cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 26/04/2016 08:15:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\boss.LO9MAN-PC\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18282)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,65 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 31,62% Memory free
5,30 Gb Paging File | 2,57 Gb Available in Paging File | 48,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 44,65 Gb Free Space | 45,77% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 118,86 Gb Free Space | 32,29% Space Free | Partition Type: NTFS

Computer Name: LO9MAN-PC | User Name: boss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016/04/26 08:14:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\boss.LO9MAN-PC\Downloads\OTL.exe
PRC - [2016/04/13 10:37:29 | 000,881,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2016/04/04 19:54:23 | 000,034,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
PRC - [2016/03/21 17:04:58 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\GWX\GWX.exe
PRC - [2016/03/17 23:36:22 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2016/03/12 02:01:44 | 003,919,928 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2016/03/04 05:53:08 | 000,097,080 | ---- | M] (Baidu Inc.) -- C:\Program Files\baidu\Baidu Browser\sparkservice.exe
PRC - [2016/02/11 16:22:50 | 000,275,608 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2016/01/22 07:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2016/01/08 10:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) -- C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
PRC - [2015/12/18 15:51:23 | 002,572,928 | ---- | M] (Baidu, Inc.) -- C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavSvc.exe
PRC - [2015/12/18 15:51:23 | 001,997,296 | ---- | M] (Baidu, Inc.) -- C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavTray.exe
PRC - [2015/12/18 15:51:23 | 000,531,232 | ---- | M] (Baidu, Inc.) -- C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BHipsSvc.exe
PRC - [2015/11/29 21:12:32 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2015/11/11 11:31:58 | 004,327,632 | ---- | M] (Unified Intents AB) -- C:\Program Files\Unified Remote 3\RemoteServerWin.exe
PRC - [2015/08/27 14:13:44 | 000,237,272 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Update\DellUpService.exe
PRC - [2015/08/27 14:12:22 | 000,707,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Update\DellUpTray.exe
PRC - [2015/05/07 12:15:04 | 002,333,152 | ---- | M] (Baidu, Inc.) -- C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe
PRC - [2015/05/07 12:15:02 | 000,906,512 | ---- | M] (Baidu, Inc.) -- C:\Program Files\PC Faster\5.1.0.0\FasterNow.exe
PRC - [2015/05/07 12:14:58 | 001,714,448 | ---- | M] (Baidu, Inc.) -- C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe
PRC - [2015/05/07 12:14:58 | 001,714,448 | ---- | M] (Baidu, Inc.) -- C:\Program Files\PC Faster\5.1.0.0\CleanerEngineSvc.exe
PRC - [2014/07/09 00:09:40 | 006,741,720 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
PRC - [2014/07/05 01:21:04 | 001,011,416 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2014/05/30 09:51:56 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\Temp\080A78BC-C389-446C-BA95-534E6B4F2A83\DismHost.exe
PRC - [2014/01/14 00:02:54 | 000,198,664 | ---- | M] (Dell Products, LP.) -- C:\Program Files\Dell Digital Delivery\DeliveryService.exe
PRC - [2014/01/08 21:12:54 | 000,251,096 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
PRC - [2014/01/08 02:03:04 | 000,125,568 | ---- | M] (Qualcomm®Atheros®) -- C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe
PRC - [2009/11/18 01:15:08 | 000,087,968 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
PRC - [2007/04/27 08:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
PRC - [2007/04/27 02:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/04/25 03:27:00 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\148431d7315880a6045ead78248e4c6c\UIAutomationProvider.ni.dll
MOD - [2016/04/25 03:24:55 | 000,788,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\33ec17ad88f2e624d0abc46a91591a30\System.ServiceModel.Internals.ni.dll
MOD - [2016/04/25 03:24:36 | 019,547,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\c23a1dd23b02f6aa38c16a67bb4a5c3c\System.ServiceModel.ni.dll
MOD - [2016/04/25 03:24:03 | 002,803,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\09d2bd27d9df95bc3096cac9430aae04\System.Runtime.Serialization.ni.dll
MOD - [2016/04/25 03:21:41 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\6bac44302f35897bab679eaa7a70678f\SMDiagnostics.ni.dll
MOD - [2016/04/25 03:21:16 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\4a51709bd9d3f51564c96a7b436b4849\PresentationFramework-SystemXml.ni.dll
MOD - [2016/04/25 03:12:49 | 012,897,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e42a01563212f2436e3386d7748d2685\System.Windows.Forms.ni.dll
MOD - [2016/04/25 03:12:19 | 000,218,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\54e12c0f2f73d803470250093b9a642d\System.ServiceProcess.ni.dll
MOD - [2016/04/25 03:12:14 | 001,639,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\6361a1993e29d5f4abbe54641df5d680\System.Drawing.ni.dll
MOD - [2016/04/25 03:07:03 | 018,753,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\4f0e1099828250667bddf5ae389519c8\PresentationFramework.ni.dll
MOD - [2016/04/25 03:06:47 | 011,014,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7d3318fc90a84f69a9d2e5111924b07e\PresentationCore.ni.dll
MOD - [2016/04/25 03:06:36 | 006,982,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93569d63311a820943644a60beaf909d\System.Core.ni.dll
MOD - [2016/04/25 03:06:35 | 001,873,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\9fe1a17590c090ec7521cad94080afda\System.Xaml.ni.dll
MOD - [2016/04/25 03:06:32 | 003,907,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\453a3ea34602c081c0bed94bc0a7a1f3\WindowsBase.ni.dll
MOD - [2016/04/25 03:06:31 | 000,967,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\e8a83149fe6f7706e9f5e16377f7d175\System.Configuration.ni.dll
MOD - [2016/04/25 03:06:30 | 000,458,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\414b7675746e0d1e6c1089e558447ad5\PresentationFramework.Aero.ni.dll
MOD - [2016/04/25 03:04:05 | 007,787,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\15f700b03eeb82a04fceb518984d0908\System.Xml.ni.dll
MOD - [2016/04/25 03:03:52 | 010,069,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\85cfc067e323f00f43254de906523a60\System.ni.dll
MOD - [2016/04/24 22:28:59 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\232495ea0368dada2d208c51f0e5349c\UIAutomationTypes.ni.dll
MOD - [2016/04/24 09:39:10 | 001,172,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\a48bd2a02ed1ae2fbb79ef8797f0c5f6\System.Management.ni.dll
MOD - [2016/04/24 09:38:44 | 000,043,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\d9ef873b190c9df202c3f9f8a5d38c48\Accessibility.ni.dll
MOD - [2016/04/24 09:38:39 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MOD - [2016/04/13 10:37:05 | 001,738,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\50.0.2661.75\libglesv2.dll
MOD - [2016/04/13 10:36:54 | 000,086,168 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\50.0.2661.75\libegl.dll
MOD - [2015/12/18 15:51:31 | 000,277,488 | ---- | M] () -- C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\Pulgin_Dark_DeleteFileTip.dll
MOD - [2015/03/31 08:22:52 | 000,595,824 | ---- | M] () -- C:\Program Files\PC Faster\5.1.0.0\sqlite.dll
MOD - [2014/01/08 01:49:20 | 000,072,704 | ---- | M] () -- C:\Program Files\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
MOD - [2013/01/16 06:27:30 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Sosition\SstrprSrv.exe {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} -- (SstrprSrv)
SRV - File not found [Auto | Stopped] -- C:\ProgramData\\Holdtam\\Holdtam.exe shuz -- (Holdtam)
SRV - File not found [Auto | Stopped] -- C:\ProgramData\\CloudPrinter\\CloudPrinter.exe shuz -- (CloudPrinter)
SRV - File not found [Auto | Stopped] -- C:\Program Files\hohobnd\ghabuk.exe {154DFF63-3402-4815-941A-AAD63AE8B428} -- (BugreportW)
SRV - [2016/04/20 18:09:51 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2016/04/19 17:10:47 | 001,087,792 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe -- (FlexNet Licensing Service)
SRV - [2016/03/31 01:45:45 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016/03/04 05:53:08 | 000,097,080 | ---- | M] (Baidu Inc.) [Auto | Running] -- C:\Program Files\baidu\Baidu Browser\sparkservice.exe -- (SparkSvc)
SRV - [2016/01/08 10:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) [Auto | Running] -- C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe -- (ss_conn_service)
SRV - [2015/12/18 15:51:23 | 002,572,928 | ---- | M] (Baidu, Inc.) [Auto | Running] -- C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavSvc.exe -- (BavSvc)
SRV - [2015/12/18 15:51:23 | 000,531,232 | ---- | M] (Baidu, Inc.) [Auto | Running] -- C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BHipsSvc.exe -- (BHipsSvc)
SRV - [2015/12/17 08:52:01 | 001,372,472 | ---- | M] (Baidu.com, Inc.) [On_Demand | Stopped] -- C:\Program Files\Baidu\SparkUpdate\Sparkupdate.exe -- (SparkUpdater)
SRV - [2015/11/11 11:31:58 | 004,327,632 | ---- | M] (Unified Intents AB) [Auto | Running] -- C:\Program Files\Unified Remote 3\RemoteServerWin.exe -- (RemoteServerWin)
SRV - [2015/08/27 14:13:44 | 000,237,272 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Update\DellUpService.exe -- (DellUpdate)
SRV - [2015/07/22 19:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/07/09 13:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/05/22 10:01:44 | 003,464,504 | ---- | M] (Baidu, Inc.) [On_Demand | Stopped] -- C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavAdvTools\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe -- (BsrSvc)
SRV - [2015/05/07 12:14:58 | 001,714,448 | ---- | M] (Baidu, Inc.) [Auto | Running] -- C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe -- (PCFasterSvc_{PCFaster_5.1.0.0})
SRV - [2015/03/05 07:12:04 | 000,391,200 | ---- | M] (Baidu, Inc.) [On_Demand | Stopped] -- C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BdSandboxSrv.exe -- (BdSandboxSrv)
SRV - [2014/01/14 00:02:54 | 000,198,664 | ---- | M] (Dell Products, LP.) [Auto | Running] -- C:\Program Files\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2014/01/08 21:12:54 | 000,251,096 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe -- (RtkAudioService)
SRV - [2014/01/08 02:02:48 | 000,275,072 | ---- | M] (Windows (R) Win 7 DDK provider) [On_Demand | Stopped] -- C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2013/05/27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013/01/25 13:25:14 | 000,277,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011/07/28 18:35:44 | 000,262,144 | ---- | M] (Arcai.com) [On_Demand | Stopped] -- C:\Program Files\netcut\services\AIPS.exe -- (AIPS)
SRV - [2011/02/25 07:30:54 | 000,413,936 | ---- | M] () [Auto | Running] -- C:\Windows\System32\winsecsrv.dll -- (winsecsrv)
SRV - [2011/02/25 07:30:54 | 000,413,936 | ---- | M] () [Auto | Running] -- C:\Windows\System32\wintvprojects.dll -- (TMUpdate008)
SRV - [2010/11/20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/06/25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/11/18 01:15:08 | 000,087,968 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe -- (AERTFilters)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2007/04/27 08:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2007/04/27 02:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2016/03/17 16:27:54 | 000,023,272 | ---- | M] (Splashtop Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stdpms.sys -- (stdpms)
DRV - [2016/01/28 11:20:10 | 000,134,248 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2016/01/08 10:51:54 | 000,099,296 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2015/12/18 15:51:33 | 000,195,528 | ---- | M] (Baidu, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Bprotect.sys -- (Bprotect)
DRV - [2015/12/18 15:51:32 | 000,461,192 | ---- | M] (Baidu, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\bndef.sys -- (Bndef)
DRV - [2015/12/18 15:51:32 | 000,138,184 | ---- | M] (Baidu, Inc.) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\BHipsEx.sys -- (BHipsEx)
DRV - [2015/12/18 15:51:32 | 000,101,448 | ---- | M] (Baidu, Inc.) [Kernel | On_Demand | Unknown] -- C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BdApiUtil.sys -- (BdApiUtil)
DRV - [2015/12/18 15:51:32 | 000,084,936 | ---- | M] (Baidu, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\Bnmon.sys -- (Bnmon)
DRV - [2015/12/18 15:51:32 | 000,075,400 | ---- | M] (Baidu, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\bnbasex.sys -- (Bnbase)
DRV - [2015/12/18 15:51:32 | 000,074,888 | ---- | M] (Baidu, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Bhbase.sys -- (Bhbase)
DRV - [2015/12/18 15:51:32 | 000,051,144 | ---- | M] (Baidu, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\Bfilter.sys -- (Bfilter)
DRV - [2015/12/18 15:51:32 | 000,031,176 | ---- | M] (Baidu, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\Bfmon.sys -- (Bfmon)
DRV - [2015/12/18 15:51:32 | 000,021,384 | ---- | M] (Baidu, Inc.) [Kernel | On_Demand | Unknown] -- C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BdCameraProtect.sys -- (BdCameraProtect)
DRV - [2015/11/28 10:37:44 | 000,018,880 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PC Faster\5.1.0.0\FileKill_x86.sys -- (Baidu PC Faster FileShredder)
DRV - [2015/11/05 17:46:24 | 000,022,520 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\uvhid.sys -- (uvhid)
DRV - [2015/10/08 09:00:30 | 000,114,368 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2015/06/11 19:15:04 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2015/05/15 05:09:47 | 000,082,376 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bdark.sys -- (bdark)
DRV - [2015/03/31 08:23:06 | 000,118,152 | ---- | M] (Baidu, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\PC Faster\5.1.0.0\PCFApiUtil.sys -- (PCFApiUtil)
DRV - [2015/03/31 08:22:54 | 000,113,992 | ---- | M] (Baidu, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\BprotectEx.sys -- (BprotectEx)
DRV - [2015/03/05 07:12:09 | 000,197,624 | ---- | M] (Baidu, Inc.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\BdSandbox.sys -- (BDSandBox)
DRV - [2014/08/14 11:18:29 | 000,037,408 | ---- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\System32\drivers\ndisrd.sys -- (ndisrd)
DRV - [2014/01/08 01:42:12 | 000,506,664 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btfilter.sys -- (BtFilter)
DRV - [2014/01/08 01:42:12 | 000,295,208 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV - [2014/01/08 01:42:12 | 000,158,688 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV - [2014/01/08 01:42:12 | 000,120,616 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV - [2014/01/08 01:42:12 | 000,102,184 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_avdt.sys -- (btath_avdt)
DRV - [2014/01/08 01:42:12 | 000,080,680 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_flt.sys -- (AthBTPort)
DRV - [2014/01/08 01:42:12 | 000,066,448 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV - [2014/01/08 01:42:12 | 000,027,976 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_bus.sys -- (BTATH_BUS)
DRV - [2013/12/23 21:05:58 | 003,244,544 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2013/11/01 23:40:22 | 000,244,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV - [2013/07/28 23:24:02 | 000,034,928 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Wireless\AthrTS6_x86.sys -- (Atheros Traffic Shaping)
DRV - [2013/02/12 05:32:45 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb80236.sys -- (usbrndis6)
DRV - [2013/02/08 00:08:55 | 000,359,936 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2013/02/04 10:59:52 | 000,527,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaStorA.sys -- (iaStorA)
DRV - [2013/02/04 10:59:50 | 000,026,096 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaStorF.sys -- (iaStorF)
DRV - [2013/01/23 16:57:32 | 000,056,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2012/12/04 03:21:12 | 000,796,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV - [2012/12/04 03:21:12 | 000,351,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3hub.sys -- (iusb3hub)
DRV - [2012/12/04 03:21:12 | 000,016,440 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV - [2012/04/15 23:32:14 | 001,068,216 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\wcmvcam.sys -- (WCMVCAM)
DRV - [2011/02/25 07:30:54 | 000,123,504 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\winlsecsrv.sys -- (winlsecsrv)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/06/25 19:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2008/04/06 23:41:42 | 000,171,520 | ---- | M] (Chingachguk & Denger2k) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vusbbus.sys -- (vusbbus)
DRV - [2007/04/27 08:40:00 | 000,090,688 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\sentinel.sys -- (Sentinel)
DRV - [2007/04/27 08:40:00 | 000,035,328 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SNTNLUSB.SYS -- (SNTNLUSB)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.dz
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQpeVg9IFgYRbVoPBFpcFQQaJRQBVABCDAARdl0NV1pEFQFCcB9aFQQTSEcFME0FCFwEURNNfX1REloeV1BRFEtdAEoEU1A=&q={searchTerms}
IE - HKLM\..\SearchScopes\ielnksrch: "URL" = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBVRmzv2pJwNObKlUtamOf1KwNTjgVM1L22wZ2ouAZGUptvEgl-olKCccJJodivcUbMi5p0Efo9NNnDpq7RctYx5glHSsUlcw5mMDF3yG2j3H85JeFwNRnozoFOu_8uF_cTz-1_cnxVc4XfH2Dia5U31cuh5fdcR-Mg3DIZFDfEWVXlsKYjUnk0&q={searchTerms}
IE - HKLM\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-12070530-1120083803-506124297-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/AuthorwarePlayer: C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll (Macromedia, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.77.2: C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2: C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\boss.LO9MAN-PC\AppData\Roaming\IDM\idmmzcc5 [2016/04/26 08:04:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016/03/10 16:21:08 | 000,030,339 | ---- | M] ()

[2012/10/01 21:33:44 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.11_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.7_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.13.257_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\4.1.6_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek\6.25.15_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\3.8_0\
CHR - Extension: No name found = C:\Users\boss.LO9MAN-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No CLSID value found.
O4 - HKLM..\Run: [Baidu Antivirus] C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavTray.exe (Baidu, Inc.)
O4 - HKLM..\Run: [Baidu PC Faster 4.0.0.0] C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe (Baidu, Inc.)
O4 - HKLM..\Run: [Baidu PC Faster 5.1.0.0] C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe (Baidu, Inc.)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-12070530-1120083803-506124297-1009..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-12070530-1120083803-506124297-1009..\Run: [uTorrent] C:\Users\boss.LO9MAN-PC\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 0
O7 - HKU\S-1-5-21-12070530-1120083803-506124297-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Cliquer pour appeler Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Cliquer pour appeler Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{335B7D5F-A437-436C-B016-9534EA8FDB15}: NameServer = 8.8.8.8,8.4.4.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CE27985-3092-4A94-AE26-01B07D572B71}: DhcpNameServer = 192.168.100.100 192.168.100.103
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AEBF57ED-E369-408F-8C1A-8DEE956ACDB1}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DABA7950-0A52-40EB-A7FD-FCCB17A2423D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/04/26 08:04:40 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2016/04/25 16:53:22 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\EPASWMM
[2016/04/25 16:39:41 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\Documents\Modèles Office personnalisés
[2016/04/25 15:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HyfranPlus
[2016/04/25 15:02:32 | 000,000,000 | ---D | C] -- C:\Hyfran Plus Complet
[2016/04/25 07:58:47 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\Desktop\issai de plans - Copie - Copie
[2016/04/25 02:10:08 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Sun
[2016/04/25 02:10:08 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\.oracle_jre_usage
[2016/04/24 22:00:10 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\GlobalMapper
[2016/04/24 21:58:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Global Mapper
[2016/04/24 21:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalMapper16
[2016/04/24 21:54:41 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\Downloaded Installations
[2016/04/24 20:52:41 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\Documents\Camtasia Studio
[2016/04/24 20:45:50 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\Desktop\tout ici
[2016/04/24 20:39:06 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2016/04/24 20:27:28 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\Efham_Computer
[2016/04/24 20:24:14 | 003,998,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016/04/24 20:24:14 | 003,943,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016/04/24 20:24:09 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2016/04/24 20:24:09 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2016/04/24 20:24:08 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016/04/24 20:24:08 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016/04/24 20:24:08 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2016/04/24 20:24:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016/04/24 20:24:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016/04/24 20:24:06 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016/04/24 20:24:06 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidapi.dll
[2016/04/24 20:24:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2016/04/24 20:24:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2016/04/24 20:24:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2016/04/24 20:24:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2016/04/24 20:24:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2016/04/24 20:24:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2016/04/24 20:24:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2016/04/24 20:24:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2016/04/24 20:24:04 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidpolicyconverter.exe
[2016/04/24 20:24:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016/04/24 20:24:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2016/04/24 20:24:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2016/04/24 20:24:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2016/04/24 20:24:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2016/04/24 20:24:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2016/04/24 20:24:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2016/04/24 20:24:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2016/04/24 20:24:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016/04/24 20:24:02 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016/04/24 20:24:02 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidcertstorecheck.exe
[2016/04/24 20:24:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2016/04/24 20:24:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2016/04/24 20:24:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2016/04/24 20:24:01 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016/04/24 20:24:01 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016/04/24 09:15:42 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2adec.dll
[2016/04/24 09:15:41 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2016/04/24 09:15:41 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2016/04/24 09:15:41 | 000,829,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2016/04/24 09:15:40 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2016/04/24 09:15:39 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2016/04/24 09:15:38 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2016/04/24 09:15:38 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2016/04/24 09:15:37 | 001,568,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2016/04/24 09:15:37 | 000,740,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2016/04/24 09:15:37 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2016/04/24 09:15:36 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2016/04/24 09:15:36 | 000,728,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2016/04/24 09:15:36 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2016/04/24 09:15:36 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2016/04/24 09:15:35 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2016/04/24 09:15:35 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2016/04/24 09:15:34 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2016/04/24 09:15:34 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2016/04/24 09:15:34 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2016/04/24 09:15:34 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2016/04/24 09:15:34 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2016/04/24 09:15:33 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2016/04/24 09:15:32 | 001,325,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2016/04/24 09:15:32 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2016/04/24 09:15:32 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2016/04/24 09:15:32 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2016/04/24 09:15:32 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2016/04/24 09:15:32 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2016/04/24 09:15:31 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2016/04/24 09:15:31 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2016/04/24 09:15:31 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2016/04/24 09:15:31 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2016/04/24 09:15:30 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2016/04/24 09:15:30 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2016/04/24 09:15:30 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2016/04/24 09:15:29 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2016/04/24 09:15:29 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
[2016/04/24 09:15:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2016/04/24 09:15:14 | 001,251,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2016/04/24 09:13:09 | 002,973,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2016/04/24 09:13:08 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2016/04/24 09:13:08 | 001,498,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2016/04/24 09:12:41 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2016/04/24 09:11:54 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2016/04/24 09:11:06 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2016/04/24 09:11:05 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jnwmon.dll
[2016/04/24 09:09:12 | 002,956,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2016/04/24 09:09:12 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2016/04/24 09:09:12 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2016/04/24 09:09:11 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2016/04/24 09:09:11 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2016/04/24 09:09:11 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2016/04/24 09:09:11 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2016/04/24 09:09:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2016/04/24 09:09:11 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2016/04/24 09:07:12 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016/04/24 09:07:12 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016/04/24 09:07:12 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016/04/24 09:07:11 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016/04/24 09:07:11 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016/04/24 09:07:11 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016/04/24 09:07:10 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016/04/24 09:07:10 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016/04/24 09:07:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016/04/24 09:07:08 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016/04/24 09:07:08 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016/04/24 09:07:07 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016/04/24 09:07:05 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016/04/24 09:07:05 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016/04/24 09:07:03 | 004,611,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2016/04/24 09:07:00 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016/04/24 09:07:00 | 000,689,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016/04/24 09:07:00 | 000,346,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016/04/24 09:07:00 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2016/04/24 09:07:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016/04/24 09:06:59 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016/04/24 09:06:59 | 000,693,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016/04/24 09:06:57 | 002,056,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016/04/24 09:06:57 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016/04/24 09:06:56 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016/04/24 09:02:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2016/04/24 09:02:04 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2016/04/24 09:02:04 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2016/04/24 08:57:26 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2016/04/24 08:57:21 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2016/04/24 08:57:21 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2016/04/24 08:57:20 | 001,218,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2016/04/24 08:57:20 | 000,957,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2016/04/24 08:57:20 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2016/04/24 08:57:20 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2016/04/24 08:57:20 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2016/04/24 08:57:20 | 000,034,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2016/04/24 08:56:49 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2016/04/24 08:56:43 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2016/04/24 08:56:42 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2016/04/24 08:56:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2016/04/24 08:56:42 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2016/04/24 08:56:37 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucrtbase.dll
[2016/04/24 08:56:37 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
[2016/04/24 08:56:37 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
[2016/04/24 08:56:37 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll
[2016/04/24 08:56:37 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
[2016/04/24 08:56:37 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
[2016/04/24 08:56:37 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll
[2016/04/24 08:56:37 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll
[2016/04/24 08:56:36 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
[2016/04/24 08:56:36 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
[2016/04/24 08:56:36 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
[2016/04/24 08:56:36 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
[2016/04/24 08:56:36 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
[2016/04/24 08:56:36 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
[2016/04/24 08:56:36 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
[2016/04/24 08:56:36 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
[2016/04/24 08:56:36 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
[2016/04/24 08:56:36 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
[2016/04/24 08:56:36 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
[2016/04/24 08:56:36 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll
[2016/04/24 08:56:36 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll
[2016/04/24 08:56:35 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
[2016/04/24 08:56:35 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
[2016/04/24 08:55:05 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2016/04/24 08:55:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2016/04/24 08:55:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2016/04/24 08:55:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2016/04/24 08:43:00 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2016/04/24 08:38:43 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
[2016/04/24 08:15:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2016/04/24 08:14:15 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2016/04/24 08:14:15 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2016/04/24 08:07:11 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2016/04/24 08:07:11 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2016/04/24 08:07:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fixmapi.exe
[2016/04/23 21:53:56 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Foxit Software
[2016/04/23 21:38:20 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\IDM
[2016/04/23 21:38:20 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\DMCache
[2016/04/23 21:16:42 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\uTorrent
[2016/04/23 21:11:50 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\Desktop\BaiduWifi
[2016/04/23 15:00:42 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\GWX
[2016/04/22 18:02:06 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\CrashDumps
[2016/04/22 16:22:19 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\ElevatedDiagnostics
[2016/04/22 14:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Plexscape
[2016/04/22 14:41:33 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\baidu
[2016/04/22 14:36:14 | 000,000,000 | ---D | C] -- C:\Program Files\Plexscape
[2016/04/22 14:36:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Plexscape
[2016/04/22 14:34:06 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\WinRAR
[2016/04/22 14:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\Geomedia SA
[2016/04/22 14:21:17 | 000,018,944 | ---- | C] (Géomédia S.A.) -- C:\Cov2007Base.arx
[2016/04/22 14:05:40 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Autodesk
[2016/04/22 14:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\AutoCAD 2008
[2016/04/22 14:01:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2016/04/22 14:01:45 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\Autodesk
[2016/04/22 14:01:45 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2016/04/22 13:53:29 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\BMExplorer
[2016/04/22 13:53:29 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\Documents\Bluetooth Folder
[2016/04/22 13:53:22 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\PC Faster
[2016/04/22 13:53:18 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Atheros
[2016/04/22 13:53:09 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\Google
[2016/04/22 13:53:05 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2016/04/22 13:53:05 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2016/04/22 13:53:04 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\Searches
[2016/04/22 13:52:51 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Identities
[2016/04/22 13:52:49 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\Contacts
[2016/04/22 13:52:42 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Adobe
[2016/04/22 13:52:38 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\VirtualStore
[2016/04/22 13:50:01 | 000,000,000 | -H-D | C] -- C:\Users\boss.LO9MAN-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2016/04/22 13:49:56 | 000,000,000 | --SD | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Microsoft
[2016/04/22 13:49:56 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\Videos
[2016/04/22 13:49:56 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\Saved Games
[2016/04/22 13:49:56 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\Pictures
[2016/04/22 13:49:56 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\Music
[2016/04/22 13:49:56 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2016/04/22 13:49:56 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\Links
[2016/04/22 13:49:56 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\Favorites
[2016/04/22 13:49:56 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\Downloads
[2016/04/22 13:49:56 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\Documents
[2016/04/22 13:49:56 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\Desktop
[2016/04/22 13:49:56 | 000,000,000 | R--D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Voisinage réseau
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Voisinage d'impression
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\Temporary Internet Files
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\SendTo
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Recent
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Modèles
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Documents\Mes vidéos
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Documents\Mes images
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Mes documents
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Menu Démarrer
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Documents\Ma musique
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Local Settings
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\Historique
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Cookies
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\Application Data
[2016/04/22 13:49:56 | 000,000,000 | -HSD | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\Application Data
[2016/04/22 13:49:56 | 000,000,000 | -H-D | C] -- C:\Users\boss.LO9MAN-PC\AppData
[2016/04/22 13:49:56 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\Temp
[2016/04/22 13:49:56 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Local\Microsoft
[2016/04/22 13:49:56 | 000,000,000 | ---D | C] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Media Center Programs
[2016/04/21 08:18:11 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalMapper13
[2016/04/20 16:30:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/04/19 17:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2016/04/19 17:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2016/04/18 14:27:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\QuickTime
[2016/04/18 14:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2016/04/18 14:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2016/04/18 14:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2016/04/18 14:26:39 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2016/04/15 09:34:53 | 000,000,000 | ---D | C] -- C:\extensions
[2016/04/15 09:33:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\dmp
[2016/04/15 09:29:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2016/04/15 09:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\ContentPush
[2016/04/11 20:47:23 | 000,000,000 | ---D | C] -- C:\Program Files\INRS-ETE
[2016/04/10 21:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Qualcomm Atheros
[2016/04/10 18:40:07 | 000,099,296 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2016/04/10 00:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2016/04/10 00:28:37 | 000,095,808 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2016/04/10 00:28:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2016/04/10 00:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2016/04/10 00:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2016/04/07 23:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2016/04/07 23:45:16 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop
[2016/04/07 08:20:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\%LOCALAPPDATA%
[2016/04/06 11:40:45 | 000,000,000 | ---D | C] -- C:\Output
[2016/04/06 11:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\Aostsoft Image to Word OCR Converter
[2016/04/05 18:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/04/26 08:19:56 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/04/26 08:19:56 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/04/26 08:02:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/04/26 08:02:45 | 2133,868,544 | -HS- | M] () -- C:\hiberfil.sys
[2016/04/25 15:04:25 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\HyfranPlus.lnk
[2016/04/25 14:27:41 | 000,758,040 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2016/04/25 14:27:41 | 000,663,504 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016/04/25 14:27:41 | 000,155,494 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2016/04/25 14:27:41 | 000,126,530 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016/04/24 22:01:32 | 000,001,474 | ---- | M] () -- C:\Users\boss.LO9MAN-PC\Desktop\global_mapper - Raccourci.lnk
[2016/04/24 21:58:17 | 000,000,008 | ---- | M] () -- C:\Windows\System32\PROTOCOL.INI
[2016/04/24 20:39:07 | 000,000,982 | ---- | M] () -- C:\Users\boss.LO9MAN-PC\Desktop\Internet Download Manager.lnk
[2016/04/24 10:54:05 | 000,506,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016/04/23 21:22:35 | 000,000,869 | ---- | M] () -- C:\Users\boss.LO9MAN-PC\Desktop\µTorrent.lnk
[2016/04/23 21:22:35 | 000,000,849 | ---- | M] () -- C:\Users\boss.LO9MAN-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2016/04/23 21:07:12 | 000,001,323 | ---- | M] () -- C:\Users\boss.LO9MAN-PC\Desktop\netcut - Raccourci.lnk
[2016/04/23 21:04:18 | 000,001,104 | ---- | M] () -- C:\Users\boss.LO9MAN-PC\Desktop\Baidu WiFi Hotspot.lnk
[2016/04/22 18:35:03 | 000,025,216 | ---- | M] () -- C:\Users\boss.LO9MAN-PC\Documents\Dessin1_recover.dwg
[2016/04/22 17:42:40 | 000,002,226 | ---- | M] () -- C:\Users\boss.LO9MAN-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2016/04/22 17:30:48 | 000,001,669 | ---- | M] () -- C:\Users\boss.LO9MAN-PC\Desktop\PlexscapeServerEmulator - Raccourci.lnk
[2016/04/22 16:31:49 | 000,000,000 | ---- | M] () -- C:\Windows\NetMedic.INI
[2016/04/22 14:41:53 | 000,002,149 | ---- | M] () -- C:\Users\boss.LO9MAN-PC\Desktop\Google Earth Pro.lnk
[2016/04/22 14:29:13 | 000,002,038 | ---- | M] () -- C:\Users\Public\Desktop\COVADIS pour AutoCAD 2008.lnk
[2016/04/22 14:25:22 | 000,002,356 | ---- | M] () -- C:\Users\Public\Desktop\Editeur de Base d'Articles.lnk
[2016/04/22 14:25:22 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Calcul Topométrique.lnk
[2016/04/22 14:06:48 | 000,001,912 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2008 - Français.lnk
[2016/04/21 15:05:04 | 000,374,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2016/04/19 17:11:51 | 000,000,147 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2016/04/18 14:27:15 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2016/04/15 11:03:15 | 000,002,202 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/04/10 00:27:38 | 000,095,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2016/04/09 13:15:20 | 000,000,438 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2016/04/04 19:54:23 | 000,034,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2016/04/04 19:42:45 | 000,957,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2016/04/02 15:07:24 | 001,218,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2016/03/31 20:41:03 | 000,346,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016/03/31 02:02:57 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016/03/31 02:02:46 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016/03/31 01:52:58 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016/03/31 01:52:36 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016/03/31 01:52:30 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016/03/31 01:52:15 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016/03/31 01:48:46 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016/03/31 01:48:14 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016/03/31 01:46:41 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016/03/31 01:45:45 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016/03/31 01:45:41 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016/03/31 01:45:24 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016/03/31 01:41:07 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016/03/31 01:38:20 | 000,416,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016/03/31 01:34:28 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016/03/31 01:33:46 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2016/03/31 01:31:51 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016/03/31 01:30:42 | 004,611,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2016/03/31 01:30:30 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016/03/31 01:23:21 | 000,693,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016/03/31 01:23:17 | 000,689,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016/03/31 01:23:09 | 002,056,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016/03/31 01:22:53 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016/03/31 01:00:46 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016/03/29 19:35:49 | 002,397,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/04/25 15:04:25 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\HyfranPlus.lnk
[2016/04/24 22:01:32 | 000,001,474 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Desktop\global_mapper - Raccourci.lnk
[2016/04/24 21:58:17 | 000,000,008 | ---- | C] () -- C:\Windows\System32\PROTOCOL.INI
[2016/04/24 20:39:07 | 000,000,982 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Desktop\Internet Download Manager.lnk
[2016/04/23 21:22:35 | 000,000,869 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Desktop\µTorrent.lnk
[2016/04/23 21:22:35 | 000,000,849 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2016/04/23 21:07:12 | 000,001,323 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Desktop\netcut - Raccourci.lnk
[2016/04/23 21:04:17 | 000,001,104 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Desktop\Baidu WiFi Hotspot.lnk
[2016/04/22 18:35:03 | 000,025,216 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Documents\Dessin1_recover.dwg
[2016/04/22 17:30:48 | 000,001,669 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Desktop\PlexscapeServerEmulator - Raccourci.lnk
[2016/04/22 16:31:49 | 000,000,000 | ---- | C] () -- C:\Windows\NetMedic.INI
[2016/04/22 14:41:53 | 000,002,149 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Desktop\Google Earth Pro.lnk
[2016/04/22 14:29:13 | 000,002,038 | ---- | C] () -- C:\Users\Public\Desktop\COVADIS pour AutoCAD 2008.lnk
[2016/04/22 14:25:22 | 000,002,356 | ---- | C] () -- C:\Users\Public\Desktop\Editeur de Base d'Articles.lnk
[2016/04/22 14:25:22 | 000,002,290 | ---- | C] () -- C:\Users\Public\Desktop\Calcul Topométrique.lnk
[2016/04/22 14:21:17 | 000,001,662 | ---- | C] () -- C:\covadis9.reg
[2016/04/22 14:06:48 | 000,001,912 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2008 - Français.lnk
[2016/04/22 13:53:10 | 000,002,226 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2016/04/22 13:52:42 | 000,001,432 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2016/04/22 13:49:56 | 000,000,290 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2016/04/22 13:49:56 | 000,000,272 | ---- | C] () -- C:\Users\boss.LO9MAN-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2016/04/20 17:46:00 | 000,002,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
[2016/04/19 17:11:51 | 000,000,147 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2016/04/18 14:27:15 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2016/04/15 11:03:19 | 000,002,214 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2016/04/15 11:03:15 | 000,002,202 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/03/31 21:51:52 | 000,002,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
[2016/03/06 22:52:47 | 000,000,496 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2016/02/04 09:55:38 | 000,000,894 | ---- | C] () -- C:\ProgramData\ProgramData.lnk
[2015/12/18 21:23:04 | 000,269,849 | ---- | C] () -- C:\ProgramData\1450466352.bdinstall.bin
[2015/12/18 15:51:50 | 000,082,376 | ---- | C] () -- C:\Windows\System32\drivers\bdark.sys
[2015/12/18 15:04:42 | 000,123,504 | ---- | C] () -- C:\Windows\System32\drivers\winlsecsrv.sys
[2015/12/01 17:11:18 | 000,413,936 | ---- | C] () -- C:\Windows\System32\wintvprojects.dll
[2015/12/01 17:11:18 | 000,413,936 | ---- | C] () -- C:\Windows\System32\winsecsrv.dll
[2015/12/01 17:11:18 | 000,123,504 | ---- | C] () -- C:\Windows\System32\winlsecsrv.sys
[2015/12/01 17:11:18 | 000,123,504 | ---- | C] () -- C:\Windows\System32\gamzextime.sys
[2015/11/28 10:51:23 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2015/11/28 10:50:01 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2015/11/28 00:57:12 | 000,014,501 | ---- | C] () -- C:\ProgramData\Duplicaterecord.js
[2015/11/27 09:10:46 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/11/27 09:09:25 | 005,804,772 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2015/11/27 09:09:20 | 001,262,807 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2015/11/27 09:00:48 | 000,001,536 | ---- | C] () -- C:\Windows\System32\RtkMsgs.dll
[2015/11/26 15:09:41 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2015/11/26 15:09:41 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2015/11/26 14:05:09 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2015/11/26 14:05:09 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2015/11/26 14:03:10 | 000,271,264 | ---- | C] () -- C:\Windows\System32\vbrun100.dll
[2015/11/26 14:03:10 | 000,210,944 | ---- | C] () -- C:\Windows\System32\msvcrt10.dll
[2015/11/26 14:02:10 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2015/11/26 14:01:51 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2015/11/26 14:01:41 | 000,064,512 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2015/11/26 14:01:28 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2015/11/26 14:01:18 | 000,754,652 | ---- | C] () -- C:\Windows\System32\igcodeckrng700.bin
[2015/11/26 14:01:18 | 000,598,384 | ---- | C] () -- C:\Windows\System32\igvpkrng700.bin
[2015/11/26 14:00:48 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
[2015/11/26 14:00:28 | 000,849,474 | ---- | C] () -- C:\Windows\System32\drivers\rtwavesskdy.dat
[2015/11/26 14:00:20 | 000,188,557 | ---- | C] () -- C:\Windows\System32\drivers\RTWAVES40.dat
[2013/02/07 14:22:00 | 000,050,330 | ---- | C] () -- C:\Program Files\AntiDust.exe

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/01/22 08:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2016/04/22 11:07:10 | 000,000,000 | ---D | M] -- C:\Users\boss\AppData\Roaming\PC Faster
[2016/04/24 14:50:20 | 000,000,000 | ---D | M] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Autodesk
[2016/04/23 21:04:17 | 000,000,000 | ---D | M] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\baidu
[2016/04/25 10:45:32 | 000,000,000 | ---D | M] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\DMCache
[2016/04/25 17:00:29 | 000,000,000 | ---D | M] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\EPASWMM
[2016/04/23 21:53:56 | 000,000,000 | ---D | M] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\Foxit Software
[2016/04/24 23:05:47 | 000,000,000 | ---D | M] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\IDM
[2016/04/22 13:53:22 | 000,000,000 | ---D | M] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\PC Faster
[2016/04/26 08:05:30 | 000,000,000 | ---D | M] -- C:\Users\boss.LO9MAN-PC\AppData\Roaming\uTorrent
[2016/03/26 18:15:00 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\Baidu
[2016/04/22 13:53:23 | 000,000,000 | ---D | M] -- C:\Users\LO9MAN\AppData\Roaming\PC Faster
[2016/03/26 17:03:06 | 000,000,000 | ---D | M] -- C:\Users\madiel\AppData\Roaming\PC Faster

[color=#E56717]========== Purity Check ==========[/color]



< End of report >

Publicité


Signaler le contenu de ce document

Publicité