OTL logfile created on: 22/09/2015 15:57:05 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\stephan\Downloads\Programs 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17843) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,99 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,22% Memory free 7,98 Gb Paging File | 5,68 Gb Available in Paging File | 71,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,31 Gb Total Space | 11,56 Gb Free Space | 5,92% Space Free | Partition Type: NTFS Drive D: | 931,51 Gb Total Space | 32,37 Gb Free Space | 3,48% Space Free | Partition Type: NTFS Drive E: | 736,10 Gb Total Space | 8,87 Gb Free Space | 1,20% Space Free | Partition Type: NTFS Drive F: | 1671,93 Gb Total Space | 4,46 Gb Free Space | 0,27% Space Free | Partition Type: NTFS Drive H: | 191,08 Gb Total Space | 4,81 Gb Free Space | 2,51% Space Free | Partition Type: NTFS Computer Name: STEPHAN-PC | User Name: stephan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2015/09/22 15:54:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\stephan\Downloads\Programs\OTL.exe PRC - [2015/09/21 13:10:21 | 000,066,816 | ---- | M] (Tweaking.com) -- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe PRC - [2015/09/02 14:10:28 | 001,994,936 | ---- | M] (Comodo) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe PRC - [2015/08/26 11:42:22 | 000,063,968 | ---- | M] (CyberGhost S.R.L) -- C:\Program Files\CyberGhost 5\Service.exe PRC - [2015/01/06 23:48:50 | 001,743,136 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe PRC - [2015/01/06 23:48:45 | 002,425,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe PRC - [2015/01/06 23:48:45 | 000,815,392 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012/07/12 02:15:34 | 000,049,512 | ---- | M] (FSPro Labs) -- C:\Windows\SysWOW64\fsproflt2.exe PRC - [2011/04/25 17:30:48 | 003,298,712 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe PRC - [2010/05/25 16:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009/09/09 17:02:26 | 006,060,032 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe PRC - [2009/08/19 19:12:08 | 001,043,968 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe PRC - [2009/08/19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe PRC - [2009/08/16 21:36:06 | 000,955,392 | ---- | M] (SFX TEAM) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2015/01/06 23:48:55 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll MOD - [2015/01/06 23:48:52 | 000,622,880 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2013/01/15 19:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\madexcept_.bpl MOD - [2013/01/15 19:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\maddisAsm_.bpl MOD - [2013/01/15 19:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\madbasic_.bpl MOD - [2009/08/27 19:41:46 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\pngio.dll MOD - [2009/08/27 19:41:46 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\AsSpindownTimeout.dll MOD - [2009/05/22 14:16:58 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll MOD - [2009/04/22 20:20:00 | 000,179,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\AsusService.dll MOD - [2008/12/10 20:04:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll MOD - [2006/01/10 10:50:20 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2015/09/07 23:06:47 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2015/08/26 11:42:22 | 000,063,968 | ---- | M] (CyberGhost S.R.L) [Auto | Running] -- C:\Program Files\CyberGhost 5\Service.exe -- (CGVPNCliService) SRV:[b]64bit:[/b] - [2015/08/22 03:48:50 | 000,246,784 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2015/08/07 02:06:03 | 002,265,792 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth) SRV:[b]64bit:[/b] - [2015/08/07 02:06:01 | 005,542,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV:[b]64bit:[/b] - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2013/02/08 20:30:42 | 000,359,664 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ) SRV:[b]64bit:[/b] - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2015/09/08 19:32:30 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2015/09/08 12:13:38 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2015/09/02 14:10:28 | 001,994,936 | ---- | M] (Comodo) [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2015/07/31 09:30:35 | 002,909,472 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc) SRV - [2015/01/06 23:48:45 | 000,815,392 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe -- (AdvancedSystemCareService8) SRV - [2014/12/11 11:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014/08/17 11:27:51 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013/05/04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/07/12 02:15:34 | 000,049,512 | ---- | M] (FSPro Labs) [Auto | Running] -- C:\Windows\SysWOW64\fsproflt2.exe -- (fsproflt2) SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009/08/19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2015/09/21 10:41:10 | 000,034,816 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:[b]64bit:[/b] - [2015/09/20 09:49:14 | 000,030,352 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtultrascsibus.sys -- (dtultrascsibus) DRV:[b]64bit:[/b] - [2015/08/22 04:36:54 | 021,640,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2015/08/22 03:45:00 | 000,665,600 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2015/08/19 08:10:12 | 000,104,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2015/08/05 02:31:18 | 000,021,184 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd) DRV:[b]64bit:[/b] - [2015/02/17 11:40:03 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:[b]64bit:[/b] - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2013/10/02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2013/06/02 04:56:58 | 000,031,920 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice) DRV:[b]64bit:[/b] - [2013/05/18 19:31:36 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2013/01/03 10:17:38 | 000,079,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb) DRV:[b]64bit:[/b] - [2013/01/03 10:17:38 | 000,077,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2013/01/03 10:17:38 | 000,061,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2013/01/03 10:17:38 | 000,015,752 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd) DRV:[b]64bit:[/b] - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012/08/29 19:46:14 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1) DRV:[b]64bit:[/b] - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011/06/03 23:59:38 | 000,057,648 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FSPFltd2.sys -- (FSProFilter2) DRV:[b]64bit:[/b] - [2011/03/28 19:46:40 | 000,146,568 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP) DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/08/16 15:31:36 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio) DRV:[b]64bit:[/b] - [2010/08/16 15:31:32 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio) DRV:[b]64bit:[/b] - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:[b]64bit:[/b] - [2010/04/27 04:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm) DRV:[b]64bit:[/b] - [2010/04/27 04:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) DRV:[b]64bit:[/b] - [2010/04/27 04:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV:[b]64bit:[/b] - [2010/01/28 16:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009/07/18 07:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:[b]64bit:[/b] - [2009/07/16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/10 05:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:[b]64bit:[/b] - [2009/06/20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/05/22 16:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV - [2015/07/25 09:59:34 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32) DRV - [2013/04/28 22:25:27 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc) DRV - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-300713147-3753241163-474006113-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com IE - HKU\S-1-5-21-300713147-3753241163-474006113-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 IE - HKU\S-1-5-21-300713147-3753241163-474006113-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp IE - HKU\S-1-5-21-300713147-3753241163-474006113-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-21-300713147-3753241163-474006113-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-300713147-3753241163-474006113-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKU\S-1-5-21-300713147-3753241163-474006113-1001\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo IE - HKU\S-1-5-21-300713147-3753241163-474006113-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-300713147-3753241163-474006113-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "FR" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo" FF - prefs.js..browser.search.region: "FR" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://fr.yahoo.com?fr=fp-comodo" FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5 FF - prefs.js..extensions.enabledAddons: %7B8f8fe09b-0bd3-4470-bc1b-8cad42b8203a%7D:0.17.1-signed FF - prefs.js..extensions.enabledAddons: %7B9c51bd27-6ed8-4000-a2bf-36cb95c0c947%7D:11.0.1.1-signed FF - prefs.js..extensions.enabledAddons: %7B5384767E-00D9-40E9-B72F-9CC39D655D6F%7D:1.5.0.6.1-signed FF - prefs.js..extensions.enabledAddons: linkgopher%40oooninja.com:1.3.3.1-signed FF - prefs.js..extensions.enabledAddons: unplug%40compunach:2.058.1-signed FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.3 FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q=" FF - prefs.js..keyword.url: "http://redirecterror.sfr.fr/?q=" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/04/28 23:32:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ba57eab-93a9-4b0f-90d4-414773f8ef5c}: C:\Program Files (x86)\TextAloud\TAForFirefox [2015/02/06 15:44:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/09/07 22:49:33 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\stephan\AppData\Roaming\IDM\idmmzcc3 [2013/04/28 22:52:17 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/09/07 22:49:33 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\stephan\AppData\Roaming\IDM\idmmzcc3 [2013/04/28 22:52:17 | 000,000,000 | ---D | M] [2013/04/28 21:44:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stephan\AppData\Roaming\mozilla\Extensions [2015/09/21 14:30:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stephan\AppData\Roaming\mozilla\Firefox\Profiles\jymwsjuf.default\extensions [2015/09/03 18:14:54 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\stephan\AppData\Roaming\mozilla\Firefox\Profiles\jymwsjuf.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015/09/03 18:14:49 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\stephan\AppData\Roaming\mozilla\Firefox\Profiles\jymwsjuf.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2015/01/06 23:49:35 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\stephan\AppData\Roaming\mozilla\Firefox\Profiles\jymwsjuf.default\extensions\iobitascsurfingprotection@iobit.com [2015/09/03 18:14:54 | 000,031,010 | ---- | M] () (No name found) -- C:\Users\stephan\AppData\Roaming\mozilla\firefox\profiles\jymwsjuf.default\extensions\linkgopher@oooninja.com.xpi [2015/09/18 22:46:50 | 000,151,534 | ---- | M] () (No name found) -- C:\Users\stephan\AppData\Roaming\mozilla\firefox\profiles\jymwsjuf.default\extensions\unplug@compunach.xpi [2015/09/03 18:14:49 | 000,084,992 | ---- | M] () (No name found) -- C:\Users\stephan\AppData\Roaming\mozilla\firefox\profiles\jymwsjuf.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015/09/18 22:58:27 | 000,627,032 | ---- | M] () (No name found) -- C:\Users\stephan\AppData\Roaming\mozilla\firefox\profiles\jymwsjuf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015/09/18 22:51:01 | 000,963,213 | ---- | M] () (No name found) -- C:\Users\stephan\AppData\Roaming\mozilla\firefox\profiles\jymwsjuf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015/09/07 22:49:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2015/09/07 22:49:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/04/28 23:32:49 | 000,000,000 | ---D | M] (Logitech SetPoint) -- C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT [2012/06/20 18:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [color=#E56717]========== Chrome ==========[/color] CHR - plugin: Error reading preferences file O1 HOSTS File: ([2013/10/26 10:15:18 | 000,000,000 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2:[b]64bit:[/b] - BHO: (no name) - {11111111-1111-1111-1111-110411161172} - No CLSID value found. O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (TextAloud Toolbar) - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files (x86)\TextAloud\TAForIE64.dll (NextUp.com) O3 - HKLM\..\Toolbar: (TextAloud Toolbar) - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files (x86)\TextAloud\TAForIE.dll (NextUp.com) O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO) O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [DFX] C:\Program Files (x86)\DFX\DFX.exe () O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-300713147-3753241163-474006113-1001..\Run: [Advanced SystemCare 8] C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe (IObit) O4 - HKU\S-1-5-21-300713147-3753241163-474006113-1001..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\S-1-5-21-300713147-3753241163-474006113-1001..\Run: [SuperCopier2.exe] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe (SFX TEAM) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-300713147-3753241163-474006113-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8:[b]64bit:[/b] - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 File not found O8:[b]64bit:[/b] - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Télécharger avec IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8:[b]64bit:[/b] - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O9 - Extra Button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe (PokerStars) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9F6E98A-6969-4ED1-9588-87EEAFB6A9F8}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9F6E98A-6969-4ED1-9588-87EEAFB6A9F8}: NameServer = 8.8.8.8,8.8.4.4 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{7ece8b82-b00e-11e2-8b05-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{7ece8b82-b00e-11e2-8b05-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe O33 - MountPoints2\{d705b06f-603a-11e5-a9b4-e0cb4ea1e2a7}\Shell - "" = AutoRun O33 - MountPoints2\{d705b06f-603a-11e5-a9b4-e0cb4ea1e2a7}\Shell\AutoRun\command - "" = G:\setup.exe O33 - MountPoints2\{f4bbd7b6-5f69-11e5-b816-e0cb4ea1e2a7}\Shell - "" = AutoRun O33 - MountPoints2\{f4bbd7b6-5f69-11e5-b816-e0cb4ea1e2a7}\Shell\AutoRun\command - "" = G:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2015/09/22 12:11:52 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2015/09/22 08:41:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPFix [2015/09/22 08:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP [2015/09/21 14:36:11 | 000,000,000 | ---D | C] -- C:\Users\stephan\Desktop\rapports [2015/09/21 14:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData [2015/09/21 14:34:19 | 000,000,000 | ---D | C] -- C:\Users\stephan\AppData\Roaming\ProductData [2015/09/21 14:25:25 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2015/09/21 13:16:18 | 000,000,000 | ---D | C] -- C:\RegBackup [2015/09/21 13:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com [2015/09/21 13:10:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com [2015/09/21 11:37:11 | 000,000,000 | ---D | C] -- C:\Users\stephan\AppData\Roaming\ZHP [2015/09/21 10:41:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2015/09/20 10:49:19 | 000,000,000 | ---D | C] -- C:\Users\stephan\Desktop\TEMP [2015/09/20 10:27:30 | 000,000,000 | ---D | C] -- C:\Users\stephan\AppData\Local\Disc_Soft_Ltd [2015/09/20 10:12:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Daemon Tools Images [2015/09/20 09:49:12 | 000,030,352 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtultrascsibus.sys [2015/09/19 15:35:51 | 000,000,000 | ---D | C] -- C:\Users\stephan\Desktop\mp3 [2015/09/19 15:15:26 | 000,000,000 | ---D | C] -- C:\Users\stephan\Desktop\mp3 sab [2015/09/18 22:59:43 | 000,000,000 | ---D | C] -- C:\Users\stephan\dwhelper [2015/09/08 23:33:53 | 000,000,000 | ---D | C] -- C:\Users\stephan\Desktop\Alison Angel Photos [victor123] [2015/09/08 01:21:35 | 000,000,000 | ---D | C] -- C:\Users\stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium [2015/09/08 01:21:17 | 000,000,000 | ---D | C] -- C:\Users\stephan\AppData\Local\Chromium [2015/09/08 01:04:46 | 000,000,000 | ---D | C] -- C:\Users\stephan\Desktop\favori [2015/09/07 23:06:53 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2015/09/07 23:06:53 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2015/09/07 23:06:50 | 006,026,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2015/09/07 23:06:50 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2015/09/07 23:06:50 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2015/09/07 23:06:50 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2015/09/07 23:06:50 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2015/09/07 23:06:50 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2015/09/07 23:06:50 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2015/09/07 23:06:50 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2015/09/07 23:06:50 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2015/09/07 23:06:50 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2015/09/07 23:06:50 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2015/09/07 23:06:50 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2015/09/07 23:06:50 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2015/09/07 23:06:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2015/09/07 23:06:50 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2015/09/07 23:06:50 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2015/09/07 23:06:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2015/09/07 23:06:50 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2015/09/07 23:06:50 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2015/09/07 23:06:50 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2015/09/07 23:06:50 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2015/09/07 23:06:50 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2015/09/07 23:06:50 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2015/09/07 23:06:50 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2015/09/07 23:06:50 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2015/09/07 23:06:50 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2015/09/07 23:06:50 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2015/09/07 23:06:50 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2015/09/07 23:06:50 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2015/09/07 23:06:50 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2015/09/07 23:06:50 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2015/09/07 23:06:50 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2015/09/07 23:06:50 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2015/09/07 23:06:50 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2015/09/07 23:06:50 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2015/09/07 23:06:50 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2015/09/07 23:06:50 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2015/09/07 23:06:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2015/09/07 23:06:50 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2015/09/07 23:06:50 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2015/09/07 23:06:50 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2015/09/07 23:06:50 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2015/09/07 23:06:50 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2015/09/07 23:06:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2015/09/07 23:06:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2015/09/07 23:06:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2015/09/07 23:06:49 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2015/09/07 23:06:49 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2015/09/07 23:06:49 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2015/09/07 23:06:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2015/09/07 23:06:48 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2015/09/07 23:06:48 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2015/09/07 23:06:48 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2015/09/07 23:06:48 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2015/09/07 23:06:48 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2015/09/07 23:06:48 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2015/09/07 23:06:48 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2015/09/07 23:06:48 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2015/09/07 23:06:48 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2015/09/07 23:06:48 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2015/09/07 23:06:48 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2015/09/07 23:06:48 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2015/09/07 23:06:48 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2015/09/07 23:06:48 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2015/09/07 23:06:48 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2015/09/07 23:06:48 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2015/09/07 23:06:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2015/09/07 23:06:47 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2015/09/07 23:06:47 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2015/09/07 23:06:47 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2015/09/07 23:06:47 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2015/09/07 23:06:47 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2015/09/07 23:06:47 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2015/09/07 23:06:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2015/09/07 23:06:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2015/09/07 23:06:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2015/09/07 23:06:46 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2015/09/07 23:06:46 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2015/09/07 23:04:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2015/09/07 23:04:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2015/09/07 23:04:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2015/09/07 23:04:31 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2015/09/07 23:04:31 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2015/09/07 23:04:31 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2015/09/07 23:04:31 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2015/09/07 23:04:31 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2015/09/07 23:04:31 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2015/09/07 23:04:31 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2015/09/07 23:04:31 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2015/09/07 23:04:31 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2015/09/07 23:04:31 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2015/09/07 23:04:31 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2015/09/07 23:04:31 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2015/09/07 23:04:31 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2015/09/07 23:04:31 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2015/09/07 23:04:31 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2015/09/07 23:04:31 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2015/09/07 23:04:31 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2015/09/07 23:04:31 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2015/09/07 23:04:31 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2015/09/07 23:04:31 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2015/09/07 23:04:31 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2015/09/07 23:04:31 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2015/09/07 23:04:31 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2015/09/07 23:04:31 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2015/09/07 23:04:31 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2015/09/07 23:04:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2015/09/07 23:04:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2015/09/07 23:04:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2015/09/07 23:04:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2015/09/07 23:04:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2015/09/07 23:04:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2015/09/07 23:04:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2015/09/07 23:04:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2015/09/07 23:04:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2015/09/07 23:04:31 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2015/09/07 23:04:31 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2015/09/07 22:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2015/09/07 20:21:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2015/09/07 20:20:31 | 000,000,000 | ---D | C] -- C:\Users\stephan\AppData\Local\Google [2015/09/06 14:37:30 | 000,000,000 | ---D | C] -- C:\Users\stephan\Desktop\Nouveau dossier (2) [2015/09/06 11:26:23 | 000,000,000 | ---D | C] -- C:\Users\stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc [2015/09/06 11:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc [2015/09/06 11:25:55 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys [2015/09/06 11:25:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc [2015/09/06 00:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2015/09/06 00:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved [2015/09/06 00:33:01 | 000,000,000 | ---D | C] -- C:\Users\stephan\AppData\Roaming\library_dir [2015/09/06 00:32:11 | 000,000,000 | ---D | C] -- C:\Users\stephan\AppData\Roaming\Raptr [2015/09/06 00:32:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr [2015/09/06 00:32:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2015/09/06 00:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [2015/09/06 00:26:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD [2015/09/06 00:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2015/09/06 00:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2015/09/06 00:17:48 | 000,000,000 | ---D | C] -- C:\AMD [2015/09/05 23:28:50 | 000,000,000 | ---D | C] -- C:\Users\stephan\Desktop\ati [2015/09/05 16:28:42 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2015/09/05 16:28:42 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2015/09/05 16:28:42 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2015/09/05 16:28:16 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2015/09/05 16:28:16 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2015/09/05 16:28:16 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2015/09/05 16:28:16 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2015/09/05 16:28:16 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2015/09/05 16:28:16 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2015/09/05 16:27:42 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2015/09/05 16:27:42 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2015/09/05 16:27:42 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2015/09/05 16:27:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2015/09/02 14:10:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo [2015/08/27 14:16:13 | 000,000,000 | ---D | C] -- C:\Users\stephan\Desktop\Sans titre [2014/02/02 16:53:02 | 000,226,368 | -H-- | C] (eBkvCxJ) -- C:\Users\stephan\AppData\Roaming\adobeUi.exe [1 C:\Users\stephan\AppData\Local\*.tmp files -> C:\Users\stephan\AppData\Local\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2015/09/22 15:55:49 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2015/09/22 15:55:49 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2015/09/22 15:50:47 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2015/09/22 15:50:47 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2015/09/22 15:50:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015/09/22 14:14:19 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2015/09/22 14:14:15 | 000,000,268 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2015/09/22 14:13:58 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys [2015/09/22 09:16:59 | 000,000,824 | ---- | M] () -- C:\Users\stephan\Desktop\ZHPDiag.lnk [2015/09/22 09:16:17 | 001,936,896 | ---- | M] () -- C:\Users\stephan\ZHPDiag3.exe [2015/09/22 08:41:42 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2015/09/21 13:16:24 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-STEPHAN-PC-Windows-7-Ultimate-(64-bit).dat [2015/09/21 13:10:35 | 000,002,159 | ---- | M] () -- C:\Users\stephan\Desktop\Tweaking.com - Windows Repair.lnk [2015/09/21 10:41:10 | 000,034,816 | ---- | M] (Elaborate Bytes AG) -- C:\Windows\SysNative\drivers\VClone.sys [2015/09/21 10:39:51 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 8.lnk [2015/09/21 10:09:59 | 000,069,100 | ---- | M] () -- C:\Users\stephan\Documents\21 sept 15.reg [2015/09/20 11:31:59 | 001,819,158 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2015/09/20 11:31:59 | 000,833,476 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2015/09/20 11:31:59 | 000,654,270 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2015/09/20 11:31:59 | 000,211,572 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2015/09/20 11:31:59 | 000,122,142 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2015/09/20 10:31:02 | 000,075,714 | ---- | M] () -- C:\Users\stephan\Documents\sauvegarde reg mpc sept 2015.reg [2015/09/20 09:49:14 | 000,030,352 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtultrascsibus.sys [2015/09/20 00:46:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job [2015/09/11 11:58:02 | 000,000,660 | ---- | M] () -- C:\Users\stephan\Desktop\foto - Raccourci.lnk [2015/09/11 09:45:11 | 000,218,200 | ---- | M] () -- C:\Windows\SysWow64\unrar.dll [2015/09/08 19:32:29 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2015/09/08 19:32:29 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2015/09/08 01:21:35 | 000,002,279 | ---- | M] () -- C:\Users\stephan\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk [2015/09/08 01:21:35 | 000,002,277 | ---- | M] () -- C:\Users\stephan\Desktop\Chromium.lnk [2015/09/07 23:19:54 | 000,002,277 | ---- | M] () -- C:\Users\stephan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2015/09/07 23:12:23 | 000,028,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE [2015/09/07 23:06:53 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2015/09/07 23:06:53 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2015/09/07 23:06:50 | 006,026,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2015/09/07 23:06:50 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2015/09/07 23:06:50 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2015/09/07 23:06:50 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2015/09/07 23:06:50 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2015/09/07 23:06:50 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2015/09/07 23:06:50 | 000,664,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2015/09/07 23:06:50 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2015/09/07 23:06:50 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2015/09/07 23:06:50 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2015/09/07 23:06:50 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2015/09/07 23:06:50 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2015/09/07 23:06:50 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2015/09/07 23:06:50 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2015/09/07 23:06:50 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2015/09/07 23:06:50 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2015/09/07 23:06:50 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2015/09/07 23:06:50 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2015/09/07 23:06:50 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2015/09/07 23:06:50 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2015/09/07 23:06:50 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2015/09/07 23:06:50 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2015/09/07 23:06:50 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2015/09/07 23:06:50 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2015/09/07 23:06:50 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2015/09/07 23:06:50 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2015/09/07 23:06:50 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2015/09/07 23:06:50 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2015/09/07 23:06:50 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2015/09/07 23:06:50 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2015/09/07 23:06:50 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2015/09/07 23:06:50 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2015/09/07 23:06:50 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2015/09/07 23:06:50 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2015/09/07 23:06:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2015/09/07 23:06:50 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2015/09/07 23:06:50 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2015/09/07 23:06:50 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2015/09/07 23:06:50 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2015/09/07 23:06:50 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2015/09/07 23:06:50 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2015/09/07 23:06:50 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2015/09/07 23:06:50 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2015/09/07 23:06:50 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2015/09/07 23:06:50 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2015/09/07 23:06:50 | 000,016,303 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2015/09/07 23:06:50 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2015/09/07 23:06:50 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2015/09/07 23:06:49 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2015/09/07 23:06:49 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2015/09/07 23:06:49 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2015/09/07 23:06:49 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2015/09/07 23:06:48 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2015/09/07 23:06:48 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2015/09/07 23:06:48 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2015/09/07 23:06:48 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2015/09/07 23:06:48 | 000,720,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2015/09/07 23:06:48 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2015/09/07 23:06:48 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2015/09/07 23:06:48 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2015/09/07 23:06:48 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2015/09/07 23:06:48 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2015/09/07 23:06:48 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2015/09/07 23:06:48 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2015/09/07 23:06:48 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2015/09/07 23:06:48 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2015/09/07 23:06:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2015/09/07 23:06:48 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2015/09/07 23:06:48 | 000,016,303 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2015/09/07 23:06:47 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2015/09/07 23:06:47 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2015/09/07 23:06:47 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2015/09/07 23:06:47 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2015/09/07 23:06:47 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2015/09/07 23:06:47 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2015/09/07 23:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2015/09/07 23:06:47 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2015/09/07 23:06:47 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2015/09/07 23:06:47 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2015/09/07 23:06:46 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2015/09/07 23:04:32 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2015/09/07 23:04:32 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2015/09/07 23:04:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2015/09/07 23:04:31 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2015/09/07 23:04:31 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2015/09/07 23:04:31 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2015/09/07 23:04:31 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2015/09/07 23:04:31 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2015/09/07 23:04:31 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2015/09/07 23:04:31 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2015/09/07 23:04:31 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2015/09/07 23:04:31 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2015/09/07 23:04:31 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2015/09/07 23:04:31 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2015/09/07 23:04:31 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2015/09/07 23:04:31 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2015/09/07 23:04:31 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2015/09/07 23:04:31 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2015/09/07 23:04:31 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2015/09/07 23:04:31 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2015/09/07 23:04:31 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2015/09/07 23:04:31 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2015/09/07 23:04:31 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2015/09/07 23:04:31 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2015/09/07 23:04:31 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2015/09/07 23:04:31 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2015/09/07 23:04:31 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2015/09/07 23:04:31 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2015/09/07 23:04:31 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2015/09/07 23:04:31 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2015/09/07 23:04:31 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2015/09/07 23:04:31 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2015/09/07 23:04:31 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2015/09/07 23:04:31 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2015/09/07 23:04:31 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2015/09/07 23:04:31 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2015/09/07 23:04:31 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2015/09/07 23:04:31 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2015/09/07 23:04:31 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2015/09/07 20:05:38 | 000,061,600 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat [2015/09/07 19:37:15 | 000,002,289 | ---- | M] () -- C:\Users\stephan\Desktop\Amatrice - Tube Dessert - Vidéo Porno.lnk [2015/09/06 11:26:23 | 000,000,953 | ---- | M] () -- C:\Users\stephan\Desktop\MagicDisc.lnk [2015/09/05 20:22:48 | 4046,815,232 | ---- | M] () -- C:\Users\stephan\Desktop\AC_1.0.3_RC.iso [2015/09/03 18:17:33 | 000,017,018 | ---- | M] () -- C:\Users\stephan\Documents\cc_20150903_181731.reg [2015/09/03 18:17:11 | 000,017,018 | ---- | M] () -- C:\Users\stephan\Documents\cc_20150903_181708.reg [2015/09/03 18:16:52 | 000,017,018 | ---- | M] () -- C:\Users\stephan\Documents\cc_20150903_181646.reg [2015/09/03 15:31:47 | 000,016,202 | ---- | M] () -- C:\Users\stephan\Documents\cc_20150903_153138.reg [2015/08/31 13:38:10 | 000,002,651 | ---- | M] () -- C:\Users\stephan\Desktop\µTorrent.lnk [2015/08/29 08:24:33 | 000,053,272 | ---- | M] () -- C:\Users\stephan\Documents\cmu_2015_2016.pdf [2015/08/27 10:33:27 | 000,001,072 | ---- | M] () -- C:\Users\stephan\Desktop\pCARS64.exe - Raccourci.lnk [2015/08/26 09:36:34 | 000,000,696 | ---- | M] () -- C:\Users\stephan\Desktop\RWR.exe - Raccourci.lnk [1 C:\Users\stephan\AppData\Local\*.tmp files -> C:\Users\stephan\AppData\Local\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2015/09/22 08:41:42 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2015/09/21 13:16:24 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-STEPHAN-PC-Windows-7-Ultimate-(64-bit).dat [2015/09/21 13:10:35 | 000,002,159 | ---- | C] () -- C:\Users\stephan\Desktop\Tweaking.com - Windows Repair.lnk [2015/09/21 11:37:51 | 001,936,896 | ---- | C] () -- C:\Users\stephan\ZHPDiag3.exe [2015/09/21 11:37:12 | 000,000,824 | ---- | C] () -- C:\Users\stephan\Desktop\ZHPDiag.lnk [2015/09/21 10:09:57 | 000,069,100 | ---- | C] () -- C:\Users\stephan\Documents\21 sept 15.reg [2015/09/08 19:32:41 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job [2015/09/08 01:21:35 | 000,002,279 | ---- | C] () -- C:\Users\stephan\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk [2015/09/08 01:21:35 | 000,002,277 | ---- | C] () -- C:\Users\stephan\Desktop\Chromium.lnk [2015/09/07 23:19:55 | 000,001,429 | ---- | C] () -- C:\Users\stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2015/09/07 23:06:50 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2015/09/07 23:06:48 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2015/09/07 20:21:49 | 000,002,277 | ---- | C] () -- C:\Users\stephan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2015/09/07 20:20:54 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2015/09/07 20:20:52 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2015/09/06 11:26:23 | 000,000,953 | ---- | C] () -- C:\Users\stephan\Desktop\MagicDisc.lnk [2015/09/06 11:03:57 | 4046,815,232 | ---- | C] () -- C:\Users\stephan\Desktop\AC_1.0.3_RC.iso [2015/09/03 18:17:32 | 000,017,018 | ---- | C] () -- C:\Users\stephan\Documents\cc_20150903_181731.reg [2015/09/03 18:17:09 | 000,017,018 | ---- | C] () -- C:\Users\stephan\Documents\cc_20150903_181708.reg [2015/09/03 18:16:49 | 000,017,018 | ---- | C] () -- C:\Users\stephan\Documents\cc_20150903_181646.reg [2015/09/03 15:31:44 | 000,016,202 | ---- | C] () -- C:\Users\stephan\Documents\cc_20150903_153138.reg [2015/08/26 09:36:36 | 000,000,696 | ---- | C] () -- C:\Users\stephan\Desktop\RWR.exe - Raccourci.lnk [2015/08/22 04:32:54 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2015/08/22 04:32:54 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2015/08/22 03:54:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2015/08/22 03:54:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2015/08/22 03:49:02 | 000,143,872 | ---- | C] () -- C:\Windows\SysWow64\atieah32.exe [2015/08/22 03:49:00 | 000,189,952 | ---- | C] () -- C:\Windows\SysWow64\amdgfxinfo32.dll [2015/08/22 03:42:38 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\hsa-thunk.dll [2015/02/17 11:22:43 | 000,000,200 | ---- | C] () -- C:\Users\stephan\SecurityKISSTunnel.config [2014/10/30 23:54:16 | 000,000,026 | ---- | C] () -- C:\Windows\NeoSetup.INI [2014/10/25 19:36:23 | 000,196,608 | ---- | C] () -- C:\Windows\SysWow64\lame_dshow.dll [2014/10/25 19:36:23 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\WBCustomizer.dll [2014/02/18 20:13:40 | 000,155,648 | ---- | C] () -- C:\Users\stephan\AppData\Roaming\Kardinal S..exe [2014/02/17 10:21:16 | 001,643,788 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013/12/31 01:58:05 | 000,000,005 | ---- | C] () -- C:\Users\stephan\AppData\Roaming\WBPU-Q5-TTL.DAT [2013/12/18 11:38:18 | 000,000,343 | ---- | C] () -- C:\Windows\SStylerProDemo.INI [2013/10/16 00:58:10 | 000,361,117 | ---- | C] () -- C:\Users\stephan\AppData\Local\newhb2.crx [2013/10/14 09:58:02 | 000,000,005 | ---- | C] () -- C:\Users\stephan\AppData\Roaming\WBPU-TTL.DAT [2013/10/05 09:58:02 | 000,000,040 | ---- | C] () -- C:\Users\stephan\AppData\Roaming\WB.CFG [2013/06/15 11:01:33 | 000,000,032 | ---- | C] () -- C:\Users\stephan\AppData\Roaming\Win [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014/08/17 11:42:11 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014/08/17 11:42:11 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.dll >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< %PROGRAMFILES%\*. >[/color] [2013/04/28 22:25:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ACD Systems [2013/04/28 22:01:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe [2015/09/06 00:26:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD [2014/12/19 19:58:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apowersoft [2013/04/28 18:33:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASUS [2013/09/23 18:07:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVS4YOU [2013/05/18 19:48:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BRS [2015/06/21 15:39:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BSD Concept [2014/09/06 11:23:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Calibre2 [2014/10/25 10:50:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Codemasters [2015/09/06 00:32:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files [2015/09/02 14:10:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Comodo [2013/09/18 00:17:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Corel [2013/05/18 17:42:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CrystalDiskInfo [2014/05/11 19:35:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CuteDJ [2014/01/31 11:16:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DeskSoft [2014/09/26 21:31:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DFX [2013/05/18 19:56:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DiRT Showdown [2014/05/11 19:28:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DsNET Corp [2013/09/22 18:37:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DVDVideoSoft [2014/01/31 11:18:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EarthView [2015/09/21 10:41:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Elaborate Bytes [2014/10/25 19:35:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Emme [2014/12/19 20:50:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ExKode [2013/07/17 17:18:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FinalWire [2015/09/07 20:21:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google [2013/10/05 00:58:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GPLGS [2013/07/30 00:31:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Guitar Pro 6 [2014/09/23 12:21:48 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information [2013/04/28 18:20:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel [2013/04/28 22:53:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Download Manager [2015/09/07 23:13:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer [2015/09/22 14:09:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IObit [2014/09/11 09:49:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java [2014/12/24 10:16:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\KRyLack Software [2015/01/08 10:45:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Le Robert [2015/09/06 11:26:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MagicDisc [2013/08/24 14:45:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/08/24 15:22:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MarkAny [2014/09/15 16:26:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Medieval Software [2013/04/28 22:10:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft [2013/09/10 19:01:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Analysis Services [2014/09/24 12:27:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games [2013/09/10 19:00:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office [2015/08/11 17:21:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Security Client [2015/08/11 17:21:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight [2013/09/10 19:02:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2013/09/10 19:05:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET [2013/06/08 17:54:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MiniTool Partition Wizard Professional Edition 5.2 [2015/06/10 07:06:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MonProduit [2015/09/07 22:49:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox [2015/09/09 08:47:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013/05/11 14:58:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mp3DirectCut [2013/09/10 19:05:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild [2015/02/12 18:32:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache [2013/08/25 03:26:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0 [2015/06/10 07:12:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NirSoft [2013/04/28 21:52:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Objectif Tarot [2013/05/18 19:48:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenAL [2014/07/20 19:45:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenVPN [2015/03/08 19:32:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars.FR [2013/07/30 10:47:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Power Tab Software [2015/09/06 00:33:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Raptr [2013/12/30 12:15:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\readon tv movie radio player [2013/04/28 18:29:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek [2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies [2015/05/20 15:25:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Rockstar Games [2013/08/24 15:24:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Samsung [2014/11/03 18:55:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\scrabbleproB1.1 [2013/04/28 21:31:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SFR [2015/01/09 13:07:53 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype [2013/07/08 11:14:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Skyrim [2013/10/04 12:26:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Solveig Multimedia [2015/08/29 20:08:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SpeedFan [2013/07/02 01:44:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam [2013/04/28 22:02:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SuperCopier2 [2015/02/06 15:45:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TextAloud [2013/07/08 11:13:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\The Elder Scrolls V Skyrim [2015/09/21 13:10:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Tweaking.com [2009/07/14 06:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information [2013/04/28 18:24:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VIA [2014/03/26 17:29:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VirtualDJ [2013/10/05 01:22:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VPSS [2014/07/20 19:23:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VS Revo Group [2014/09/18 23:27:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Winamp [2014/06/29 14:56:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Winamp Detect [2013/07/11 03:28:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender [2013/04/28 22:10:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live [2013/04/28 22:09:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive [2013/04/29 09:25:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail [2015/08/26 09:15:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player [2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT [2013/04/29 09:25:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer [2013/04/29 09:25:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices [2013/04/29 09:25:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar [2015/09/22 12:09:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ZHPFix [color=#A23BEC]< %PROGRAMFILES% >[/color] Invalid Environment Variable: PROGRAMDATA(x86) [color=#A23BEC]< %APPDATA%\*. >[/color] [2013/11/05 16:23:18 | 000,000,000 | RHSD | M] -- C:\Users\stephan\AppData\Roaming\-871739620 [2013/04/28 22:26:29 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\ACD Systems [2013/05/08 20:29:24 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Adobe [2014/03/19 10:54:14 | 000,000,000 | -HSD | M] -- C:\Users\stephan\AppData\Roaming\AdobeNet [2014/12/19 19:58:02 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Apowersoft [2013/10/18 10:19:01 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Apple Computer [2014/03/30 15:47:23 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Ashampoo [2013/09/23 18:07:54 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\AVS4YOU [2015/06/21 15:40:56 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\BSD Concept [2014/09/06 11:26:40 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\calibre [2013/09/18 00:23:53 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Corel [2015/06/10 07:06:10 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\CVitae [2014/02/02 16:53:25 | 000,000,000 | -H-D | M] -- C:\Users\stephan\AppData\Roaming\DataWork [2014/01/31 11:16:02 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\DeskSoft [2015/09/22 14:12:59 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\DMCache [2015/02/20 00:06:53 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\dvdcss [2013/09/22 18:36:41 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\DVDVideoSoft [2013/07/30 01:44:25 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Guitar Pro 6 [2013/04/28 16:25:34 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Identities [2015/09/19 09:21:02 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\IDM [2015/09/21 14:02:10 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\IObit [2013/09/23 11:37:43 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Java [2013/04/28 23:34:09 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Leadertech [2015/09/06 00:33:01 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\library_dir [2015/08/20 10:46:43 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Logishrd [2013/04/28 23:34:14 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Logitech [2013/04/28 21:34:27 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Macromedia [2013/05/12 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Malwarebytes [2009/07/14 17:35:02 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Media Center Programs [2014/09/24 19:32:34 | 000,000,000 | --SD | M] -- C:\Users\stephan\AppData\Roaming\Microsoft [2014/07/29 18:55:29 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\ML [2013/04/28 21:44:47 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Mozilla [2013/05/11 14:59:38 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\mp3DirectCut [2015/09/21 14:34:19 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\ProductData [2014/04/28 11:55:09 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\PROMT [2015/09/06 00:34:43 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Raptr [2013/08/24 15:23:05 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Samsung [2015/02/17 17:46:31 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Skype [2013/10/04 12:27:33 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Solveig Multimedia [2013/09/18 00:23:07 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Ulead Systems [2015/09/22 16:26:10 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\vlc [2015/09/21 13:46:57 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\VPNTunnel [2015/09/21 13:18:00 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\Winamp [2013/05/11 01:38:47 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\WinRAR [2014/03/19 10:54:14 | 000,000,000 | -HSD | M] -- C:\Users\stephan\AppData\Roaming\Winupdate [2013/07/19 10:56:31 | 000,000,000 | -HSD | M] -- C:\Users\stephan\AppData\Roaming\wyUpdate AU [2015/02/20 19:55:48 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\XnViewMP [2015/09/22 12:11:53 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Roaming\ZHP [color=#A23BEC]< %LocalAppData%\*. >[/color] [2015/09/08 19:00:53 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\ACD Systems [2015/05/19 22:06:16 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Adobe [2013/04/28 16:25:12 | 000,000,000 | -HSD | M] -- C:\Users\stephan\AppData\Local\Application Data [2014/07/20 19:35:01 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Apps [2013/04/28 18:10:47 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\ATI [2014/09/06 11:24:31 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\calibre-cache [2015/09/08 01:21:42 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Chromium [2014/03/19 02:21:59 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Comodo [2013/09/18 00:23:01 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Corel PaintShop Pro [2015/09/21 10:10:08 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\CrashDumps [2015/08/26 11:45:31 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\CyberGhost [2015/09/03 17:07:22 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Deployment [2014/04/23 10:06:32 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\DFX [2015/09/13 02:11:14 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Diagnostics [2015/09/20 10:27:30 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Disc_Soft_Ltd [2013/08/24 15:19:46 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Downloaded Installations [2014/12/19 20:57:04 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Dxtory Software [2013/07/18 16:31:38 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Easy CD-DA Extractor [2013/05/18 19:52:41 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\FLT [2015/09/08 01:15:54 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Google [2013/04/28 16:25:12 | 000,000,000 | -HSD | M] -- C:\Users\stephan\AppData\Local\Historique [2013/10/18 10:37:26 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Le_Petit_Robert [2013/04/29 15:59:27 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Macromedia [2015/09/18 23:27:37 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Microsoft [2013/09/11 16:18:26 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Microsoft Help [2013/10/27 23:21:11 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Mozilla [2015/02/06 15:45:11 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\NextUp [2013/05/12 20:57:11 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Programs [2015/05/20 15:33:47 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Rockstar Games [2014/02/28 17:13:34 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Skype [2013/07/08 11:20:53 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Skyrim [2015/09/22 16:29:26 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Temp [2013/04/28 16:25:12 | 000,000,000 | -HSD | M] -- C:\Users\stephan\AppData\Local\Temporary Internet Files [2013/10/28 01:50:44 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\VirtualStore [2015/09/21 13:46:56 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\vpntunnel [2015/08/11 16:37:54 | 000,000,000 | ---D | M] -- C:\Users\stephan\AppData\Local\Windows Live [color=#A23BEC]< %systemroot%\Tasks\*. >[/color] [2015/01/06 23:45:07 | 000,000,000 | ---D | M] -- C:\Windows\Tasks\ImCleanDisabled [2013/11/05 11:11:00 | 000,000,000 | ---D | M] -- C:\Windows\Tasks\TaskDisabled [color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color] [2009/07/14 05:20:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\Microsoft [color=#A23BEC]< %windir%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\syswow64\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\syswow64\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.TULTN4GP226F4YUWJNYVKPII5E\InstallInfo\\ReinstallCommand: "C:\Users\stephan\AppData\Local\Chromium\Application\chrome.exe" --make-default-browser [2015/09/08 01:21:27 | 000,702,464 | ---- | M] (The Chromium Authors) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.TULTN4GP226F4YUWJNYVKPII5E\InstallInfo\\HideIconsCommand: "C:\Users\stephan\AppData\Local\Chromium\Application\chrome.exe" --hide-icons [2015/09/08 01:21:27 | 000,702,464 | ---- | M] (The Chromium Authors) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.TULTN4GP226F4YUWJNYVKPII5E\InstallInfo\\ShowIconsCommand: "C:\Users\stephan\AppData\Local\Chromium\Application\chrome.exe" --show-icons [2015/09/08 01:21:27 | 000,702,464 | ---- | M] (The Chromium Authors) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.TULTN4GP226F4YUWJNYVKPII5E\shell\open\command\\: "C:\Users\stephan\AppData\Local\Chromium\Application\chrome.exe" [2015/09/08 01:21:27 | 000,702,464 | ---- | M] (The Chromium Authors) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Dragon\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --make-default-browser [2015/09/02 14:10:29 | 000,685,752 | ---- | M] (Comodo) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Dragon\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --hide-icons [2015/09/02 14:10:29 | 000,685,752 | ---- | M] (Comodo) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Dragon\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --show-icons [2015/09/02 14:10:29 | 000,685,752 | ---- | M] (Comodo) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Dragon\shell\open\command\\: "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" [2015/09/02 14:10:29 | 000,685,752 | ---- | M] (Comodo) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2015/09/07 22:49:36 | 000,896,992 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2015/09/07 22:49:36 | 000,896,992 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2015/09/07 22:49:36 | 000,896,992 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [2015/09/07 22:49:39 | 000,377,000 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2015/09/07 22:49:39 | 000,377,000 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2015/09/07 22:49:39 | 000,377,000 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2015/09/22 08:42:03 | 000,815,944 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2015/09/22 08:42:03 | 000,815,944 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2015/09/22 08:42:03 | 000,815,944 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2015/09/22 08:42:03 | 000,815,944 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2015/09/07 23:06:50 | 000,814,288 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2015/09/07 23:06:50 | 000,814,288 | ---- | M] (Microsoft Corporation) [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color] 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.TULTN4GP226F4YUWJNYVKPII5E\InstallInfo\\ReinstallCommand: "C:\USERS\STEPHAN\APPDATA\LOCAL\CHROMIUM\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2015/09/08 01:21:27 | 000,702,464 | ---- | M] (The Chromium Authors) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.TULTN4GP226F4YUWJNYVKPII5E\InstallInfo\\HideIconsCommand: "C:\USERS\STEPHAN\APPDATA\LOCAL\CHROMIUM\APPLICATION\CHROME.EXE" --HIDE-ICONS [2015/09/08 01:21:27 | 000,702,464 | ---- | M] (The Chromium Authors) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.TULTN4GP226F4YUWJNYVKPII5E\InstallInfo\\ShowIconsCommand: "C:\USERS\STEPHAN\APPDATA\LOCAL\CHROMIUM\APPLICATION\CHROME.EXE" --SHOW-ICONS [2015/09/08 01:21:27 | 000,702,464 | ---- | M] (The Chromium Authors) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.TULTN4GP226F4YUWJNYVKPII5E\shell\open\command\\: "C:\USERS\STEPHAN\APPDATA\LOCAL\CHROMIUM\APPLICATION\CHROME.EXE" [2015/09/08 01:21:27 | 000,702,464 | ---- | M] (The Chromium Authors) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Dragon\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\COMODO\DRAGON\DRAGON.EXE" --MAKE-DEFAULT-BROWSER [2015/09/02 14:10:29 | 000,685,752 | ---- | M] (Comodo) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Dragon\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\COMODO\DRAGON\DRAGON.EXE" --HIDE-ICONS [2015/09/02 14:10:29 | 000,685,752 | ---- | M] (Comodo) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Dragon\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\COMODO\DRAGON\DRAGON.EXE" --SHOW-ICONS [2015/09/02 14:10:29 | 000,685,752 | ---- | M] (Comodo) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Dragon\shell\open\command\\: "C:\PROGRAM FILES (X86)\COMODO\DRAGON\DRAGON.EXE" [2015/09/02 14:10:29 | 000,685,752 | ---- | M] (Comodo) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2015/09/07 22:49:36 | 000,896,992 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2015/09/07 22:49:36 | 000,896,992 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2015/09/07 22:49:36 | 000,896,992 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" [2015/09/07 22:49:39 | 000,377,000 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2015/09/07 22:49:39 | 000,377,000 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2015/09/07 22:49:39 | 000,377,000 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2015/09/22 08:42:03 | 000,815,944 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2015/09/22 08:42:03 | 000,815,944 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2015/09/22 08:42:03 | 000,815,944 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2015/09/22 08:42:03 | 000,815,944 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2015/09/07 23:06:48 | 000,720,384 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2015/09/07 23:06:48 | 000,720,384 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2015/09/07 23:06:48 | 000,720,384 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2015/09/07 23:06:50 | 000,814,288 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2015/09/07 23:06:50 | 000,814,288 | ---- | M] (Microsoft Corporation) [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\unrar.dll:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\FlashPlayerInstaller.exe:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\DxtoryCodec.dll:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ApowersoftVideoMixerFilter.dll:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ApowersoftScreenCapturingFilter.dll:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ApowersoftScreenCapturing.dll:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Windows\system32\unrar.dll:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Windows\system32\DxtoryCodec.dll:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Windows\system32\ApowersoftVideoMixerFilter.dll:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Windows\system32\ApowersoftScreenCapturingFilter.dll:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Windows\system32\ApowersoftScreenCapturing.dll:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Users\stephan\ZHPDiag3.exe:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Users\stephan\AppData\Local\nsyA1E3.tmp:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Users\stephan\AppData\Local\Chromium\Application\chrome.exe:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe:$CmdTcID @Alternate Data Stream - 64 bytes -> C:\Program Files (x86)\Comodo\Dragon\dragon.exe:$CmdTcID < End of report >