cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 24/09/2016 19:57:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Utilisateur\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,50 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 71,55% Memory free
5,33 Gb Paging File | 4,51 Gb Available in Paging File | 84,63% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,50 Gb Total Space | 14,93 Gb Free Space | 20,04% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 925,53 Gb Free Space | 99,36% Space Free | Partition Type: NTFS

Computer Name: UTILISAT-ABB865 | User Name: Utilisateur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016/09/24 19:52:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Utilisateur\Bureau\OTL.exe
PRC - [2016/09/24 09:45:28 | 000,509,384 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2016/08/16 20:55:18 | 000,289,080 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security\Engine\22.7.1.32\ns.exe
PRC - [2013/04/05 03:53:30 | 000,121,600 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\IPROSetMonitor.exe
PRC - [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/09/17 19:38:39 | 019,588,800 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll
MOD - [2008/04/13 19:33:32 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2016/09/24 09:45:27 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/09/17 20:05:56 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/08/16 20:55:18 | 000,289,080 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security\Engine\22.7.1.32\NS.exe -- (NS)
SRV - [2016/07/25 12:36:12 | 000,324,224 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016/01/08 10:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) [Disabled | Stopped] -- C:\Program Files\SAMSUNG\USB Drivers\27_ssconn\conn\ss_conn_service.exe -- (ss_conn_service)
SRV - [2015/06/11 13:15:34 | 000,020,648 | ---- | M] (Dell Inc.) [Disabled | Stopped] -- C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe -- (SupportAssistAgent)
SRV - [2015/02/26 18:02:19 | 000,184,016 | ---- | M] (Dell Inc.) [Disabled | Stopped] -- C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe -- (DellDataVaultWiz)
SRV - [2015/02/26 18:01:45 | 001,947,344 | ---- | M] (Dell Inc.) [Disabled | Stopped] -- C:\Program Files\Dell\DellDataVault\DellDataVault.exe -- (DellDataVault)
SRV - [2014/10/07 16:09:50 | 000,060,744 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2013/04/05 03:53:30 | 000,121,600 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\system32\IPROSetMonitor.exe -- (Intel(R)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ETdrv.sys -- (USBET)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Norton Security\NortonData\22.6.0.142\Definitions\SDSDefs\20160630.020\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Norton Security\NortonData\22.6.0.142\Definitions\SDSDefs\20160630.020\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\kqbomc.sys -- (maovwfo)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2016/09/07 19:58:21 | 000,631,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Security\NortonData\22.6.0.142\Definitions\IPSDefs\20160920.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2016/09/02 17:02:21 | 000,388,848 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2016/09/02 17:02:21 | 000,124,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2016/08/18 23:38:25 | 001,334,008 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Security\NortonData\22.6.0.142\Definitions\BASHDefs\20160922.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2016/08/10 04:38:25 | 000,626,416 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NS\1607010.020\srtsp.sys -- (SRTSP)
DRV - [2016/07/01 09:20:29 | 000,088,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2016/06/02 05:35:28 | 001,289,944 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NS\1607010.020\symefasi.sys -- (SymEFASI)
DRV - [2016/06/02 05:35:19 | 000,381,880 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NS\1607010.020\symtdi.sys -- (SYMTDI)
DRV - [2016/06/02 05:34:43 | 000,230,648 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NS\1607010.020\ironx86.sys -- (SymIRON)
DRV - [2016/06/02 05:34:17 | 000,137,456 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NS\1607010.020\ccsetx86.sys -- (ccSet_NS)
DRV - [2016/06/02 05:34:14 | 000,042,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NS\1607010.020\srtspx.sys -- (SRTSPX)
DRV - [2016/01/08 10:51:54 | 000,191,200 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2016/01/08 10:51:54 | 000,191,200 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2016/01/08 10:51:54 | 000,153,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2016/01/08 10:51:54 | 000,136,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscebus.sys -- (sscebus)
DRV - [2016/01/08 10:51:54 | 000,099,296 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2016/01/08 10:51:54 | 000,017,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2015/02/26 18:00:46 | 000,020,688 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DDDriver32Dcsa.sys -- (DDDriver)
DRV - [2015/02/26 18:00:46 | 000,019,984 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DellProf.sys -- (DellProf)
DRV - [2013/04/18 19:06:08 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2006/02/09 20:57:46 | 001,502,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/11/16 15:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2004/06/28 13:08:56 | 000,042,752 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-583907252-220523388-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-583907252-220523388-1417001333-1003\..\SearchScopes,DefaultScope = {96BBC430-9900-4299-9F5D-7951AB36EFDF}
IE - HKU\S-1-5-21-583907252-220523388-1417001333-1003\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-583907252-220523388-1417001333-1003\..\SearchScopes\{96BBC430-9900-4299-9F5D-7951AB36EFDF}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-583907252-220523388-1417001333-1003\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = https://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000&geo=FR&ver=22&locale=fr_FR&gct=sb&qsrc=2869
IE - HKU\S-1-5-21-583907252-220523388-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.73.2: C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2: C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C1A2A613-35F1-4FCF-B27F-2840527B6556}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\coFFAddon\ [2016/09/21 12:16:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 49.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 49.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2016/02/21 16:38:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Extensions
[2016/07/19 14:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\5vto1lbn.default-1468930410109\extensions
[2016/09/24 19:57:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\99hd269h.default-1474292519109\extension-data
[2016/09/23 11:55:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\99hd269h.default-1474292519109\extensions
[2016/09/19 15:57:58 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\99hd269h.default-1474292519109\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2016/07/19 14:18:14 | 000,706,444 | ---- | M] () (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\5vto1lbn.default-1468930410109\extensions\@addonsignalspam.xpi
[2016/07/19 14:18:15 | 002,617,021 | ---- | M] () (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\5vto1lbn.default-1468930410109\extensions\firebug@software.joehewitt.com.xpi
[2016/07/19 14:18:16 | 000,163,159 | ---- | M] () (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\5vto1lbn.default-1468930410109\extensions\{91A6D6AB-3E9A-4C00-A3CF-B08CBE803A2E}.xpi
[2016/09/19 15:51:30 | 000,711,505 | ---- | M] () (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\99hd269h.default-1474292519109\extensions\@addonsignalspam.xpi
[2016/09/19 15:51:33 | 002,617,021 | ---- | M] () (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\99hd269h.default-1474292519109\extensions\firebug@software.joehewitt.com.xpi
[2016/09/23 11:55:37 | 001,584,944 | ---- | M] () (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\99hd269h.default-1474292519109\extensions\uBlock0@raymondhill.net.xpi
[2016/09/19 15:51:34 | 000,163,159 | ---- | M] () (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\99hd269h.default-1474292519109\extensions\{91A6D6AB-3E9A-4C00-A3CF-B08CBE803A2E}.xpi
[2016/09/23 11:55:38 | 000,007,076 | ---- | M] () (No name found) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\99hd269h.default-1474292519109\features\{7082cb53-bedf-4175-aed9-d3b58ac50ba3}\e10srollout@mozilla.org.xpi
[2016/09/24 09:45:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.7.0.69_0\
CHR - Extension: No name found = C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.7.1.12_0\
CHR - Extension: No name found = C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif\1.0.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_1\
CHR - Extension: No name found = C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2016/06/14 20:52:43 | 000,000,752 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine\22.7.1.32\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.7.1.32\coIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-583907252-220523388-1417001333-1003\..\Toolbar\ShellBrowser: (no name) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No CLSID value found.
O4 - HKU\S-1-5-21-583907252-220523388-1417001333-1003..\Run: [] C:\Program Files\SAMSUNG\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-583907252-220523388-1417001333-1003..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Feed Discovery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Feeds present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Feed Discovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Feeds present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Feed Discovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Feeds present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Feed Discovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Feeds present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-220523388-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\Feed Discovery present
O7 - HKU\S-1-5-21-583907252-220523388-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\Feeds present
O7 - HKU\S-1-5-21-583907252-220523388-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-583907252-220523388-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O15 - HKU\S-1-5-21-583907252-220523388-1417001333-1003\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1411140206281 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1425901040968 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA7C1541-AE00-4A4D-BD08-E7B6B7A6C572}: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/01 03:07:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]ATIPTA[/b] - hkey= - key= - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
MsConfig - StartUpReg: [b]BluetoothAuthenticationAgent[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]CCleaner Monitoring[/b] - hkey= - key= - C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
MsConfig - StartUpReg: [b]ctfmon.exe[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]DivXMediaServer[/b] - hkey= - key= - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
MsConfig - StartUpReg: [b]DVDLauncher[/b] - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
MsConfig - StartUpReg: [b]KiesAirMessage[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]KiesPreload[/b] - hkey= - key= - C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
MsConfig - StartUpReg: [b]KiesTrayAgent[/b] - hkey= - key= - C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Oracle Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {72AD53CC-CCC0-3757-8480-9EE176866A7C} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/09/24 19:52:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Utilisateur\Bureau\OTL.exe
[2016/09/24 14:47:47 | 002,286,392 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Utilisateur\Bureau\GetSystemInfo5.0.exe
[2016/09/24 09:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2016/09/23 15:03:03 | 002,286,392 | ---- | C] (Kaspersky Lab ZAO) -- E:\Documents and Settings\Utilisateur\Mes documents\GetSystemInfo5.0.exe
[2016/09/23 11:02:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Utilisateur\Recent
[2016/09/23 10:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[2016/09/23 10:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2016/09/22 10:07:11 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsprofilerui.dll
[2016/09/19 14:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Bureau\Techniques de la gravure_files
[2016/09/13 15:22:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2016/09/13 15:22:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ProductData
[2016/09/13 09:55:58 | 000,000,000 | ---D | C] -- C:\FRST
[2016/09/13 09:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2016/09/12 14:36:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2016/09/12 14:31:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
[2016/09/10 17:26:13 | 000,170,200 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2016/09/10 17:25:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
[2016/09/10 17:25:37 | 000,123,264 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2016/09/10 17:25:37 | 000,024,448 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\mbam.sys
[2016/09/10 17:25:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2016/09/06 12:31:01 | 000,000,000 | -HSD | C] -- C:\found.000
[1 E:\Documents and Settings\Utilisateur\Mes documents\*.tmp files -> E:\Documents and Settings\Utilisateur\Mes documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/09/24 20:05:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/09/24 20:04:22 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{72A730B2-156A-48B6-AA18-881C2B2FD789}.job
[2016/09/24 19:52:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Utilisateur\Bureau\OTL.exe
[2016/09/24 19:29:06 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
[2016/09/24 19:28:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/09/24 19:28:57 | 3756,167,168 | -HS- | M] () -- C:\hiberfil.sys
[2016/09/24 15:16:58 | 000,132,685 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\GetSystemInfo_UTILISAT-ABB865_Utilisateur_2016_09_24_15_14_02.zip
[2016/09/24 14:49:17 | 000,152,308 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\GetSystemInfo_UTILISAT-ABB865_Utilisateur_2016_09_24_14_48_27.zip
[2016/09/24 14:47:48 | 002,286,392 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Utilisateur\Bureau\GetSystemInfo5.0.exe
[2016/09/24 14:43:44 | 000,542,842 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2016/09/24 14:43:44 | 000,472,920 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2016/09/24 14:43:44 | 000,090,494 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2016/09/24 14:43:44 | 000,076,014 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2016/09/24 12:16:40 | 000,010,074 | ---- | M] () -- E:\Documents and Settings\Utilisateur\Mes documents\TRADO GREC.odt
[2016/09/24 09:51:03 | 019,158,336 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\PRO2K3XP_32.exe
[2016/09/23 15:04:44 | 000,133,136 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\GetSystemInfo_UTILISAT-ABB865_Utilisateur_2016_09_23_15_03_15.zip
[2016/09/23 15:03:04 | 002,286,392 | ---- | M] (Kaspersky Lab ZAO) -- E:\Documents and Settings\Utilisateur\Mes documents\GetSystemInfo5.0.exe
[2016/09/23 11:06:07 | 000,022,236 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\ccleaner 23.09.2016.reg
[2016/09/23 10:53:57 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2016/09/22 12:02:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2016/09/22 11:57:38 | 000,124,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2016/09/22 11:49:14 | 000,000,171 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Microsoft Update.url
[2016/09/19 14:07:57 | 000,091,951 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Techniques de la gravure.html
[2016/09/19 13:42:11 | 000,010,305 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Emploi du temps de GANGNET Timothee.pdf
[2016/09/19 12:27:52 | 000,000,882 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Revo Uninstaller.lnk
[2016/09/17 20:05:53 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2016/09/17 20:05:53 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2016/09/16 14:35:20 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2016/09/10 19:14:19 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2016/09/10 19:14:18 | 001,218,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2016/09/10 19:14:18 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2016/09/10 19:14:18 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2016/09/10 19:14:18 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[2016/09/10 19:14:18 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2016/09/10 19:14:18 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2016/09/10 19:14:18 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2016/09/10 19:14:17 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2016/09/10 19:14:17 | 000,630,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2016/09/10 19:14:17 | 000,630,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2016/09/10 19:14:17 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[2016/09/10 19:14:17 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2016/09/10 19:14:17 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2016/09/10 19:14:16 | 002,007,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2016/09/10 19:14:16 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2016/09/10 19:14:16 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2016/09/10 19:14:16 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2016/09/10 19:14:16 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2016/09/10 19:14:16 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2016/09/10 19:14:16 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2016/09/10 19:14:16 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsprofilerui.dll
[2016/09/10 19:14:16 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2016/09/10 19:14:16 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2016/09/10 19:14:16 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2016/09/10 19:14:16 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2016/09/10 19:14:16 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2016/09/10 19:14:16 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2016/09/10 19:14:15 | 011,091,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2016/09/10 19:14:15 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2016/09/10 19:14:15 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2016/09/10 19:14:15 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2016/09/10 19:14:15 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll
[2016/09/10 19:14:15 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2016/09/10 19:14:15 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
[2016/09/10 19:14:15 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2016/09/10 19:14:15 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2016/09/10 19:14:15 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2016/09/10 19:14:15 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2016/09/10 19:14:15 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2016/09/10 17:26:33 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2016/09/10 04:49:26 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2016/09/10 04:49:26 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2016/09/10 04:49:22 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2016/09/09 16:47:36 | 000,638,640 | --S- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2016/09/08 18:17:12 | 000,057,667 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
[2016/08/31 16:20:46 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\oubli cecile 31.08.2016.jpg.lnk
[1 E:\Documents and Settings\Utilisateur\Mes documents\*.tmp files -> E:\Documents and Settings\Utilisateur\Mes documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/09/24 15:14:45 | 000,132,685 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\GetSystemInfo_UTILISAT-ABB865_Utilisateur_2016_09_24_15_14_02.zip
[2016/09/24 14:49:17 | 000,152,308 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\GetSystemInfo_UTILISAT-ABB865_Utilisateur_2016_09_24_14_48_27.zip
[2016/09/24 12:16:03 | 000,010,074 | ---- | C] () -- E:\Documents and Settings\Utilisateur\Mes documents\TRADO GREC.odt
[2016/09/24 09:51:03 | 019,158,336 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\PRO2K3XP_32.exe
[2016/09/23 15:04:44 | 000,133,136 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\GetSystemInfo_UTILISAT-ABB865_Utilisateur_2016_09_23_15_03_15.zip
[2016/09/23 11:05:58 | 000,022,236 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\ccleaner 23.09.2016.reg
[2016/09/23 10:53:57 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2016/09/22 11:49:14 | 000,000,171 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Microsoft Update.url
[2016/09/19 14:07:57 | 000,091,951 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Techniques de la gravure.html
[2016/09/19 13:42:10 | 000,010,305 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Emploi du temps de GANGNET Timothee.pdf
[2016/09/19 12:27:52 | 000,000,882 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Revo Uninstaller.lnk
[2016/09/17 19:38:40 | 000,001,002 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/09/17 19:28:36 | 3756,167,168 | -HS- | C] () -- C:\hiberfil.sys
[2016/08/31 16:20:46 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\oubli cecile 31.08.2016.jpg.lnk
[2016/05/13 11:47:22 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2016/03/27 10:29:20 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2016/03/27 10:29:20 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2016/01/01 16:25:23 | 000,040,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\EUBKMON.sys
[2015/11/01 15:18:08 | 000,001,750 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2015/07/16 19:37:32 | 000,035,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2014/10/09 14:43:45 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/09/19 19:42:29 | 000,838,905 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-583907252-220523388-1417001333-1003-0.dat
[2014/09/19 19:42:29 | 000,138,230 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2015/03/09 13:31:24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2014/02/25 05:30:54 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:33:50 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2015/11/09 15:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest Software
[2015/07/16 18:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2014/09/27 11:20:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2015/08/23 14:07:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2016/02/07 10:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oracle
[2015/06/24 12:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2016/09/13 15:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ProductData
[2015/07/16 19:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RogueKiller
[2016/08/25 08:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2015/07/27 19:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportAssistAgent
[2014/09/29 19:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2016/09/10 17:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2006/07/07 00:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cécile\Application Data\IObit
[2015/06/28 12:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Audacity
[2015/07/29 11:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\ElevatedDiagnostics
[2016/09/18 18:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\IObit
[2014/09/23 07:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\OpenOffice
[2014/09/27 18:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Oracle
[2015/06/30 11:57:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\PCDr
[2015/11/09 15:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\PDF Pro 10 9
[2016/05/13 11:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\ProductData
[2016/08/25 08:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Samsung
[2015/08/11 17:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\SysDev Laboratories
[2014/09/29 19:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Visan
[2016/09/14 09:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\ZHP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< MD5 for: AFD.SYS >[/color]
[2011/08/17 15:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\$NtUninstallKB2961072$\afd.sys
[2008/04/13 12:19:24 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\$NtUninstallKB2509553$\afd.sys
[2008/04/13 12:19:24 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\ServicePackFiles\i386\afd.sys
[2008/10/16 17:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys
[2004/08/05 14:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\$NtServicePackUninstall$\afd.sys
[2008/10/16 16:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7618D5218F2A614672EC61A80D854A37 -- C:\WINDOWS\$NtUninstallKB2592799$\afd.sys
[2014/05/29 02:46:20 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D80ED631D3AFD47C27311B0614AFA89F -- C:\WINDOWS\SoftwareDistribution\Download\41a28e4e5e55c3f88a6ac05661c3e71b\SP3QFE\afd.sys
[2014/05/29 02:46:20 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D80ED631D3AFD47C27311B0614AFA89F -- C:\WINDOWS\system32\dllcache\afd.sys
[2014/05/29 02:46:20 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D80ED631D3AFD47C27311B0614AFA89F -- C:\WINDOWS\system32\drivers\afd.sys
[2011/08/17 15:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\system32\dllcache\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:i8042prt.sys
[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys
[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:i8042prt.sys
[2008/04/13 19:00:54 | 000,054,144 | ---- | M] (Microsoft Corporation) MD5=A09BDC4ED10E3B2E0EC27BB94AF32516 -- C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys
[2008/04/13 19:00:54 | 000,054,144 | ---- | M] (Microsoft Corporation) MD5=A09BDC4ED10E3B2E0EC27BB94AF32516 -- C:\WINDOWS\system32\dllcache\i8042prt.sys
[2008/04/13 19:00:54 | 000,054,144 | ---- | M] (Microsoft Corporation) MD5=A09BDC4ED10E3B2E0EC27BB94AF32516 -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2004/08/05 14:00:00 | 000,054,400 | ---- | M] (Microsoft Corporation) MD5=D1EFCBD693B5BA21314D06368C471070 -- C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys

[color=#A23BEC]< MD5 for: IPSEC.SYS >[/color]
[2008/04/13 12:19:44 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\ServicePackFiles\i386\ipsec.sys
[2008/04/13 12:19:44 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\dllcache\ipsec.sys
[2008/04/13 12:19:44 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys
[2004/08/05 14:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=64537AA5C003A6AFEEE1DF819062D0D1 -- C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys

[color=#A23BEC]< MD5 for: LSASS.EXE >[/color]
[2008/04/13 19:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=91E6024D6D4DCDECDB36C43ECF9BBECB -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008/04/13 19:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=91E6024D6D4DCDECDB36C43ECF9BBECB -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008/04/13 19:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=91E6024D6D4DCDECDB36C43ECF9BBECB -- C:\WINDOWS\system32\lsass.exe
[2004/08/05 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=9F3744A5C6F49291A7A685040A013399 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe

[color=#A23BEC]< MD5 for: NETBT.SYS >[/color]
[2004/08/05 14:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=0C80E410CD2F47134407EE7DD19CC86B -- C:\WINDOWS\$NtServicePackUninstall$\netbt.sys
[2008/04/13 12:21:02 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\$NtUninstallKB3161949$\netbt.sys
[2008/04/13 12:21:02 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\ServicePackFiles\i386\netbt.sys
[2016/05/10 17:37:23 | 000,163,200 | ---- | M] (Microsoft Corporation) MD5=B9909AD0667EF3D39345463409619D8D -- C:\WINDOWS\SoftwareDistribution\Download\6219b518ade6050ac37750ff11daa655\sp3qfe\netbt.sys
[2016/05/10 17:37:23 | 000,163,200 | ---- | M] (Microsoft Corporation) MD5=B9909AD0667EF3D39345463409619D8D -- C:\WINDOWS\system32\dllcache\netbt.sys
[2016/05/10 17:37:23 | 000,163,200 | ---- | M] (Microsoft Corporation) MD5=B9909AD0667EF3D39345463409619D8D -- C:\WINDOWS\system32\drivers\netbt.sys

[color=#A23BEC]< MD5 for: REDBOOK.SYS >[/color]
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:redbook.sys
[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:redbook.sys
[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:redbook.sys
[2004/08/04 02:39:44 | 000,058,496 | ---- | M] (Microsoft Corporation) MD5=2CC30B68DD62B73D444A41322CD7FC4C -- C:\WINDOWS\$NtServicePackUninstall$\redbook.sys
[2008/04/13 18:57:36 | 000,058,752 | ---- | M] (Microsoft Corporation) MD5=D8EB2A7904DB6C916EB5361878DDCBAE -- C:\WINDOWS\ServicePackFiles\i386\redbook.sys
[2008/04/13 18:57:36 | 000,058,752 | ---- | M] (Microsoft Corporation) MD5=D8EB2A7904DB6C916EB5361878DDCBAE -- C:\WINDOWS\system32\dllcache\redbook.sys
[2008/04/13 18:57:36 | 000,058,752 | ---- | M] (Microsoft Corporation) MD5=D8EB2A7904DB6C916EB5361878DDCBAE -- C:\WINDOWS\system32\drivers\redbook.sys

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2004/08/05 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=1BD6C2F707A275CB7C16FD99FE0F31CA -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008/04/13 19:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/13 19:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe
[2016/03/10 14:07:16 | 000,960,480 | ---- | M] (MalwareBytes) MD5=F86A4139730504047F52CCFB8C47E9F5 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe

[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2015/10/13 17:58:14 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=52151D558097554AF316BC526D4AAB29 -- C:\WINDOWS\SoftwareDistribution\Download\f2aaa19f40d874f1947902424fca2ae5\SP3QFE\tcpip.sys
[2015/10/13 17:58:14 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=52151D558097554AF316BC526D4AAB29 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2015/10/13 17:58:14 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=52151D558097554AF316BC526D4AAB29 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008/04/13 12:20:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008/04/13 12:20:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$NtUninstallKB3092601$\tcpip.sys
[2004/08/05 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008/06/20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:34:28 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:34:28 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/13 19:34:28 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2004/08/05 14:00:00 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=313B1A0D5DB26DFE1C34A6C13B2CE0A7 -- C:\WINDOWS\$NtServicePackUninstall$\volsnap.sys
[2008/04/13 18:56:06 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=46DE1126684369BACE4849E4FC8C43CA -- C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
[2008/04/13 18:56:06 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=46DE1126684369BACE4849E4FC8C43CA -- C:\WINDOWS\system32\dllcache\volsnap.sys
[2008/04/13 18:56:06 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=46DE1126684369BACE4849E4FC8C43CA -- C:\WINDOWS\system32\drivers\volsnap.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 19:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe
[2016/03/10 14:07:16 | 000,960,480 | ---- | M] (MalwareBytes) MD5=F86A4139730504047F52CCFB8C47E9F5 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2015/03/23 15:39:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Utilisateur\Application Data\Microsoft\Installer\{DAC0B889-5359-4FDC-893A-2B8EF6B71B6F}\ARPPRODUCTICON.exe
[2015/03/23 15:39:11 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Utilisateur\Application Data\Microsoft\Installer\{DAC0B889-5359-4FDC-893A-2B8EF6B71B6F}\SIMEditor.exe_DAC0B88953594FDC893A2B8EF6B71B6F.exe
[2015/03/04 22:39:25 | 024,169,392 | ---- | M] (Dell) -- C:\Documents and Settings\Utilisateur\Application Data\PCDr\Downloads\SupportAssistAgent.exe
[2014/09/27 18:04:44 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Application Data\Sun\Java\jre1.7.0_67\lzma.exe
[2016/09/12 13:42:12 | 002,324,480 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Application Data\ZHP\ZHPDiag3.exe
[2016/01/08 14:08:32 | 000,566,568 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Application Data\ZHP\Quarantine\KiesAgent.exe
[2016/05/27 13:55:52 | 006,399,360 | ---- | M] (Reimage®) -- C:\Documents and Settings\Utilisateur\Application Data\ZHP\Quarantine\ReiGuard.exe
[15 C:\Documents and Settings\Utilisateur\Application Data\ZHP\Quarantine\*.tmp files -> C:\Documents and Settings\Utilisateur\Application Data\ZHP\Quarantine\*.tmp -> ]
[2016/05/27 13:57:00 | 000,384,240 | ---- | M] (Reimage®) -- C:\Documents and Settings\Utilisateur\Application Data\ZHP\Quarantine\Reimage\Reimage Protector\ProtectorUpdater.exe
[2016/05/27 13:47:16 | 003,553,648 | ---- | M] (Reimage ltd.) -- C:\Documents and Settings\Utilisateur\Application Data\ZHP\Quarantine\Reimage\Reimage Protector\ReiProtectorM.exe
[2016/05/27 13:56:50 | 006,912,872 | ---- | M] (Reimage®) -- C:\Documents and Settings\Utilisateur\Application Data\ZHP\Quarantine\Reimage\Reimage Protector\ReiScanner.exe
[2016/05/27 13:56:16 | 006,398,832 | ---- | M] (Reimage®) -- C:\Documents and Settings\Utilisateur\Application Data\ZHP\Quarantine\Reimage\Reimage Protector\ReiSystem.exe

[color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color]

[color=#A23BEC]< %APPDATA%\Update\*.* >[/color]

[color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\*.* >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2005/06/01 03:07:04 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2016/07/21 14:01:31 | 000,000,212 | -HS- | M] () -- C:\boot.ini
[2004/08/05 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2005/06/01 03:07:04 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2016/06/19 09:53:44 | 000,010,479 | ---- | M] () -- C:\DelFix.txt
[2015/08/18 14:54:51 | 000,000,322 | ---- | M] () -- C:\Documents
[2016/01/02 15:40:35 | 000,305,664 | -HS- | M] () -- C:\EUMONBMP.SYS
[2016/09/24 19:28:57 | 3756,167,168 | -HS- | M] () -- C:\hiberfil.sys
[2005/06/01 03:07:04 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/06/01 03:07:04 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/05 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2014/09/19 17:33:23 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2016/09/24 19:28:56 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2016/09/11 18:05:53 | 000,259,006 | ---- | M] () -- C:\TDSSKiller.3.1.0.11_11.09.2016_18.03.04_log.txt
[2016/01/02 16:39:44 | 000,004,096 | -HS- | M] () -- C:\{A9 68E BF8-5 618-4 DB7-8E5F-90A9432F7162}.CBM

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

[color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.* >[/color]
[2009/03/08 04:35:04 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ExtExport.exe
[2009/03/08 04:24:28 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\hmmapi.dll
[2009/01/11 21:05:26 | 000,002,649 | ---- | M] () -- C:\Program Files\Internet Explorer\ie8props.propdesc
[2011/08/16 12:45:39 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iecompat.dll
[2016/09/10 19:14:15 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iedvtool.dll
[2008/04/13 19:34:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iedw.exe
[2016/09/10 19:14:15 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll
[2016/09/09 16:47:36 | 000,638,640 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/08 14:16:46 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe.mui
[2016/09/10 19:14:16 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\jsdbgui.dll
[2009/03/08 04:35:02 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\jsdebuggeride.dll
[2009/03/08 04:35:04 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\JSProfilerCore.dll
[2016/09/10 19:14:16 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\jsprofilerui.dll
[2009/01/07 18:20:18 | 000,355,832 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\pdm.dll
[2009/01/07 18:20:54 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\sqmapi.dll
[2016/09/10 19:14:20 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\xpshims.dll

[color=#A23BEC]< %USERPROFILE%\*.* >[/color]
[2015/01/11 15:40:09 | 000,001,158 | ---- | M] () -- C:\Documents and Settings\Utilisateur\ipconfig.txt
[2016/09/24 15:32:34 | 004,456,448 | -H-- | M] () -- C:\Documents and Settings\Utilisateur\NTUSER.DAT
[2016/09/24 20:06:21 | 000,001,024 | -H-- | M] () -- C:\Documents and Settings\Utilisateur\ntuser.dat.LOG
[2016/09/24 15:32:34 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Utilisateur\ntuser.ini

[color=#A23BEC]< %Temp%\smtmp\1\*.* >[/color]

[color=#A23BEC]< %Temp%\smtmp\2\*.* >[/color]

[color=#A23BEC]< %Temp%\smtmp\3\*.* >[/color]

[color=#A23BEC]< %Temp%\smtmp\4\*.* >[/color]

[color=#A23BEC]< %USERPROFILE%\Local Settings\Temp\*.exe >[/color]

[color=#A23BEC]< %USERPROFILE%\Local Settings\Temp\*.dll >[/color]

[color=#A23BEC]< %USERPROFILE%\Application Data\*.exe >[/color]

[color=#A23BEC]< %systemroot%\system32\DBBK\*.* /s >[/color]

[color=#A23BEC]< %systemroot%\system32\config\systemprofile\*.* >[/color]
[2014/09/27 09:12:12 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\ntuser.dat
[2016/09/24 12:46:23 | 000,001,024 | -H-- | M] () -- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\*.exe /90 >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\*.dll /90 >[/color]
[2016/09/10 19:14:15 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\corpol.dll
[2016/09/10 19:14:15 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dxtmsft.dll
[2016/09/10 19:14:15 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dxtrans.dll
[2016/09/10 19:14:15 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iedkcs32.dll
[2016/09/10 19:14:15 | 011,091,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
[2016/09/10 19:14:15 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iepeers.dll
[2016/09/10 19:14:16 | 002,007,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
[2016/09/10 19:14:16 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jscript.dll
[2016/09/10 19:14:16 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jsproxy.dll
[2016/09/10 19:14:16 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\licmgr10.dll
[2016/09/10 19:14:16 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeeds.dll
[2016/09/10 19:14:16 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeedsbs.dll
[2016/09/10 19:14:17 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mshtml.dll
[2016/09/10 19:14:17 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mshtmled.dll
[2016/09/10 19:14:17 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msrating.dll
[2016/09/10 19:14:17 | 000,630,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstime.dll
[2016/09/10 19:14:18 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\occache.dll
[2016/08/15 19:27:48 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
[2016/09/10 19:14:18 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\url.dll
[2016/09/10 19:14:18 | 001,218,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
[2016/08/16 02:40:47 | 000,579,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
[2016/09/10 19:14:18 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vbscript.dll
[2016/09/10 19:14:18 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
[2016/09/10 19:14:19 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
[2016/08/06 07:33:48 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp4res.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /90 >[/color]
[2016/09/10 17:26:33 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
[2016/08/06 08:59:08 | 000,358,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys
[2016/07/01 09:20:29 | 000,088,312 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS

[color=#A23BEC]< %systemroot%\system32\*.exe /90 >[/color]
[2016/09/17 20:05:53 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerApp.exe
[2016/09/10 04:49:26 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ie4uinit.exe
[2016/08/10 12:08:57 | 144,884,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2016/08/16 05:54:42 | 002,030,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntkrnlpa.exe
[2016/08/16 05:54:45 | 002,151,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntoskrnl.exe
[2016/08/19 20:17:37 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tzchange.exe
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\config\*.sav >[/color]
[2005/06/01 04:42:41 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/06/01 04:42:41 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/06/01 04:42:41 | 000,442,368 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

[color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color]
[2007/04/15 20:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8V.DLL
[2007/04/15 20:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP8V.DLL
[2008/07/06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 12:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\assembly\tmp\*.* /S /MD5 >[/color]

[color=#A23BEC]< %systemroot%\assembly\GAC_32\*.* /S /MD5 >[/color]
[2016/01/14 10:04:11 | 000,062,976 | ---- | M] () MD5=07B09DC362E4CA76E593597D5351895A -- C:\WINDOWS\assembly\GAC_32\cli_cppuhelper\1.0.23.0__ce2cb7e279207b9e\cli_cppuhelper.dll
[2016/09/22 11:45:41 | 000,069,120 | ---- | M] () MD5=DC426A365577F27187F99EB506ECD5D1 -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
[2016/09/22 11:45:44 | 000,072,192 | ---- | M] () MD5=29B35A999E341A37BE67771BE01CC275 -- C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
[2015/03/09 13:33:13 | 000,163,840 | ---- | M] () MD5=36BDD82A92AA704034475C2DEF7FBD29 -- C:\WINDOWS\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
[2016/09/22 11:45:42 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp
[2016/09/22 11:45:42 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp
[2016/09/22 11:45:42 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp
[2016/09/22 11:45:42 | 004,550,656 | ---- | M] () MD5=09ACF833CA462CCE1B3F335DA8584BD8 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
[2016/09/22 11:45:42 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp
[2016/09/22 11:45:42 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp
[2016/09/22 11:45:42 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp
[2016/09/22 11:45:42 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp
[2016/09/22 11:45:42 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp
[2016/09/22 11:45:42 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp
[2016/09/22 11:45:42 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp
[2016/09/22 11:45:42 | 000,262,148 | ---- | M] () MD5=FB59D247F7143C3B9683A547E808A88B -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
[2016/09/22 11:45:42 | 000,020,320 | ---- | M] () MD5=FF13BA175F0013D2311827E0D438C60B -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
[2016/09/22 11:45:42 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp
[2016/01/14 10:04:26 | 000,000,382 | ---- | M] () MD5=7C5EE283EC0F3E6A81B37D5B29E89833 -- C:\WINDOWS\assembly\GAC_32\policy.1.0.cli_cppuhelper\23.0.0.0__ce2cb7e279207b9e\cli_cppuhelper.config
[2016/01/14 10:04:25 | 000,003,072 | ---- | M] () MD5=FFEFEEFF82FAE1CFD2A0FB98032E27BB -- C:\WINDOWS\assembly\GAC_32\policy.1.0.cli_cppuhelper\23.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
[2016/09/22 11:26:58 | 004,222,976 | ---- | M] () MD5=EC6BEDE5139AA3D73622575C0BC1BA1B -- C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
[2016/09/22 11:45:31 | 000,486,400 | ---- | M] () MD5=759FD3779911F89C450CCAE06B92AE3A -- C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
[2016/09/22 11:45:50 | 002,958,848 | ---- | M] () MD5=BF486DA14E9EA9B38B958430DFFC5A96 -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
[2016/09/22 11:45:38 | 000,258,048 | ---- | M] () MD5=9631B15DB7C43C267636FF43C3075E07 -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
[2016/09/22 11:45:38 | 000,113,664 | ---- | M] () MD5=E786C33D35D39C5CCB523AECC18D7BD7 -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
[2016/09/22 11:27:00 | 000,368,640 | ---- | M] () MD5=B4976A9305002CCA011D847C3D910FA3 -- C:\WINDOWS\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
[2016/09/22 11:45:37 | 000,261,632 | ---- | M] () MD5=F054572A92573CA32D5F3AA8C15D2BAC -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
[2016/09/22 11:45:30 | 005,279,744 | ---- | M] () MD5=7D8495351F970C304BB71DF0458885B9 -- C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

[color=#A23BEC]< %systemroot%\assembly\GAC_64\*.* /S /MD5 >[/color]

[color=#A23BEC]< %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* >[/color]

[color=#A23BEC]< %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* >[/color]

[color=#A23BEC]< %windir%\temp*.* >[/color]

[color=#A23BEC]< "%WinDir%\$NtUninstallKB*$." /30 >[/color]

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >[/color]
"DefaultConnectionSettings" = 46 00 00 00 82 1E 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 C0 DD D2 25 B8 14 D2 01 01 00 00 00 4E C1 5D 75 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 C0 A8 00 0A 00 00 00 00 00 00 00 00 52 45 55 52 7E 31 2E 55 52 4C 00 00 5E 00 03 00 04 00 EF BE 67 46 6D 43 77 46 C6 6B 14 00 00 00 45 00 72 00 72 00 65 00 75 00 72 00 20 00 4F 00 75 00 74 00 20 00 6F 00 66 00 20 00 6D 00 65 00 6D 00 6F 00 72 00 79 00 20 00 61 00 74 00 20 00 6C 00 69 00 6E 00 65 00 20 00 32 00 36 00 2E 00 75 00 72 00 6C 00 00 00 1C 00 00 00 69 00 6D 00 [Binary data over 200 bytes]
"SavedLegacySettings" = 46 00 00 00 0B 47 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 C0 DD D2 25 B8 14 D2 01 01 00 00 00 4E C1 5D 75 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 C0 A8 00 0A 00 00 00 00 00 00 00 00 52 45 55 52 7E 31 2E 55 52 4C 00 00 5E 00 03 00 04 00 EF BE 67 46 6D 43 77 46 C6 6B 14 00 00 00 45 00 72 00 72 00 65 00 75 00 72 00 20 00 4F 00 75 00 74 00 20 00 6F 00 66 00 20 00 6D 00 65 00 6D 00 6F 00 72 00 79 00 20 00 61 00 74 00 20 00 6C 00 69 00 6E 00 65 00 20 00 32 00 36 00 2E 00 75 00 72 00 6C 00 00 00 1C 00 00 00 69 00 6D 00 [Binary data over 200 bytes]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2016-08-10 10:17:51

[color=#A23BEC]< C:\Program Files\Common Files\ComObjects\*.* / >[/color]
Invalid Switch:

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[2016/08/22 16:30:44 | 571,568,672 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Adobe\AcrobatDLM.4aa64fba433fe9b3c8c3573cda5bb4243887ebc4\Acrobat_DC_Web_WWMUI.exe
[2016/08/22 16:26:51 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Adobe\AcrobatDLM.4aa64fba433fe9b3c8c3573cda5bb4243887ebc4\miniunz.exe
[2016/08/22 16:23:35 | 571,568,672 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Adobe\AcrobatDLM.4ba757f5025ee44c62934420f7345dd6847c3825\Acrobat_DC_Web_WWMUI.exe
[2016/08/22 16:19:39 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Adobe\AcrobatDLM.4ba757f5025ee44c62934420f7345dd6847c3825\miniunz.exe
[2014/08/05 20:07:02 | 000,364,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1036-7B44-AB0000000001}\setup.exe
[2015/10/01 00:07:56 | 000,458,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\setup.exe
[2015/11/01 15:27:04 | 000,418,087 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\BundleLicenses\Uninstaller.exe
[2015/11/01 15:25:04 | 000,419,803 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2015/11/01 15:25:52 | 000,420,058 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2015/11/01 15:25:54 | 000,414,936 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2015/11/01 15:25:31 | 000,414,998 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXComponentManager\Uninstaller.exe
[2015/11/01 15:26:12 | 000,417,452 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXMediaServer\Uninstaller.exe
[2015/11/01 15:27:03 | 000,419,473 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2015/11/01 15:26:05 | 000,414,823 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DPC\Uninstaller.exe
[2015/11/01 15:26:52 | 000,421,041 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2015/11/01 15:25:28 | 000,420,182 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2015/11/01 15:26:21 | 000,417,857 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2015/11/01 15:27:02 | 000,418,784 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2016/08/10 18:11:44 | 004,115,696 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\NPE.exe
[2016/02/10 18:23:00 | 001,093,304 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\Remediation\FSDStore\FSDUI.exe
[2016/02/26 05:41:13 | 001,098,584 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\Remediation\FSDStore\FSDUI_NS.exe
[2016/02/10 18:23:00 | 001,093,304 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\Remediation\stage\FSDUI.exe
[2016/02/26 05:41:13 | 001,098,584 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\Remediation\stage\FSDUI_NS.exe
[2016/08/16 12:34:07 | 003,278,664 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\Remediation\stage\Upgrade.exe
[2016/02/07 09:46:32 | 000,191,072 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\java.exe
[2016/02/07 09:46:33 | 000,191,584 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\javaw.exe
[2016/02/07 09:46:33 | 000,278,624 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\javaws.exe
[2016/02/07 09:46:32 | 000,191,072 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath_target_79812625\java.exe
[2016/02/07 09:46:33 | 000,191,584 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath_target_79812625\javaw.exe
[2016/02/07 09:46:33 | 000,278,624 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath_target_79812625\javaws.exe

[color=#A23BEC]< >[/color]
[2005/06/01 03:05:22 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2005/06/01 03:30:30 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2014/09/22 20:38:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
[2014/09/27 08:37:59 | 000,000,444 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{72A730B2-156A-48B6-AA18-881C2B2FD789}.job
[2016/09/17 19:38:40 | 000,001,002 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

[color=#A23BEC]< Read more at http://www.cjoint.com/c/CEdoIMl1owN#VcAuRr5ghits2SSX.99 >[/color]
Invalid Switch: CEdoIMl1owN#VcAuRr5ghits2SSX.99

< End of report >

Publicité

Signaler le contenu de ce document

Publicité