cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 25/09/2013 12:46:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Elisa\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16688)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,60 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 58,52% Memory free
7,10 Gb Paging File | 5,04 Gb Available in Paging File | 71,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583,84 Gb Total Space | 534,28 Gb Free Space | 91,51% Space Free | Partition Type: NTFS

Computer Name: TUC-TUC | User Name: Elisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\Elisa\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (WildTangent)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)


[color=#E56717]========== Modules (No Company Name) ==========[/color]


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:[b]64bit:[/b] - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\Teco\TecoService.exe (TOSHIBA Corporation)
SRV:[b]64bit:[/b] - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:[b]64bit:[/b] - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV:[b]64bit:[/b] - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV:[b]64bit:[/b] - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (GamesAppIntegrationService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (WildTangent)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ogmservice) -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (TemproMonitoringService) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (GFNEXSrv) -- C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe ()
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - (avipbb) -- C:\Windows\SysNative\Drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:[b]64bit:[/b] - (avgntflt) -- C:\Windows\SysNative\Drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:[b]64bit:[/b] - (avnetflt) -- C:\Windows\SysNative\Drivers\avnetflt.sys (Avira Operations GmbH & Co. KG)
DRV:[b]64bit:[/b] - (ssudserd) -- C:\Windows\SysNative\Drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (ssudmdm) -- C:\Windows\SysNative\Drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (dg_ssudbus) -- C:\Windows\SysNative\Drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (avkmgr) -- C:\Windows\SysNative\Drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:[b]64bit:[/b] - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:[b]64bit:[/b] - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:[b]64bit:[/b] - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:[b]64bit:[/b] - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (RTWlanE) -- C:\Windows\SysNative\Drivers\rtwlane.sys (Realtek Semiconductor Corporation )
DRV:[b]64bit:[/b] - (RTL8192Ce) -- C:\Windows\SysNative\Drivers\rtwlane.sys (Realtek Semiconductor Corporation )
DRV:[b]64bit:[/b] - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (Thotkey) -- C:\Windows\SysNative\Drivers\Thotkey.sys (Windows (R) Win 7 DDK provider)
DRV:[b]64bit:[/b] - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:[b]64bit:[/b] - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TVALZ) -- C:\Windows\SysNative\Drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (tdcmdpst) -- C:\Windows\SysNative\Drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:[b]64bit:[/b] - (TVALZFL) -- C:\Windows\SysNative\Drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (tos_sps64) -- C:\Windows\SysNative\Drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\Drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV - (PEGAGFN) -- C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys (PEGATRON)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6196A39F-05C8-48E8-88C8-C940EBC22B80}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6196A39F-05C8-48E8-88C8-C940EBC22B80}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://kogoa.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGNI_frFR548
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lrcsmonkey@lrcsmonkey.net: C:\Program Files (x86)\Lyrics_Monkey\126.xpi

[2013/08/15 08:43:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Elisa\AppData\Roaming\mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions
[2013/07/26 22:31:20 | 000,713,729 | ---- | M] () (No name found) -- C:\Users\Elisa\AppData\Roaming\mozilla\firefox\profiles\{DefaultProfilesFolder}\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
[2013/08/10 22:03:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2012/07/26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SRS Premium Sound HD] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Intel AppUp(R) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TPUReg] C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe (Pegatron Corporation)
O4 - HKLM..\RunOnce: [RAInstaller C:\Users\Elisa\zylom\Nightmares from the Deep - The Cursed Heart Premium Edition] cmd.exe /c "rmdir /S /Q "C:\Users\Elisa\zylom\Nightmares from the Deep - The Cursed Heart Premium Edition"" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E29427F-1120-4AC5-B6CF-D51256789249}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A50C25A4-B12F-4DC5-A63F-CAC9EDD3FE09}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\bitguard\261673~1.238\{c16c1~1\bitguard.dll) - File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/09/25 12:43:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Elisa\Desktop\OTL.exe
[2013/09/24 03:56:18 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/24 03:45:16 | 000,078,296 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/09/24 03:45:15 | 000,694,232 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/09/23 20:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2013/09/23 20:33:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2013/09/23 20:33:51 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\{userappdata}
[2013/09/23 20:21:52 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\ZHP
[2013/09/22 20:46:44 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\GestaltGames
[2013/09/22 20:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\GestaltGames
[2013/09/22 16:47:14 | 000,000,000 | ---D | C] -- C:\Zylom Games
[2013/09/22 16:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealArcade
[2013/09/22 09:36:14 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Local\ElevatedDiagnostics
[2013/09/21 21:31:00 | 000,000,000 | ---D | C] -- C:\Users\Elisa\Documents\s
[2013/09/21 21:31:00 | 000,000,000 | ---D | C] -- C:\Users\Elisa\Documents\jeux
[2013/09/21 21:30:59 | 000,000,000 | ---D | C] -- C:\Users\Elisa\Documents\4
[2013/09/21 21:30:59 | 000,000,000 | ---D | C] -- C:\Users\Elisa\Documents\3
[2013/09/21 21:30:59 | 000,000,000 | ---D | C] -- C:\Users\Elisa\Documents\2
[2013/09/21 21:30:58 | 000,398,416 | ---- | C] (Microsoft Corporation) -- C:\Users\Elisa\Documents\VBRUN300.DLL
[2013/09/21 21:30:58 | 000,000,000 | ---D | C] -- C:\Users\Elisa\Documents\1
[2013/09/21 18:12:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameHouse
[2013/09/21 16:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\MythPeople
[2013/09/20 21:13:03 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\GreenSauceGames
[2013/09/20 11:46:25 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cursed House
[2013/09/20 11:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cursed House
[2013/09/20 11:46:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cursed House
[2013/09/20 11:41:18 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reveries - Les Deux Soeurs
[2013/09/20 11:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reveries - Les Deux Soeurs
[2013/09/20 11:41:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reveries - Les Deux Soeurs
[2013/09/17 21:16:09 | 000,209,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NotificationUI.exe
[2013/09/17 21:16:08 | 002,371,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSService.dll
[2013/09/17 21:16:08 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2013/09/17 21:16:02 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSShared.dll
[2013/09/17 21:16:02 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSShared.dll
[2013/09/17 21:16:02 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSetupUI.dll
[2013/09/17 21:16:01 | 000,773,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2013/09/17 21:16:01 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll
[2013/09/17 21:16:01 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppc.dll
[2013/09/17 21:16:00 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppc.dll
[2013/09/17 21:15:59 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2013/09/17 21:15:59 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSSync.dll
[2013/09/17 21:15:59 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.dll
[2013/09/17 21:15:58 | 001,621,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2013/09/17 21:15:58 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSSync.dll
[2013/09/17 21:15:58 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2013/09/17 21:15:57 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUSettingsProvider.dll
[2013/09/17 21:15:57 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSClient.dll
[2013/09/17 21:15:57 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.dll
[2013/09/17 21:15:57 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2013/09/17 21:15:57 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2013/09/17 21:15:56 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\storewuauth.dll
[2013/09/17 21:15:56 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSClient.dll
[2013/09/17 21:15:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2013/09/17 21:15:56 | 000,058,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dam.sys
[2013/09/17 21:15:56 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2013/09/17 21:15:55 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2013/09/17 21:15:55 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2013/09/17 21:15:55 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2013/09/17 21:15:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupcln.dll
[2013/09/17 21:15:55 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2013/09/17 21:15:55 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2013/09/17 21:15:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/09/17 21:15:54 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/09/17 21:15:52 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupcln.dll
[2013/09/17 21:12:45 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/09/17 21:12:33 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2013/09/17 21:12:32 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/09/17 21:12:32 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/09/17 21:12:32 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/09/17 21:12:31 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/09/17 21:12:30 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/09/17 21:12:29 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2013/09/17 21:12:29 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/09/17 21:12:29 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2013/09/17 21:12:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/09/17 21:12:29 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/09/17 21:12:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/09/17 21:12:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/09/17 21:12:19 | 002,273,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msftedit.dll
[2013/09/17 21:12:17 | 002,839,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msftedit.dll
[2013/09/17 21:12:14 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2013/09/17 21:12:13 | 001,300,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2013/09/17 21:12:13 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2013/09/17 21:12:11 | 000,439,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WerFault.exe
[2013/09/17 21:12:11 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanconn.dll
[2013/09/17 21:12:11 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL
[2013/09/17 21:12:11 | 000,327,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2013/09/17 21:12:10 | 000,385,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WerFault.exe
[2013/09/17 21:12:10 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wcmsvc.dll
[2013/09/17 21:12:10 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSCard.dll
[2013/09/17 21:12:10 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winmmbase.dll
[2013/09/17 21:12:10 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winmmbase.dll
[2013/09/17 21:12:10 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winmm.dll
[2013/09/17 21:12:09 | 000,195,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys
[2013/09/17 21:12:09 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpsd.sys
[2013/09/17 21:12:09 | 000,120,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msgpioclx.sys
[2013/09/17 21:12:08 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013/09/17 21:12:07 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wwanadvui.dll
[2013/09/17 21:12:07 | 000,096,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\wfplwfs.sys
[2013/09/17 21:12:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wcmcsp.dll
[2013/09/17 21:12:06 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanmm.dll
[2013/09/17 21:12:06 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013/09/17 21:12:06 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\openfiles.exe
[2013/09/17 21:12:05 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll
[2013/09/17 21:12:05 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2013/09/17 21:12:05 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2013/09/17 21:12:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\openfiles.exe
[2013/09/17 21:12:04 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\LocationApi.dll
[2013/09/17 21:12:04 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\LocationApi.dll
[2013/09/15 20:44:11 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\Elephant Games
[2013/09/15 20:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Elephant Games
[2013/09/13 21:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/09/13 21:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/09/13 21:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/09/13 21:07:30 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Local\Adobe
[2013/09/09 16:54:17 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/09/08 21:08:17 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\Sahmon Games
[2013/09/08 21:08:17 | 000,000,000 | ---D | C] -- C:\Users\Elisa\Documents\DebugLogs
[2013/09/08 14:07:06 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Micro Application
[2013/09/08 14:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Micro Application
[2013/09/08 12:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2013/09/08 11:49:11 | 000,000,000 | ---D | C] -- C:\Users\Elisa\Documents\ExternalIntro
[2013/09/08 11:48:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro Application
[2013/09/07 21:27:58 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\LegacyInteractive
[2013/09/05 20:45:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Fenomen Games
[2013/09/05 20:41:17 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\island_tribe_4_bfg_fr
[2013/09/03 13:58:22 | 000,000,000 | ---D | C] -- C:\ProgramData\TreeCardGames
[2013/09/02 21:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\MumboJumbo
[2013/09/02 12:18:21 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\vlc
[2013/09/02 12:16:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/09/02 12:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFR
[2013/09/02 12:06:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SFR
[2013/09/01 20:51:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Zylom
[2013/08/31 18:49:21 | 000,000,000 | --SD | C] -- C:\windows\SysWow64\Microsoft
[2013/08/31 18:02:10 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fairway
[2013/08/31 18:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fairway
[2013/08/31 18:02:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fairway
[2013/08/30 21:01:34 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\Jewel Match 3
[2013/08/28 21:22:00 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Princesse Isabella - La Quete de l Heritiere
[2013/08/28 21:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Princesse Isabella - La Quete de l Heritiere
[2013/08/28 21:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Princesse Isabella - La Quete de l Heritiere
[2013/08/28 15:30:57 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\Dropbox
[2013/08/27 21:24:15 | 000,000,000 | ---D | C] -- C:\Users\Elisa\AppData\Roaming\Rumbic Studio

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/09/25 12:43:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Elisa\Desktop\OTL.exe
[2013/09/25 11:32:09 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/09/25 06:56:54 | 000,000,073 | ---- | M] () -- C:\Users\Elisa\AppData\Roaming\Borak.Bo-Jong.Pref
[2013/09/24 09:10:38 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/09/24 09:10:34 | 3089,739,776 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/24 04:41:04 | 000,001,016 | ---- | M] () -- C:\Users\Elisa\Desktop\AdwCleaner[S0] - Raccourci.lnk
[2013/09/24 04:07:19 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/24 04:01:01 | 000,281,176 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/09/23 20:33:56 | 000,001,998 | ---- | M] () -- C:\Users\Elisa\Desktop\ZHPFix.lnk
[2013/09/23 20:33:56 | 000,001,871 | ---- | M] () -- C:\Users\Elisa\Desktop\ZHPDiag.lnk
[2013/09/22 18:21:41 | 000,800,978 | ---- | M] () -- C:\windows\SysNative\perfh00C.dat
[2013/09/22 18:21:41 | 000,710,244 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/09/22 18:21:41 | 000,155,650 | ---- | M] () -- C:\windows\SysNative\perfc00C.dat
[2013/09/22 18:21:41 | 000,132,614 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/09/22 18:21:40 | 001,793,362 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/09/22 16:52:21 | 000,001,262 | ---- | M] () -- C:\Users\Public\Desktop\Encore plus de jeux.lnk
[2013/09/22 16:49:55 | 000,000,823 | ---- | M] () -- C:\Users\Elisa\Desktop\Super TextTwist.lnk
[2013/09/22 16:49:15 | 000,000,819 | ---- | M] () -- C:\Users\Elisa\Desktop\Rainbow Web 2.lnk
[2013/09/22 16:47:18 | 000,000,139 | ---- | M] () -- C:\Users\Elisa\Desktop\Zylom.url
[2013/09/21 21:33:22 | 004,890,104 | ---- | M] () -- C:\Users\Elisa\Documents\Dicozip[1].exe
[2013/09/21 21:30:38 | 004,890,104 | ---- | M] () -- C:\Users\Elisa\Documents\Dicozip.exe
[2013/09/21 18:22:39 | 000,001,905 | ---- | M] () -- C:\windows\SysWow64\InstallUtil.InstallLog
[2013/09/20 11:46:43 | 000,001,948 | ---- | M] () -- C:\Users\Public\Desktop\Jouer à Cursed House.lnk
[2013/09/20 11:45:24 | 000,002,094 | ---- | M] () -- C:\Users\Public\Desktop\Jouer à Reveries - Les Deux Soeurs.lnk
[2013/09/20 11:41:01 | 000,002,024 | ---- | M] () -- C:\Users\Elisa\Documents\Recovery Media Creator (2).lnk
[2013/09/19 01:26:35 | 000,694,232 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/09/19 01:26:35 | 000,078,296 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/09/14 21:18:28 | 000,000,139 | ---- | M] () -- C:\Users\Elisa\Documents\Zylom.url
[2013/09/13 21:09:53 | 000,002,030 | ---- | M] () -- C:\Users\Elisa\Documents\Adobe Reader XI.lnk
[2013/09/11 21:12:06 | 000,023,215 | ---- | M] () -- C:\Users\Elisa\Documents\chimio.jpg
[2013/09/10 13:13:17 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avipbb.sys
[2013/09/10 13:13:17 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avgntflt.sys
[2013/09/10 13:13:17 | 000,082,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avnetflt.sys
[2013/08/31 21:21:14 | 000,000,014 | ---- | M] () -- C:\windows\popcinfo.dat
[2013/08/31 18:05:24 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Jouer à Fairway.lnk
[2013/08/30 11:06:08 | 000,595,803 | ---- | M] () -- C:\Users\Elisa\Documents\facture papa 160513 001.jpg
[2013/08/28 21:24:26 | 000,002,278 | ---- | M] () -- C:\Users\Public\Desktop\Jouer à Princesse Isabella - La Quete de l Heritiere.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/09/24 04:41:04 | 000,001,016 | ---- | C] () -- C:\Users\Elisa\Desktop\AdwCleaner[S0] - Raccourci.lnk
[2013/09/24 04:07:19 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/24 04:00:50 | 000,281,176 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/09/23 20:33:56 | 000,001,998 | ---- | C] () -- C:\Users\Elisa\Desktop\ZHPFix.lnk
[2013/09/23 20:33:56 | 000,001,871 | ---- | C] () -- C:\Users\Elisa\Desktop\ZHPDiag.lnk
[2013/09/23 20:33:56 | 000,001,821 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHPDiag.lnk
[2013/09/22 16:49:55 | 000,000,823 | ---- | C] () -- C:\Users\Elisa\Desktop\Super TextTwist.lnk
[2013/09/22 16:49:15 | 000,000,819 | ---- | C] () -- C:\Users\Elisa\Desktop\Rainbow Web 2.lnk
[2013/09/21 21:33:17 | 004,890,104 | ---- | C] () -- C:\Users\Elisa\Documents\Dicozip[1].exe
[2013/09/21 21:31:01 | 000,432,267 | ---- | C] () -- C:\Users\Elisa\Documents\JEULETT.EXE
[2013/09/21 21:31:01 | 000,155,077 | ---- | C] () -- C:\Users\Elisa\Documents\DICOJEUX.EXE
[2013/09/21 21:31:01 | 000,035,166 | ---- | C] () -- C:\Users\Elisa\Documents\Lisezmoi.rtf
[2013/09/21 21:30:33 | 004,890,104 | ---- | C] () -- C:\Users\Elisa\Documents\Dicozip.exe
[2013/09/21 20:53:56 | 000,000,139 | ---- | C] () -- C:\Users\Elisa\Desktop\Zylom.url
[2013/09/20 11:46:43 | 000,001,948 | ---- | C] () -- C:\Users\Public\Desktop\Jouer à Cursed House.lnk
[2013/09/20 11:46:43 | 000,001,262 | ---- | C] () -- C:\Users\Public\Desktop\Encore plus de jeux.lnk
[2013/09/20 11:45:24 | 000,002,094 | ---- | C] () -- C:\Users\Public\Desktop\Jouer à Reveries - Les Deux Soeurs.lnk
[2013/09/20 11:41:01 | 000,002,024 | ---- | C] () -- C:\Users\Elisa\Documents\Recovery Media Creator (2).lnk
[2013/09/17 21:15:52 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013/09/17 21:12:03 | 000,387,583 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013/09/13 21:09:53 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/09/13 21:09:53 | 000,002,030 | ---- | C] () -- C:\Users\Elisa\Documents\Adobe Reader XI.lnk
[2013/09/12 12:02:12 | 000,023,215 | ---- | C] () -- C:\Users\Elisa\Documents\chimio.jpg
[2013/08/31 21:21:14 | 000,000,014 | ---- | C] () -- C:\windows\popcinfo.dat
[2013/08/31 18:05:24 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Jouer à Fairway.lnk
[2013/08/30 11:03:58 | 000,595,803 | ---- | C] () -- C:\Users\Elisa\Documents\facture papa 160513 001.jpg
[2013/08/28 21:24:26 | 000,002,278 | ---- | C] () -- C:\Users\Public\Desktop\Jouer à Princesse Isabella - La Quete de l Heritiere.lnk
[2013/08/13 22:27:25 | 000,000,091 | ---- | C] () -- C:\Users\Elisa\AppData\Roaming\BoJong-Le Classement
[2013/08/13 21:59:32 | 000,000,073 | ---- | C] () -- C:\Users\Elisa\AppData\Roaming\Borak.Bo-Jong.Pref
[2013/06/24 22:31:37 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2013/06/24 22:24:56 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2013/02/02 02:07:21 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2013/02/02 02:07:21 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2013/02/02 02:07:20 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2012/07/26 10:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 10:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 09:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/26 03:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/25 22:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 22:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/06/02 16:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012/05/11 01:35:16 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2013/08/14 21:45:58 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2013/08/13 19:01:56 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\123 Free Solitaire for Children
[2013/08/18 17:12:07 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\Artifex Mundi
[2013/08/28 21:15:27 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\casualArts
[2013/08/31 10:58:29 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\Dropbox
[2013/09/15 20:44:11 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\Elephant Games
[2013/08/14 21:49:47 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\FreeSoftwareUpdater
[2013/09/22 20:46:44 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\GestaltGames
[2013/09/20 21:13:03 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\GreenSauceGames
[2013/09/05 20:42:04 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\island_tribe_4_bfg_fr
[2013/08/30 21:59:47 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\Jewel Match 3
[2013/09/07 21:27:58 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\LegacyInteractive
[2013/08/23 21:28:27 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\md studio
[2013/08/21 21:10:33 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\PuzzleLab
[2013/08/27 21:24:15 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\Rumbic Studio
[2013/09/08 21:08:17 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\Sahmon Games
[2013/08/10 21:02:15 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\sMedio
[2013/08/10 22:05:13 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\TreeCardGames
[2013/08/14 13:05:43 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\TuneUp Software
[2013/08/14 17:46:09 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\WildTangent
[2013/09/23 20:21:52 | 000,000,000 | ---D | M] -- C:\Users\Elisa\AppData\Roaming\ZHP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2013/09/25 12:06:40 | 097,717,271 | ---- | M] ()(C:\windows\SysWow64\??Lj) -- C:\windows\SysWow64\~_“ùL5
[2013/09/25 12:06:40 | 097,717,271 | ---- | C] ()(C:\windows\SysWow64\??Lj) -- C:\windows\SysWow64\~_“ùL5

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:7ADA8871
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:F52DB269
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:5133A494
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:30E0D641
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:32FFF2D1
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:FE66A7BB
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:D46D2E5A
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:B36361EE
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:16A4620C
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:D5F1E592
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:84FA02E7
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:436BE28C
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:F1174C93
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:2CB9631F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:9A7BF72D
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:01D2B3C4
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:4D348522
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:A02025CE
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D254266B
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:B3606FCC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:FF7D915E
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:EB4FEEF5
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:7E47A57F
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C9B27A06
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C669F3E1
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:57DFBE4E

< End of report >

Publicité

Signaler le contenu de ce document

Publicité