cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 16/03/2016 08:25:04 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

8.00 Gb Total Physical Memory | 4.22 Gb Available Physical Memory | 52.79% Memory free
15.99 Gb Paging File | 12.16 Gb Available in Paging File | 76.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223.47 Gb Total Space | 146.99 Gb Free Space | 65.77% Space Free | Partition Type: NTFS
Drive Y: | 2746.22 Gb Total Space | 2390.07 Gb Free Space | 87.03% Space Free | Partition Type: NTFS
Drive Z: | 2746.22 Gb Total Space | 2390.07 Gb Free Space | 87.03% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016/03/15 17:20:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2016/03/08 03:48:49 | 000,874,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016/03/02 10:35:58 | 003,934,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Av\avgidsagent.exe
PRC - [2016/03/02 10:31:46 | 000,561,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
PRC - [2016/03/02 10:31:42 | 003,862,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Av\avgui.exe
PRC - [2016/02/23 08:53:32 | 001,215,560 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
PRC - [2016/02/23 08:53:30 | 001,949,768 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
PRC - [2016/02/23 08:53:29 | 000,192,584 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe
PRC - [2016/02/18 12:10:36 | 001,140,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
PRC - [2016/01/19 04:02:38 | 000,388,968 | ---- | M] (Digital Wave Ltd.) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
PRC - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/09/28 15:00:34 | 015,388,672 | ---- | M] (OuvrezLaBoite) -- C:\Program Files (x86)\Shaman\Shaman.exe
PRC - [2015/09/11 16:34:16 | 018,484,496 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
PRC - [2015/09/11 16:34:16 | 005,702,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2015/09/11 16:22:54 | 000,230,672 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\tv_w32.exe
PRC - [2014/12/17 08:26:52 | 000,248,736 | ---- | M] () -- C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
PRC - [2014/07/01 09:53:14 | 000,343,272 | ---- | M] (ASIP SANTE) -- C:\Program Files (x86)\santesocial\CPS\CCM.exe
PRC - [2014/05/30 00:35:33 | 002,352,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/05/30 00:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/05/20 00:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/04/02 09:34:10 | 001,521,152 | ---- | M] (CNAMTS - GIE SESAM-Vitale) -- C:\Program Files (x86)\santesocial\srvsvcnam\SRVSVCNAM.exe
PRC - [2011/11/18 12:46:38 | 000,073,728 | ---- | M] (GIE SESAM VITALE - ASIP SANTE) -- C:\Windows\galsvw32.exe
PRC - [2011/08/02 16:47:26 | 000,145,256 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010/07/27 01:44:03 | 000,137,680 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/09/05 15:17:56 | 003,450,368 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
PRC - [2009/09/05 15:17:40 | 003,358,720 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/03/08 03:48:37 | 016,808,600 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\PepperFlash\pepflashplayer.dll
MOD - [2016/03/08 03:48:25 | 001,676,440 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
MOD - [2016/03/08 03:48:13 | 000,086,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll
MOD - [2015/10/22 10:56:16 | 040,500,224 | ---- | M] () -- C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
MOD - [2013/04/04 01:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [1998/12/22 09:41:36 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\Shaman\TxtToPgf.dll
MOD - [1996/11/18 21:15:28 | 000,748,160 | ---- | M] () -- C:\Windows\SysWOW64\CO2C40EN.DLL


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014/05/30 00:28:54 | 021,055,432 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2014/04/04 06:40:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/03/11 11:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2014/03/11 11:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2016/03/14 15:17:54 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/03/02 10:35:58 | 003,934,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2016/03/02 10:31:46 | 000,561,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe -- (avgwd)
SRV - [2016/03/02 10:26:14 | 000,604,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\Av\avgamps.exe -- (AvgAMPS)
SRV - [2016/02/23 08:53:32 | 001,215,560 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe -- (WtuSystemSupport)
SRV - [2016/02/23 08:53:30 | 001,949,768 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe -- (vToolbarUpdater40.2.6)
SRV - [2016/02/18 12:11:34 | 001,045,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe -- (avgsvc)
SRV - [2016/01/19 04:02:38 | 000,388,968 | ---- | M] (Digital Wave Ltd.) [Auto | Running] -- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe -- (DigitalWave.Update.Service)
SRV - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/10/05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/09/11 16:34:16 | 005,702,416 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2014/12/17 08:26:52 | 000,248,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe -- (UsbClientService)
SRV - [2014/05/30 00:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/05/20 00:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/13 12:07:22 | 000,270,336 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2011/08/02 16:47:26 | 000,145,256 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2010/07/27 01:44:03 | 000,137,680 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/05 15:17:56 | 003,450,368 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/03/02 10:21:12 | 000,269,232 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:[b]64bit:[/b] - [2016/02/03 11:53:04 | 000,378,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:[b]64bit:[/b] - [2016/01/26 11:04:26 | 000,315,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:[b]64bit:[/b] - [2016/01/26 11:04:26 | 000,272,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:[b]64bit:[/b] - [2016/01/08 10:46:34 | 000,023,472 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avguniva.sys -- (Avguniva)
DRV:[b]64bit:[/b] - [2015/12/04 14:27:46 | 000,042,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:[b]64bit:[/b] - [2015/11/06 15:50:34 | 000,184,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:[b]64bit:[/b] - [2015/10/21 16:16:48 | 000,284,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:[b]64bit:[/b] - [2015/10/08 07:46:44 | 000,302,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:[b]64bit:[/b] - [2015/10/05 09:50:18 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:[b]64bit:[/b] - [2015/10/05 09:50:06 | 000,025,816 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2015/06/10 22:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2015/03/26 09:55:30 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:[b]64bit:[/b] - [2015/01/16 16:22:32 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2014/09/01 07:50:04 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:[b]64bit:[/b] - [2014/05/30 00:28:53 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2014/04/02 14:11:09 | 000,036,400 | ---- | M] (EgisTec) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor)
DRV:[b]64bit:[/b] - [2014/03/31 17:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/03/11 08:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2013/11/28 14:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2013/08/29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2012/08/03 10:36:52 | 000,055,776 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\busenum.sys -- (busenum)
DRV:[b]64bit:[/b] - [2012/07/31 12:56:58 | 000,095,344 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb)
DRV:[b]64bit:[/b] - [2012/06/22 02:59:36 | 000,021,872 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/08/10 15:40:58 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:[/b] - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009/07/21 06:13:12 | 000,006,656 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidshim.sys -- (hidshim)
DRV:[b]64bit:[/b] - [2009/07/21 06:13:10 | 000,025,088 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvotonhidgeneric.sys -- (nuvotonhidgeneric)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2009/06/10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:[b]64bit:[/b] - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={63F36AB7-2180-4DA5-B9AB-F87D39D6D5E3}&mid=1f8abfa7ca2947d2805bd16f6b86d9e5-bd311cff3fb7c75d2e26d19fd8a060c42e7b6dae&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-09-01 08:50:40&v=4.2.6.552&pid=wtu&sg=&sap=hp
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={63F36AB7-2180-4DA5-B9AB-F87D39D6D5E3}&mid=1f8abfa7ca2947d2805bd16f6b86d9e5-bd311cff3fb7c75d2e26d19fd8a060c42e7b6dae&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-09-01 08:50:40&v=4.2.6.552&pid=wtu&sg=&sap=hp
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2526936491-2587096337-3177666286-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={63F36AB7-2180-4DA5-B9AB-F87D39D6D5E3}&mid=1f8abfa7ca2947d2805bd16f6b86d9e5-bd311cff3fb7c75d2e26d19fd8a060c42e7b6dae&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-09-01 08:50:40&v=4.2.5.441&pid=wtu&sg=&sap=hp
IE - HKU\S-1-5-21-2526936491-2587096337-3177666286-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2526936491-2587096337-3177666286-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-2526936491-2587096337-3177666286-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6B 6D C1 E4 6D 4E CF 01 [binary data]
IE - HKU\S-1-5-21-2526936491-2587096337-3177666286-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2526936491-2587096337-3177666286-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2526936491-2587096337-3177666286-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg.com/search?cid={63F36AB7-2180-4DA5-B9AB-F87D39D6D5E3}&mid=1f8abfa7ca2947d2805bd16f6b86d9e5-bd311cff3fb7c75d2e26d19fd8a060c42e7b6dae&lang=fr&ds=AVG&coid=avgtbavg&cmpid=1015tb&pr=fr&d=2014-09-01 08:50:40&v=4.1.8.599&pid=wtu&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2526936491-2587096337-3177666286-1000\..\SearchScopes\{9E870966-F090-49AD-BD67-BC84403DEA70}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-2526936491-2587096337-3177666286-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2526936491-2587096337-3177666286-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


[2015/03/10 11:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/03/09 16:06:20 | 000,000,000 | ---D | M] (CPS Addon) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\CPS2ter-2020_Firefox@asipsante.fr

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg\2.1.5_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\4.1.3_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (AVG Web TuneUp) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll (AVG)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\Av\avuirunnerx.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AvgUi] C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SrvSVCNAM] C:\Program Files (x86)\santesocial\srvsvcnam\SRVSVCNAM.exe (CNAMTS - GIE SESAM-Vitale)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2526936491-2587096337-3177666286-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe File not found
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe File not found
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43B03E83-EC33-4AB8-8F77-EECA7433B18A}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBB3B67F-1637-4822-85B1-3C4ED03B35F5}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{517c62e4-ba5a-11e3-8385-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{517c62e4-ba5a-11e3-8385-806e6f6e6963}\Shell\AutoRun\command - "" = D:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/03/15 17:20:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2016/03/08 10:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
[2016/03/02 10:21:12 | 000,269,232 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2016/03/01 14:42:30 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/03/01 14:41:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016/03/01 14:40:49 | 000,109,272 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2016/03/01 14:40:49 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2016/03/01 14:40:49 | 000,025,816 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2016/03/01 14:40:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016/02/28 14:28:50 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\htm.php_files

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/03/16 08:18:44 | 000,015,211 | ---- | M] () -- C:\Windows\EMAILWIN.INI
[2016/03/16 08:18:43 | 000,000,002 | ---- | M] () -- C:\Windows\NConvert.dat
[2016/03/16 08:15:58 | 001,669,820 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/03/16 08:15:58 | 000,748,142 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2016/03/16 08:15:58 | 000,655,132 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/03/16 08:15:58 | 000,149,750 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2016/03/16 08:15:58 | 000,122,004 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/03/16 08:15:53 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/03/16 08:15:53 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/03/16 08:13:20 | 000,000,350 | ---- | M] () -- C:\Windows\BRRBCOM.INI
[2016/03/16 08:12:56 | 000,000,041 | ---- | M] () -- C:\Windows\crw.ini
[2016/03/16 08:11:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/03/16 08:08:49 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/03/16 08:08:49 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2016/03/16 08:08:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/03/16 08:08:30 | 2143,494,143 | -HS- | M] () -- C:\hiberfil.sys
[2016/03/15 18:56:34 | 000,007,667 | ---- | M] () -- C:\Users\User\AppData\Local\resmon.resmoncfg
[2016/03/15 18:42:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/03/15 17:20:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2016/03/15 16:49:00 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\SlimCleaner Plus (Scheduled Scan - User).job
[2016/03/15 14:26:02 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/03/15 10:23:43 | 000,000,232 | ---- | M] () -- C:\Windows\Brpfx04a.ini
[2016/03/14 18:57:03 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/03/14 17:34:08 | 000,000,351 | ---- | M] () -- C:\prefs.js
[2016/03/14 15:17:51 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/03/14 15:17:50 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/03/02 16:47:19 | 000,001,963 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Démarrage du CCM.lnk
[2016/03/02 16:47:19 | 000,001,932 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VIDAL Menu.lnk
[2016/03/02 16:46:27 | 000,001,940 | ---- | M] () -- C:\Users\Public\Desktop\VIDAL Expert.lnk
[2016/03/02 16:46:27 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Synology Assistant.lnk
[2016/03/02 16:46:27 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\ShamanGED.lnk
[2016/03/02 16:46:27 | 000,000,080 | ---- | M] () -- C:\Users\Public\Desktop\Version d'évaluation d'OmniJoin.lnk
[2016/03/02 16:46:26 | 000,001,839 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2016/03/02 16:46:26 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2016/03/02 16:46:26 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/03/02 16:46:26 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\Shaman - Le Logiciel du Médecin.lnk
[2016/03/02 16:46:25 | 000,002,138 | ---- | M] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk
[2016/03/02 16:46:25 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2016/03/02 16:46:25 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\Gestionnaire de la carte CPS.lnk
[2016/03/02 16:46:25 | 000,001,396 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
[2016/03/02 16:46:25 | 000,001,239 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2016/03/02 16:46:25 | 000,000,860 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/03/02 16:45:03 | 000,002,281 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2016/03/02 16:45:03 | 000,001,457 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2016/03/02 16:45:03 | 000,000,829 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2016/03/02 16:45:03 | 000,000,290 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2016/03/02 16:45:03 | 000,000,272 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2016/03/02 16:45:00 | 000,000,976 | ---- | M] () -- C:\Users\User\Desktop\Téléassistance Shaman.lnk
[2016/03/02 16:44:58 | 000,001,070 | ---- | M] () -- C:\Users\User\Desktop\Glary Utilities.lnk
[2016/03/02 16:44:58 | 000,000,663 | ---- | M] () -- C:\Users\User\Desktop\Homeopathie 2005.lnk
[2016/03/02 16:44:58 | 000,000,392 | ---- | M] () -- C:\Users\User\Desktop\Spider Solitaire.lnk
[2016/03/02 16:44:57 | 000,000,993 | ---- | M] () -- C:\Users\User\Desktop\Acer Arcade Deluxe - Raccourci.lnk
[2016/03/02 10:21:12 | 000,269,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2016/02/28 14:28:50 | 000,031,337 | ---- | M] () -- C:\Users\User\Documents\htm.php.html

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/03/16 08:18:43 | 000,000,002 | ---- | C] () -- C:\Windows\NConvert.dat
[2016/03/01 15:32:16 | 000,000,080 | ---- | C] () -- C:\Users\Public\Desktop\Version d'évaluation d'OmniJoin.lnk
[2016/03/01 14:41:13 | 000,001,100 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/02/28 14:28:49 | 000,031,337 | ---- | C] () -- C:\Users\User\Documents\htm.php.html
[2016/01/30 13:13:26 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2016/01/27 17:39:48 | 000,033,193 | ---- | C] () -- C:\Users\User\AppData\Roaming\UserTile.png
[2015/11/22 14:45:09 | 000,000,232 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2015/11/22 14:45:09 | 000,000,092 | ---- | C] () -- C:\Windows\brpcfx.ini
[2015/11/22 14:03:34 | 000,000,350 | ---- | C] () -- C:\Windows\BRRBCOM.INI
[2014/08/04 13:20:32 | 000,007,667 | ---- | C] () -- C:\Users\User\AppData\Local\resmon.resmoncfg
[2014/04/07 13:22:29 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vidalhelper.dll
[2014/04/04 05:26:22 | 000,000,041 | ---- | C] () -- C:\Windows\crw.ini
[2014/04/03 20:43:54 | 000,015,211 | ---- | C] () -- C:\Windows\EMAILWIN.INI
[2014/04/02 14:32:40 | 001,690,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

Publicité


Signaler le contenu de ce document

Publicité