1

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2015/10/16 18:21:39 | 000,000,439 | ---- | M] ()(C:\Documents and Settings\info\Mes documents\SMAD?V.lnk) -- C:\Documents and Settings\info\Mes documents\SMAD”V.lnk
[2015/10/16 18:21:39 | 000,000,439 | ---- | C] ()(C:\Documents and Settings\info\Mes documents\SMAD?V.lnk) -- C:\Documents and Settings\info\Mes documents\SMAD”V.lnk
[2015/10/11 13:55:44 | 000,000,000 | ---D | C](C:\Documents and Settings\All Users\Start Menu\Programs\?????? ?????? - ?????????) -- C:\Documents and Settings\All Users\Start Menu\Programs\'DB1"F 'DC1JE - 9(/'D('37
[2015/09/18 09:15:03 | 000,000,000 | ---D | M](C:\Program Files\????? ?????? ???????) -- C:\Program Files\E/13) 'D-1HA 'D91(J)
[2015/09/18 09:15:03 | 000,000,000 | ---D | M](C:\Program Files\????? ?????? ???????) -- C:\Program Files\E/13) 'D-1HA 'D91(J)
[2015/08/09 18:22:07 | 000,000,000 | ---D | M](C:\Documents and Settings\info\Bureau\??????? ? ???????) -- C:\Documents and Settings\info\Bureau\'D9,'&( H 'D:1'&(
[2015/08/09 18:22:03 | 000,000,000 | ---D | M](C:\Documents and Settings\info\Bureau\??? ???????) -- C:\Documents and Settings\info\Bureau\5H1 DD#7A'D
[2015/02/22 17:55:09 | 001,242,415 | ---- | C] (Macromedia, Inc.)(C:\Documents and Settings\info\Bureau\???? ????? ???.exe) -- C:\Documents and Settings\info\Bureau\D9() 'D*HC *HC.exe
[2014/09/01 09:26:31 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\info\Bureau\~$???????.doc) -- C:\Documents and Settings\info\Bureau\~$B1F7J7).doc
[2014/09/01 09:26:31 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\info\Bureau\~$???????.doc) -- C:\Documents and Settings\info\Bureau\~$B1F7J7).doc
[2014/08/28 10:46:29 | 000,017,969 | ---- | C] ()(C:\Documents and Settings\info\Mes documents\?????? ?????? .docx) -- C:\Documents and Settings\info\Mes documents\'D,/HD 'D5JFJ .docx
[2014/08/27 17:28:26 | 000,017,969 | ---- | M] ()(C:\Documents and Settings\info\Mes documents\?????? ?????? .docx) -- C:\Documents and Settings\info\Mes documents\'D,/HD 'D5JFJ .docx
[2014/05/28 20:08:08 | 000,000,000 | ---D | M](C:\Documents and Settings\info\Mes documents\??? ?????? Ultra Iso ?? ???? ????????) -- C:\Documents and Settings\info\Mes documents\-ED (1F'E, Ultra Iso E9 5('- 'D(D/'HJ
[2014/05/28 16:23:24 | 000,000,000 | ---D | C](C:\Documents and Settings\info\Mes documents\??? ?????? Ultra Iso ?? ???? ????????) -- C:\Documents and Settings\info\Mes documents\-ED (1F'E, Ultra Iso E9 5('- 'D(D/'HJ
[2014/05/21 21:13:54 | 004,935,680 | ---- | M] ()(C:\Documents and Settings\info\Mes documents\???? ??? ????????.doc) -- C:\Documents and Settings\info\Mes documents\FA*- EDA 'D(1F'E,.doc
[2014/05/21 20:10:08 | 004,935,680 | ---- | C] ()(C:\Documents and Settings\info\Mes documents\???? ??? ????????.doc) -- C:\Documents and Settings\info\Mes documents\FA*- EDA 'D(1F'E,.doc
[2014/05/20 20:20:04 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\info\Bureau\~$?? ???.doc) -- C:\Documents and Settings\info\Bureau\~$:7 GF'.doc
[2014/05/20 20:20:04 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\info\Bureau\~$?? ???.doc) -- C:\Documents and Settings\info\Bureau\~$:7 GF'.doc
[2014/04/28 10:57:59 | 000,000,000 | ---D | C](C:\Documents and Settings\info\Bureau\??????? ? ???????) -- C:\Documents and Settings\info\Bureau\'D9,'&( H 'D:1'&(
[2010/01/03 01:32:04 | 001,242,415 | ---- | M] (Macromedia, Inc.)(C:\Documents and Settings\info\Bureau\???? ????? ???.exe) -- C:\Documents and Settings\info\Bureau\D9() 'D*HC *HC.exe
[2007/02/15 01:45:46 | 000,000,000 | ---D | C](C:\Documents and Settings\info\Bureau\??? ???????) -- C:\Documents and Settings\info\Bureau\5H1 DD#7A'D
[2007/02/09 16:55:13 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\info\Bureau\~$??? ?????.docx) -- C:\Documents and Settings\info\Bureau\~$'B) EF.17.docx
[2007/02/09 16:55:13 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\info\Bureau\~$??? ?????.docx) -- C:\Documents and Settings\info\Bureau\~$'B) EF.17.docx
(C:\Program Files\????? ?????? ???????) -- C:\Program Files\E/13) 'D-1HA 'D91(J)
(C:\Documents and Settings\info\Menu Démarrer\Programmes\??????? ?????????) -- C:\Documents and Settings\info\Menu Démarrer\Programmes\'D91(J) DD(1E,J'*
(C:\Documents and Settings\info\Menu Démarrer\Programmes\????? ?????? ???????) -- C:\Documents and Settings\info\Menu Démarrer\Programmes\E/13) 'D-1HA 'D91(J)
(C:\Documents and Settings\All Users\Start Menu\Programs\??????????) -- C:\Documents and Settings\All Users\Start Menu\Programs\AJH*413HA*

< End of report >

Publicité


Signaler le contenu de ce document

Publicité