cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 14/01/2018 23:27:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\hp\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,88 Gb Total Physical Memory | 2,97 Gb Available Physical Memory | 76,58% Memory free
4,88 Gb Paging File | 3,98 Gb Available in Paging File | 81,47% Paging File free
Paging file location(s): c:\pagefile.sys 1024 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 35,00 Gb Free Space | 23,89% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 140,37 Gb Free Space | 92,59% Space Free | Partition Type: NTFS

Computer Name: HP-PC | User Name: hp | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2018/01/14 23:20:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Downloads\OTL.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2017/11/04 12:42:39 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2016/05/24 09:19:52 | 000,193,696 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Endpoint Security\eshasrv.exe -- (eshasrv)
SRV:[b]64bit:[/b] - [2016/05/24 09:18:12 | 000,051,872 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Endpoint Security\ehttpsrv.exe -- (EHttpSrv)
SRV:[b]64bit:[/b] - [2016/05/24 09:14:22 | 001,648,224 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2014/09/26 15:26:22 | 000,318,568 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2014/01/19 22:04:46 | 000,340,480 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2017/09/27 11:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/09/26 15:26:22 | 000,280,680 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/03/20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2017/08/26 21:07:46 | 000,572,504 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2016/05/23 10:08:14 | 000,264,864 | ---- | M] (ESET) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2016/05/23 10:08:14 | 000,215,720 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:[b]64bit:[/b] - [2016/05/23 10:08:14 | 000,196,768 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2016/05/23 10:08:14 | 000,084,640 | ---- | M] (ESET) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2016/05/23 10:08:14 | 000,061,096 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:[b]64bit:[/b] - [2014/09/26 15:26:18 | 003,826,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2014/09/26 15:26:12 | 000,454,416 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2014/07/21 08:44:06 | 000,495,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:[b]64bit:[/b] - [2014/07/16 17:15:52 | 007,765,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2014/04/24 15:34:12 | 000,633,704 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2014/04/24 15:34:12 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:[b]64bit:[/b] - [2014/01/19 22:04:46 | 000,551,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2013/12/10 13:15:46 | 000,795,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2013/10/02 01:05:40 | 000,172,760 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:[b]64bit:[/b] - [2013/08/29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2013/04/26 08:40:22 | 000,176,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:[b]64bit:[/b] - [2012/11/20 11:14:40 | 001,866,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:[b]64bit:[/b] - [2012/04/15 22:32:14 | 001,071,032 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\wcmvcam64.sys -- (WCMVCAM)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008/07/31 09:32:24 | 000,058,880 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2013/11/21 09:22:08 | 000,115,448 | ---- | M] (EZB Systems, Inc.) [File_System | System | Stopped] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/01/25 10:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Users\hp\Desktop\Selfishnet win 7\npf.sys -- (NPF)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1042632735-1191582378-356171645-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ar-eg/?ocid=iehp
IE - HKU\S-1-5-21-1042632735-1191582378-356171645-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKU\S-1-5-21-1042632735-1191582378-356171645-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 15 5F 1A 54 DA 53 D3 01 [binary data]
IE - HKU\S-1-5-21-1042632735-1191582378-356171645-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1042632735-1191582378-356171645-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-1042632735-1191582378-356171645-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaffdpaiepancalmjdliimagfomfklk\1.0.0.3011_0\
CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\edlkcjfhiofedjdnbagmjhmkemmnnggg\13.321.12.18577_0\
CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1042632735-1191582378-356171645-1000..\Run: [WebcamMaxAutoRun] C:\Program Files (x86)\WebcamMax\wcmmon.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-1042632735-1191582378-356171645-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:[b]64bit:[/b] - ..Trusted Domains: eset.com ([help] http in Trusted sites)
O15 - HKLM\..Trusted Domains: eset.com ([help] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4AE9EA2-9833-4B64-91F0-181B4F202E1E}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{255e7f96-d8cb-11e7-adb5-f4b7e294ea92}\Shell - "" = AutoRun
O33 - MountPoints2\{255e7f96-d8cb-11e7-adb5-f4b7e294ea92}\Shell\AutoRun\command - "" = F:\Lenovo_Suite.exe
O33 - MountPoints2\{6424a998-e94c-11e7-a859-f4b7e2fbd548}\Shell - "" = AutoRun
O33 - MountPoints2\{6424a998-e94c-11e7-a859-f4b7e2fbd548}\Shell\AutoRun\command - "" = F:\Lenovo_Suite.exe
O33 - MountPoints2\{9a86d1e9-d1b2-11e7-b002-f4b7e294ea92}\Shell - "" = AutoRun
O33 - MountPoints2\{9a86d1e9-d1b2-11e7-b002-f4b7e294ea92}\Shell\AutoRun\command - "" = F:\Lenovo_Suite.exe
O33 - MountPoints2\{f3c14f82-dcab-11e7-9537-f4b7e294ea92}\Shell - "" = AutoRun
O33 - MountPoints2\{f3c14f82-dcab-11e7-9537-f4b7e294ea92}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2018/01/14 23:18:06 | 000,000,000 | ---D | C] -- C:\Users\hp\WPDNSE
[2018/01/14 23:12:07 | 000,000,000 | ---D | C] -- C:\cygwin64
[2018/01/14 21:04:04 | 000,000,000 | ---D | C] -- C:\Users\hp\msdt
[2018/01/14 20:26:54 | 000,000,000 | -HSD | C] -- C:\Users\hp\eset.temp
[2018/01/14 08:54:32 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\system.ext4
[2018/01/13 13:02:26 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\VirtualStore
[2018/01/13 05:02:07 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\MigWiz
[2018/01/12 20:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Lenovo
[2018/01/12 14:31:19 | 000,000,000 | ---D | C] -- C:\Users\hp\OIS
[2018/01/12 13:18:08 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\MTK-TWRP
[2018/01/12 13:17:49 | 000,000,000 | ---D | C] -- C:\Users\hp\TWRP
[2018/01/12 09:08:31 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2018/01/12 09:08:31 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2018/01/12 09:03:51 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2018/01/12 09:02:22 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2018/01/12 09:02:22 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2018/01/12 08:59:38 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2018/01/11 22:17:16 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\Selfishnet win 7
[2018/01/11 22:15:11 | 063,666,752 | ---- | C] (Oracle Corporation) -- C:\Users\hp\Desktop\jre-8u151-windows-i586.exe
[2018/01/11 14:42:58 | 000,000,000 | ---D | C] -- C:\Nouveau dossier
[2018/01/11 00:59:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2018/01/11 00:52:31 | 000,000,000 | ---D | C] -- C:\Users\hp\msdtadmin
[2018/01/11 00:22:49 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Users\hp\Desktop\calc.exe
[2018/01/11 00:00:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2018/01/11 00:00:10 | 126,925,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MRT-KB890830.exe
[2018/01/10 21:00:20 | 000,000,000 | ---D | C] -- C:\Users\hp\acrord32_sbx
[2018/01/10 19:56:21 | 000,000,000 | ---D | C] -- C:\Users\hp\Low
[2018/01/10 15:09:24 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\IDT
[2018/01/09 20:30:38 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\Notepad++
[2018/01/09 20:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2018/01/09 20:30:32 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\Notepad++
[2018/01/09 20:30:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2018/01/09 13:21:37 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\lala
[2018/01/08 22:51:25 | 000,000,000 | ---D | C] -- C:\SWTOOLS
[2018/01/08 20:09:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2018/01/08 20:09:41 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\BlueStacks
[2018/01/07 14:19:08 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2018/01/07 14:19:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2018/01/07 13:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2018/01/07 11:37:46 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\pgn
[2018/01/07 10:45:22 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\clockworkmod
[2018/01/04 21:38:10 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\My Music
[2017/12/31 19:24:06 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\CEF
[2017/12/31 19:10:49 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\Macromedia
[2017/12/31 19:10:49 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\Macromedia
[2017/12/31 19:10:42 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\Mozilla
[2017/12/31 17:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2017/12/31 15:57:43 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\bac
[2017/12/31 11:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos Interactive
[2017/12/31 11:13:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eidos Interactive
[2017/12/21 19:12:31 | 000,000,000 | ---D | C] -- C:\Users\hp\Documents\Freedom Fighters
[2017/12/21 19:10:20 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freedom Fighters
[2017/12/21 19:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freedom Fighters
[2017/12/21 19:08:04 | 000,000,000 | ---D | C] -- C:\Games
[2017/12/21 18:57:11 | 000,000,000 | R--D | C] -- C:\Users\hp\Desktop\gta
[2017/12/21 18:56:02 | 000,000,000 | ---D | C] -- C:\Users\hp\Documents\GTA San Andreas User Files
[2017/12/21 18:54:32 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\freedom fighters
[2017/12/21 18:20:55 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\pictures
[2017/12/16 15:29:47 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\Lenovo
[2017/12/16 15:29:22 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2017/12/16 15:29:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lenovo
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2018/01/14 23:28:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2018/01/14 23:20:07 | 000,000,000 | -H-- | M] () -- C:\Users\hp\etilqs_Mza0ozixJmXMD1V
[2018/01/14 23:19:08 | 000,000,000 | -H-- | M] () -- C:\Users\hp\etilqs_XanlPD9oSV61vVd
[2018/01/14 23:17:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018/01/14 22:32:10 | 000,257,928 | ---- | M] () -- C:\Users\hp\ArmUI.ini
[2018/01/14 22:30:25 | 000,031,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018/01/14 22:30:25 | 000,031,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018/01/14 18:22:56 | 000,938,003 | ---- | M] () -- C:\Users\hp\Desktop\setup-x86_64.exe
[2018/01/14 14:56:32 | 000,001,550 | ---- | M] () -- C:\Users\hp\wmplog04.sqm
[2018/01/14 14:56:10 | 000,001,478 | ---- | M] () -- C:\Users\hp\wmplog03.sqm
[2018/01/14 07:30:52 | 306,851,328 | ---- | M] () -- C:\Users\hp\Desktop\system.ext4.tar.a
[2018/01/14 07:23:02 | 355,420,816 | ---- | M] () -- C:\Users\hp\Desktop\CondorC4 .zip
[2018/01/14 07:18:50 | 415,412,406 | ---- | M] () -- C:\Users\hp\Desktop\NeXos7.0bMar8.zip
[2018/01/14 07:15:31 | 000,001,330 | ---- | M] () -- C:\Users\hp\wmplog02.sqm
[2018/01/13 23:41:47 | 000,001,378 | ---- | M] () -- C:\Users\hp\wmplog01.sqm
[2018/01/13 20:10:58 | 000,001,298 | ---- | M] () -- C:\Users\hp\wmplog00.sqm
[2018/01/13 13:02:34 | 000,000,144 | ---- | M] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2018/01/13 06:19:54 | 001,675,486 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018/01/13 06:19:54 | 000,750,190 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2018/01/13 06:19:54 | 000,656,908 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018/01/13 06:19:54 | 000,150,804 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2018/01/13 06:19:54 | 000,122,720 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018/01/12 23:18:35 | 003,955,592 | ---- | M] () -- C:\cab_4780_2
[2018/01/12 23:18:17 | 000,000,000 | ---- | M] () -- C:\cab_4780_6
[2018/01/12 23:18:17 | 000,000,000 | ---- | M] () -- C:\cab_4780_5
[2018/01/12 23:18:17 | 000,000,000 | ---- | M] () -- C:\cab_4780_4
[2018/01/12 23:18:17 | 000,000,000 | ---- | M] () -- C:\cab_4780_3
[2018/01/12 22:42:28 | 257,805,450 | ---- | M] () -- C:\Users\hp\Desktop\NeXos7.0bMar8 - Copie.zip
[2018/01/12 20:40:56 | 220,714,904 | ---- | M] () -- C:\Users\hp\Desktop\getxfer.548.0.zip
[2018/01/12 20:32:55 | 000,000,134 | ---- | M] () -- C:\Users\hp\32507191.od
[2018/01/12 20:32:55 | 000,000,000 | ---- | M] () -- C:\Users\hp\CVR537.tmp.cvr
[2018/01/11 23:44:36 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat
[2018/01/11 22:09:26 | 063,666,752 | ---- | M] (Oracle Corporation) -- C:\Users\hp\Desktop\jre-8u151-windows-i586.exe
[2018/01/11 00:00:11 | 126,925,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MRT-KB890830.exe
[2018/01/10 20:07:10 | 000,041,384 | ---- | M] () -- C:\Users\hp\KB3035490_20180110_200658152.html
[2018/01/10 15:57:11 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\Notepad++.lnk
[2018/01/08 07:55:01 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2018/01/07 14:19:08 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2018/01/07 07:57:20 | 382,947,452 | ---- | M] () -- C:\Users\hp\Desktop\rom kitkat.zip
[2018/01/03 12:37:19 | 001,696,586 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2017/12/31 17:50:37 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2017/12/31 11:13:59 | 000,001,154 | ---- | M] () -- C:\Users\hp\Desktop\Play Hitman 2.lnk
[2017/12/21 19:10:19 | 000,000,761 | ---- | M] () -- C:\Users\hp\Desktop\Freedom Fighters.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2018/01/14 23:28:16 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2018/01/14 23:20:07 | 000,000,000 | -H-- | C] () -- C:\Users\hp\etilqs_Mza0ozixJmXMD1V
[2018/01/14 23:19:08 | 000,000,000 | -H-- | C] () -- C:\Users\hp\etilqs_XanlPD9oSV61vVd
[2018/01/14 22:32:10 | 000,257,928 | ---- | C] () -- C:\Users\hp\ArmUI.ini
[2018/01/14 18:22:56 | 000,938,003 | ---- | C] () -- C:\Users\hp\Desktop\setup-x86_64.exe
[2018/01/14 14:56:32 | 000,001,550 | ---- | C] () -- C:\Users\hp\wmplog04.sqm
[2018/01/14 14:56:10 | 000,001,478 | ---- | C] () -- C:\Users\hp\wmplog03.sqm
[2018/01/14 08:56:22 | 002,346,514 | ---- | C] () -- C:\Users\hp\Desktop\SystemUI.apk
[2018/01/14 07:31:01 | 306,851,328 | ---- | C] () -- C:\Users\hp\Desktop\system.ext4.tar.a
[2018/01/14 07:15:31 | 000,001,330 | ---- | C] () -- C:\Users\hp\wmplog02.sqm
[2018/01/13 23:41:47 | 000,001,378 | ---- | C] () -- C:\Users\hp\wmplog01.sqm
[2018/01/13 20:10:58 | 000,001,298 | ---- | C] () -- C:\Users\hp\wmplog00.sqm
[2018/01/13 13:02:34 | 000,000,144 | ---- | C] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2018/01/13 05:33:11 | 004,726,784 | ---- | C] () -- C:\Users\hp\Desktop\boot.img
[2018/01/12 23:18:17 | 003,955,592 | ---- | C] () -- C:\cab_4780_2
[2018/01/12 23:18:17 | 000,000,000 | ---- | C] () -- C:\cab_4780_6
[2018/01/12 23:18:17 | 000,000,000 | ---- | C] () -- C:\cab_4780_5
[2018/01/12 23:18:17 | 000,000,000 | ---- | C] () -- C:\cab_4780_4
[2018/01/12 23:18:17 | 000,000,000 | ---- | C] () -- C:\cab_4780_3
[2018/01/12 22:38:08 | 257,805,450 | ---- | C] () -- C:\Users\hp\Desktop\NeXos7.0bMar8 - Copie.zip
[2018/01/12 22:33:54 | 220,714,904 | ---- | C] () -- C:\Users\hp\Desktop\getxfer.548.0.zip
[2018/01/12 20:32:55 | 000,000,134 | ---- | C] () -- C:\Users\hp\32507191.od
[2018/01/12 20:32:55 | 000,000,000 | ---- | C] () -- C:\Users\hp\CVR537.tmp.cvr
[2018/01/11 23:44:36 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat
[2018/01/10 20:06:56 | 000,041,384 | ---- | C] () -- C:\Users\hp\KB3035490_20180110_200658152.html
[2018/01/10 15:57:11 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\Notepad++.lnk
[2018/01/09 15:58:29 | 415,412,406 | ---- | C] () -- C:\Users\hp\Desktop\NeXos7.0bMar8.zip
[2018/01/08 07:55:01 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2018/01/07 14:19:08 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2018/01/07 07:57:21 | 382,947,452 | ---- | C] () -- C:\Users\hp\Desktop\rom kitkat.zip
[2018/01/04 23:27:24 | 355,420,816 | ---- | C] () -- C:\Users\hp\Desktop\CondorC4 .zip
[2017/12/31 17:50:37 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2017/12/31 17:50:37 | 000,002,047 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2017/12/31 11:13:59 | 000,001,154 | ---- | C] () -- C:\Users\hp\Desktop\Play Hitman 2.lnk
[2017/12/21 19:10:19 | 000,000,761 | ---- | C] () -- C:\Users\hp\Desktop\Freedom Fighters.lnk
[2017/11/01 20:49:46 | 001,696,586 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2017/10/18 12:22:27 | 000,026,464 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2017/10/18 12:22:23 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2017/10/18 12:19:33 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2017/10/18 12:19:33 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/21 04:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/21 04:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]


[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2010/11/21 04:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2017/10/18 12:55:11 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2018/01/11 23:44:36 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat
[2018/01/12 23:18:35 | 003,955,592 | ---- | M] () -- C:\cab_4780_2
[2018/01/12 23:18:17 | 000,000,000 | ---- | M] () -- C:\cab_4780_3
[2018/01/12 23:18:17 | 000,000,000 | ---- | M] () -- C:\cab_4780_4
[2018/01/12 23:18:17 | 000,000,000 | ---- | M] () -- C:\cab_4780_5
[2018/01/12 23:18:17 | 000,000,000 | ---- | M] () -- C:\cab_4780_6
[2017/10/18 14:41:46 | 000,386,255 | RHS- | M] () -- C:\JXZNG
[2018/01/14 23:17:51 | 1073,741,824 | -HS- | M] () -- C:\pagefile.sys
[2018/01/14 23:28:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017/10/18 14:41:46 | 000,000,020 | RHS- | M] () -- C:\win7.ld

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[2009/07/14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2017/12/31 17:50:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2017/11/02 09:50:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bing Bar Installer
[2018/01/08 20:11:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2017/12/31 11:13:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Eidos Interactive
[2017/10/18 12:21:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2017/11/04 12:58:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2018/01/10 19:40:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lenovo
[2018/01/12 09:40:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2017/11/04 10:44:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2017/10/18 14:36:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2017/10/18 14:34:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2017/11/04 09:46:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2017/11/01 20:49:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2017/10/18 14:36:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2018/01/09 20:30:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Notepad++
[2017/11/02 09:52:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pro Evolution Soccer 2017
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2017/12/14 00:45:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\UltraISO
[2009/07/14 05:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2017/10/18 14:33:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2017/10/31 11:55:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WebcamMax
[2017/11/04 12:09:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010/11/21 07:19:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/11/21 07:19:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2010/11/21 07:19:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/21 04:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/11/21 07:19:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2018/01/07 16:54:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM >[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002]

[HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices]

[HKEY_LOCAL_MACHINE\SYSTEM\RNG]

[HKEY_LOCAL_MACHINE\SYSTEM\Select]

[HKEY_LOCAL_MACHINE\SYSTEM\Setup]

[HKEY_LOCAL_MACHINE\SYSTEM\Software]

[HKEY_LOCAL_MACHINE\SYSTEM\WPA]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet]

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2017/12/21 18:39:56 | 000,000,000 | ---D | M](C:\Users\hp\Desktop\??????) -- C:\Users\hp\Desktop\#F'4J/
[2017/12/21 18:39:33 | 000,000,000 | ---D | C](C:\Users\hp\Desktop\??????) -- C:\Users\hp\Desktop\#F'4J/
[2017/12/21 18:37:10 | 000,000,000 | ---D | M](C:\Users\hp\Desktop\?????? ??????) -- C:\Users\hp\Desktop\'DB1#F 'DC1JE
[2017/12/21 18:30:32 | 000,000,000 | ---D | C](C:\Users\hp\Desktop\?????? ??????) -- C:\Users\hp\Desktop\'DB1#F 'DC1JE
[2017/11/03 10:59:13 | 000,086,350 | ---- | M] ()(C:\Users\hp\Documents\?????? ???? ??????? ???????? ???? ?? ??? ????? 15.docx) -- C:\Users\hp\Documents\EFG,J) 'DF5 'DAD3AJ (*6(JBG' #6EF DC 9DI 'D#BD 15.docx
[2017/11/03 10:59:12 | 000,086,350 | ---- | C] ()(C:\Users\hp\Documents\?????? ???? ??????? ???????? ???? ?? ??? ????? 15.docx) -- C:\Users\hp\Documents\EFG,J) 'DF5 'DAD3AJ (*6(JBG' #6EF DC 9DI 'D#BD 15.docx

< End of report >

Publicité

Signaler le contenu de ce document

Publicité