cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 14/11/2016 00:11:29 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mony\Videos
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18283)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

7,89 Gb Total Physical Memory | 4,09 Gb Available Physical Memory | 51,92% Memory free
10,64 Gb Paging File | 6,64 Gb Available in Paging File | 62,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372,60 Gb Total Space | 10,99 Gb Free Space | 2,95% Space Free | Partition Type: NTFS
Drive D: | 537,80 Gb Total Space | 65,85 Gb Free Space | 12,24% Space Free | Partition Type: NTFS
Drive G: | 1862,98 Gb Total Space | 56,00 Gb Free Space | 3,01% Space Free | Partition Type: NTFS

Computer Name: MACUBEX | User Name: Mony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_205.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Mony\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe (BitTorrent Inc.)
PRC - C:\Users\Mony\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
PRC - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (Lavasoft)
PRC - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Digital Wave Ltd.)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
PRC - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe ()
PRC - C:\Users\Mony\Videos\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe (CANON INC.)
PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (BlackBerry Limited)
PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (BlackBerry Limited)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (WildTangent)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll ()
MOD - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll ()
MOD - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll ()
MOD - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll ()
MOD - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll ()
MOD - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Common.Platform.dll ()
MOD - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AvastWrapper.dll ()
MOD - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.UpdateComponents.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\99c19198fa64ee279250e5794905abf6\WindowsBase.ni.dll ()
MOD - C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll ()
MOD - C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\53a694319e6478b923f2905255371ad4\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\2e7401591a2fe380fa1c3064a35218d4\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71823077629b3a4f4dec6afd13374da5\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\735d52e6966456b52d3695928baad3f2\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\7c29a9d813f768b711a2135b02bd02c4\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\d3a3c0a9539a50a5c0e6a538bb823c54\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3e4c1729249e5f578aa559bf2d4d48f5\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\840d64495a8ecaed5788774b6a3ecf42\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f4e62008aaa96dfba7abe16415e7e956\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\e8be17ab564b4be546388e7d64bd9102\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\de389326a55ab544a1c06a340826c9ce\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\76d925cd66c67012bcbd176c15407d9d\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\e8b6b00e45a0e6a75a1b7aeb142cd8c9\System.ni.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni.dll ()
MOD - D:\VLC\libvlccore.dll ()
MOD - D:\VLC\libvlc.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMDiagnostics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - (InstallerService) -- C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe File not found
SRV:[b]64bit:[/b] - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe (McAfee, Inc.)
SRV:[b]64bit:[/b] - (TrueKeyServiceHelper) -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe (McAfee, Inc.)
SRV:[b]64bit:[/b] - (TrueKeyScheduler) -- C:\Program Files\TrueKey\McTkSchedulerService.exe (McAfee, Inc.)
SRV:[b]64bit:[/b] - (TrueKey) -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (McAfee, Inc.)
SRV:[b]64bit:[/b] - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (igfxCUIService1.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
SRV:[b]64bit:[/b] - (ExpressCache) -- C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe (Condusiv Technologies)
SRV:[b]64bit:[/b] - (ASUS FaceID Service) -- C:\Program Files\ASUS\ASUS FaceID\HWFaceKeyService.exe (Hanwang Technology Co.,Ltd. )
SRV:[b]64bit:[/b] - (DptfPolicyCriticalService) -- C:\Windows\SysNative\DptfPolicyCriticalService.exe (Intel Corporation)
SRV:[b]64bit:[/b] - (DptfPolicyLpmService) -- C:\Windows\SysNative\DptfPolicyLpmService.exe (Intel Corporation)
SRV:[b]64bit:[/b] - (DptfParticipantProcessorService) -- C:\Windows\SysNative\DptfParticipantProcessorService.exe (Intel Corporation)
SRV:[b]64bit:[/b] - (DptfPolicyConfigTDPService) -- C:\Windows\SysNative\DptfPolicyConfigTDPService.exe (Intel Corporation)
SRV:[b]64bit:[/b] - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (avgsvc) -- C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.)
SRV - (LavasoftTcpService) -- C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe (Lavasoft Limited)
SRV - (WCAssistantService) -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (DigitalWave.Update.Service) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Digital Wave Ltd.)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (TeamViewer) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (CIJSRegister) -- C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe (CANON INC.)
SRV - (BlackBerry Device Manager) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (BlackBerry Limited)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (MyEpson Portal Service) -- C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe (SEIKO EPSON CORPORATION)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Asus WebStorage Windows Service) -- C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe (ASUS Cloud Corporation)
SRV - (GamesAppIntegrationService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (WildTangent)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (Samsung Electronics Co., Ltd.)
DRV:[b]64bit:[/b] - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (Samsung Electronics Co., Ltd.)
DRV:[b]64bit:[/b] - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies, Inc.)
DRV:[b]64bit:[/b] - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (dtscsidrv) -- C:\Windows\SysNative\drivers\dtscsidrv.sys (Disc Soft Ltd)
DRV:[b]64bit:[/b] - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:[b]64bit:[/b] - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:[b]64bit:[/b] - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ggsomc) -- C:\Windows\SysNative\drivers\ggsomc.sys (Sony Mobile Communications)
DRV:[b]64bit:[/b] - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Mobile Communications)
DRV:[b]64bit:[/b] - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (IntelHaxm) -- C:\Windows\SysNative\drivers\IntelHaxm.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:[b]64bit:[/b] - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:[b]64bit:[/b] - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Wof) -- C:\Windows\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (BlackBerry Limited)
DRV:[b]64bit:[/b] - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:[b]64bit:[/b] - (Apowersoft_AudioDevice) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV:[b]64bit:[/b] - (m76usb) -- C:\Windows\SysNative\drivers\m76usb.sys (Ralink Technology Corp.)
DRV:[b]64bit:[/b] - (ATP) -- C:\Windows\SysNative\drivers\AsusTP.sys (ASUS Corporation)
DRV:[b]64bit:[/b] - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:[b]64bit:[/b] - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (xusb22) -- C:\Windows\SysNative\drivers\xusb22.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:[b]64bit:[/b] - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (plctrl) -- C:\Program Files\ASUS\P4G\plctrl.sys (Windows (R) Win 7 DDK provider)
DRV:[b]64bit:[/b] - (excsd) -- C:\Windows\SysNative\drivers\excsd.sys (Condusiv Technologies)
DRV:[b]64bit:[/b] - (excfs) -- C:\Windows\SysNative\drivers\excfs.sys (Condusiv Technologies)
DRV:[b]64bit:[/b] - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (DptfManager) -- C:\Windows\SysNative\drivers\DptfManager.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (DptfDevProc) -- C:\Windows\SysNative\drivers\DptfDevProc.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (DptfDevPch) -- C:\Windows\SysNative\drivers\DptfDevPch.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (DptfDevDram) -- C:\Windows\SysNative\drivers\DptfDevDram.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (HIDSwitch) -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys (ASUS)
DRV:[b]64bit:[/b] - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:[b]64bit:[/b] - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:[b]64bit:[/b] - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:[b]64bit:[/b] - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:[b]64bit:[/b] - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:[b]64bit:[/b] - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:[b]64bit:[/b] - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:[b]64bit:[/b] - (NETwNs64) -- C:\Windows\SysNative\drivers\Netwsw00.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (e1iexpress) -- C:\Windows\SysNative\drivers\e1i63x64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:[b]64bit:[/b] - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:[b]64bit:[/b] - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUSTek Computer Inc.)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
DRV - (libusb0) -- C:\Windows\SysWOW64\drivers\libusb0.sys ()


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR,fr;q=0.5
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3F 98 75 FF 96 B0 D1 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = F1 05 C4 E2 83 10 D2 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 19 00 00 00 EE 72 43 01 91 09 D9 4F E2 67 50 A7 4C 53 A4 5F 7D B1 BF 18 E8 E2 A8 A4 33 02 00 00 00 0E 00 00 00 5A 46 78 72 63 4B 4D 58 61 41 51 25 33 64 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {8CDE19E6-71C2-4B46-89B7-35F6A18C571A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?pc=COSP&ptag=D082016-AD42D1DB7E9&form=CONBDF&conlogo=CT3334497&q={searchTerms}
IE - HKCU\..\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{E1A1345E-9886-421C-8D65-0800B7F144F5}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.hiddenOneOffs: "Default"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..browser.search.searchengine.alias: "sweet-page"
FF - prefs.js..browser.search.searchengine.desc: "this is my first firefox searchEngine"
FF - prefs.js..browser.search.searchengine.name: "sweet-page"
FF - prefs.js..browser.search.searchengine.ptid: "corfr"
FF - prefs.js..browser.search.searchengine.uid: "ST1000LM024XHN-M101MBB_S32XJ9HF931456"
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.malwarebytes.org/restorebrowser/yhp-ff|www.google.com"
FF - prefs.js..extensions.enabledAddons: newtaburl%40sogame.cat:2.2.3.1-signed
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.2
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.76.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.76.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: D:\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 49.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 49.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014/12/01 18:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mony\AppData\Roaming\mozilla\Extensions
[2016/04/11 20:54:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mony\AppData\Roaming\mozilla\Firefox\Profiles\rnae4thu.default\extensions
[2016/10/29 01:03:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mony\AppData\Roaming\mozilla\Firefox\Profiles\w7idwlcg.default-1460764268247\extensions
[2016/08/21 00:17:09 | 000,000,000 | ---D | M] ("Video AdBlock") -- C:\Users\Mony\AppData\Roaming\mozilla\Firefox\Profiles\w7idwlcg.default-1460764268247\extensions\{7b8a500a-a464-4624-bd4f-73eaafe0f766}
[2015/11/14 18:35:08 | 000,419,152 | ---- | M] () (No name found) -- C:\Users\Mony\AppData\Roaming\mozilla\firefox\profiles\rnae4thu.default\extensions\client@anonymox.net.xpi
[2016/04/11 20:54:03 | 004,304,004 | ---- | M] () (No name found) -- C:\Users\Mony\AppData\Roaming\mozilla\firefox\profiles\rnae4thu.default\extensions\firefox@mega.co.nz.xpi
[2015/12/03 02:46:31 | 000,058,979 | ---- | M] () (No name found) -- C:\Users\Mony\AppData\Roaming\mozilla\firefox\profiles\rnae4thu.default\extensions\newtaburl@sogame.cat.xpi
[2016/02/23 20:39:46 | 001,013,992 | ---- | M] () (No name found) -- C:\Users\Mony\AppData\Roaming\mozilla\firefox\profiles\rnae4thu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/09/16 20:33:18 | 000,037,386 | ---- | M] () (No name found) -- C:\Users\Mony\AppData\Roaming\mozilla\firefox\profiles\w7idwlcg.default-1460764268247\extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi
[2016/10/29 01:03:33 | 001,054,986 | ---- | M] () (No name found) -- C:\Users\Mony\AppData\Roaming\mozilla\firefox\profiles\w7idwlcg.default-1460764268247\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/10/27 01:03:32 | 000,005,389 | ---- | M] () (No name found) -- C:\Users\Mony\AppData\Roaming\mozilla\firefox\profiles\w7idwlcg.default-1460764268247\features\{5241110f-eae2-46e5-a41f-f48240c5caa1}\asyncrendering@mozilla.org.xpi
[2016/10/24 17:58:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Mony\AppData\Local\Google\Chrome\User Data\Default\Extensions\hegneaniplmfjcmohoclabblbahcbjoe\1.0.2_0\
CHR - Extension: No name found = C:\Users\Mony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\8.5.0.9167_0\
CHR - Extension: No name found = C:\Users\Mony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Mony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\

O1 HOSTS File: ([2016/11/03 22:58:15 | 000,000,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2:[b]64bit:[/b] - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (True Key Helper) - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (Intel Security)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (True Key) - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (Intel Security)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (True Key) - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (Intel Security)
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\SysNative\DptfPolicyLpmServiceHelper.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AvgUi] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (BlackBerry Limited)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe ()
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [SMSetup] "C:\Users\Mony\AppData\Local\Temp\{B40228F3-15E0-4EB7-B8C7-985EFFAB8D11}\SMSetup.exe" /S /cnid 937811 /dsie /dsff /dsgc /hp /wait /ntp_ie /ms /restart File not found
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKCU..\Run: [UM] C:\Users\Mony\AppData\Roaming\Update Manager\UM.EXE File not found
O4 - HKCU..\Run: [uTorrent] C:\Users\Mony\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (Lavasoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: webcompanion.com ([]http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4525C4BB-F8BF-49A8-A579-0C82102F1876}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9F9B9B1-6736-40DF-814E-A599D2429C4B}: DhcpNameServer = 89.2.0.1 89.2.0.2
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/04/26 10:31:34 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2a126a13-c5e3-11e4-828a-543530dedf70}\Shell - "" = AutoRun
O33 - MountPoints2\{2a126a13-c5e3-11e4-828a-543530dedf70}\Shell\AutoRun\command - "" = "F:\Startme.exe"
O33 - MountPoints2\{79db452d-a389-11e5-82cd-543530dedf70}\Shell - "" = AutoRun
O33 - MountPoints2\{79db452d-a389-11e5-82cd-543530dedf70}\Shell\AutoRun\command - "" = "G:\startme.exe"
O33 - MountPoints2\{9562cf2f-c8cb-11e5-82d0-543530dedf70}\Shell - "" = AutoRun
O33 - MountPoints2\{9562cf2f-c8cb-11e5-82d0-543530dedf70}\Shell\AutoRun\command - "" = "G:\startme.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/11/13 23:38:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPFix
[2016/11/13 23:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2016/11/10 23:03:44 | 001,628,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagtrack.dll
[2016/11/03 22:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2016/10/26 07:33:16 | 000,000,000 | ---D | C] -- C:\Users\Mony\Desktop\Roselyne ne pas supprimer
[2016/10/24 17:50:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2016/02/05 15:12:40 | 029,511,952 | ---- | C] (Sony Mobile Communications ) -- C:\Users\Mony\AppData\Local\pcc.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/11/14 00:12:44 | 003,891,884 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/11/14 00:12:44 | 000,804,998 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2016/11/14 00:12:44 | 000,800,746 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2016/11/14 00:12:44 | 000,773,542 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2016/11/14 00:12:44 | 000,741,770 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/11/14 00:12:44 | 000,170,116 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2016/11/14 00:12:44 | 000,169,038 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2016/11/14 00:12:44 | 000,165,096 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2016/11/14 00:12:44 | 000,159,186 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2016/11/14 00:12:44 | 000,145,730 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/11/14 00:12:44 | 000,022,826 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2016/11/14 00:07:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/11/14 00:07:02 | 000,000,074 | ---- | M] () -- C:\Users\Mony\AppData\Roaming\sp_data.sys
[2016/11/14 00:06:24 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/11/14 00:05:23 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/11/14 00:05:16 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/11/14 00:05:07 | 2478,874,623 | -HS- | M] () -- C:\hiberfil.sys
[2016/11/14 00:04:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/11/13 23:51:16 | 000,000,868 | ---- | M] () -- C:\Users\Mony\Desktop\ZHPDiag.lnk
[2016/11/13 23:38:17 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2016/11/08 11:06:08 | 005,610,688 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2016/11/03 22:58:15 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2016/11/03 22:58:15 | 000,001,982 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2016/10/31 22:03:30 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\AVG.lnk
[2016/10/28 22:04:26 | 000,828,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/10/28 22:04:26 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/11/13 23:51:16 | 000,000,868 | ---- | C] () -- C:\Users\Mony\Desktop\ZHPDiag.lnk
[2016/11/13 23:38:17 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2016/11/03 22:58:15 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2016/10/31 22:03:30 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\AVG.lnk
[2016/08/21 00:17:33 | 000,002,960 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2016/03/01 13:05:50 | 000,000,132 | ---- | C] () -- C:\Users\Mony\AppData\Roaming\Préfs Format PNG Adobe CS6
[2016/03/01 12:55:11 | 000,001,456 | ---- | C] () -- C:\Users\Mony\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
[2015/10/24 16:07:09 | 000,000,000 | ---- | C] () -- C:\Users\Mony\AppData\Roaming\TS3Patch.lck
[2015/05/19 13:34:10 | 005,261,312 | ---- | C] () -- C:\Windows\SysWow64\beconvlib.dll
[2015/05/19 13:34:10 | 001,667,072 | ---- | C] () -- C:\Windows\SysWow64\bprgcomm.dll
[2015/05/19 13:34:10 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\SII_PDF.dll
[2015/05/19 13:34:10 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\CSVSpecialProcessing.dll
[2015/05/19 13:34:10 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\SARzilla.dll
[2015/05/19 13:34:10 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\DVM2.dll
[2015/05/19 13:34:10 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\RegisterExe.exe
[2015/04/23 18:23:45 | 000,000,111 | ---- | C] () -- C:\Windows\winfix.ini
[2015/04/19 13:20:16 | 000,005,872 | ---- | C] () -- C:\Users\Mony\AppData\Roaming\KKRdBpyeptx1AJUQ
[2015/04/19 13:20:16 | 000,005,872 | ---- | C] () -- C:\Users\Mony\AppData\Roaming\h5d5QA8VKFTlYcO7dCx3mA7gNM
[2015/04/15 16:55:42 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2015/04/15 16:54:39 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2015/04/14 17:28:56 | 000,004,387 | ---- | C] () -- C:\Users\Mony\AppData\Roaming\yqaOB04d
[2015/04/14 17:28:56 | 000,004,387 | ---- | C] () -- C:\Users\Mony\AppData\Roaming\A1P1KKe8kpKeNQcE
[2015/01/01 17:53:18 | 000,000,010 | ---- | C] () -- C:\Users\Mony\AppData\Local\DSI.DAT
[2014/12/05 02:16:46 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2014/12/04 03:31:25 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/12/03 04:54:13 | 000,000,135 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/02 23:49:19 | 000,000,128 | ---- | C] () -- C:\Users\Mony\AppData\Roaming\WB.CFG
[2014/12/01 18:45:40 | 000,000,074 | ---- | C] () -- C:\Users\Mony\AppData\Roaming\sp_data.sys
[2014/10/08 15:31:47 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/05/15 16:58:15 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2014/05/15 16:58:15 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2014/05/15 16:58:15 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2014/12/02 04:21:55 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/02/09 02:31:47 | 022,365,472 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/02/09 02:31:41 | 019,794,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 02:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 01:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 02:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2015/06/25 19:11:40 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Apowersoft
[2016/09/15 20:43:23 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Canon
[2015/01/01 17:36:59 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Cocoon Software
[2016/06/09 20:28:01 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\DAEMON Tools Lite
[2016/04/12 18:48:00 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\DVDVideoSoft
[2015/01/18 20:39:23 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\EPSON
[2015/02/23 14:51:57 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\FileZilla
[2015/08/30 14:02:38 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\JetBrains
[2016/04/12 18:22:55 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\KastorAllVideoDownloader
[2014/12/05 02:54:47 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\MotioninJoy
[2016/08/21 00:17:25 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\MPC-HC
[2015/01/12 00:22:36 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Opera Software
[2015/02/16 20:23:02 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Origin
[2015/03/09 03:43:46 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\PACE Anti-Piracy
[2015/03/09 18:19:57 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Publish Providers
[2014/12/05 17:45:11 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\RenPy
[2015/12/11 13:24:41 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Research In Motion
[2015/05/19 13:34:09 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\SoftInterface, Inc
[2016/03/01 19:39:53 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Sony
[2015/01/08 20:29:16 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014/12/30 22:41:12 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Steam
[2015/04/03 10:10:36 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Sublime Text 2
[2015/04/26 13:15:09 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\TeamViewer
[2015/01/22 00:36:00 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Todae
[2014/12/10 01:47:22 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\Trine2
[2016/11/14 00:17:45 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\uTorrent
[2014/12/01 18:51:17 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\WebStorage
[2015/01/02 18:51:26 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\XMedia Recode
[2016/11/14 00:01:46 | 000,000,000 | ---D | M] -- C:\Users\Mony\AppData\Roaming\ZHP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 237 bytes -> C:\Users\Mony\OneDrive:ms-properties

< End of report >

Publicité

Signaler le contenu de ce document

Publicité