Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

strange Maintanance icon in the volume mixer


  • Please log in to reply

#1
mrgozu

mrgozu

    New Member

  • Member
  • Pip
  • 1 posts
Hi !
I am new on this forum, I already had few malwares and viruses that I manage to kill on my own but this time I found no information about this threat on google...
Thats why I ask your help !
Since a while, I have strange pop up sounds in my computer, randomly and quite often and a new blue circled icon called "maintanance" has appeared in the volume mixer of my windows 7 (I joined a screenshot)
I was woundering if it was dangerous or not.
I try an avast scan, mbam, nothing found for that.
I would be very glad if you could help me, thanks you



OTL logfile created on: 10/09/2013 14:47:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Propriétaire\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

7,79 Gb Total Physical Memory | 4,94 Gb Available Physical Memory | 63,35% Memory free
15,59 Gb Paging File | 11,48 Gb Available in Paging File | 73,67% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237,82 Gb Total Space | 57,48 Gb Free Space | 24,17% Space Free | Partition Type: NTFS
Drive E: | 227,84 Gb Total Space | 157,46 Gb Free Space | 69,11% Space Free | Partition Type: NTFS
Drive F: | 426,46 Gb Total Space | 24,19 Gb Free Space | 5,67% Space Free | Partition Type: FAT32

Computer Name: ASUS | User Name: Propriétaire | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/10 14:47:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Propriétaire\Downloads\OTL.exe
PRC - [2013/09/09 02:49:30 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2013/06/08 17:30:32 | 002,569,288 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\Main.exe
PRC - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/03/29 17:07:22 | 002,081,792 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
PRC - [2013/03/29 10:30:52 | 000,062,120 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EPMStartLoader.exe
PRC - [2012/12/21 17:16:24 | 000,274,088 | ---- | M] (EaseUS) -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\epm0.exe
PRC - [2012/10/09 01:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe
PRC - [2012/07/03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/05/30 14:00:02 | 000,013,632 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/05/30 14:00:00 | 000,284,480 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/03/09 14:30:50 | 000,484,976 | ---- | M] () -- C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
PRC - [2011/09/22 18:30:58 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2011/09/15 06:19:54 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
PRC - [2011/03/08 10:49:06 | 000,883,088 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\BlackWidow\BlackWidowTray.exe
PRC - [2011/02/22 21:52:54 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
PRC - [2010/06/03 10:13:04 | 001,540,096 | ---- | M] (Reprise Software Inc.) -- C:\Program Files (x86)\GenArts\rlm\rlm.exe
PRC - [2009/12/10 04:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2009/12/10 04:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2007/11/20 11:52:30 | 000,045,700 | ---- | M] () -- C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe
PRC - [2007/02/27 15:05:44 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Krait\razerofa.exe
PRC - [2007/02/16 17:44:08 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Razer\Krait\razerhid.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/02 22:35:56 | 000,410,576 | ---- | M] () -- C:\Users\Propriétaire\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
MOD - [2013/09/02 22:35:55 | 013,599,184 | ---- | M] () -- C:\Users\Propriétaire\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
MOD - [2013/09/02 22:35:54 | 004,053,456 | ---- | M] () -- C:\Users\Propriétaire\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
MOD - [2013/09/02 22:35:04 | 000,709,584 | ---- | M] () -- C:\Users\Propriétaire\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
MOD - [2013/09/02 22:35:03 | 000,099,792 | ---- | M] () -- C:\Users\Propriétaire\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll
MOD - [2013/09/02 22:35:01 | 001,604,560 | ---- | M] () -- C:\Users\Propriétaire\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
MOD - [2013/08/15 17:35:01 | 000,489,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\812063380a132051c054f5ca865f322e\IAStorUtil.ni.dll
MOD - [2013/08/15 04:19:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e06dbdafb38c38517aef61ac41e2fd9d\System.Runtime.Remoting.ni.dll
MOD - [2013/08/15 04:18:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/15 04:18:32 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 04:18:20 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll
MOD - [2013/08/15 04:18:15 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 04:18:12 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/15 04:18:11 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/11 13:40:15 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e218ecb21700f8ba41ec9d7415567388\IAStorCommon.ni.dll
MOD - [2013/07/11 13:15:22 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/06/06 15:54:34 | 000,241,736 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\uexper.dll
MOD - [2013/04/11 14:09:10 | 000,015,528 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\LicenseMgr.dll
MOD - [2013/04/11 14:07:30 | 000,089,768 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\lib\gtk-2.0\2.10.0\engines\libepmtheme.dll
MOD - [2013/04/11 14:06:46 | 000,405,160 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EULicenseDLL.dll
MOD - [2013/03/29 10:30:52 | 000,062,120 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EPMStartLoader.exe
MOD - [2012/12/21 17:20:08 | 000,081,576 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\Thread.mo
MOD - [2012/12/21 17:19:58 | 000,229,032 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\ResizeNTFS.mo
MOD - [2012/12/21 17:19:42 | 000,257,704 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\Partition.mo
MOD - [2012/12/21 17:19:36 | 000,229,032 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\NtfsResizeMove.mo
MOD - [2012/12/21 17:19:30 | 000,220,840 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\NTFSLib.mo
MOD - [2012/12/21 17:19:26 | 000,507,560 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\NTFSFormat.mo
MOD - [2012/12/21 17:19:20 | 000,130,728 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\NTFSFileSystemAnalyser.mo
MOD - [2012/12/21 17:19:14 | 000,241,320 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\NTFSCopy.mo
MOD - [2012/12/21 17:19:04 | 000,122,536 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\MergePartition.mo
MOD - [2012/12/21 17:18:58 | 000,017,064 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\Log.mo
MOD - [2012/12/21 17:18:54 | 000,417,448 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\LdmManager.mo
MOD - [2012/12/21 17:18:48 | 000,052,392 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\Fixup.mo
MOD - [2012/12/21 17:18:38 | 000,057,000 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\FileSystemAnalyser.mo
MOD - [2012/12/21 17:18:26 | 000,183,976 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\FatResizeMove.mo
MOD - [2012/12/21 17:18:22 | 000,089,768 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\FatLib.mo
MOD - [2012/12/21 17:18:06 | 000,126,632 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\FATFileSystemAnalyser.mo
MOD - [2012/12/21 17:17:50 | 000,077,480 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\ExtFileSystemAnalyser.mo
MOD - [2012/12/21 17:17:34 | 000,425,640 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\DeviceManager.mo
MOD - [2012/12/21 17:17:28 | 000,028,840 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\DeviceAdapter.mo
MOD - [2012/12/21 17:17:22 | 000,200,360 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\Device.mo
MOD - [2012/12/21 17:17:06 | 000,122,536 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\Common.mo
MOD - [2012/12/21 17:16:56 | 000,020,648 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\CallbackOperator.mo
MOD - [2012/11/23 10:20:22 | 000,054,144 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\adds\TbExportSdk.dll
MOD - [2012/03/09 14:30:50 | 000,484,976 | ---- | M] () -- C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
MOD - [2011/04/25 17:23:51 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/09/12 05:26:14 | 001,136,422 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\libcairo-2.dll
MOD - [2010/09/11 15:29:28 | 000,103,029 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\libpangocairo-1.0-0.dll
MOD - [2010/08/20 12:18:12 | 000,100,352 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\zlib1.dll
MOD - [2010/08/17 17:54:26 | 000,551,096 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\freetype6.dll
MOD - [2010/08/17 17:38:28 | 000,230,529 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\libpng14-14.dll
MOD - [2010/02/05 22:55:06 | 000,279,059 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\libfontconfig-1.dll
MOD - [2009/01/31 23:42:36 | 000,143,096 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\libexpat-1.dll
MOD - [2008/11/24 21:53:42 | 000,446,898 | ---- | M] () -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\libgio-2.0-0.dll
MOD - [2007/02/16 17:44:08 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Razer\Krait\razerhid.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/08/05 15:28:01 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013/06/06 19:31:52 | 000,598,808 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2012/08/04 19:23:14 | 000,427,672 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\x64\maconfservice.exe -- (maconfservice)
SRV:64bit: - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/09/15 06:19:54 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe -- (mi-raysat_3dsmax2014_64)
SRV:64bit: - [2011/02/22 21:52:54 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe -- (mi-raysat_3dsmax2012_64)
SRV - [2013/07/23 01:59:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/06/29 05:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/06/28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/05/30 14:00:02 | 000,013,632 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/09/22 18:30:58 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2010/06/03 10:13:04 | 001,540,096 | ---- | M] (Reprise Software Inc.) [Auto | Running] -- C:\Program Files (x86)\GenArts\rlm\rlm.exe -- (RLM-GenArts)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/10 04:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/11/20 11:52:30 | 000,045,700 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe -- (IPClampService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/08/30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/08/30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/08/30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/08/30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/04/30 19:18:10 | 000,085,304 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013/04/30 19:18:10 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013/03/07 09:49:18 | 000,017,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2013/03/07 09:49:18 | 000,009,800 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2013/02/12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013/02/06 07:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/02/06 07:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/12/21 00:20:07 | 000,015,344 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/08/14 20:48:28 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/06/29 05:37:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012/05/30 13:42:10 | 000,569,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012/04/18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/03/02 18:49:18 | 000,104,048 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/25 01:25:52 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2011/07/21 20:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64)
DRV:64bit: - [2011/06/27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/04/26 21:29:22 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/04/26 21:29:22 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/04/10 18:51:08 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/15 09:24:56 | 000,115,200 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2009/09/17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/08/09 01:21:00 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2006/01/24 11:11:24 | 000,010,368 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\krait.sys -- (krait03)
DRV - [2013/03/07 09:49:20 | 000,013,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2013/03/07 09:49:20 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.wana.ma
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 D8 34 0A 30 7A CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1456
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\x64\nphardwaredetection.dll (Cybelsoft)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Propriétaire\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Propriétaire\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Propriétaire\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/09/10 13:49:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/23 01:59:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/09/13 16:27:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Propriétaire\AppData\Roaming\mozilla\Extensions
[2012/10/24 14:44:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Propriétaire\AppData\Roaming\mozilla\Firefox\Profiles\mvkoybyr.default\extensions
[2013/07/23 01:59:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/23 01:59:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/09/10 13:49:59 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Propri\u00E9taire\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Propri\u00E9taire\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Propri\u00E9taire\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Documents Google = C:\Users\Propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google\u00A0Drive = C:\Users\Propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Recherche Google = C:\Users\Propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: avast! WebRep = C:\Users\Propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: DebrideurStreaming - Add-On = C:\Users\Propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pipaffcpmobohfilpejhaciheebhaaej\2.1_0\
CHR - Extension: Gmail = C:\Users\Propriétaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [Krait] C:\Program Files (x86)\Razer\Krait\razerhid.exe ()
O4 - HKLM..\Run: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow\BlackWidowTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt64.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe (AVAST Software)
O4 - Startup: C:\Users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GPU Manager.lnk = File not found
O4 - Startup: C:\Users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F5B8E49-8CBC-4CD9-A503-8E7A5103EAB0}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50F3403E-0B15-4B32-8CC9-919B61D9C5FC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A268CB61-7139-4B5E-BBFB-6E79B90D7756}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/05 14:34:14 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{0e2ca30a-63de-11e2-bf38-bcaec53d80ca}\Shell - "" = AutoRun
O33 - MountPoints2\{0e2ca30a-63de-11e2-bf38-bcaec53d80ca}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ad915d88-632c-11e2-a88c-bcaec53d80ca}\Shell - "" = AutoRun
O33 - MountPoints2\{ad915d88-632c-11e2-a88c-bcaec53d80ca}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ad915d96-632c-11e2-a88c-bcaec53d80ca}\Shell - "" = AutoRun
O33 - MountPoints2\{ad915d96-632c-11e2-a88c-bcaec53d80ca}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ad915ddb-632c-11e2-a88c-001e101fb681}\Shell - "" = AutoRun
O33 - MountPoints2\{ad915ddb-632c-11e2-a88c-001e101fb681}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ad915de0-632c-11e2-a88c-001e101fb681}\Shell - "" = AutoRun
O33 - MountPoints2\{ad915de0-632c-11e2-a88c-001e101fb681}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b0e85ac8-63ee-11e2-bbaf-bcaec53d80ca}\Shell - "" = AutoRun
O33 - MountPoints2\{b0e85ac8-63ee-11e2-bbaf-bcaec53d80ca}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e6bcde86-61d2-11e2-bbbf-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e6bcde86-61d2-11e2-bbbf-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e6bcdeae-61d2-11e2-bbbf-bcaec53d80ca}\Shell - "" = AutoRun
O33 - MountPoints2\{e6bcdeae-61d2-11e2-bbbf-bcaec53d80ca}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e6bcdee6-61d2-11e2-bbbf-bcaec53d80ca}\Shell - "" = AutoRun
O33 - MountPoints2\{e6bcdee6-61d2-11e2-bbbf-bcaec53d80ca}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/10 14:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.2.2
[2013/09/10 14:04:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EaseUS
[2013/09/10 13:45:43 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/09/10 00:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Corporation LTD
[2013/09/09 19:13:35 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\Desktop\photo tel
[2013/09/09 19:12:23 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\Desktop\musique
[2013/09/09 02:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2013/09/09 02:48:32 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\AppData\Roaming\uTorrent
[2013/09/03 02:04:30 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\Desktop\Bedroom_1
[2013/09/03 01:48:08 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\Desktop\Nouveau dossier
[2013/09/02 03:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z3X
[2013/09/02 03:18:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z3X
[2013/09/02 01:44:58 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\Desktop\Odin3
[2013/09/01 23:10:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Atlassian
[2013/09/01 23:04:51 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\AppData\Local\Atlassian
[2013/09/01 23:04:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon
[2013/09/01 23:04:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atlassian
[2013/09/01 23:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlassian
[2013/09/01 22:54:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/09/01 22:51:26 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\AppData\Roaming\Atlassian
[2013/08/29 21:43:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamax Poker
[2013/08/29 18:07:52 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\Desktop\MarionTL_ProjetVideoSon_ TimesFloor_2013
[2013/08/28 19:52:23 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\Desktop\corse
[2013/08/22 22:28:59 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\Desktop\RUI
[2013/08/21 01:30:31 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\Desktop\jeux DS
[2013/08/18 02:02:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Android SDK
[2013/08/18 01:52:15 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\.android
[2013/08/15 04:16:09 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\Documents\xNormal
[2013/08/15 04:03:39 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264vfw64
[2013/08/15 04:03:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw64
[2013/08/15 04:03:39 | 000,000,000 | ---D | C] -- C:\Program Files\x264vfw64
[2013/08/15 04:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2013/08/15 04:00:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2013/08/15 03:58:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Santiago Orgaz
[2013/08/15 03:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/08/15 03:51:37 | 000,000,000 | ---D | C] -- C:\Program Files\Santiago Orgaz
[2013/08/12 09:48:27 | 000,000,000 | ---D | C] -- C:\Users\Propriétaire\Documents\test
[2013/08/11 17:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Unity
[2013/08/11 17:28:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Microsoft Coporation
[2013/08/11 17:28:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\GPU
[2013/08/11 17:27:54 | 056,949,760 | ---- | C] (KKS Developments) -- C:\Users\Propriétaire\Desktop\Unity 4.0 Patch.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/10 14:53:04 | 000,002,549 | ---- | M] () -- C:\Users\Propriétaire\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/09/10 14:25:01 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/10 14:16:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160646692-4246442759-1973506967-1000UA.job
[2013/09/10 14:07:42 | 000,113,540 | ---- | M] () -- C:\Users\Propriétaire\Desktop\maintanance.jpg
[2013/09/10 14:05:55 | 000,001,351 | ---- | M] () -- C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
[2013/09/10 13:50:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/09/10 13:41:18 | 001,677,458 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/10 13:41:18 | 000,750,688 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/09/10 13:41:18 | 000,657,406 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/10 13:41:18 | 000,151,302 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/09/10 13:41:18 | 000,123,218 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/10 12:25:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/10 12:20:27 | 000,001,149 | ---- | M] () -- C:\Users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GPU Manager.lnk
[2013/09/10 12:16:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160646692-4246442759-1973506967-1000Core.job
[2013/09/10 12:15:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/10 12:15:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/10 12:06:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/10 12:06:43 | 1981,136,895 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/07 03:10:15 | 000,937,401 | ---- | M] () -- C:\Users\Propriétaire\Desktop\IMG_20130902_200138.jpg
[2013/09/06 20:17:04 | 003,030,251 | ---- | M] () -- C:\Users\Propriétaire\Desktop\Camera FV-5 v1.53 apkmania.com.apk
[2013/09/05 18:59:32 | 010,798,469 | ---- | M] () -- C:\Users\Propriétaire\Desktop\Real Colors Pro v1.2.9 apkmania.com.apk
[2013/09/04 19:47:21 | 000,000,600 | ---- | M] () -- C:\Users\Propriétaire\AppData\Local\PUTTY.RND
[2013/09/04 17:34:16 | 000,000,132 | ---- | M] () -- C:\Users\Propriétaire\AppData\Roaming\Adobe Targa Format CS6 Prefs
[2013/09/03 03:10:44 | 001,652,526 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/09/01 23:10:17 | 000,000,093 | ---- | M] () -- C:\Users\Propriétaire\.gitconfig
[2013/08/30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/08/30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/08/30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/08/30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/08/30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/08/30 09:47:40 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/08/30 09:47:14 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/08/19 08:00:55 | 002,553,693 | ---- | M] () -- C:\Users\Propriétaire\Desktop\Screen 19-08.rar
[2013/08/19 07:54:52 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\xNormal 3.18.3 (x64).lnk
[2013/08/19 07:54:52 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\xNormal 3.18.1 (x64).lnk
[2013/08/19 07:54:36 | 001,002,783 | ---- | M] () -- C:\Users\Propriétaire\Desktop\screen03.jpg
[2013/08/19 07:54:22 | 000,925,596 | ---- | M] () -- C:\Users\Propriétaire\Desktop\screen02.jpg
[2013/08/19 07:54:10 | 000,952,761 | ---- | M] () -- C:\Users\Propriétaire\Desktop\screen01.jpg
[2013/08/19 07:26:44 | 000,275,797 | ---- | M] () -- C:\Users\Propriétaire\Desktop\bakeSettings.jpg
[2013/08/19 00:35:10 | 000,000,132 | ---- | M] () -- C:\Users\Propriétaire\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/08/18 07:00:56 | 000,000,132 | ---- | M] () -- C:\Users\Propriétaire\AppData\Roaming\Adobe OpenEXR Format CS6 Prefs
[2013/08/18 04:11:24 | 042,931,044 | ---- | M] () -- C:\Users\Propriétaire\Desktop\360.apk
[2013/08/18 02:27:36 | 000,819,310 | ---- | M] () -- C:\Users\Propriétaire\Desktop\screen18-08.jpg
[2013/08/17 06:36:39 | 000,010,062 | ---- | M] () -- C:\Users\Propriétaire\AppData\Local\recently-used.xbel
[2013/08/17 03:56:56 | 000,151,552 | ---- | M] () -- C:\Windows\SysWow64\nvRegDev.dll
[2013/08/17 03:56:56 | 000,061,440 | ---- | M] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2013/08/17 03:56:56 | 000,040,960 | ---- | M] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2013/08/11 17:24:18 | 000,001,080 | ---- | M] () -- C:\Users\Public\Desktop\Unity.lnk
[2013/08/11 17:11:30 | 000,001,121 | ---- | M] () -- C:\Program Files\ma-config.com - Raccourci.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/10 14:07:37 | 000,113,540 | ---- | C] () -- C:\Users\Propriétaire\Desktop\maintanance.jpg
[2013/09/10 14:05:55 | 000,001,351 | ---- | C] () -- C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
[2013/09/10 14:05:39 | 003,376,640 | ---- | C] () -- C:\Windows\SysNative\BootMan.exe
[2013/09/10 14:05:39 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2013/09/10 14:05:39 | 000,016,256 | ---- | C] () -- C:\Windows\SysNative\EuEpmGdi.dll
[2013/09/10 14:05:38 | 002,498,216 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2013/09/10 14:05:38 | 000,100,936 | ---- | C] () -- C:\Windows\SysNative\setupempdrvx64.exe
[2013/09/10 14:05:38 | 000,087,112 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2013/09/10 14:05:38 | 000,017,480 | ---- | C] () -- C:\Windows\SysNative\epmntdrv.sys
[2013/09/10 14:05:38 | 000,009,800 | ---- | C] () -- C:\Windows\SysNative\EuGdiDrv.sys
[2013/09/10 14:05:38 | 000,009,160 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2013/09/10 14:05:37 | 000,013,896 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2013/09/07 03:11:43 | 003,030,251 | ---- | C] () -- C:\Users\Propriétaire\Desktop\Camera FV-5 v1.53 apkmania.com.apk
[2013/09/07 03:09:58 | 010,798,469 | ---- | C] () -- C:\Users\Propriétaire\Desktop\Real Colors Pro v1.2.9 apkmania.com.apk
[2013/09/07 03:04:32 | 000,937,401 | ---- | C] () -- C:\Users\Propriétaire\Desktop\IMG_20130902_200138.jpg
[2013/09/04 21:42:20 | 000,699,192 | ---- | C] () -- C:\Users\Propriétaire\Desktop\pc.dds
[2013/09/04 21:42:20 | 000,028,736 | ---- | C] () -- C:\Users\Propriétaire\Desktop\pc.fbx
[2013/09/01 23:51:29 | 000,000,600 | ---- | C] () -- C:\Users\Propriétaire\AppData\Local\PUTTY.RND
[2013/09/01 23:10:17 | 000,000,093 | ---- | C] () -- C:\Users\Propriétaire\.gitconfig
[2013/09/01 17:41:42 | 002,113,929 | ---- | C] () -- C:\Users\Propriétaire\Desktop\20130425_232827.jpg
[2013/08/19 08:00:54 | 002,553,693 | ---- | C] () -- C:\Users\Propriétaire\Desktop\Screen 19-08.rar
[2013/08/19 07:54:35 | 001,002,783 | ---- | C] () -- C:\Users\Propriétaire\Desktop\screen03.jpg
[2013/08/19 07:54:21 | 000,925,596 | ---- | C] () -- C:\Users\Propriétaire\Desktop\screen02.jpg
[2013/08/19 07:54:08 | 000,952,761 | ---- | C] () -- C:\Users\Propriétaire\Desktop\screen01.jpg
[2013/08/19 02:19:55 | 000,000,608 | ---- | C] () -- C:\Users\Propriétaire\Desktop\Mobile-Diffuse.shader
[2013/08/18 04:11:24 | 042,931,044 | ---- | C] () -- C:\Users\Propriétaire\Desktop\360.apk
[2013/08/18 02:27:34 | 000,819,310 | ---- | C] () -- C:\Users\Propriétaire\Desktop\screen18-08.jpg
[2013/08/18 02:22:04 | 000,275,797 | ---- | C] () -- C:\Users\Propriétaire\Desktop\bakeSettings.jpg
[2013/08/17 23:02:56 | 000,002,883 | ---- | C] () -- C:\Users\Propriétaire\Desktop\3dnDBS_baked.shader
[2013/08/17 06:36:39 | 000,010,062 | ---- | C] () -- C:\Users\Propriétaire\AppData\Local\recently-used.xbel
[2013/08/17 03:57:37 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2013/08/17 03:57:01 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2013/08/17 03:57:01 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2013/08/16 07:27:32 | 000,001,538 | ---- | C] () -- C:\Users\Propriétaire\Desktop\Mobile-BumpSpec.shader
[2013/08/15 05:06:03 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\xNormal 3.18.1 (x64).lnk
[2013/08/15 05:01:42 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2013/08/15 05:01:42 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/08/15 05:01:42 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2013/08/15 05:01:42 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/08/15 05:01:42 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2013/08/15 05:01:42 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2013/08/15 04:03:42 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\xNormal 3.18.3 (x64).lnk
[2013/08/11 17:28:50 | 000,001,149 | ---- | C] () -- C:\Users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GPU Manager.lnk
[2013/08/11 17:24:18 | 000,001,080 | ---- | C] () -- C:\Users\Public\Desktop\Unity.lnk
[2013/08/11 17:11:30 | 000,001,121 | ---- | C] () -- C:\Program Files\ma-config.com - Raccourci.lnk
[2013/07/09 03:07:57 | 000,001,456 | ---- | C] () -- C:\Users\Propriétaire\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013/02/27 20:06:56 | 000,687,104 | R--- | C] () -- C:\Windows\SysWow64\XSIChooser.exe
[2012/11/30 16:39:46 | 000,004,934 | ---- | C] () -- C:\ProgramData\flwjycbm.bab
[2012/10/16 17:57:48 | 000,000,187 | ---- | C] () -- C:\Windows\{27947A01-2623-4A2A-8A3B-4B0685834DD3}_WiseFW.ini
[2012/10/16 17:56:42 | 000,000,187 | ---- | C] () -- C:\Windows\{A35B9024-BEA3-40F5-AD37-78B0102AF22A}_WiseFW.ini
[2012/10/16 16:42:31 | 000,000,208 | ---- | C] () -- C:\Windows\{6BC52438-5DE4-4102-846E-64C225A0A04E}_WiseFW.ini
[2012/10/14 22:44:50 | 000,000,132 | ---- | C] () -- C:\Users\Propriétaire\AppData\Roaming\Adobe OpenEXR Format CS6 Prefs
[2012/10/06 17:40:48 | 000,000,132 | ---- | C] () -- C:\Users\Propriétaire\AppData\Roaming\Adobe Targa Format CS6 Prefs
[2012/09/11 21:06:24 | 000,000,132 | ---- | C] () -- C:\Users\Propriétaire\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/09/11 15:53:10 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/08/15 02:38:24 | 000,000,201 | ---- | C] () -- C:\Windows\MSUTIL.INI
[2012/08/14 23:10:57 | 001,652,526 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/14 17:41:13 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/06/28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/22 18:31:04 | 000,326,144 | ---- | C] () -- C:\Windows\SysWow64\ColorEfexPro4FC32.dll

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/07/09 02:44:41 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\ASkySoft
[2013/09/01 23:04:48 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\Atlassian
[2013/08/06 20:38:47 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\Audacity
[2013/08/17 23:31:32 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\Autodesk
[2013/09/09 20:12:06 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\Azureus
[2012/08/14 23:06:29 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\DAEMON Tools Lite
[2013/08/07 04:27:37 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\Dropbox
[2012/11/28 04:02:49 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\fpdb
[2013/01/12 05:33:52 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
[2012/11/30 17:24:42 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\HEM Data
[2013/08/08 03:53:27 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\HoldemManager
[2013/08/04 22:26:56 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\MonoDevelop-Unity-2.8
[2013/07/11 21:59:56 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\PDF Architect
[2013/08/06 06:22:37 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\Red Giant Link
[2012/09/21 19:20:02 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\SplitMediaLabs
[2012/08/18 23:11:34 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/08/04 22:26:56 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\stetic
[2012/09/13 00:14:16 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\TeamViewer
[2013/08/04 22:21:18 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\Unity
[2013/09/10 14:59:54 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\uTorrent
[2012/09/13 15:32:51 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 1245 bytes -> C:\ProgramData\Microsoft:VugEaunCDxjmzMeHxsr4GjpTK7O
@Alternate Data Stream - 1111 bytes -> C:\Program Files\Common Files\Microsoft Shared:PamziyS2kgPD5XHYfQZn
@Alternate Data Stream - 1107 bytes -> C:\ProgramData\Microsoft:nW6Ti0qrYUJ4K0UVxoS
@Alternate Data Stream - 1033 bytes -> C:\Program Files\Common Files\Microsoft Shared:5s2xGY56QItdcXsr05Z23JVC

< End of report >

Edited by mrgozu, 10 September 2013 - 07:15 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP