PC infecté.

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Re: PC infecté.

Messagede nickW » 13 Sep 2011, 16:17

Bonjour,

Pourquoi n'as-tu pas envoyé les rapports d'analyse comme demandé: chacun dans un message distinct (en utilisant le bouton Répondre)?
Le résultat est pratiquement illisible!


Peux-tu commencer par supprimer de ton PC tous les fichiers qui contiennent l'un des mots: crack, keygen, keymaker


Peux-tu ensuite télécharger la dernière version de OTL (3.2.28.0)?
Elle devra remplacer l'ancienne.



Utilisation d'autres outils de diagnostic:


Étape 1: AdwCleaner (de Xplode), téléchargement
Télécharger AdwCleaner depuis la page ci-dessous:
http://general-changelog-team.fr/telech ... adwcleaner

Enregistrer le fichier adwcleaner0.exe sur le Bureau.


Étape 2: AdwCleaner (de Xplode), analyse
Faire un clic droit sur adwcleaner0.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

L'écran principal d'AdwCleaner s'affiche:
Image

Cliquer sur le bouton Recherche.

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer la fenêtre d'AdwCleaner.
Fermer le Bloc-notes.


Étape 3: CKScanner (de askey127)
Télécharger CKScanner.exe depuis:
http://downloads.malwareremoval.com/CKScanner.exe

Important: Enregistrer le fichier sur le Bureau.

Faire un double-clic sur CKScanner.exe pour lancer le programme.

Sur l'écran principal, cliquer sur le bouton "Search For Files"
Image

Après un court laps de temps, une liste s'affiche dans la partie droite de l'image.

Cliquer sur le bouton "Save List to File" Image

Un message annonce que le fichier a été enregistré, cliquer sur OK Image

Cliquer sur le bouton "Exit" pour fermer le programme.


Étape 4: Résultats
Envoyer en réponse:
*- le rapport d'analyse d'AdwCleaner (contenu du fichier %SystemDrive%\AdwCleaner[Rn].txt, n étant un numéro d'ordre).
[%SystemDrive% représente la partition sur laquelle est installé le système, généralement C:]
*- le contenu du fichier ckfiles.txt situé sur le Bureau


Note importante: Pour l'envoi de ta réponse, il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Re: PC infecté.

Messagede Olfi » 13 Sep 2011, 19:46

Salut;
Merci de votre réponse si rapide, j'ai pas fais attention du lien de réponse alors je suis sincèrement désolé.
Je vous envois les deux rapports demandés tout en attirant votre attention que j'ai réussi à télécharger OTL(3.2.28.0) dont je ne l'ai pas utilisé en attendant vos consignes.
Cordialement
Ezzina OLFI

# AdwCleaner v1.305 - Rapport créé le 13/09/2011 à 19:14:18
# Mis à jour le 07/09/11 à 19h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Ezzina Olfi - EZZINAOLFI-PC (Administrateur)
# Exécuté depuis : C:\Users\Ezzina Olfi\Desktop\adwcleaner0.exe
# Option [Recherche]


***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\extensions\ffox@bandoo.com
Fichier Présent : C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\searchplugins\SweetIM Search.xml
Fichier Présent : C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\xljhq149.default\searchplugins\SweetIM Search.xml

***** [Registre] *****

Clé Présente : HKCU\Toolbar
Clé Présente : HKCU\Software\Conduit
Clé Présente : HKLM\SOFTWARE\SweetIM
Clé Présente : HKLM\SOFTWARE\Classes\escort.escortIEPane
Clé Présente : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Clé Présente : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

***** [Registre (64 bits)] *****

[x64] Clé Présente : HKCU64\Toolbar
[x64] Clé Présente : HKCU64\Software\Conduit
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\escort.escortIEPane
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\escort.escrtBtn.1
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\AppID\esrv.EXE
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{CC883F50-95BB-4A25-9DBF-B801506F1BC4}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[x64] Clé Présente : HKCU64\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[x64] Clé Présente : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
[x64] Clé Présente : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
[x64] Clé Présente : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
[x64] Clé Présente : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v6.0.2 (fr)

Profil : itl1id5s.default
Fichier : C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\prefs.js

Présente : user_pref("CT2724386.CTID", "ct2724386");
Présente : user_pref("CT2724386.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCityToolbar.com,MyCollegeToolbar.com,MyFamilyToolbar.com,MyForumToolbar.com,MyLibraryToolbar.com,MyRadioToolbar.com,MyStoreToolbar.com,MyTownToolbar.com,MyUniversityToolbar.com,OurChurchToolbar.com,MyXangaToolbar.com,Media-Toolbar.com,LoyaltyToolbar.com,MyTeamToolbar.com,GreatToolbars.com,OurOrganizationToolbar.com,OurBusinessToolbar.com,Toolbar.fm");
Présente : user_pref("CT2724386.ct2724386.DialogsAlignMode", "LTR");
Présente : user_pref("CT2724386.ct2724386.GroupingInvalidateCache", false);
Présente : user_pref("CT2724386.ct2724386.GroupingLastCheckTime", "Thu Jul 21 2011 15:41:26 GMT+0100");
Présente : user_pref("CT2724386.ct2724386.GroupingLastErrorCode", "");
Présente : user_pref("CT2724386.ct2724386.GroupingLastResponse", true);
Présente : user_pref("CT2724386.ct2724386.GroupingLastServerUpdateTime", "129556532462770000");
Présente : user_pref("CT2724386.ct2724386.InvalidateCache", false);
Présente : user_pref("CT2724386.ct2724386.LanguagePackLastCheckTime", "Thu Jul 21 2011 15:41:27 GMT+0100");
Présente : user_pref("CT2724386.ct2724386.Locale", "en");
Présente : user_pref("CT2724386.ct2724386.RadioLastCheckTime", "Thu Jul 21 2011 15:41:26 GMT+0100");
Présente : user_pref("CT2724386.ct2724386.RadioLastUpdateIPServer", "3");
Présente : user_pref("CT2724386.ct2724386.RadioLastUpdateServer", "129249036863500000");
Présente : user_pref("CT2724386.ct2724386.SearchInNewTabLastCheckTime", "Thu Jul 21 2011 15:41:26 GMT+0100");
Présente : user_pref("CT2724386.ct2724386.SettingsLastCheckTime", "Thu Jul 21 2011 15:41:25 GMT+0100");
Présente : user_pref("CT2724386.ct2724386.SettingsLastUpdate", "1311168846");
Présente : user_pref("CT2724386.ct2724386.ThirdPartyComponentsLastCheck", "Thu Jul 21 2011 15:41:25 GMT+0100");
Présente : user_pref("CT2724386.ct2724386.ThirdPartyComponentsLastUpdate", "1246786978");
Présente : user_pref("CT2724386.ct2724386.globalFirstTimeInfoLastCheckTime", "Thu Jul 21 2011 15:41:26 GMT+0100");
Présente : user_pref("CT2724386.ct2724386.toolbarAppMetaDataLastCheckTime", "Thu Jul 21 2011 15:41:26 GMT+0100");
Présente : user_pref("CT2724386.ct2724386.toolbarContextMenuLastCheckTime", "Thu Jul 21 2011 15:41:27 GMT+0100");
Présente : user_pref("CT2949154..clientLogIsEnabled", false);
Présente : user_pref("CT2949154..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Présente : user_pref("CT2949154..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Présente : user_pref("CT2949154.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Présente : user_pref("CT2949154.AppTrackingLastCheckTime", "Sun Jun 05 2011 10:18:01 GMT+0100");
Présente : user_pref("CT2949154.CTID", "CT2949154");
Présente : user_pref("CT2949154.CurrentServerDate", "5-6-2011");
Présente : user_pref("CT2949154.DialogsAlignMode", "LTR");
Présente : user_pref("CT2949154.DialogsGetterLastCheckTime", "Thu Mar 31 2011 12:49:07 GMT+0100");
Présente : user_pref("CT2949154.DownloadReferralCookieData", "");
Présente : user_pref("CT2949154.FirstServerDate", "31-3-2011");
Présente : user_pref("CT2949154.FirstTime", true);
Présente : user_pref("CT2949154.FirstTimeFF3", true);
Présente : user_pref("CT2949154.FixPageNotFoundErrors", true);
Présente : user_pref("CT2949154.GroupingServerCheckInterval", 1440);
Présente : user_pref("CT2949154.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Présente : user_pref("CT2949154.HasUserGlobalKeys", true);
Présente : user_pref("CT2949154.Initialize", true);
Présente : user_pref("CT2949154.InitializeCommonPrefs", true);
Présente : user_pref("CT2949154.InstallationAndCookieDataSentCount", 3);
Présente : user_pref("CT2949154.InstallationId", "Messenger_Plus.exe");
Présente : user_pref("CT2949154.InstallationType", "ConduitIntegration");
Présente : user_pref("CT2949154.InstalledDate", "Thu Mar 31 2011 12:48:15 GMT+0100");
Présente : user_pref("CT2949154.InvalidateCache", false);
Présente : user_pref("CT2949154.IsGrouping", false);
Présente : user_pref("CT2949154.IsMulticommunity", false);
Présente : user_pref("CT2949154.IsOpenThankYouPage", false);
Présente : user_pref("CT2949154.IsOpenUninstallPage", true);
Présente : user_pref("CT2949154.LanguagePackLastCheckTime", "Sun Jun 05 2011 14:29:15 GMT+0100");
Présente : user_pref("CT2949154.LanguagePackReloadIntervalMM", 1440);
Présente : user_pref("CT2949154.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Présente : user_pref("CT2949154.LastLogin_3.2.5.2", "Thu Mar 31 2011 12:48:15 GMT+0100");
Présente : user_pref("CT2949154.LastLogin_3.3.3.2", "Sun Jun 05 2011 10:02:33 GMT+0100");
Présente : user_pref("CT2949154.LatestVersion", "3.3.3.2");
Présente : user_pref("CT2949154.Locale", "en-gb");
Présente : user_pref("CT2949154.MCDetectTooltipHeight", "83");
Présente : user_pref("CT2949154.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Présente : user_pref("CT2949154.MCDetectTooltipWidth", "295");
Présente : user_pref("CT2949154.RadioIsPodcast", false);
Présente : user_pref("CT2949154.RadioLastCheckTime", "Sun Jun 05 2011 14:31:01 GMT+0100");
Présente : user_pref("CT2949154.RadioLastUpdateIPServer", "3");
Présente : user_pref("CT2949154.RadioLastUpdateServer", "3");
Présente : user_pref("CT2949154.RadioMediaID", "9962");
Présente : user_pref("CT2949154.RadioMediaType", "Media Player");
Présente : user_pref("CT2949154.RadioMenuSelectedID", "EBRadioMenu_CT29491549962");
Présente : user_pref("CT2949154.RadioStationName", "California%20Rock");
Présente : user_pref("CT2949154.RadioStationURL", "hxxp://feedlive.net/california.asx");
Présente : user_pref("CT2949154.SearchFromAddressBarIsInit", true);
Présente : user_pref("CT2949154.SearchInNewTabEnabled", true);
Présente : user_pref("CT2949154.SearchInNewTabIntervalMM", 1440);
Présente : user_pref("CT2949154.SearchInNewTabLastCheckTime", "Sat Jun 04 2011 19:08:36 GMT+0100");
Présente : user_pref("CT2949154.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Présente : user_pref("CT2949154.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Présente : user_pref("CT2949154.ServiceMapLastCheckTime", "Sat Jun 04 2011 19:08:36 GMT+0100");
Présente : user_pref("CT2949154.SettingsLastCheckTime", "Sun Jun 05 2011 10:02:31 GMT+0100");
Présente : user_pref("CT2949154.SettingsLastUpdate", "1306530423");
Présente : user_pref("CT2949154.ThirdPartyComponentsInterval", 504);
Présente : user_pref("CT2949154.ThirdPartyComponentsLastCheck", "Thu Jun 02 2011 17:54:11 GMT+0100");
Présente : user_pref("CT2949154.ThirdPartyComponentsLastUpdate", "1246786978");
Présente : user_pref("CT2949154.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2949154");
Présente : user_pref("CT2949154.UserID", "UN71496283999068412");
Présente : user_pref("CT2949154.ValidationData_Toolbar", 2);
Présente : user_pref("CT2949154.alertChannelId", "1341008");
Présente : user_pref("CT2949154.backendstorage._fb_dailyactivity", "31333032343635353436333338");
Présente : user_pref("CT2949154.backendstorage._fb_lifetimesent", "54525545");
Présente : user_pref("CT2949154.backendstorage.ct2949154ads1", "25374225323261647325323225334125354225374225323261696425323225334125323231323032342532322532432532327469746C6525323225334125323225423025423025323057617463682532306C6E7465726E657425323054562532302542302542302532322532432532326164746578743125323225334125323253747265616D2532306F766572253230342532433530302532304368616E6E656C732E253232253243253232616474657874322532322533412532324F6E652D54696D652532305365747570253230466565253230556E6C696D697465642532304163636573732532322532432532326469737075726C2532322533412532327777772E6C69766573747265616D6469726563742E636F6D25323225324325323261742532322533412532327325323225324325323261722532322533412532327425323225324325323275726C253232253341253232687474702533412F2F636C6B6164732E636F6D2F616453657276652F6164436C69636B2533466164696425334431323032342532367465726D253344253235374236433934344638302D334137412D343439322D394530302D454338313533423245344139253235374425323674696425334443543239343931353425323661742533447325323674732533447425323661722533447425323675253344736C2532322532432532326469722532322533412532326C7472253232253744253243253742253232616964253232253341253232333933302532322532432532327469746C652532322533412532322575303632412575303634342575303634312575303633322575303634412575303634382575303634362532302575303634312575303633362575303632372575303632362575303634412532302575303632372575303634382575303634362575303634342575303632372575303634412575303634362532322532432532326164746578743125323225334125323225753036323825753036324625753036343825753036343625323025753036323725753036333425753036324125753036333125753036323725753036343325323025753036333425753036343725753036333125753036344125323225324325323261647465787432253232253341253232257530363433257530363242257530363331253230257530363435257530363436253230323135352532302575303634322575303634362575303632372575303632392532322532432532326469737075726C25323225334125323254564E6F6F702E636F6D25323225324325323261742532322533412532327325323225324325323261722532322533412532327425323225324325323275726C253232253341253232687474702533412F2F636C6B6164732E636F6D2F616453657276652F6164436C69636B25334661646964253344333933302532367465726D253344253235374236433934344638302D334137412D343439322D394530302D454338313533423245344139253235374425323674696425334443543239343931353425323661742533447325323674732533447425323661722533447425323675253344736C25323225324325323264697225323225334125323272746C2532322537442535442532432532327372253232253341332532432532327363762532322533412532326E253232253744");
Présente : user_pref("CT2949154.backendstorage.ct2949154current_term", "25374236433934344638302D334137412D343439322D394530302D454338313533423245344139253744");
Présente : user_pref("CT2949154.backendstorage.ct2949154sdate", "3236");
Présente : user_pref("CT2949154.backendstorage.facebbok_user_cuid_100001921069934", "37333665303030312D383266622D356166332D303030302D303030303030303030303030");
Présente : user_pref("CT2949154.backendstorage.facebbok_user_id", "313030303031393231303639393334");
Présente : user_pref("CT2949154.backendstorage.facebook_ctid_connect_send", "73656E646564");
Présente : user_pref("CT2949154.backendstorage.facebook_ctid_connect_send_n", "73656E646564");
Présente : user_pref("CT2949154.backendstorage.facebook_ctid_connect_send_new", "73656E646564");
Présente : user_pref("CT2949154.backendstorage.facebook_first_visit", "6E6F744669727374");
Présente : user_pref("CT2949154.backendstorage.facebook_login_status", "31");
Présente : user_pref("CT2949154.backendstorage.facebook_lust_recieve", "313636313832392C");
Présente : user_pref("CT2949154.backendstorage.facebook_lust_recievegadet", "313636313832392C");
Présente : user_pref("CT2949154.backendstorage.facebook_mode", "32");
Présente : user_pref("CT2949154.backendstorage.facebook_permission_allow_100001921069934", "31");
Présente : user_pref("CT2949154.backendstorage.facebook_permission_lastshow_100001921069934", "31333033353533323337303132");
Présente : user_pref("CT2949154.backendstorage.facebook_toolbar_not_numer", "31");
Présente : user_pref("CT2949154.backendstorage.facebook_user_locale", "6672");
Présente : user_pref("CT2949154.backendstorage.facebook_user_name", "3078303034462C3078303036432C3078303036362C3078303036392C3078303032302C3078303034352C3078303037412C3078303037412C3078303036392C3078303036452C307830303631");
Présente : user_pref("CT2949154.backendstorage.facebook_user_token", "3230393834353033353330347C3462366666316536323063613062336232356563636530352E312D3130303030313932313036393933347C47697536734761396A385F77676E57694D4B68456E56696F565A55");
Présente : user_pref("CT2949154.backendstorage.facebooknotifications", "31");
Présente : user_pref("CT2949154.backendstorage.fb_dailyactivity", "31333033373535383231373035");
Présente : user_pref("CT2949154.backendstorage.fb_lifetimesent", "54525545");
Présente : user_pref("CT2949154.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Présente : user_pref("CT2949154.backendstorage.hxxp://facebook_conduitapps_com/v3_3.fa ... _visit_tab", "6E657773466565644C69");
Présente : user_pref("CT2949154.backendstorage.ytapp_dailyactivity", "31333035373337383336323638");
Présente : user_pref("CT2949154.backendstorage.ytapp_lifetimesent", "54525545");
Présente : user_pref("CT2949154.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdownload.conduit.com/\"}");
Présente : user_pref("CT2949154.globalFirstTimeInfoLastCheckTime", "Sun Jun 05 2011 14:34:53 GMT+0100");
Présente : user_pref("CT2949154.isAppTrackingManagerOn", true);
Présente : user_pref("CT2949154.myStuffEnabled", true);
Présente : user_pref("CT2949154.myStuffPublihserMinWidth", 400);
Présente : user_pref("CT2949154.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Présente : user_pref("CT2949154.myStuffServiceIntervalMM", 1440);
Présente : user_pref("CT2949154.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Présente : user_pref("CT2949154.oldAppsList", "129426693351169295,129426693351638049,129426693351794300,129426693351950551,129426693352106802,129426693352106803,129426693352263054,129426693352419305,129426693352575556,129426693352575557,1000082,129426693352888059,129464706199830786,129426693353044311,129464706197955784,129464706197174532,129426693353513064,1000034,1000080,1000234,1000515,1000,1001,1002,1003,1004,1005,1006,1007,1008,1009,1010,1011,1012");
Présente : user_pref("CT2949154.testingCtid", "");
Présente : user_pref("CT2949154.toolbarAppMetaDataLastCheckTime", "Sat Jun 04 2011 19:08:37 GMT+0100");
Présente : user_pref("CT2949154.toolbarContextMenuLastCheckTime", "Sun May 15 2011 10:53:12 GMT+0100");
Présente : user_pref("CT2949154.usagesFlag", 2);
Présente : user_pref("capability.policy.maonoscript.sites", "193.95.75.161 247realmedia.com 3rbfox.com 4shared.com a2dfp.net addons.mozilla.org addthis.com alatest.com alatest.fr alchourouk.com alesayi.me aljazeerasport.net amazonaws.com amung.us anglaisfacile.com aniweather.com apicit.net arabcheart.com assabah.com.tn assabile.com assarih.net atdmt.com attijaribank.com.tn attijarirealtime.com.tn attijariwafabank.com aweber.com belle-belle-belle.com bestofmedia.com billeo.com blogger.com blogspot.com bluelithium.com cafonline.com carrefourtunisie.com central-manuels.com chofoo.com clickintext.net cnam.nat.tn commentcamarche.net contextweb.com cooliris.com dadamp3.com digg.com doubleclick.net editeurjavascript.com essahafa.info.tn estat.com etoile-du-sahel.com facebook.com facebook.net fbcdn.net filefacts.net finances.tn flashgot.net footballdatabase.eu forjawal.com francaisfacile.com gestionpub.com getforecastfox.com gnet.tn google-analytics.com google.com google.fr google.tn googleadservices.com googleapis.com googlesyndication.com gouv.qc.ca gsmarena.com gstatic.com hannibaltv.com.tn hibamusic.com histats.com hotmail.com i2307.in imrworldwide.com imtranslator.net informaction.com infos-du-net.com isefc.rnu.tn jawharafm.net journaldunet.com koora.com ladmedia.fr lapresse.tn lequotidien-tn.com letemps.com.tn lewordpress.com likethepage.com linkextend.com live.com m93b.com maktoob.com maone.net mediafire.com microsoft.com mikanikworld.com mobiles-actus.com mosaiquefm.net mozdev.org mozilla.net msn.com nessma.tv nokia.fr noscript.net ournia.com pagesperso-orange.fr passport.com passport.net passportimages.com paypal.com paypalobjects.com pooki.fr power-ess.com premiere.fr programme-tv.net protect-my-links.com quantserve.com quizz.biz radiotunisienne.tn rapidshare.com scorecardresearch.com securecode.com sheekh-3arb.info shemsfm.net simplyquran.com skype.com sport.tn statcounter.com steg.com.tn stephaniehetu.com techniques-ingenieur.fr technorati.com thestreaming.net tolearnenglish.com tradedoubler.com tunishebdo.com.tn tunisiana.com tunisie-foot.com tunisie21.tn tvquran.com tweakmdb.com twitter.com tynt.com uploaded.to urduworld.com uservoice.com veoxa.com verisign.com vivre-mieux-etre.eu webtrends.com wibiya.com wlxrs.com yahoo.com yahoo.net yahooapis.com yimg.com youtube.com ytimg.com zitounafm.net about: about:addons about:blank about:blocked about:certerror about:config about:crashes about:credits about:home about:neterror about:plugins about:privatebrowsing about:sessionrestore chrome: hxxp://247realmedia.com hxxp://3rbfox.com hxxp://4shared.com hxxp://a2dfp.net hxxp://abuchak.net hxxp://addthis.com hxxp://alatest.com hxxp://alatest.fr hxxp://alchourouk.com hxxp://alesayi.me hxxp://aljazeerasport.net hxxp://amazonaws.com hxxp://amung.us hxxp://anglaisfacile.com hxxp://aniweather.com hxxp://apicit.net hxxp://arabcheart.com hxxp://assabile.com hxxp://assarih.net hxxp://atdmt.com hxxp://attijariwafabank.com hxxp://aweber.com hxxp://belle-belle-belle.com hxxp://bestofmedia.com hxxp://billeo.com hxxp://blogger.com hxxp://blogspot.com hxxp://bluelithium.com hxxp://cafonline.com hxxp://carrefourtunisie.com hxxp://central-manuels.com hxxp://chofoo.com hxxp://clickintext.net hxxp://commentcamarche.net hxxp://contextweb.com hxxp://cooliris.com hxxp://dadamp3.com hxxp://digg.com hxxp://doubleclick.net hxxp://editeurjavascript.com hxxp://estat.com hxxp://etoile-du-sahel.com hxxp://facebook.com hxxp://facebook.net hxxp://fbcdn.net hxxp://filefacts.net hxxp://finances.tn hxxp://flashgot.net hxxp://footballdatabase.eu hxxp://forjawal.com hxxp://francaisfacile.com hxxp://gestionpub.com hxxp://getforecastfox.com hxxp://gnet.tn hxxp://google-analytics.com hxxp://google.com hxxp://google.fr hxxp://google.tn hxxp://googleadservices.com hxxp://googleapis.com hxxp://googlesyndication.com hxxp://gsmarena.com hxxp://gstatic.com hxxp://hibamusic.com hxxp://histats.com hxxp://hotmail.com hxxp://i2307.in hxxp://imrworldwide.com hxxp://imtranslator.net hxxp://informaction.com hxxp://infos-du-net.com hxxp://jawharafm.net hxxp://journaldunet.com hxxp://koora.com hxxp://ladmedia.fr hxxp://lapresse.tn hxxp://lequotidien-tn.com hxxp://lewordpress.com hxxp://likethepage.com hxxp://linkextend.com hxxp://live.com hxxp://m93b.com hxxp://maktoob.com hxxp://maone.net hxxp://mediafire.com hxxp://microsoft.com hxxp://mikanikworld.com hxxp://mobiles-actus.com hxxp://mosaiquefm.net hxxp://mozdev.org hxxp://mozilla.net hxxp://msn.com hxxp://nessma.tv hxxp://nokia.fr hxxp://noscript.net hxxp://ournia.com hxxp://pagesperso-orange.fr hxxp://passport.com hxxp://passport.net hxxp://passportimages.com hxxp://paypal.com hxxp://paypalobjects.com hxxp://pooki.fr hxxp://power-ess.com hxxp://premiere.fr hxxp://programme-tv.net hxxp://protect-my-links.com hxxp://quantserve.com hxxp://quizz.biz hxxp://radiotunisienne.tn hxxp://rapidshare.com hxxp://scorecardresearch.com hxxp://securecode.com hxxp://sheekh-3arb.info hxxp://shemsfm.net hxxp://simplyquran.com hxxp://skype.com hxxp://sport.tn hxxp://statcounter.com hxxp://stephaniehetu.com hxxp://techniques-ingenieur.fr hxxp://technorati.com hxxp://thestreaming.net hxxp://tolearnenglish.com hxxp://tradedoubler.com hxxp://tunisiana.com hxxp://tunisie-foot.com hxxp://tunisie21.tn hxxp://tvquran.com hxxp://tweakmdb.com hxxp://twitter.com hxxp://tynt.com hxxp://uploaded.to hxxp://urduworld.com hxxp://uservoice.com hxxp://veoxa.com hxxp://verisign.com hxxp://vivre-mieux-etre.eu hxxp://webtrends.com hxxp://wibiya.com hxxp://wlxrs.com hxxp://www.getforecastfox.com hxxp://yahoo.com hxxp://yahoo.net hxxp://yahooapis.com hxxp://yimg.com hxxp://youtube.com hxxp://ytimg.com hxxp://zitounafm.net hxxps://247realmedia.com hxxps://3rbfox.com hxxps://4shared.com hxxps://a2dfp.net hxxps://addthis.com hxxps://alatest.com hxxps://alatest.fr hxxps://alchourouk.com hxxps://alesayi.me hxxps://aljazeerasport.net hxxps://amazonaws.com hxxps://amung.us hxxps://anglaisfacile.com hxxps://aniweather.com hxxps://apicit.net hxxps://arabcheart.com hxxps://assabile.com hxxps://assarih.net hxxps://atdmt.com hxxps://attijariwafabank.com hxxps://aweber.com hxxps://belle-belle-belle.com hxxps://bestofmedia.com hxxps://billeo.com hxxps://blogger.com hxxps://blogspot.com hxxps://bluelithium.com hxxps://cafonline.com hxxps://carrefourtunisie.com hxxps://central-manuels.com hxxps://chofoo.com hxxps://clickintext.net hxxps://commentcamarche.net hxxps://contextweb.com hxxps://cooliris.com hxxps://dadamp3.com hxxps://digg.com hxxps://doubleclick.net hxxps://editeurjavascript.com hxxps://estat.com hxxps://etoile-du-sahel.com hxxps://facebook.com hxxps://facebook.net hxxps://fbcdn.net hxxps://filefacts.net hxxps://finances.tn hxxps://flashgot.net hxxps://footballdatabase.eu hxxps://forjawal.com hxxps://francaisfacile.com hxxps://gestionpub.com hxxps://getforecastfox.com hxxps://gnet.tn hxxps://google-analytics.com hxxps://google.com hxxps://google.fr hxxps://google.tn hxxps://googleadservices.com hxxps://googleapis.com hxxps://googlesyndication.com hxxps://gsmarena.com hxxps://gstatic.com hxxps://hibamusic.com hxxps://histats.com hxxps://hotmail.com hxxps://i2307.in hxxps://imrworldwide.com hxxps://imtranslator.net hxxps://informaction.com hxxps://infos-du-net.com hxxps://jawharafm.net hxxps://journaldunet.com hxxps://koora.com hxxps://ladmedia.fr hxxps://lapresse.tn hxxps://lequotidien-tn.com hxxps://lewordpress.com hxxps://likethepage.com hxxps://linkextend.com hxxps://live.com hxxps://m93b.com hxxps://maktoob.com hxxps://maone.net hxxps://mediafire.com hxxps://microsoft.com hxxps://mikanikworld.com hxxps://mobiles-actus.com hxxps://mosaiquefm.net hxxps://mozdev.org hxxps://mozilla.net hxxps://msn.com hxxps://nessma.tv hxxps://nokia.fr hxxps://noscript.net hxxps://ournia.com hxxps://pagesperso-orange.fr hxxps://passport.com hxxps://passport.net hxxps://passportimages.com hxxps://paypal.com hxxps://paypalobjects.com hxxps://pooki.fr hxxps://power-ess.com hxxps://premiere.fr hxxps://programme-tv.net hxxps://protect-my-links.com hxxps://quantserve.com hxxps://quizz.biz hxxps://radiotunisienne.tn hxxps://rapidshare.com hxxps://scorecardresearch.com hxxps://securecode.com hxxps://sheekh-3arb.info hxxps://shemsfm.net hxxps://simplyquran.com hxxps://skype.com hxxps://sport.tn hxxps://statcounter.com hxxps://stephaniehetu.com hxxps://techniques-ingenieur.fr hxxps://technorati.com hxxps://thestreaming.net hxxps://tolearnenglish.com hxxps://tradedoubler.com hxxps://tunisiana.com hxxps://tunisie-foot.com hxxps://tunisie21.tn hxxps://tvquran.com hxxps://tweakmdb.com hxxps://twitter.com hxxps://tynt.com hxxps://uploaded.to hxxps://urduworld.com hxxps://uservoice.com hxxps://veoxa.com hxxps://verisign.com hxxps://vivre-mieux-etre.eu hxxps://webtrends.com hxxps://wibiya.com hxxps://wlxrs.com hxxps://yahoo.com hxxps://yahoo.net hxxps://yahooapis.com hxxps://yimg.com hxxps://youtube.com hxxps://ytimg.com hxxps://zitounafm.net mms: resource:");
Présente : user_pref("extensions.foxlingo.addit.defaultAddons", "{ \"software\": {\"7\": {\"id\": \"7\",\"title\": \"Billeo\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/firefox/downloads/file/118878/offer_assistant-2.1.1.4-fx-windows.xpi?confirmed=1&src=external-addonfox\",\"homepage\": \"hxxp://www.billeo.com/\",\"icon url\": \"hxxp://www.billeo.com/favicon.ico\",\"is standalone\": \"\",\"xpi euid\": \"4be68a18-deba-49e0-9e09-ee7796f3b62a\",\"category\": \"General\",\"is default\": \"1\",\"name\": \"Billeo\",\"description\": \"Flags your search results where discounts and promotions are available\"},\"35\": {\"id\": \"35\",\"title\": \"ConnectBar\",\"type\": \"XPI\",\"url\": \"hxxp://connectbar.net/connectbar.xpi?userid=7\",\"homepage\": \"hxxp://www.connectbar.net/\",\"icon url\": \"hxxp://www.linkular.com/img/icons/publishers/connectbar.ico\",\"is standalone\": \"\",\"xpi euid\": \"c7661bd8-ec96-cf1f-abb1-1f239fbdbbb9\",\"category\": \"General\",\"is default\": \"1\",\"name\": \"ConnectBar\",\"description\": \"Perform searches, chat and ratings from your browser anywhere on the web\"},\"20\": {\"id\": \"20\",\"title\": \"Babylon\",\"type\": \"EXE\",\"url\": \"hxxps://www.addonfox.com/partners/rd/babylon/\",\"homepage\": \"hxxp://www.babylon.com/\",\"icon url\": \"hxxp://www.babylon.com/favicon.ico\",\"is standalone\": \"\",\"exe args\": \"-semi -affilID=18508\",\"category\": \"Language\",\"is default\": \"\",\"name\": \"Babylon\",\"description\": \"Desktop translation tool (translate entire documents, single-click access)\"}}}");
Présente : user_pref("extensions.likethepage.addit.remoteInstallItems", "{ \"software\": {\"7\": {\"id\": \"7\",\"title\": \"Billeo\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/firefox/downloads/file/118878/offer_assistant-2.1.1.4-fx-windows.xpi?confirmed=1&src=external-addonfox\",\"homepage\": \"hxxp://www.billeo.com/\",\"icon url\": \"hxxp://www.billeo.com/favicon.ico\",\"is standalone\": \"\",\"xpi euid\": \"4be68a18-deba-49e0-9e09-ee7796f3b62a\",\"category\": \"General\",\"is default\": \"1\",\"name\": \"Billeo\",\"description\": \"Flags your search results where discounts and promotions are available\"},\"35\": {\"id\": \"35\",\"title\": \"ConnectBar\",\"type\": \"XPI\",\"url\": \"hxxp://connectbar.net/connectbar.xpi?userid=7\",\"homepage\": \"hxxp://www.connectbar.net/\",\"icon url\": \"hxxp://www.linkular.com/img/icons/publishers/connectbar.ico\",\"is standalone\": \"\",\"toolbar priority\": \"1\",\"xpi euid\": \"c7661bd8-ec96-cf1f-abb1-1f239fbdbbb9\",\"category\": \"General\",\"is default\": \"1\",\"name\": \"ConnectBar\",\"description\": \"Perform searches, chat and ratings from your browser anywhere on the web\"},\"11\": {\"id\": \"11\",\"title\": \"KwiClick\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/en-US/firefox/downloads/latest/5655/addon-5655-latest.xpi?src=external-addonfox\",\"homepage\": \"hxxp://www.kwiclick.com/\",\"icon url\": \"hxxp://www.kwiclick.com/favicon.ico\",\"is standalone\": \"\",\"xpi euid\": \"vinceturk@gmail.com\",\"xpi prefs\": \"extensions.kwiclick.channel.campaign='AddonFoxInt',extensions.kwiclick.channel.content='AddonFoxInt',extensions.kwiclick.channel.id='AddonFoxInt',extensions.kwiclick.channel.cse='009607407620987551725:3hfwsbgoj80',extensions.kwiclick.channel.medium='cpa',extensions.kwiclick.channel.source='AddonFoxInt',extensions.kwiclick.channel.set=true\",\"category\": \"Customization\",\"is default\": \"1\",\"name\": \"KwiClick\",\"description\": \"Delivers search results in a small popup window for any selected text\"},\"1\": {\"id\": \"1\",\"title\": \"FoxLingo\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/en-US/firefox/downloads/latest/2444/addon-2444-latest.xpi?src=external-addonfox\",\"homepage\": \"hxxp://www.foxlingo.com/\",\"icon url\": \"hxxp://www.foxlingo.com/favicon.ico\",\"is standalone\": \"\",\"xpi euid\": \"ef62e1ce-d2a4-4cdd-b7ec-92b120366b66\",\"xpi prefs\": \"foxlingo.fulllogo=false\",\"category\": \"Language\",\"is default\": \"1\",\"name\": \"FoxLingo\",\"description\": \"Web page and text translator, dictionary, grammar checker, text-to-speech, etc.\"},\"20\": {\"id\": \"20\",\"title\": \"Babylon\",\"type\": \"EXE\",\"url\": \"hxxps://www.addonfox.com/partners/rd/babylon/\",\"homepage\": \"hxxp://www.babylon.com/\",\"icon url\": \"hxxp://www.babylon.com/favicon.ico\",\"is standalone\": \"\",\"exe args\": \"-semi -affilID=18508\",\"category\": \"Language\",\"is default\": \"\",\"name\": \"Babylon\",\"description\": \"Desktop translation tool (translate entire documents, single-click access)\"}}}");
Présente : user_pref("extensions.linkextend.addit.remoteInstallItems", "{ \"software\": {\"7\": {\"id\": \"7\",\"title\": \"Billeo\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/firefox/downloads/file/118878/offer_assistant-2.1.1.4-fx-windows.xpi?confirmed=1&src=external-addonfox\",\"homepage\": \"hxxp://www.billeo.com/\",\"icon url\": \"hxxp://www.billeo.com/favicon.ico\",\"is standalone\": \"\",\"xpi euid\": \"4be68a18-deba-49e0-9e09-ee7796f3b62a\",\"category\": \"General\",\"is default\": \"1\",\"name\": \"Billeo\",\"description\": \"Flags your search results where discounts and promotions are available\"},\"35\": {\"id\": \"35\",\"title\": \"ConnectBar\",\"type\": \"XPI\",\"url\": \"hxxp://connectbar.net/connectbar.xpi?userid=7\",\"homepage\": \"hxxp://www.connectbar.net/\",\"icon url\": \"hxxp://www.linkular.com/img/icons/publishers/connectbar.ico\",\"is standalone\": \"\",\"toolbar priority\": \"1\",\"xpi euid\": \"c7661bd8-ec96-cf1f-abb1-1f239fbdbbb9\",\"category\": \"General\",\"is default\": \"1\",\"name\": \"ConnectBar\",\"description\": \"Perform searches, chat and ratings from your browser anywhere on the web\"},\"11\": {\"id\": \"11\",\"title\": \"KwiClick\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/en-US/firefox/downloads/latest/5655/addon-5655-latest.xpi?src=external-addonfox\",\"homepage\": \"hxxp://www.kwiclick.com/\",\"icon url\": \"hxxp://www.kwiclick.com/favicon.ico\",\"is standalone\": \"\",\"xpi euid\": \"vinceturk@gmail.com\",\"xpi prefs\": \"extensions.kwiclick.channel.campaign='AddonFoxInt',extensions.kwiclick.channel.content='AddonFoxInt',extensions.kwiclick.channel.id='AddonFoxInt',extensions.kwiclick.channel.cse='009607407620987551725:3hfwsbgoj80',extensions.kwiclick.channel.medium='cpa',extensions.kwiclick.channel.source='AddonFoxInt',extensions.kwiclick.channel.set=true\",\"category\": \"Customization\",\"is default\": \"1\",\"name\": \"KwiClick\",\"description\": \"Delivers search results in a small popup window for any selected text\"},\"1\": {\"id\": \"1\",\"title\": \"FoxLingo\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/en-US/firefox/downloads/latest/2444/addon-2444-latest.xpi?src=external-addonfox\",\"homepage\": \"hxxp://www.foxlingo.com/\",\"icon url\": \"hxxp://www.foxlingo.com/favicon.ico\",\"is standalone\": \"\",\"xpi euid\": \"ef62e1ce-d2a4-4cdd-b7ec-92b120366b66\",\"xpi prefs\": \"foxlingo.fulllogo=false\",\"category\": \"Language\",\"is default\": \"1\",\"name\": \"FoxLingo\",\"description\": \"Web page and text translator, dictionary, grammar checker, text-to-speech, etc.\"},\"20\": {\"id\": \"20\",\"title\": \"Babylon\",\"type\": \"EXE\",\"url\": \"hxxps://www.addonfox.com/partners/rd/babylon/\",\"homepage\": \"hxxp://www.babylon.com/\",\"icon url\": \"hxxp://www.babylon.com/favicon.ico\",\"is standalone\": \"\",\"exe args\": \"-semi -affilID=18508\",\"category\": \"Language\",\"is default\": \"\",\"name\": \"Babylon\",\"description\": \"Desktop translation tool (translate entire documents, single-click access)\"}}}");
Présente : user_pref("extensions.tweakmdb.addit.remoteInstallItems", "{ \"software\": {\"7\": {\"id\": \"7\",\"title\": \"Billeo\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/firefox/downloads/file/118878/offer_assistant-2.1.1.4-fx-windows.xpi?confirmed=1&src=external-addonfox\",\"homepage\": \"hxxp://www.billeo.com/\",\"icon url\": \"hxxp://www.billeo.com/favicon.ico\",\"is standalone\": \"\",\"xpi euid\": \"4be68a18-deba-49e0-9e09-ee7796f3b62a\",\"category\": \"General\",\"is default\": \"1\",\"name\": \"Billeo\",\"description\": \"Flags your search results where discounts and promotions are available\"},\"35\": {\"id\": \"35\",\"title\": \"ConnectBar\",\"type\": \"XPI\",\"url\": \"hxxp://connectbar.net/connectbar.xpi?userid=7\",\"homepage\": \"hxxp://www.connectbar.net/\",\"icon url\": \"hxxp://www.linkular.com/img/icons/publishers/connectbar.ico\",\"is standalone\": \"\",\"toolbar priority\": \"1\",\"xpi euid\": \"c7661bd8-ec96-cf1f-abb1-1f239fbdbbb9\",\"category\": \"General\",\"is default\": \"1\",\"name\": \"ConnectBar\",\"description\": \"Perform searches, chat and ratings from your browser anywhere on the web\"},\"11\": {\"id\": \"11\",\"title\": \"KwiClick\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/en-US/firefox/downloads/latest/5655/addon-5655-latest.xpi?src=external-addonfox\",\"homepage\": \"hxxp://www.kwiclick.com/\",\"icon url\": \"hxxp://www.kwiclick.com/favicon.ico\",\"is standalone\": \"\",\"xpi euid\": \"vinceturk@gmail.com\",\"xpi prefs\": \"extensions.kwiclick.channel.campaign='AddonFoxInt',extensions.kwiclick.channel.content='AddonFoxInt',extensions.kwiclick.channel.id='AddonFoxInt',extensions.kwiclick.channel.cse='009607407620987551725:3hfwsbgoj80',extensions.kwiclick.channel.medium='cpa',extensions.kwiclick.channel.source='AddonFoxInt',extensions.kwiclick.channel.set=true\",\"category\": \"Customization\",\"is default\": \"1\",\"name\": \"KwiClick\",\"description\": \"Delivers search results in a small popup window for any selected text\"},\"1\": {\"id\": \"1\",\"title\": \"FoxLingo\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/en-US/firefox/downloads/latest/2444/addon-2444-latest.xpi?src=external-addonfox\",\"homepage\": \"hxxp://www.foxlingo.com/\",\"icon url\": \"hxxp://www.foxlingo.com/favicon.ico\",\"is standalone\": \"\",\"xpi euid\": \"ef62e1ce-d2a4-4cdd-b7ec-92b120366b66\",\"xpi prefs\": \"foxlingo.fulllogo=false\",\"category\": \"Language\",\"is default\": \"1\",\"name\": \"FoxLingo\",\"description\": \"Web page and text translator, dictionary, grammar checker, text-to-speech, etc.\"},\"20\": {\"id\": \"20\",\"title\": \"Babylon\",\"type\": \"EXE\",\"url\": \"hxxps://www.addonfox.com/partners/rd/babylon/\",\"homepage\": \"hxxp://www.babylon.com/\",\"icon url\": \"hxxp://www.babylon.com/favicon.ico\",\"is standalone\": \"\",\"exe args\": \"-semi -affilID=18508\",\"category\": \"Language\",\"is default\": \"\",\"name\": \"Babylon\",\"description\": \"Desktop translation tool (translate entire documents, single-click access)\"}}}");
Présente : user_pref("keyword.URL", "hxxp://abuchak.net/?ref=ff.1.1.101&q=");
Présente : user_pref("noscript.untrusted", "abuchak.net hxxp://abuchak.net hxxps://abuchak.net");
Présente : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Présente : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Présente : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Présente : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Présente : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Présente : user_pref("sweetim.toolbar.mode.debug", "false");
Présente : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "SweetIM Search");
Présente : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
Présente : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "SweetIM Search");
Présente : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://home.sweetim.com");
Présente : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://abuchak.net/?ref=ff.1.1.87&q=");
Présente : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
Présente : user_pref("sweetim.toolbar.search.history.capacity", "10");
Présente : user_pref("sweetim.toolbar.simapp_id", "{B244A6D7-B202-11E0-BD10-0027134CA7E7}");
Présente : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");

Profil : xljhq149.default
Fichier : C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\xljhq149.default\prefs.js

Présente : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Présente : user_pref("browser.startup.homepage", "hxxp://home.sweetim.com");
Présente : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
Présente : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Présente : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
Présente : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\Ezzina Olfi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [41374 octets] - [13/09/2011 19:14:18]

########## EOF - C:\AdwCleaner[R1].txt - [41503 octets] ##########
Olfi
 
Messages: 35
Inscription: 13 Sep 2011, 09:45

Re: PC infecté.

Messagede Olfi » 13 Sep 2011, 19:49

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\jdownloader\jd\plugins\hoster\crackedcom.class
c:\program files (x86)\solidworks\crack.exe
c:\users\ezzina olfi\1-documentations\informatique\1\200 hacking tutorials\compression and cracks for dummies.txt
c:\users\ezzina olfi\1-documentations\informatique\1\200 hacking tutorials\cracking zip password files.txt
c:\users\ezzina olfi\1-documentations\informatique\1\200 hacking tutorials\debug, learn how crack windows.txt
c:\users\ezzina olfi\1-documentations\informatique\1\200 hacking tutorials\ebay hackcracktip.txt
c:\users\ezzina olfi\1-documentations\informatique\1\200 hacking tutorials\google crack search.txt
c:\users\ezzina olfi\1-documentations\informatique\1\200 hacking tutorials\a cracking tutorial\c101-90.000
c:\users\ezzina olfi\1-documentations\informatique\1\200 hacking tutorials\a cracking tutorial\c101-90.001
c:\users\ezzina olfi\1-documentations\informatique\1\200 hacking tutorials\a cracking tutorial\c101-90.002
c:\users\ezzina olfi\1-documentations\informatique\1\200 hacking tutorials\a cracking tutorial\c101-90.003
c:\users\ezzina olfi\1-documentations\informatique\1\200 hacking tutorials\a cracking tutorial\c101-90.004
c:\users\ezzina olfi\1-documentations\informatique\1\200 hacking tutorials\a cracking tutorial\ed!son.nfo
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\16 lecons de crack.rar
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\a lire.txt
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\cours\1guide.pdf
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\cours\2pages 72.pdf
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\cours\3cours n°16.pdf
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 10\crackme11.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 10\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 11\crackme.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 11\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 11\stud_pe1.7.1b\nfo.txt
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 11\stud_pe1.7.1b\psapi.dll
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 11\stud_pe1.7.1b\stud_pe.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 11\stud_pe1.7.1b\unicows.dll
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 12\pour acceder rapidament à la calculette.txt
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 12\reshacker.zip
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 12\restorator.zip
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 13\crackme3.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 13\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 13\reshacker.zip
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 13\restorator.zip
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 14\0247.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 14\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 15\due-cm2.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 15\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 15\odbg110.zip
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 16\crackit.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 16\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 16\odbg110.zip
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 2\crackme#1.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 2\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 2\winrar.exe.lnk
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 3\crackme.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 3\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 4\crackme.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 4\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 5\basic.zip
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 5\crackme3.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 5\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 6\winrar 2.71.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 7\crackme.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 7\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 8\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 8\teleport pro.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 9\crackme9.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 9\lancez-moi.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\crack-me & utilitaire pour les cours\lecon 9\upx.zip
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\soft\odbg110.zip
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\soft\wdasm89.zip
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\soft\hex workshop 6.0.1.4603\hex.workshop.v6.0.1.4603.rar
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\soft\hex workshop 6.0.1.4603\hex workshop v6.0.1.4603\hw32v601.exe
c:\users\ezzina olfi\1-documentations\informatique\16 lecons de crack\soft\hex workshop 6.0.1.4603\hex workshop v6.0.1.4603\readme.txt
c:\users\ezzina olfi\1-documentations\informatique\2\more hacking\a guide to internet security- becoming an uebercracker.txt
c:\users\ezzina olfi\1-documentations\informatique\2\more hacking\compression and cracks for dummies.txt
c:\users\ezzina olfi\1-documentations\informatique\2\more hacking\the cracking manual.txt
c:\users\ezzina olfi\1-documentations\informatique\2\more hacking\a cracking tutorial\c101-90.000
c:\users\ezzina olfi\1-documentations\informatique\2\more hacking\a cracking tutorial\c101-90.001
c:\users\ezzina olfi\1-documentations\informatique\2\more hacking\a cracking tutorial\c101-90.002
c:\users\ezzina olfi\1-documentations\informatique\2\more hacking\a cracking tutorial\c101-90.003
c:\users\ezzina olfi\1-documentations\informatique\2\more hacking\a cracking tutorial\c101-90.004
c:\users\ezzina olfi\1-documentations\informatique\2\more hacking\a cracking tutorial\ed!son.nfo
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\3.dll
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 1 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 10 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 11 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 12 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 13 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 14 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 2 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 4 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 6 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 7 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 8 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\cours de cracking leçon 9 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\ecrire en turbo pascal son premier crack - cours de cracking leçon 5 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking\leçon 3 de cracking _ échec de l'enregistrement alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 1 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 10 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 11 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 12 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 13 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 14 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 2 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 4 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 6 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 7 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 8 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\cours de cracking leçon 9 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\ecrire en turbo pascal son premier crack - cours de cracking leçon 5 alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours de cracking alex\leçon 3 de cracking _ échec de l'enregistrement alex.pdf
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_01.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_02.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_03.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_04.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_05.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_06.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_07.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_08.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_09.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_10.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_11.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_12.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_13.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_cracking_14.htm
c:\users\ezzina olfi\1-documentations\informatique\cours_pifoman\cours\cours_pif_sclean_keygen.htm
c:\users\ezzina olfi\1-documentations\informatique\divers hacks\cracking bios, use the followin' code.txt
c:\users\ezzina olfi\1-documentations\informatique\divers hacks\cracking zip password files.txt
c:\users\ezzina olfi\1-documentations\informatique\divers hacks\debug, learn how crack windows.txt
c:\users\ezzina olfi\1-documentations\informatique\divers hacks\ebay hackcracktip.txt
c:\users\ezzina olfi\1-documentations\informatique\divers hacks\google crack search.txt
c:\users\ezzina olfi\1-documentations\informatique\divers hacks\how to download directly from crackdb.com.txt
c:\users\ezzina olfi\1-documentations\informatique\divers hacks\modify .exe files and crack a program.txt
c:\users\ezzina olfi\1-documentations\informatique\tutorials - blacksun.box.sk\novell\novell netware - cracking netware.htm
c:\users\ezzina olfi\1-documentations\informatique\tutorials - blacksun.box.sk\tools\how to use the fast zip cracker (fzc).html
c:\users\ezzina olfi\1-documentations\jeux\age of empires 2 - the conquerors (fr) by kolrik\(-- crack --)\age2_x1.exe
c:\users\ezzina olfi\1-documentations\jeux\aoe iii crack & serial\age of empire 3 serial.txt
c:\users\ezzina olfi\1-documentations\jeux\aoe iii crack & serial\crack no cd aoe3\age3.exe
c:\users\ezzina olfi\1-documentations\jeux\aoe iii crack & serial\crack no cd aoe3\crack.txt
c:\users\ezzina olfi\1-documentations\logiciels\logiciels_2010\winrar.v3.91.fr.final\winrar.v3.91.final\winrar.v3.91.final.fff\crack\rarreg.key
c:\users\ezzina olfi\1-documentations\technique de l'ingegneur\technique de l'ingegneur tome 1\everest ultimate edition2007\setupeverest ultimate edition2007(cracked).exe
c:\users\ezzina olfi\1-documentations\technique de l'ingegneur\technique de l'ingegneur tome 1\solid pdf converter to word 2.2\comment le cracker.txt
c:\users\ezzina olfi\downloads\logiciels\n.pdf.pro.6\free full software music\liste\removewat v2.1.txt
scanner sequence 3.ZZ.11.XFNACH
----- EOF -----
Olfi
 
Messages: 35
Inscription: 13 Sep 2011, 09:45

Re: PC infecté.

Messagede Olfi » 15 Sep 2011, 19:23

Salut;
Voila le rapport OLT.
OTL logfile created on: 15/09/2011 18:15:35 - Run 3
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Ezzina Olfi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,97 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 46,19% Memory free
7,93 Gb Paging File | 5,36 Gb Available in Paging File | 67,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,58 Gb Total Space | 117,74 Gb Free Space | 26,01% Space Free | Partition Type: NTFS
Drive D: | 12,98 Gb Total Space | 2,16 Gb Free Space | 16,67% Space Free | Partition Type: NTFS

Computer Name: EZZINAOLFI-PC | User Name: Ezzina Olfi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/13 18:22:21 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Ezzina Olfi\Desktop\OTL.exe
PRC - [2011/09/06 21:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/09/01 12:39:54 | 000,966,712 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/08/28 16:06:26 | 000,366,024 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\bin\IncMail.exe
PRC - [2011/08/28 16:06:26 | 000,263,624 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\bin\ImApp.exe
PRC - [2011/08/01 04:32:20 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/08/01 04:32:10 | 003,507,088 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/07/25 21:44:53 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/07/20 11:28:38 | 001,376,304 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
PRC - [2011/06/16 08:24:20 | 000,141,824 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011/06/14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2011/06/08 13:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/26 11:29:03 | 000,800,768 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/05/20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/03/19 14:55:24 | 001,204,224 | ---- | M] (www.IslamicFinder.org) -- C:\Program Files (x86)\Athan\Athan.exe
PRC - [2011/03/17 15:31:44 | 003,278,232 | ---- | M] (Tonec Inc.) -- C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IDMan.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/08/09 14:00:38 | 000,284,016 | ---- | M] (Driver-Soft Inc.) -- C:\Program Files (x86)\Driver-Soft\DriverGenius\TaskTray.exe
PRC - [2010/07/09 12:40:24 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2010/05/25 16:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IEMonitor.exe
PRC - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/12/17 06:42:06 | 000,105,632 | ---- | M] (Corel) -- C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
PRC - [2009/07/23 19:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/07/23 10:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/03/03 11:38:40 | 000,145,736 | ---- | M] (Metacafe) -- C:\Program Files (x86)\Metacafe\MetacafeAgent.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/04/19 15:45:06 | 000,074,672 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
PRC - [2007/04/19 15:44:12 | 000,058,288 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmon.exe
PRC - [2006/06/13 17:11:46 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE
PRC - [2002/10/25 16:29:20 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Larousse\Larousse Expression\bin\olfTray.exe
PRC - [2002/10/25 11:39:54 | 000,966,656 | ---- | M] () -- C:\Program Files (x86)\Larousse\Larousse Expression\bin\OLF.exe
PRC - [2002/10/24 10:45:28 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\HISrv3.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/31 04:37:49 | 000,115,137 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
MOD - [2011/08/31 03:37:32 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\49a869f7cecc4837d0ba80fd383b716f\System.Management.ni.dll
MOD - [2011/08/31 03:36:06 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e1794b5c931858179cdb9295b7c0fec8\System.Runtime.Remoting.ni.dll
MOD - [2011/08/31 03:35:59 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a033c53c05f563f780a669d5477c2281\System.Xaml.ni.dll
MOD - [2011/08/31 01:54:02 | 018,019,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ee3cfefc6b1c79b2654f6225b9f412d1\PresentationFramework.ni.dll
MOD - [2011/08/31 01:53:52 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dc7d4afaac16149920cb140efa9082a2\PresentationFramework.Aero.ni.dll
MOD - [2011/08/31 01:53:46 | 011,470,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\06c0cd2b5cfaed3923676f02469b0439\PresentationCore.ni.dll
MOD - [2011/08/31 01:53:41 | 013,138,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\99199c87964064eb6755eac087c82580\System.Windows.Forms.ni.dll
MOD - [2011/08/31 01:53:35 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\58d351e601da7071a83e73aec83f69b4\WindowsBase.ni.dll
MOD - [2011/08/31 01:53:32 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9de1ba31763ae79e1411e932830a359f\System.Drawing.ni.dll
MOD - [2011/08/31 01:53:29 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\4788ba976ec6b1d6a725862d44bafcb3\System.Core.ni.dll
MOD - [2011/08/31 01:53:25 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bfc7d61ef8a7858140ffb0a610e9db39\System.Xml.ni.dll
MOD - [2011/08/31 01:53:21 | 009,086,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\647979acaa344a521052767a61d8adeb\System.ni.dll
MOD - [2011/08/31 01:53:15 | 014,409,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\07b8cdebc8d6a4a3ee47da99088be5cc\mscorlib.ni.dll
MOD - [2011/08/28 16:06:26 | 000,267,720 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\bin\ImLookExU.dll
MOD - [2011/08/28 16:06:26 | 000,132,552 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\bin\ImComUtlU.dll
MOD - [2011/08/28 16:06:26 | 000,071,112 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\bin\wlessfp1.dll
MOD - [2011/08/22 22:53:02 | 000,107,896 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\bin\PMC.dll
MOD - [2011/08/22 22:53:02 | 000,079,304 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll
MOD - [2011/08/19 23:09:51 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll
MOD - [2011/08/19 23:09:08 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\8b3b6ed74cb3d94695b0eaf94a362d42\UIAutomationTypes.ni.dll
MOD - [2011/08/19 23:09:06 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll
MOD - [2011/08/19 23:08:52 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll
MOD - [2011/08/19 23:06:38 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e9a08576157b4aeb91a3aaa452fcb00\System.Management.ni.dll
MOD - [2011/08/19 23:06:25 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\b7d1c271ec6b4df64c95563fc81ffc2f\System.Data.ni.dll
MOD - [2011/08/19 23:06:19 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\33b601c8e2cf4993e68d763389246197\System.Web.ni.dll
MOD - [2011/08/19 23:06:12 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll
MOD - [2011/08/19 23:06:11 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll
MOD - [2011/08/19 23:06:11 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\404a96929233a9369c11956e9c0259c2\IAStorCommon.ni.dll
MOD - [2011/08/19 23:06:09 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\eb0d3659dc2d7c3c0738be9a95c92061\IAStorUtil.ni.dll
MOD - [2011/08/19 23:06:06 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011/08/19 23:05:59 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011/08/19 23:05:55 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011/08/19 23:05:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011/08/19 23:05:36 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011/08/19 23:05:23 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011/08/01 04:32:20 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/07/13 15:42:58 | 000,931,896 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll
MOD - [2011/07/13 15:41:54 | 010,837,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll
MOD - [2011/07/13 15:41:54 | 008,166,912 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll
MOD - [2011/07/13 15:41:54 | 002,551,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll
MOD - [2011/07/13 15:41:54 | 002,282,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll
MOD - [2011/07/13 15:41:54 | 001,288,192 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll
MOD - [2011/07/13 15:41:54 | 000,913,920 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll
MOD - [2011/07/13 15:41:54 | 000,676,864 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll
MOD - [2011/07/13 15:41:54 | 000,416,256 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll
MOD - [2011/07/13 15:41:54 | 000,340,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll
MOD - [2011/07/13 15:41:54 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll
MOD - [2011/07/13 15:41:54 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll
MOD - [2011/07/13 15:41:54 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll
MOD - [2011/07/13 15:41:54 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll
MOD - [2011/07/13 15:41:52 | 002,246,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll
MOD - [2011/07/13 15:12:46 | 000,508,416 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll
MOD - [2011/07/13 15:12:46 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll
MOD - [2011/07/13 15:12:18 | 000,378,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtCore.dll
MOD - [2011/07/13 15:12:18 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtWeb.dll
MOD - [2011/07/13 15:12:16 | 000,089,088 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\qjson.dll
MOD - [2011/07/13 15:12:14 | 000,392,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\ssoengine.dll
MOD - [2011/07/13 15:12:14 | 000,387,976 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll
MOD - [2011/07/13 15:12:14 | 000,058,768 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\securestorage.dll
MOD - [2011/07/13 15:11:06 | 000,727,552 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll
MOD - [2011/05/22 18:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/28 19:25:58 | 000,123,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010/11/13 00:52:13 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/05/06 03:22:44 | 000,161,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Practices.EnterpriseLibrary.Common\3.1.0.0__b03f5f7f11d50a3a\Microsoft.Practices.EnterpriseLibrary.Common.dll
MOD - [2010/05/06 03:22:44 | 000,079,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling\3.1.0.0__b03f5f7f11d50a3a\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll
MOD - [2010/05/06 03:22:44 | 000,064,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Practices.ObjectBuilder\1.0.51206.0__b03f5f7f11d50a3a\Microsoft.Practices.ObjectBuilder.dll
MOD - [2010/03/19 10:45:36 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/03/19 10:45:36 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/03/19 10:45:36 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2010/03/08 21:08:28 | 000,282,697 | ---- | M] () -- C:\Program Files (x86)\Athan\vbp.dll
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/08/21 04:23:09 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2009/08/21 04:23:06 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009/08/21 04:22:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009/07/23 10:37:14 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/07/15 16:51:04 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/07/15 16:51:02 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/07/15 16:50:58 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/07/15 16:50:56 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/07/15 16:50:56 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/07/15 16:50:54 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/07/15 16:50:52 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/07/15 16:50:44 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2006/06/13 17:13:00 | 000,346,904 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Reference 2007\MSENCXML.DLL
MOD - [2006/06/13 17:13:00 | 000,260,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Reference 2007\ERSREGPR.DLL
MOD - [2006/06/13 17:13:00 | 000,228,120 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Reference 2007\MSENCDAT.DLL
MOD - [2006/06/13 17:13:00 | 000,178,968 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Reference 2007\ENCCONT.DLL
MOD - [2006/06/13 17:11:45 | 000,068,376 | ---- | M] () -- C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICTEIT.EBK
MOD - [2006/03/07 11:29:48 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Metacafe\SystemUtils.dll
MOD - [2005/07/20 11:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll
MOD - [2004/12/25 12:37:22 | 000,258,121 | ---- | M] () -- C:\Program Files (x86)\Athan\vbh.dll
MOD - [2004/03/20 13:49:40 | 000,229,444 | ---- | M] () -- C:\Program Files (x86)\Athan\vbq.dll
MOD - [2002/10/25 16:29:20 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Larousse\Larousse Expression\bin\olfTray.exe
MOD - [2002/10/25 11:39:54 | 000,966,656 | ---- | M] () -- C:\Program Files (x86)\Larousse\Larousse Expression\bin\OLF.exe
MOD - [2002/10/24 10:45:28 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\HISrv3.exe
MOD - [2002/10/24 10:43:28 | 000,446,464 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\HIIndex3.dll
MOD - [2002/10/11 10:48:24 | 000,135,168 | ---- | M] () -- C:\Windows\SysWOW64\KleiaHook.dll
MOD - [2002/10/01 18:18:10 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\CHIDichoIndex.dll
MOD - [2000/09/28 08:27:10 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\HILDataObj.dll
MOD - [2000/09/26 08:10:42 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\HICompress.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/08/21 23:51:48 | 001,028,096 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/07/28 22:35:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/07/20 11:27:04 | 000,591,920 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\LEsrv.exe -- (Bluetooth Low Energy Service)
SRV:64bit: - [2011/07/20 11:26:50 | 001,250,352 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV:64bit: - [2011/07/20 11:26:46 | 004,187,696 | ---- | M] (Motorola Solutions, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV:64bit: - [2011/06/29 17:25:12 | 003,246,920 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV:64bit: - [2011/06/17 19:28:30 | 000,786,992 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/04/24 11:17:28 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011/03/21 11:17:46 | 000,341,312 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe -- (NitroDriverReadSpool)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/28 03:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2007/04/19 15:43:56 | 000,566,192 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxczcoms.exe -- (lxcz_device)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/21 23:51:47 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/01 22:26:03 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)
SRV - [2011/06/08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/21 21:39:21 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/09 12:40:24 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/22 11:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/04/19 15:43:42 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxczcoms.exe -- (lxcz_device)
SRV - [2003/04/18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/06 21:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/09/06 21:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/09/06 21:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/09/06 21:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/09/06 21:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/09/06 21:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/07/28 23:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/07/28 23:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/28 21:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/07/25 19:10:44 | 000,684,416 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmusb.sys -- (BTMUSB)
DRV:64bit: - [2011/07/25 14:29:54 | 000,026,200 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2011/07/22 11:28:38 | 000,175,192 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011/07/06 18:12:50 | 000,367,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011/06/10 14:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/05/18 10:14:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/05/18 10:14:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/05/18 10:14:16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/05/18 10:14:12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/05/18 10:09:48 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/05/07 22:54:50 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/03/17 16:52:34 | 000,146,568 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/22 18:33:16 | 000,052,736 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmcom.sys -- (BTMCOM)
DRV:64bit: - [2011/01/19 11:28:55 | 008,080,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Pilote de carte de la série Intel(R)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/26 14:18:58 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:64bit: - [2010/07/26 14:15:26 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010/07/20 04:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/20 04:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/20 04:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/13 21:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/05/27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/03/02 05:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/01/13 16:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Pilote de carte Intel(R)
DRV:64bit: - [2009/08/13 11:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/23 18:02:38 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/29 19:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/29 18:00:00 | 000,116,752 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010/07/26 14:15:26 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2010/01/29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [1999/09/25 17:03:10 | 000,014,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\SECDRV.SYS -- (Secdrv)
DRV - [1998/04/13 10:00:00 | 000,006,848 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\cvintdrv.sys -- (cvintdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Program Files (x86)\Messenger_Plus\prxtbMes0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - Reg Error: No CLSID value found. File not found
IE - HKLM\..\URLSearchHook: {d8fb4583-db9d-4c7b-85be-294c13a3e5c4} - C:\Program Files (x86)\MessengerPlusLive_TB\tbMes1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\URLSearchHook: {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Program Files (x86)\Messenger_Plus\prxtbMes0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - Reg Error: No CLSID value found. File not found
IE - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\URLSearchHook: {d8fb4583-db9d-4c7b-85be-294c13a3e5c4} - C:\Program Files (x86)\MessengerPlusLive_TB\tbMes1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
Olfi
 
Messages: 35
Inscription: 13 Sep 2011, 09:45

Re: PC infecté.

Messagede Olfi » 15 Sep 2011, 19:36

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaultthis.engineName: "free-downloads.net Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?hl=fr"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.485.0
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: vinceturk@gmail.com:2.6.0.715
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.2.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.22.5
FF - prefs.js..extensions.enabledItems: firefox@bandoo.com:5.0
FF - prefs.js..extensions.enabledItems: {7FF99715-3016-4381-84CE-E4E4C9673020}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {b760d5a4-8d24-4cb6-942e-d6bb540ad88c}:3.3.3.2
FF - prefs.js..keyword.URL: "http://abuchak.net/?ref=ff.1.1.101&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://abuchak.net/?ref=ff.1.1.87&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/25 21:45:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/07 08:45:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 9\components [2011/09/07 18:52:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 9\plugins [2011/09/15 14:55:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/07/15 13:44:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\vinceturk@gmail.com: C:\Program Files (x86)\KwiClick LLC\KwiClick\ [2010/10/02 00:56:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Ezzina Olfi\AppData\Roaming\IDM\idmmzcc3 [2011/08/23 16:38:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Ezzina Olfi\AppData\Roaming\IDM\idmmzcc3 [2011/08/23 16:38:08 | 000,000,000 | ---D | M]

[2011/01/24 21:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Extensions
[2011/09/14 00:20:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions
[2011/07/16 11:34:02 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/08/30 10:43:09 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/09/01 01:32:49 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2011/08/23 23:27:48 | 000,000,000 | ---D | M] (Billeo) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a}
[2011/06/22 18:22:32 | 000,000,000 | ---D | M] (Messenger Plus Community Toolbar) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{9E7E8B2E-604D-495f-9AF8-EE5C2CB1398D}
[2011/08/16 13:52:25 | 000,000,000 | ---D | M] (Messenger Plus Community Toolbar) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}
[2011/08/16 13:52:29 | 000,000,000 | ---D | M] (IncrediMail MediaBar 2 Community Toolbar) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}
[2011/09/07 18:52:36 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2011/06/05 10:17:36 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2011/07/10 16:08:02 | 000,000,000 | ---D | M] (Dictionary Switcher) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\dictionary-switcher@design-noir.de
[2011/07/20 12:33:15 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\ffox@bandoo.com
[2011/09/11 08:28:20 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\foxyproxy@eric.h.jung
[2011/08/17 01:28:07 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\piclens@cooliris.com
[2011/06/05 10:17:22 | 000,000,000 | ---D | M] (KwiClick) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\vinceturk@gmail.com
[2011/01/23 18:37:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\xljhq149.default\extensions
[2011/09/03 01:04:32 | 000,001,241 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\searchplugins\abuchak.xml
[2011/07/21 15:33:36 | 000,002,185 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\searchplugins\MyStart Search.xml
[2011/06/22 18:22:27 | 000,002,768 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\searchplugins\Plusnetwork.xml
[2011/07/19 13:28:41 | 000,003,915 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\searchplugins\SweetIM Search.xml
[2011/07/19 13:29:15 | 000,003,915 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\searchplugins\sweetim.xml
[2011/09/07 08:45:06 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/07/25 21:45:31 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{0C8FBD76-BDEB-4C52-9B24-D587CE7B9DC3}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{1280606B-2510-4FE0-97EF-9B5A22EAFE80}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{15A82062-5139-4855-9706-130A8A4BE80C}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{1A2D0EC4-75F5-4C91-89C4-3656F6E44B68}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{25A1388B-6B18-46C3-BEBA-A81915D0DE8F}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{45E16761-660C-41A4-984F-56986FBA2137}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{7A88E876-D715-4503-A7BF-A8EBA13CA3F9}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{89F8DDE0-010A-11DA-8CD6-0800200C9A66}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{8B72860F-C5F8-4286-865E-D2C2DB98A9E6}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{902D2C4A-457A-4EF9-AD43-7014562929FF}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{AD48108D-92A6-4EB9-87E4-978ACA1DBAE4}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{C7661BD8-EC96-CF1F-ABB1-1F239FBDBBB9}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{CF47767D-5F3A-4E32-9FCE-5D79565C9702}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\ADD-TO-SEARCHBOX@MALTEKRAUS.DE.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\NOSQUINT@URANDOM.CA.XPI

O1 HOSTS File: ([2010/11/27 18:17:51 | 000,000,988 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2:64bit: - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.15.13\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Messenger Plus Community Toolbar) - {9E7E8B2E-604D-495f-9AF8-EE5C2CB1398D} - C:\Program Files (x86)\msgplscomtb\MsgPlsComDx.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O2 - BHO: (Messenger Plus Toolbar) - {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Program Files (x86)\Messenger_Plus\prxtbMes0.dll (Conduit Ltd.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (MessengerPlusLive TB Toolbar) - {d8fb4583-db9d-4c7b-85be-294c13a3e5c4} - C:\Program Files (x86)\MessengerPlusLive_TB\tbMes1.dll (Conduit Ltd.)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Messenger Plus Community Toolbar) - {9E7E8B2E-604D-495f-9AF8-EE5C2CB1398D} - C:\Program Files (x86)\msgplscomtb\MsgPlsComDx.dll ()
O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus Toolbar) - {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Program Files (x86)\Messenger_Plus\prxtbMes0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MessengerPlusLive TB Toolbar) - {d8fb4583-db9d-4c7b-85be-294c13a3e5c4} - C:\Program Files (x86)\MessengerPlusLive_TB\tbMes1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.15.13\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3: - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3:64bit: - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser: (Messenger Plus Toolbar) - {B760D5A4-8D24-4CB6-942E-D6BB540AD88C} - C:\Program Files (x86)\Messenger_Plus\prxtbMes0.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3: - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3: - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\..\Toolbar\WebBrowser - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [lxczbmgr.exe] C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4:64bit: - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Athan] C:\Program Files (x86)\Athan\Athan.exe (www.IslamicFinder.org)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.15.13\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [Standby] c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TaskTray] C:\Program Files (x86)\Driver-Soft\DriverGenius\TaskTray.exe (Driver-Soft Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000..\Run: [IDMan] C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000..\Run: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun File not found
O4 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000..\Run: [L07FXLRD_37137925] C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000..\Run: [MediaDICO9Ut] C:\Program Files (x86)\Micro Application\7 Dictionnaires Utiles\LanceMediaDICO.exe Lancement File not found
O4 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fliptoast.lnk = File not found
O4 - Startup: C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Metacafe.lnk = C:\Program Files (x86)\Metacafe\MetacafeAgent.exe (Metacafe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-21-4208893176-3502703170-415781581-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8:64bit: - Extra context menu item: Télécharger avec IDM - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IEExt.htm ()
O8:64bit: - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Télécharger tous les liens avec IDM - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IEGetAll.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8 - Extra context menu item: Télécharger avec IDM - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IEExt.htm ()
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IEGetVL.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IEGetAll.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Motorola\Bluetooth\Resources\fra.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\Resources\fra.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\Resources\fra.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\Resources\fra.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra Button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.4.2/jinsta ... s-i586.cab (Java Plug-in 1.4.2_04)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F152D96-C42B-4069-82AE-F06856A01D55}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Handler\wot - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0d06bd6b-ffa5-11df-bcb7-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{0d06bd6b-ffa5-11df-bcb7-0027134ca7e7}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{0d06bd73-ffa5-11df-bcb7-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{0d06bd73-ffa5-11df-bcb7-0027134ca7e7}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{0d06bd9b-ffa5-11df-bcb7-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{0d06bd9b-ffa5-11df-bcb7-0027134ca7e7}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{0d06bdaa-ffa5-11df-bcb7-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{0d06bdaa-ffa5-11df-bcb7-0027134ca7e7}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{0d06bdcd-ffa5-11df-bcb7-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{0d06bdcd-ffa5-11df-bcb7-0027134ca7e7}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{b9947d97-4550-11df-be98-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{b9947d97-4550-11df-be98-0027134ca7e7}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
Olfi
 
Messages: 35
Inscription: 13 Sep 2011, 09:45

Re: PC infecté.

Messagede Olfi » 15 Sep 2011, 19:38

========== Files/Folders - Created Within 30 Days ==========

[2011/09/15 08:50:55 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C2E99572-65A5-4E65-9276-0D3E34C8E9EF}
[2011/09/15 08:50:32 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{424D9A79-7F0B-4A90-9287-D835E0248510}
[2011/09/14 22:07:59 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\Desktop\ACTIVEKILLDISK
[2011/09/14 22:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ KillDisk
[2011/09/14 20:50:17 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{EFE0887B-800A-4498-9051-10D0EF006263}
[2011/09/14 20:49:54 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{0C7B2B6B-4A29-49CB-B037-957CE5F000D9}
[2011/09/14 08:48:58 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{98073CD3-A27C-4955-A6A6-081AD39932DF}
[2011/09/14 08:48:33 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{1497C4ED-833E-46D8-BF77-50E6B0E2FA4F}
[2011/09/13 19:08:58 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\Desktop\Nouveau dossier
[2011/09/13 18:22:15 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Users\Ezzina Olfi\Desktop\OTL.exe
[2011/09/12 23:10:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/12 18:37:16 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/09/12 18:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/09/12 18:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011/09/12 18:02:40 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Ezzina Olfi\Desktop\erunt-setup.exe
[2011/09/12 13:21:21 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{28C75257-C999-46F4-AC10-4D4CC1868542}
[2011/09/12 13:20:56 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{3B6DDE19-7439-4260-93EB-101EA6D9D757}
[2011/09/12 02:26:44 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\Malwarebytes
[2011/09/12 02:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/12 02:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/09/12 02:26:08 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/09/12 02:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/09/12 01:03:19 | 000,000,000 | ---D | C] -- C:\FyK
[2011/09/11 22:50:28 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{5031EFC6-619F-4673-844E-90859D36B7FD}
[2011/09/11 22:49:51 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{B4A03021-DA38-452A-930C-4E40AC7A27D9}
[2011/09/11 08:25:29 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{6A3CB429-788D-4943-BC83-4E3AC80CE013}
[2011/09/11 08:24:38 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{EB93C149-6393-45F0-B017-00C30FA9F29B}
[2011/09/10 19:19:57 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C0F2F843-99A4-4BA5-8DEE-4B210447052B}
[2011/09/10 19:19:34 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7E8A87C4-68D1-4FA3-BB96-458DB1451F2C}
[2011/09/10 10:22:42 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\Documents\Games for Windows - LIVE Demos
[2011/09/10 07:18:53 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{ADDF78E7-5716-4DB7-A4C4-F3D23F4BD1A4}
[2011/09/10 07:18:41 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{DA40B89A-116F-441B-B4D1-93A28E9B8BDB}
[2011/09/09 19:05:24 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{E8DCDD53-53B0-4852-86F8-A29A21D52331}
[2011/09/09 19:05:00 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{158447E2-1984-4418-932B-9C9E589451D9}
[2011/09/09 13:04:53 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2011/09/09 13:04:53 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2011/09/09 13:03:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011/09/09 13:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011/09/09 13:03:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011/09/09 07:04:32 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{6645CD28-9F19-4F0E-9633-46BB7C30BC91}
[2011/09/09 07:04:13 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{8D91D3A6-7190-47F8-AB56-DF01D0623234}
[2011/09/08 17:36:10 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{3E32A60F-A425-4923-8957-CA469F772990}
[2011/09/08 17:35:48 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{0C91D83B-FE59-41C3-BCDD-0F5FB40FE4EE}
[2011/09/08 05:35:19 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{BD3FF3C7-C928-4D29-94A3-6F3A32497B1E}
[2011/09/08 05:34:57 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{87F8A4A1-5AC9-4A7B-AB0F-50495519C75B}
[2011/09/07 17:34:41 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7211A85F-6BB1-4D19-BD5D-7D302619CD69}
[2011/09/07 17:34:18 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{71C3EFDB-8BF1-4FCD-820F-594A6E515CBE}
[2011/09/07 05:33:50 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{2D8D8ACD-5CD8-4752-B53B-D66186A3D7A1}
[2011/09/07 05:33:21 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{A6B7AD2A-D37E-4FE4-9AD0-FB9AA4FC7310}
[2011/09/06 17:33:05 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{75D85B50-AEDF-4380-9216-6CA066577CA8}
[2011/09/06 17:32:42 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C8C5262F-01A8-411C-838F-56FA3CEBF1ED}
[2011/09/06 05:32:13 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{888D8B96-59B2-400A-BFEE-1CF434339C30}
[2011/09/06 05:31:51 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{22A40C72-890A-42CF-9F8C-CC31E82BD14B}
[2011/09/05 19:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Pro Antivirus
[2011/09/05 19:56:22 | 000,601,944 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/09/05 19:56:22 | 000,301,912 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/09/05 19:56:22 | 000,058,200 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/09/05 19:56:22 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/09/05 19:56:22 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/09/05 19:56:21 | 000,065,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/09/05 19:55:51 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/09/05 19:55:51 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/05 19:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/09/05 19:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/09/05 17:31:20 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{DE02A4A9-7D3C-49AB-BB8E-121E54E213B0}
[2011/09/05 17:30:57 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{2EF8B27F-9F52-40BB-A06F-EEDFE4D09AB9}
[2011/09/05 01:21:02 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{15457CE4-F36A-4390-88C7-2D3692A9ED31}
[2011/09/05 01:20:35 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C3D8AA38-2460-4486-BD32-55563FCA9567}
[2011/09/04 12:04:08 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7C492A65-0753-4C53-B7EE-747F622B2BA9}
[2011/09/04 12:03:42 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{1F946EAC-7B15-495D-AF51-5B82EDD53F42}
[2011/09/03 21:46:53 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/09/03 21:23:30 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\assembly
[2011/09/03 20:31:12 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{6846F7D6-D084-47B7-84E4-0212A2FC5724}
[2011/09/03 20:30:45 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{E37203AB-B283-4FFB-84C2-0E5D1E32AB45}
[2011/09/03 01:17:18 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C5F94CB2-7A47-45BF-B841-59459B46C0CC}
[2011/09/03 01:16:56 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{FEC385E4-C354-4818-B640-F519E22E4696}
[2011/09/03 01:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/09/02 13:13:31 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{82915E8C-3F3E-42CE-80C5-DB03363B3216}
[2011/09/02 13:12:13 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{8E83638E-1059-46A2-9DFC-951296A55E59}
[2011/09/01 01:26:23 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{62D5204F-70C6-455C-9FC5-A78FB4169049}
[2011/09/01 01:26:01 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7BCD4C22-08F4-402F-B843-B76B4BC302E0}
[2011/08/31 04:37:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\System32
[2011/08/31 03:57:20 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{E9981071-51C0-46DF-8A10-ACF4F403749D}
[2011/08/31 03:57:01 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{CFA42BF9-C272-4430-8391-7C913EF0AD13}
[2011/08/31 01:48:14 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\Samsung
[2011/08/31 01:47:11 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2011/08/31 01:47:01 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2011/08/30 15:56:32 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{A791FE9E-1512-44C5-928C-4FADDBC93293}
[2011/08/30 15:56:20 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{1DED3E50-1881-4408-97E5-D46F761D835A}
[2011/08/30 03:55:38 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{84D3832B-4D1D-495B-BA4B-4FB954289F04}
[2011/08/30 03:55:26 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{675EAD6F-4951-430F-9418-6507131A30D6}
[2011/08/29 15:36:30 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{410DE6B0-0135-45BF-9485-3577A5A2EE5F}
[2011/08/29 15:36:07 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{3217BC4A-3FBE-46F5-A586-AFFAA8583A41}
[2011/08/29 03:35:39 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{566122F4-4679-4307-99D8-5A171FEA7E02}
[2011/08/29 03:35:17 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{5CA9676A-CC6B-4BF0-9AA4-2D571749E632}
[2011/08/28 21:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/08/28 15:34:21 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{92B2544F-D53A-4DFD-B875-131BB65C72B7}
[2011/08/28 15:34:00 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{736CE1BF-95B9-4533-83E6-17ADA993FDA1}
[2011/08/27 20:48:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oodag
[2011/08/27 20:37:45 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\O&O
[2011/08/27 20:37:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
[2011/08/27 20:37:26 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2011/08/27 16:51:56 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{D1DAE756-AC6D-4E6F-A040-54505FD68404}
[2011/08/27 16:51:28 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{6EB887A3-E561-48EB-80FF-EEA1B51310CC}
[2011/08/27 02:58:18 | 003,215,872 | ---- | C] (L'Aventure Multimedia) -- C:\Windows\MDDico7.dll
[2011/08/27 02:58:18 | 000,466,944 | ---- | C] (L'Aventure MultiMedia) -- C:\Windows\RACHook7.dll
[2011/08/27 02:58:13 | 000,388,608 | ---- | C] (L'Aventure Multimedia) -- C:\Windows\LMDDico7.exe
[2011/08/27 01:02:55 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7AD190E4-E9E8-4E82-A69A-E6209EB76F6C}
[2011/08/27 01:02:21 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{FA7E1B7D-487C-47CE-9B48-D608A24F82B3}
[2011/08/26 11:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/08/26 11:43:06 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{EFAEE912-C994-4D5A-96C8-3484435E5004}
[2011/08/26 11:42:50 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{9F626C7D-0A8A-4462-9E7B-D6A973D2609D}
[2011/08/26 03:05:02 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\FileZilla
[2011/08/26 03:04:35 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2011/08/26 03:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2011/08/26 02:58:01 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Emoticon
[2011/08/26 02:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emoticon
[2011/08/25 20:08:44 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{8A228B02-9130-46A3-8ED7-8A56B9C7B657}
[2011/08/25 20:08:19 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7756DE91-92DE-40BC-9581-D6B98B267337}
[2011/08/24 18:16:09 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{FBB2BDF4-CDEA-485E-9278-65FEEEEDA416}
[2011/08/24 18:15:10 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{E5F501B6-FE2D-460B-BC48-D97A0E795342}
[2011/08/24 03:33:52 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{74F1B219-F43C-4044-955A-F74C1EC27C6B}
[2011/08/24 03:33:29 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{57A589B6-8413-4BE4-B85A-8AA4924CB920}
[2011/08/23 16:38:08 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\IDM
[2011/08/23 15:58:14 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2011/08/23 15:32:51 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{AE6AC7C4-7263-45E6-BFD6-8CA51E8F386B}
[2011/08/23 15:32:27 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{FAA8FFAD-2D44-4173-9AD0-B2285D1C239D}
[2011/08/23 02:21:42 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7219F85B-82C4-43B3-8570-EB3A84CB7703}
[2011/08/23 02:21:20 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{2D34C6ED-50F9-4033-B499-2EEE7B51C1C0}
[2011/08/22 14:20:39 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{CAFBCFFB-C86A-4AD4-BF8E-A63ADF465D54}
[2011/08/22 14:20:18 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{163759A1-FEAD-4842-ACAB-72EFE326E114}
[2011/08/21 23:58:17 | 003,147,368 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll
[2011/08/21 23:58:11 | 000,367,976 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys
[2011/08/21 23:58:08 | 000,372,056 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll
[2011/08/21 23:58:07 | 000,097,624 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll
[2011/08/21 23:58:06 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll
[2011/08/21 23:58:05 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll
[2011/08/21 23:58:02 | 002,432,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll
[2011/08/21 23:57:58 | 000,092,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll
[2011/08/21 23:57:54 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2011/08/21 23:57:51 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2011/08/21 23:57:44 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64H.dll
[2011/08/21 23:57:42 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64H.dll
[2011/08/21 23:57:38 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64H.dll
[2011/08/21 23:57:37 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64H.dll
[2011/08/21 23:57:35 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64H.dll
[2011/08/21 23:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011/08/21 23:52:47 | 000,052,736 | ---- | C] (Motorola Solutions, Inc.) -- C:\Windows\SysNative\drivers\btmcom.sys
[2011/08/21 23:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth
[2011/08/21 23:52:31 | 000,009,048 | ---- | C] (Motorola Solutions, Inc.) -- C:\Windows\SysNative\btmsstverschk.dll
[2011/08/21 23:52:16 | 000,684,416 | ---- | C] (Motorola Solutions, Inc.) -- C:\Windows\SysNative\drivers\btmusb.sys
[2011/08/21 23:52:16 | 000,327,000 | ---- | C] (Motorola Solutions, Inc.) -- C:\Windows\SysNative\btmcls.dll
[2011/08/21 23:52:16 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2011/08/21 23:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011/08/21 23:51:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2011/08/21 23:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/08/21 23:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/08/21 23:07:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/08/21 23:07:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011/08/21 23:07:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Pro Control Center
[2011/08/21 20:09:40 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{0D7EF49F-F7FA-4343-9ABB-6689C891F796}
[2011/08/21 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C2F1A167-6847-4886-AADE-6CBA70BFA098}
[2011/08/20 23:55:47 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{9E225B50-7DE8-46E9-8E96-73660C76F32C}
[2011/08/20 23:55:24 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{28EC91D1-860D-4F10-96B2-78ED4B9DFAB1}
[2011/08/20 11:54:40 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{18189845-CD14-43EB-9520-70E9F5563336}
[2011/08/20 11:54:00 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{B5D243F3-80D3-4CAC-86D0-2CA61634F181}
[2011/08/20 02:51:24 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{582F0914-E156-4561-A07C-BF4E2EEA024F}
[2011/08/19 14:50:09 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{EAF7C90B-1834-4961-A683-5F1D26602EF6}
[2011/08/19 14:49:44 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{E878218C-C41C-48C6-8EF1-4C1A74FF0908}
[2011/08/19 02:36:50 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{3B0E850F-37F8-4CF4-9238-F12435CCBEA5}
[2011/08/19 02:36:28 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{F5468D55-CDBB-48E6-AE2B-387E52F99DF5}
[2011/08/18 14:35:49 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{156BBFAA-B341-45BB-AA0C-5919235EF874}
[2011/08/18 14:35:24 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{DACA1198-0A07-465C-BAF4-17B0D4278205}
[2011/08/17 22:27:29 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{620687EC-2157-4E5C-9688-A448E8F3A12D}
[2011/08/17 22:26:57 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{E8A87290-9FEE-4AFB-982D-C4446630A6EF}
[2011/08/17 13:46:37 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{87F0172A-7726-497E-AC05-BE32B357FF60}
[2011/08/17 01:46:08 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{ECD38F05-5DEB-46AA-8BF1-6788E0425C64}
[2011/08/17 01:45:45 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{3B4F4188-0C5E-4A5A-9139-33EBA2F8CFD6}
[2010/08/07 16:39:32 | 002,734,688 | ---- | C] (Conduit Ltd.) -- C:\Program Files (x86)\tbmyBa.dll
[2010/07/28 19:51:34 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczpmui.dll
[2010/07/28 19:51:34 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczinpa.dll
[2010/07/28 19:51:34 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcziesc.dll
[2010/07/28 19:51:33 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczserv.dll
[2010/07/28 19:51:33 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczusb1.dll
[2010/07/28 19:51:33 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczhbn3.dll
[2010/07/28 19:51:33 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcomc.dll
[2010/07/28 19:51:33 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczlmpm.dll
[2010/07/28 19:51:33 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcoms.exe
[2010/07/28 19:51:33 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcomm.dll
[2010/07/28 19:51:33 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczih.exe
[2010/07/28 19:51:33 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcfg.exe
[2010/07/28 19:51:33 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczppls.exe
[2010/07/28 19:51:33 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczprox.dll
[2010/07/28 19:51:33 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczpplc.dll
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Ezzina Olfi\AppData\Local\*.tmp files -> C:\Users\Ezzina Olfi\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/15 18:19:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/09/15 17:47:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/15 15:00:49 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/15 15:00:49 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/15 14:50:06 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/15 14:49:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/15 14:49:34 | 3195,420,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/15 14:49:32 | 000,052,316 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2011/09/15 08:56:27 | 002,049,024 | ---- | M] () -- C:\Users\Ezzina Olfi\Documents\Outlook.pst
[2011/09/14 08:52:50 | 000,001,093 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/09/14 08:52:50 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/13 19:17:13 | 000,459,264 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\CKScanner.exe
[2011/09/13 19:01:43 | 000,471,194 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\adwcleaner0.exe
[2011/09/13 18:22:21 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Ezzina Olfi\Desktop\OTL.exe
[2011/09/13 17:53:03 | 001,582,936 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/13 17:53:03 | 000,715,730 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011/09/13 17:53:03 | 000,627,406 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/13 17:53:03 | 000,135,190 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011/09/13 17:53:03 | 000,110,790 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/12 18:33:50 | 000,001,064 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/12 18:33:49 | 000,000,884 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\NTREGOPT.lnk
[2011/09/12 18:33:48 | 000,000,865 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\ERUNT.lnk
[2011/09/12 18:02:43 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Ezzina Olfi\Desktop\erunt-setup.exe
[2011/09/09 21:43:31 | 000,084,810 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\44.pdf
[2011/09/08 08:54:12 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011/09/07 18:52:56 | 000,002,155 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/09/07 18:52:56 | 000,002,155 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 9.lnk
[2011/09/07 08:45:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/09/06 21:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/09/06 21:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/06 21:45:17 | 000,254,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/09/06 21:38:18 | 000,601,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/09/06 21:38:16 | 000,301,912 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/09/06 21:36:41 | 000,058,200 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/09/06 21:36:41 | 000,042,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/09/06 21:36:30 | 000,065,368 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/09/06 21:36:14 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/09/05 19:56:23 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2011/09/03 21:46:44 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/09/03 21:46:44 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/09/03 21:46:44 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/09/03 21:46:42 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/09/03 21:23:19 | 000,001,091 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/09/03 20:42:23 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/08/31 01:48:08 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2011/08/31 01:47:16 | 000,001,937 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/08/28 21:26:43 | 000,002,172 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/08/28 16:06:57 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\Wallpapers by IncrediMail.lnk
[2011/08/28 16:06:57 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2011/08/28 16:06:57 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\Speed up your computer!.lnk
[2011/08/28 16:06:57 | 000,001,965 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk
[2011/08/27 20:37:30 | 000,002,687 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2011/08/27 02:58:19 | 000,002,201 | ---- | M] () -- C:\Users\Public\Desktop\7 Dictionnaires Utiles.lnk
[2011/08/26 11:44:35 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/26 04:08:55 | 000,001,401 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\FS_Salah - Raccourci.lnk
[2011/08/26 03:04:43 | 000,001,960 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\FileZilla Client.lnk
[2011/08/24 18:37:56 | 000,002,197 | ---- | M] () -- C:\Users\Ezzina Olfi\Documents\wmndata.xn
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Ezzina Olfi\AppData\Local\*.tmp files -> C:\Users\Ezzina Olfi\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/14 08:52:50 | 000,001,093 | ---- | C] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/09/13 19:17:11 | 000,459,264 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\CKScanner.exe
[2011/09/13 19:01:39 | 000,471,194 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\adwcleaner0.exe
[2011/09/12 21:54:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/09/12 18:33:50 | 000,001,064 | ---- | C] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/12 18:33:48 | 000,000,884 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\NTREGOPT.lnk
[2011/09/12 18:33:48 | 000,000,865 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\ERUNT.lnk
[2011/09/12 02:26:11 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/09 21:43:30 | 000,084,810 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\44.pdf
[2011/09/05 19:56:23 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2011/08/31 01:48:08 | 000,001,913 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2011/08/31 01:47:16 | 000,001,937 | ---- | C] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/08/28 21:26:43 | 000,002,172 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/08/28 01:38:52 | 000,052,316 | ---- | C] () -- C:\Windows\SysNative\oodbs.lor
[2011/08/27 20:37:30 | 000,002,687 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2011/08/27 02:58:19 | 000,002,201 | ---- | C] () -- C:\Users\Public\Desktop\7 Dictionnaires Utiles.lnk
[2011/08/26 11:44:35 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/26 04:08:55 | 000,001,401 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\FS_Salah - Raccourci.lnk
[2011/08/26 03:04:43 | 000,001,960 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\FileZilla Client.lnk
[2011/08/24 18:37:56 | 000,002,197 | ---- | C] () -- C:\Users\Ezzina Olfi\Documents\wmndata.xn
[2011/08/22 22:54:25 | 000,002,173 | ---- | C] () -- C:\Users\Public\Desktop\Wallpapers by IncrediMail.lnk
[2011/07/28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/07/06 01:51:09 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\KleiaHook.dll
[2011/06/19 11:31:49 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dvdtest10024.dat
[2011/05/06 22:38:58 | 000,004,305 | ---- | C] () -- C:\Windows\jdxgtf_x64.ini
[2011/05/06 22:38:58 | 000,001,441 | ---- | C] () -- C:\Windows\cqmf_mz16.ini
[2011/05/06 22:14:55 | 000,446,464 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll
[2011/05/06 22:14:55 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\ic32.ini
[2011/04/27 14:19:32 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/04/27 14:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/04/27 14:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/04/27 14:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/04/27 14:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/03/05 20:09:20 | 000,001,854 | ---- | C] () -- C:\Users\Ezzina Olfi\AppData\Roaming\GhostObjGAFix.xml
[2010/12/29 19:36:29 | 000,024,064 | ---- | C] () -- C:\Users\Ezzina Olfi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/27 00:28:52 | 000,000,026 | ---- | C] () -- C:\Windows\grwin.ini
[2010/11/27 20:38:02 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2010/10/10 10:09:40 | 000,635,392 | ---- | C] () -- C:\Windows\SysWow64\Bescherelle_Conjugaison.exe
[2010/08/07 16:39:31 | 000,153,088 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE
[2010/07/30 00:14:11 | 000,000,244 | ---- | C] () -- C:\Users\Ezzina Olfi\AppData\Roaming\wklnhst.dat
[2010/07/28 19:51:34 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxczutil.dll
[2010/07/28 19:51:34 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXCZinst.dll
[2010/07/28 18:16:59 | 000,000,092 | ---- | C] () -- C:\Windows\Lexstat.ini
[2010/07/20 16:57:13 | 000,000,045 | -H-- | C] () -- C:\Windows\dsez7537.dat
[2010/07/17 15:16:47 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\drivers\GameNT.sys
[2010/05/06 03:22:57 | 001,603,532 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/04/07 18:08:42 | 000,006,848 | ---- | C] () -- C:\Windows\SysWow64\drivers\cvintdrv.sys
[2010/03/18 23:03:41 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/02/20 21:40:22 | 000,000,436 | ---- | C] () -- C:\Windows\BAssoc.ini
[2010/01/06 11:50:12 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\vidalhelper.dll
[2009/08/20 20:45:12 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009/08/20 18:32:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/15 16:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/17 11:13:30 | 000,508,224 | ---- | C] () -- C:\Windows\SysWow64\ICCProfiles.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[1999/09/25 17:03:10 | 000,014,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\SECDRV.SYS
[1997/06/14 08:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll

========== LOP Check ==========

[2010/10/28 17:30:36 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Absolutist.com
[2010/10/18 02:31:20 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Audacity
[2010/12/22 15:44:55 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Autodesk
[2011/07/06 01:53:12 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\ChemTable Software
[2010/03/16 03:29:46 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/10/05 21:48:10 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\com.prakaz.project.photogettr.FBAB9E68ED32BC183252F597C39DBF71CF315A79.1
[2011/01/02 18:14:38 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\com.w3i.FlipToast
[2011/09/15 12:53:07 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\DMCache
[2011/06/10 23:07:38 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Downloaded Installations
[2010/03/14 23:36:02 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\EDrawings
[2011/08/26 03:08:29 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\FileZilla
[2010/10/02 01:15:18 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\FinalTorrent
[2010/06/19 22:45:49 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Foxit
[2010/07/28 02:49:41 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Foxit Software
[2011/01/02 21:00:51 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\FreeFileViewer
[2011/02/11 22:20:36 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\gl2lblezejt1dvhbav31mfkehlkdb2s2
[2011/07/28 14:09:54 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\go
[2010/05/20 13:35:28 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\HideIPEasy
[2010/10/17 15:44:05 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\HomeNetworkSoft
[2011/09/01 01:41:37 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\IDM
[2011/09/15 18:22:07 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Metacafe
[2010/12/12 15:18:15 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\MiseAjourSystem
[2011/09/14 00:15:10 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Nitro PDF
[2010/05/06 03:39:51 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Nokia
[2010/03/12 07:58:47 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Nokia Ovi Suite
[2010/04/03 20:22:44 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\PC Suite
[2010/11/24 14:16:33 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Raccourcis applicatifs
[2011/08/31 01:46:15 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Samsung
[2010/05/29 00:42:53 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Subversion
[2010/12/04 16:23:16 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Temp
[2010/07/30 00:14:13 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Template
[2010/03/18 14:05:36 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\TuneUp Software
[2010/09/17 00:34:05 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\TypingMaster7
[2010/04/17 08:39:27 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Ulead Systems
[2010/12/04 17:37:05 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Uniblue
[2011/05/08 20:53:27 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\VOS
[2010/10/21 21:04:05 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Windows Live Writer
[2011/09/05 21:28:05 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CTFMON.EXE >
[2009/07/14 02:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe
[2009/07/14 02:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe
[2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

< MD5 for: EVENTLOG.DLL >
[2007/05/17 20:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2009/08/25 10:33:15 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/25 10:33:15 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/25 10:33:15 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2009/08/25 10:33:15 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: IASTOR.SYS >
[2011/05/20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) MD5=2FDAEC4B02729C48C0FD1B0B4695995B -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/05/20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) MD5=2FDAEC4B02729C48C0FD1B0B4695995B -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_e6913aab23ea9a9c\iaStor.sys
[2011/05/10 17:46:52 | 000,557,848 | ---- | M] (Intel Corporation) MD5=D1E30259353E7D8D1B713A76CDDEB88B -- C:\Users\Ezzina Olfi\Documents\DriverGenius\Backup\Driver Backup 6-15-2011-22526\Intel(R) ICH9M-E M SATA AHCI Controller\iastor.sys

< MD5 for: IASTORV.SYS >
[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2011/07/22 03:51:14 | 009,704,448 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2010/11/20 13:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wmp.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

========== Files - Unicode (All) ==========
[2011/05/10 17:59:13 | 000,023,552 | ---- | M] ()(C:\Users\Ezzina Olfi\Documents\? ?? ??????? ?? ????.doc) -- C:\Users\Ezzina Olfi\Documents\إ ني اخترُتك يا وطني.doc
[2011/05/10 17:59:12 | 000,023,552 | ---- | C] ()(C:\Users\Ezzina Olfi\Documents\? ?? ??????? ?? ????.doc) -- C:\Users\Ezzina Olfi\Documents\إ ني اخترُتك يا وطني.doc
[2011/05/10 17:57:54 | 000,024,576 | ---- | M] ()(C:\Users\Ezzina Olfi\Documents\?????? ??? ???.doc) -- C:\Users\Ezzina Olfi\Documents\تصبحون على وطن.doc
[2011/05/10 17:57:53 | 000,024,576 | ---- | C] ()(C:\Users\Ezzina Olfi\Documents\?????? ??? ???.doc) -- C:\Users\Ezzina Olfi\Documents\تصبحون على وطن.doc

========== Alternate Data Streams ==========

@Alternate Data Stream - 157 bytes -> C:\ProgramData\Temp:635FFD7D

< End of report >
Olfi
 
Messages: 35
Inscription: 13 Sep 2011, 09:45

Re: PC infecté.

Messagede nickW » 17 Sep 2011, 00:36

Bonsoir,

Il me semble t'avoir demandé de supprimer ce genre de fichiers:

c:\program files (x86)\solidworks\crack.exe
c:\users\ezzina olfi\1-documentations\jeux\age of empires 2 - the conquerors (fr) by kolrik\(-- crack --)\age2_x1.exe
c:\users\ezzina olfi\1-documentations\jeux\aoe iii crack & serial\age of empire 3 serial.txt
c:\users\ezzina olfi\1-documentations\jeux\aoe iii crack & serial\crack no cd aoe3\age3.exe
c:\users\ezzina olfi\1-documentations\jeux\aoe iii crack & serial\crack no cd aoe3\crack.txt
c:\users\ezzina olfi\1-documentations\logiciels\logiciels_2010\winrar.v3.91.fr.final\winrar.v3.91.final\winrar.v3.91.final.fff\crack\rarreg.key
c:\users\ezzina olfi\1-documentations\technique de l'ingegneur\technique de l'ingegneur tome 1\everest ultimate edition2007\setupeverest ultimate edition2007(cracked).exe



Nettoyages (qui vont supprimer certaines barres d'outils):


Je te conseille d'imprimer la procédure, ou d'en sélectionner toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC (Note: tu n'auras pas accès à Internet pendant l'étape 2).
Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.



Étape 1: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.
Image avast5!: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), choisir "Gestion des Agents avast!" puis "Désactiver définitivement" et confirmer en cliquant sur Oui


Étape 2: AdwCleaner (de Xplode), nettoyage

Fermer tous les navigateurs internet (Internet Explorer, Firefox, Opera, etc).

Faire un clic droit sur adwcleaner0.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

L'écran principal d'AdwCleaner s'affiche:
Image

Cliquer sur le bouton Suppression.

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer la fenêtre d'AdwCleaner.
Fermer le Bloc-notes.


Étape 3: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 4: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Analyse rapide:
Image


Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 5: Résultats
Envoyer en réponse:
*- le rapport de nettoyage d'AdwCleaner (contenu du fichier %SystemDrive%\AdwCleaner[Sn].txt, n étant un numéro d'ordre).
[%SystemDrive% représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du fichier):
*- le rapport principal de OTL (contenu du fichier OTL.Txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End of report>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.


Dans ta réponse, n'oublie pas de donner le plus d'informations possible sur l'état du PC: amélioration / disparition / aggravation des symptômes d'infection.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Re: PC infecté.

Messagede Olfi » 17 Sep 2011, 02:35

Salut;
J'ai cru que je les ai tous supprimés, j'ai supprimé le reste avant de faire les analyses dont les rapports sont ci-dessous tout en vous signalant que les problèmes persiste encore (ouverture de la page Abuchak et je peux pas encore accéder à ma boite d’émail Yahoo.fr).
# AdwCleaner v1.305 - Rapport créé le 17/09/2011 à 02:14:43
# Mis à jour le 07/09/11 à 19h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Ezzina Olfi - EZZINAOLFI-PC (Administrateur)
# Exécuté depuis : C:\Users\Ezzina Olfi\Desktop\adwcleaner0.exe
# Option [Suppression]


***** [KillNav] *****

Aucun navigateur n'était en cours d'exécution.

***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****


***** [Registre] *****


***** [Registre (64 bits)] *****


***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v6.0.2 (fr)

Profil : itl1id5s.default
Fichier : C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

Profil : xljhq149.default
Fichier : C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\xljhq149.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\Ezzina Olfi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [41505 octets] - [13/09/2011 19:14:18]
AdwCleaner[S1].txt - [0 octets] - [17/09/2011 02:13:26]
AdwCleaner[S2].txt - [1464 octets] - [17/09/2011 02:14:43]

########## EOF - C:\AdwCleaner[S2].txt - [1592 octets] ##########
Olfi
 
Messages: 35
Inscription: 13 Sep 2011, 09:45

Re: PC infecté.

Messagede Olfi » 17 Sep 2011, 02:37

OTL logfile created on: 17/09/2011 02:16:51 - Run 4
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Ezzina Olfi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,97 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 46,57% Memory free
7,93 Gb Paging File | 5,33 Gb Available in Paging File | 67,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,58 Gb Total Space | 116,49 Gb Free Space | 25,74% Space Free | Partition Type: NTFS
Drive D: | 12,98 Gb Total Space | 2,16 Gb Free Space | 16,67% Space Free | Partition Type: NTFS

Computer Name: EZZINAOLFI-PC | User Name: Ezzina Olfi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/13 18:22:21 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Ezzina Olfi\Desktop\OTL.exe
PRC - [2011/09/06 21:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/09/01 12:39:54 | 000,966,712 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/08/01 04:32:20 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/08/01 04:32:10 | 003,507,088 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/07/25 21:44:53 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/07/20 11:28:38 | 001,376,304 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
PRC - [2011/06/16 08:24:20 | 000,141,824 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011/06/14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2011/06/08 13:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/26 11:29:03 | 000,800,768 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/05/20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/03/19 14:55:24 | 001,204,224 | ---- | M] (www.IslamicFinder.org) -- C:\Program Files (x86)\Athan\Athan.exe
PRC - [2011/03/17 15:31:44 | 003,278,232 | ---- | M] (Tonec Inc.) -- C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IDMan.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/08/09 14:00:38 | 000,284,016 | ---- | M] (Driver-Soft Inc.) -- C:\Program Files (x86)\Driver-Soft\DriverGenius\TaskTray.exe
PRC - [2010/07/09 12:40:24 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2010/05/25 16:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IEMonitor.exe
PRC - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/07/23 19:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/07/23 10:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/03/03 11:38:40 | 000,145,736 | ---- | M] (Metacafe) -- C:\Program Files (x86)\Metacafe\MetacafeAgent.exe
PRC - [2009/03/03 11:38:36 | 002,308,936 | ---- | M] (Metacafe) -- C:\Program Files (x86)\Metacafe\Metacafe.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/04/19 15:45:06 | 000,074,672 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
PRC - [2007/04/19 15:44:12 | 000,058,288 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmon.exe
PRC - [2006/06/13 17:11:46 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE
PRC - [2002/10/25 16:29:20 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Larousse\Larousse Expression\bin\olfTray.exe
PRC - [2002/10/25 11:39:54 | 000,966,656 | ---- | M] () -- C:\Program Files (x86)\Larousse\Larousse Expression\bin\OLF.exe
PRC - [2002/10/24 10:45:28 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\HISrv3.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/31 04:37:49 | 000,115,137 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
MOD - [2011/08/31 03:37:32 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\49a869f7cecc4837d0ba80fd383b716f\System.Management.ni.dll
MOD - [2011/08/31 03:36:06 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e1794b5c931858179cdb9295b7c0fec8\System.Runtime.Remoting.ni.dll
MOD - [2011/08/31 03:35:59 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a033c53c05f563f780a669d5477c2281\System.Xaml.ni.dll
MOD - [2011/08/31 01:54:02 | 018,019,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ee3cfefc6b1c79b2654f6225b9f412d1\PresentationFramework.ni.dll
MOD - [2011/08/31 01:53:52 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dc7d4afaac16149920cb140efa9082a2\PresentationFramework.Aero.ni.dll
MOD - [2011/08/31 01:53:46 | 011,470,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\06c0cd2b5cfaed3923676f02469b0439\PresentationCore.ni.dll
MOD - [2011/08/31 01:53:41 | 013,138,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\99199c87964064eb6755eac087c82580\System.Windows.Forms.ni.dll
MOD - [2011/08/31 01:53:35 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\58d351e601da7071a83e73aec83f69b4\WindowsBase.ni.dll
MOD - [2011/08/31 01:53:32 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9de1ba31763ae79e1411e932830a359f\System.Drawing.ni.dll
MOD - [2011/08/31 01:53:29 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\4788ba976ec6b1d6a725862d44bafcb3\System.Core.ni.dll
MOD - [2011/08/31 01:53:25 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bfc7d61ef8a7858140ffb0a610e9db39\System.Xml.ni.dll
MOD - [2011/08/31 01:53:21 | 009,086,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\647979acaa344a521052767a61d8adeb\System.ni.dll
MOD - [2011/08/31 01:53:15 | 014,409,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\07b8cdebc8d6a4a3ee47da99088be5cc\mscorlib.ni.dll
MOD - [2011/08/19 23:09:51 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll
MOD - [2011/08/19 23:09:08 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\8b3b6ed74cb3d94695b0eaf94a362d42\UIAutomationTypes.ni.dll
MOD - [2011/08/19 23:09:06 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll
MOD - [2011/08/19 23:08:52 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll
MOD - [2011/08/19 23:06:38 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e9a08576157b4aeb91a3aaa452fcb00\System.Management.ni.dll
MOD - [2011/08/19 23:06:25 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\b7d1c271ec6b4df64c95563fc81ffc2f\System.Data.ni.dll
MOD - [2011/08/19 23:06:19 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\33b601c8e2cf4993e68d763389246197\System.Web.ni.dll
MOD - [2011/08/19 23:06:12 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll
MOD - [2011/08/19 23:06:11 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll
MOD - [2011/08/19 23:06:11 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\404a96929233a9369c11956e9c0259c2\IAStorCommon.ni.dll
MOD - [2011/08/19 23:06:09 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\eb0d3659dc2d7c3c0738be9a95c92061\IAStorUtil.ni.dll
MOD - [2011/08/19 23:06:06 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011/08/19 23:05:59 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011/08/19 23:05:55 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011/08/19 23:05:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011/08/19 23:05:36 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011/08/19 23:05:23 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011/08/01 04:32:20 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/07/13 15:42:58 | 000,931,896 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll
MOD - [2011/07/13 15:41:54 | 010,837,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll
MOD - [2011/07/13 15:41:54 | 008,166,912 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll
MOD - [2011/07/13 15:41:54 | 002,551,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll
MOD - [2011/07/13 15:41:54 | 002,282,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll
MOD - [2011/07/13 15:41:54 | 001,288,192 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll
MOD - [2011/07/13 15:41:54 | 000,913,920 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll
MOD - [2011/07/13 15:41:54 | 000,676,864 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll
MOD - [2011/07/13 15:41:54 | 000,416,256 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll
MOD - [2011/07/13 15:41:54 | 000,340,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll
MOD - [2011/07/13 15:41:54 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll
MOD - [2011/07/13 15:41:54 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll
MOD - [2011/07/13 15:41:54 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll
MOD - [2011/07/13 15:41:54 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll
MOD - [2011/07/13 15:41:52 | 002,246,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll
MOD - [2011/07/13 15:12:46 | 000,508,416 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll
MOD - [2011/07/13 15:12:46 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll
MOD - [2011/07/13 15:12:18 | 000,378,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtCore.dll
MOD - [2011/07/13 15:12:18 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtWeb.dll
MOD - [2011/07/13 15:12:16 | 000,089,088 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\qjson.dll
MOD - [2011/07/13 15:12:14 | 000,392,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\ssoengine.dll
MOD - [2011/07/13 15:12:14 | 000,387,976 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll
MOD - [2011/07/13 15:12:14 | 000,058,768 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\securestorage.dll
MOD - [2011/07/13 15:11:06 | 000,727,552 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll
MOD - [2011/05/22 18:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/28 19:25:58 | 000,123,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010/11/13 00:52:13 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/05/06 03:22:44 | 000,161,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Practices.EnterpriseLibrary.Common\3.1.0.0__b03f5f7f11d50a3a\Microsoft.Practices.EnterpriseLibrary.Common.dll
MOD - [2010/05/06 03:22:44 | 000,079,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling\3.1.0.0__b03f5f7f11d50a3a\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll
MOD - [2010/05/06 03:22:44 | 000,064,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Practices.ObjectBuilder\1.0.51206.0__b03f5f7f11d50a3a\Microsoft.Practices.ObjectBuilder.dll
MOD - [2010/03/19 10:45:36 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/03/19 10:45:36 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/03/19 10:45:36 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2010/03/08 21:08:28 | 000,282,697 | ---- | M] () -- C:\Program Files (x86)\Athan\vbp.dll
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/08/21 04:23:09 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2009/08/21 04:23:06 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009/08/21 04:22:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009/07/23 19:45:58 | 000,192,512 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\Movie\cudart.dll
MOD - [2009/07/23 10:37:14 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/07/15 16:51:04 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/07/15 16:51:02 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/07/15 16:50:58 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/07/15 16:50:56 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/07/15 16:50:56 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/07/15 16:50:54 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/07/15 16:50:52 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/07/15 16:50:44 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009/03/03 11:38:18 | 000,184,832 | ---- | M] () -- C:\Program Files (x86)\Metacafe\FlashPackage.bpl
MOD - [2009/03/03 11:38:12 | 000,627,200 | ---- | M] () -- C:\Program Files (x86)\Metacafe\UnicodeControls.bpl
MOD - [2009/03/03 11:38:08 | 000,060,416 | ---- | M] () -- C:\Program Files (x86)\Metacafe\QuickTime.bpl
MOD - [2009/01/21 11:35:09 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Metacafe\AkamaiAPI.dll
MOD - [2006/06/13 17:13:00 | 000,346,904 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Reference 2007\MSENCXML.DLL
MOD - [2006/06/13 17:13:00 | 000,260,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Reference 2007\ERSREGPR.DLL
MOD - [2006/06/13 17:13:00 | 000,228,120 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Reference 2007\MSENCDAT.DLL
MOD - [2006/06/13 17:13:00 | 000,178,968 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Reference 2007\ENCCONT.DLL
MOD - [2006/06/13 17:11:45 | 000,068,376 | ---- | M] () -- C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICTEIT.EBK
MOD - [2006/03/07 11:30:24 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Metacafe\ArcUtils.dll
MOD - [2006/03/07 11:30:18 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\Metacafe\EmailUtils.dll
MOD - [2006/03/07 11:30:01 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Metacafe\CryptUtils.dll
MOD - [2006/03/07 11:29:48 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Metacafe\SystemUtils.dll
MOD - [2006/02/14 16:35:58 | 000,594,944 | ---- | M] () -- C:\Program Files (x86)\Metacafe\elpackD7.bpl
MOD - [2005/07/20 11:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll
MOD - [2004/12/25 12:37:22 | 000,258,121 | ---- | M] () -- C:\Program Files (x86)\Athan\vbh.dll
MOD - [2004/03/20 13:49:40 | 000,229,444 | ---- | M] () -- C:\Program Files (x86)\Athan\vbq.dll
MOD - [2002/10/25 16:29:20 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Larousse\Larousse Expression\bin\olfTray.exe
MOD - [2002/10/25 11:39:54 | 000,966,656 | ---- | M] () -- C:\Program Files (x86)\Larousse\Larousse Expression\bin\OLF.exe
MOD - [2002/10/24 10:45:28 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\HISrv3.exe
MOD - [2002/10/24 10:43:28 | 000,446,464 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\HIIndex3.dll
MOD - [2002/10/11 10:48:24 | 000,135,168 | ---- | M] () -- C:\Windows\SysWOW64\KleiaHook.dll
MOD - [2002/10/01 18:18:10 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\CHIDichoIndex.dll
MOD - [2000/09/28 08:27:10 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\HILDataObj.dll
MOD - [2000/09/26 08:10:42 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Larousse\Shared\bin\HICompress.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/21 23:51:47 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/01 22:26:03 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)
SRV - [2011/06/08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/21 21:39:21 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/09 12:40:24 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/22 11:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/04/19 15:43:42 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxczcoms.exe -- (lxcz_device)
SRV - [2003/04/18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)


========== Driver Services (SafeList) ==========

DRV - [2010/07/26 14:15:26 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2010/01/29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [1999/09/25 17:03:10 | 000,014,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\SECDRV.SYS -- (Secdrv)
DRV - [1998/04/13 10:00:00 | 000,006,848 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\cvintdrv.sys -- (cvintdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Program Files (x86)\Messenger_Plus\prxtbMes0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - Reg Error: No CLSID value found. File not found
IE - HKLM\..\URLSearchHook: {d8fb4583-db9d-4c7b-85be-294c13a3e5c4} - C:\Program Files (x86)\MessengerPlusLive_TB\tbMes1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Program Files (x86)\Messenger_Plus\prxtbMes0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - Reg Error: No CLSID value found. File not found
IE - HKCU\..\URLSearchHook: {d8fb4583-db9d-4c7b-85be-294c13a3e5c4} - C:\Program Files (x86)\MessengerPlusLive_TB\tbMes1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaultthis.engineName: "free-downloads.net Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?hl=fr"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.485.0
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: vinceturk@gmail.com:2.6.0.715
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.2.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.22.5
FF - prefs.js..extensions.enabledItems: firefox@bandoo.com:5.0
FF - prefs.js..extensions.enabledItems: {7FF99715-3016-4381-84CE-E4E4C9673020}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {b760d5a4-8d24-4cb6-942e-d6bb540ad88c}:3.3.3.2

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/25 21:45:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/07 08:45:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 9\components [2011/09/07 18:52:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 9\plugins [2011/09/15 14:55:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/07/15 13:44:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\vinceturk@gmail.com: C:\Program Files (x86)\KwiClick LLC\KwiClick\ [2010/10/02 00:56:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Ezzina Olfi\AppData\Roaming\IDM\idmmzcc3 [2011/08/23 16:38:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Ezzina Olfi\AppData\Roaming\IDM\idmmzcc3 [2011/08/23 16:38:08 | 000,000,000 | ---D | M]

[2011/01/24 21:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Extensions
[2011/09/17 02:13:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions
[2011/07/16 11:34:02 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/08/30 10:43:09 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/09/01 01:32:49 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2011/08/23 23:27:48 | 000,000,000 | ---D | M] (Billeo) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a}
[2011/06/22 18:22:32 | 000,000,000 | ---D | M] (Messenger Plus Community Toolbar) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{9E7E8B2E-604D-495f-9AF8-EE5C2CB1398D}
[2011/08/16 13:52:25 | 000,000,000 | ---D | M] (Messenger Plus Community Toolbar) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}
[2011/08/16 13:52:29 | 000,000,000 | ---D | M] (IncrediMail MediaBar 2 Community Toolbar) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}
[2011/09/07 18:52:36 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2011/06/05 10:17:36 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2011/07/10 16:08:02 | 000,000,000 | ---D | M] (Dictionary Switcher) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\dictionary-switcher@design-noir.de
[2011/09/11 08:28:20 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\foxyproxy@eric.h.jung
[2011/08/17 01:28:07 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\piclens@cooliris.com
[2011/06/05 10:17:22 | 000,000,000 | ---D | M] (KwiClick) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\itl1id5s.default\extensions\vinceturk@gmail.com
[2011/01/23 18:37:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ezzina Olfi\AppData\Roaming\mozilla\Firefox\Profiles\xljhq149.default\extensions
[2011/09/03 01:04:32 | 000,001,241 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\searchplugins\abuchak.xml
[2011/07/21 15:33:36 | 000,002,185 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\searchplugins\MyStart Search.xml
[2011/06/22 18:22:27 | 000,002,768 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\searchplugins\Plusnetwork.xml
[2011/07/19 13:29:15 | 000,003,915 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Mozilla\Firefox\Profiles\itl1id5s.default\searchplugins\sweetim.xml
[2011/09/07 08:45:06 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/07/25 21:45:31 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{0C8FBD76-BDEB-4C52-9B24-D587CE7B9DC3}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{1280606B-2510-4FE0-97EF-9B5A22EAFE80}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{15A82062-5139-4855-9706-130A8A4BE80C}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{1A2D0EC4-75F5-4C91-89C4-3656F6E44B68}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{25A1388B-6B18-46C3-BEBA-A81915D0DE8F}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{45E16761-660C-41A4-984F-56986FBA2137}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{7A88E876-D715-4503-A7BF-A8EBA13CA3F9}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{89F8DDE0-010A-11DA-8CD6-0800200C9A66}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{8B72860F-C5F8-4286-865E-D2C2DB98A9E6}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{902D2C4A-457A-4EF9-AD43-7014562929FF}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{AD48108D-92A6-4EB9-87E4-978ACA1DBAE4}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{C7661BD8-EC96-CF1F-ABB1-1F239FBDBBB9}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{CF47767D-5F3A-4E32-9FCE-5D79565C9702}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\ADD-TO-SEARCHBOX@MALTEKRAUS.DE.XPI
File not found (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\FFOX@BANDOO.COM
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
() (No name found) -- C:\USERS\EZZINA OLFI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL1ID5S.DEFAULT\EXTENSIONS\NOSQUINT@URANDOM.CA.XPI

O1 HOSTS File: ([2010/11/27 18:17:51 | 000,000,988 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.15.13\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Messenger Plus Community Toolbar) - {9E7E8B2E-604D-495f-9AF8-EE5C2CB1398D} - C:\Program Files (x86)\msgplscomtb\MsgPlsComDx.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O2 - BHO: (Messenger Plus Toolbar) - {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Program Files (x86)\Messenger_Plus\prxtbMes0.dll (Conduit Ltd.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (MessengerPlusLive TB Toolbar) - {d8fb4583-db9d-4c7b-85be-294c13a3e5c4} - C:\Program Files (x86)\MessengerPlusLive_TB\tbMes1.dll (Conduit Ltd.)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Messenger Plus Community Toolbar) - {9E7E8B2E-604D-495f-9AF8-EE5C2CB1398D} - C:\Program Files (x86)\msgplscomtb\MsgPlsComDx.dll ()
O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus Toolbar) - {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Program Files (x86)\Messenger_Plus\prxtbMes0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MessengerPlusLive TB Toolbar) - {d8fb4583-db9d-4c7b-85be-294c13a3e5c4} - C:\Program Files (x86)\MessengerPlusLive_TB\tbMes1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.15.13\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Toolbar) - {B760D5A4-8D24-4CB6-942E-D6BB540AD88C} - C:\Program Files (x86)\Messenger_Plus\prxtbMes0.dll (Conduit Ltd.)
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Athan] C:\Program Files (x86)\Athan\Athan.exe (www.IslamicFinder.org)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.15.13\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [Standby] c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TaskTray] C:\Program Files (x86)\Driver-Soft\DriverGenius\TaskTray.exe (Driver-Soft Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [IDMan] C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun File not found
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [L07FXLRD_37137925] C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [MediaDICO9Ut] C:\Program Files (x86)\Micro Application\7 Dictionnaires Utiles\LanceMediaDICO.exe Lancement File not found
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - Startup: C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fliptoast.lnk = File not found
O4 - Startup: C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Metacafe.lnk = C:\Program Files (x86)\Metacafe\MetacafeAgent.exe (Metacafe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8 - Extra context menu item: Télécharger avec IDM - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IEExt.htm ()
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IEGetVL.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Users\Ezzina Olfi\AppData\Local\Temp\wzaa5a\IEGetAll.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\Resources\fra.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\Resources\fra.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra Button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.4.2/jinsta ... s-i586.cab (Java Plug-in 1.4.2_04)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F152D96-C42B-4069-82AE-F06856A01D55}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0d06bd6b-ffa5-11df-bcb7-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{0d06bd6b-ffa5-11df-bcb7-0027134ca7e7}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{0d06bd73-ffa5-11df-bcb7-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{0d06bd73-ffa5-11df-bcb7-0027134ca7e7}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{0d06bd9b-ffa5-11df-bcb7-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{0d06bd9b-ffa5-11df-bcb7-0027134ca7e7}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{0d06bdaa-ffa5-11df-bcb7-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{0d06bdaa-ffa5-11df-bcb7-0027134ca7e7}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{0d06bdcd-ffa5-11df-bcb7-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{0d06bdcd-ffa5-11df-bcb7-0027134ca7e7}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{b9947d97-4550-11df-be98-0027134ca7e7}\Shell - "" = AutoRun
O33 - MountPoints2\{b9947d97-4550-11df-be98-0027134ca7e7}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Olfi
 
Messages: 35
Inscription: 13 Sep 2011, 09:45

Re: PC infecté.

Messagede Olfi » 17 Sep 2011, 02:39

========== Files/Folders - Created Within 30 Days ==========

[2011/09/16 21:23:15 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{124F4E45-9012-4952-B629-632BBC33485C}
[2011/09/16 21:22:52 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{6FC3C01A-BAFA-44FA-81BE-D0E591C22381}
[2011/09/16 09:22:08 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{808EFFE5-5FBB-46BD-AC1C-1187AA9C0867}
[2011/09/16 09:21:50 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{42508F7E-09EB-40B8-9983-D2B94BEABC26}
[2011/09/15 08:50:55 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C2E99572-65A5-4E65-9276-0D3E34C8E9EF}
[2011/09/15 08:50:32 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{424D9A79-7F0B-4A90-9287-D835E0248510}
[2011/09/14 22:07:59 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\Desktop\ACTIVEKILLDISK
[2011/09/14 22:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ KillDisk
[2011/09/14 20:50:17 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{EFE0887B-800A-4498-9051-10D0EF006263}
[2011/09/14 20:49:54 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{0C7B2B6B-4A29-49CB-B037-957CE5F000D9}
[2011/09/14 08:48:58 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{98073CD3-A27C-4955-A6A6-081AD39932DF}
[2011/09/14 08:48:33 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{1497C4ED-833E-46D8-BF77-50E6B0E2FA4F}
[2011/09/13 19:08:58 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\Desktop\Nouveau dossier
[2011/09/13 18:22:15 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Users\Ezzina Olfi\Desktop\OTL.exe
[2011/09/12 23:10:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/12 18:37:16 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/09/12 18:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/09/12 18:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011/09/12 18:02:40 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Ezzina Olfi\Desktop\erunt-setup.exe
[2011/09/12 13:21:21 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{28C75257-C999-46F4-AC10-4D4CC1868542}
[2011/09/12 13:20:56 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{3B6DDE19-7439-4260-93EB-101EA6D9D757}
[2011/09/12 02:26:44 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\Malwarebytes
[2011/09/12 02:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/12 02:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/09/12 02:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/09/12 01:03:19 | 000,000,000 | ---D | C] -- C:\FyK
[2011/09/11 22:50:28 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{5031EFC6-619F-4673-844E-90859D36B7FD}
[2011/09/11 22:49:51 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{B4A03021-DA38-452A-930C-4E40AC7A27D9}
[2011/09/11 08:25:29 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{6A3CB429-788D-4943-BC83-4E3AC80CE013}
[2011/09/11 08:24:38 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{EB93C149-6393-45F0-B017-00C30FA9F29B}
[2011/09/10 19:19:57 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C0F2F843-99A4-4BA5-8DEE-4B210447052B}
[2011/09/10 19:19:34 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7E8A87C4-68D1-4FA3-BB96-458DB1451F2C}
[2011/09/10 10:22:42 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\Documents\Games for Windows - LIVE Demos
[2011/09/10 07:18:53 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{ADDF78E7-5716-4DB7-A4C4-F3D23F4BD1A4}
[2011/09/10 07:18:41 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{DA40B89A-116F-441B-B4D1-93A28E9B8BDB}
[2011/09/09 19:05:24 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{E8DCDD53-53B0-4852-86F8-A29A21D52331}
[2011/09/09 19:05:00 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{158447E2-1984-4418-932B-9C9E589451D9}
[2011/09/09 13:03:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011/09/09 13:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011/09/09 13:03:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011/09/09 07:04:32 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{6645CD28-9F19-4F0E-9633-46BB7C30BC91}
[2011/09/09 07:04:13 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{8D91D3A6-7190-47F8-AB56-DF01D0623234}
[2011/09/08 17:36:10 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{3E32A60F-A425-4923-8957-CA469F772990}
[2011/09/08 17:35:48 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{0C91D83B-FE59-41C3-BCDD-0F5FB40FE4EE}
[2011/09/08 05:35:19 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{BD3FF3C7-C928-4D29-94A3-6F3A32497B1E}
[2011/09/08 05:34:57 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{87F8A4A1-5AC9-4A7B-AB0F-50495519C75B}
[2011/09/07 17:34:41 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7211A85F-6BB1-4D19-BD5D-7D302619CD69}
[2011/09/07 17:34:18 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{71C3EFDB-8BF1-4FCD-820F-594A6E515CBE}
[2011/09/07 05:33:50 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{2D8D8ACD-5CD8-4752-B53B-D66186A3D7A1}
[2011/09/07 05:33:21 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{A6B7AD2A-D37E-4FE4-9AD0-FB9AA4FC7310}
[2011/09/06 17:33:05 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{75D85B50-AEDF-4380-9216-6CA066577CA8}
[2011/09/06 17:32:42 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C8C5262F-01A8-411C-838F-56FA3CEBF1ED}
[2011/09/06 05:32:13 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{888D8B96-59B2-400A-BFEE-1CF434339C30}
[2011/09/06 05:31:51 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{22A40C72-890A-42CF-9F8C-CC31E82BD14B}
[2011/09/05 19:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Pro Antivirus
[2011/09/05 19:55:51 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/09/05 19:55:51 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/05 19:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/09/05 17:31:20 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{DE02A4A9-7D3C-49AB-BB8E-121E54E213B0}
[2011/09/05 17:30:57 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{2EF8B27F-9F52-40BB-A06F-EEDFE4D09AB9}
[2011/09/05 01:21:02 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{15457CE4-F36A-4390-88C7-2D3692A9ED31}
[2011/09/05 01:20:35 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C3D8AA38-2460-4486-BD32-55563FCA9567}
[2011/09/04 12:04:08 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7C492A65-0753-4C53-B7EE-747F622B2BA9}
[2011/09/04 12:03:42 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{1F946EAC-7B15-495D-AF51-5B82EDD53F42}
[2011/09/03 21:23:30 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\assembly
[2011/09/03 20:31:12 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{6846F7D6-D084-47B7-84E4-0212A2FC5724}
[2011/09/03 20:30:45 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{E37203AB-B283-4FFB-84C2-0E5D1E32AB45}
[2011/09/03 01:17:18 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C5F94CB2-7A47-45BF-B841-59459B46C0CC}
[2011/09/03 01:16:56 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{FEC385E4-C354-4818-B640-F519E22E4696}
[2011/09/03 01:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/09/02 13:13:31 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{82915E8C-3F3E-42CE-80C5-DB03363B3216}
[2011/09/02 13:12:13 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{8E83638E-1059-46A2-9DFC-951296A55E59}
[2011/09/01 01:26:23 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{62D5204F-70C6-455C-9FC5-A78FB4169049}
[2011/09/01 01:26:01 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7BCD4C22-08F4-402F-B843-B76B4BC302E0}
[2011/08/31 04:37:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\System32
[2011/08/31 03:57:20 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{E9981071-51C0-46DF-8A10-ACF4F403749D}
[2011/08/31 03:57:01 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{CFA42BF9-C272-4430-8391-7C913EF0AD13}
[2011/08/31 01:48:14 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\Samsung
[2011/08/31 01:47:11 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2011/08/31 01:47:01 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2011/08/30 15:56:32 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{A791FE9E-1512-44C5-928C-4FADDBC93293}
[2011/08/30 15:56:20 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{1DED3E50-1881-4408-97E5-D46F761D835A}
[2011/08/30 03:55:38 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{84D3832B-4D1D-495B-BA4B-4FB954289F04}
[2011/08/30 03:55:26 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{675EAD6F-4951-430F-9418-6507131A30D6}
[2011/08/29 15:36:30 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{410DE6B0-0135-45BF-9485-3577A5A2EE5F}
[2011/08/29 15:36:07 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{3217BC4A-3FBE-46F5-A586-AFFAA8583A41}
[2011/08/29 03:35:39 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{566122F4-4679-4307-99D8-5A171FEA7E02}
[2011/08/29 03:35:17 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{5CA9676A-CC6B-4BF0-9AA4-2D571749E632}
[2011/08/28 21:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/08/28 15:34:21 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{92B2544F-D53A-4DFD-B875-131BB65C72B7}
[2011/08/28 15:34:00 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{736CE1BF-95B9-4533-83E6-17ADA993FDA1}
[2011/08/27 20:37:45 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\O&O
[2011/08/27 20:37:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
[2011/08/27 16:51:56 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{D1DAE756-AC6D-4E6F-A040-54505FD68404}
[2011/08/27 16:51:28 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{6EB887A3-E561-48EB-80FF-EEA1B51310CC}
[2011/08/27 02:58:18 | 003,215,872 | ---- | C] (L'Aventure Multimedia) -- C:\Windows\MDDico7.dll
[2011/08/27 02:58:18 | 000,466,944 | ---- | C] (L'Aventure MultiMedia) -- C:\Windows\RACHook7.dll
[2011/08/27 02:58:13 | 000,388,608 | ---- | C] (L'Aventure Multimedia) -- C:\Windows\LMDDico7.exe
[2011/08/27 01:02:55 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7AD190E4-E9E8-4E82-A69A-E6209EB76F6C}
[2011/08/27 01:02:21 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{FA7E1B7D-487C-47CE-9B48-D608A24F82B3}
[2011/08/26 11:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/08/26 11:43:06 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{EFAEE912-C994-4D5A-96C8-3484435E5004}
[2011/08/26 11:42:50 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{9F626C7D-0A8A-4462-9E7B-D6A973D2609D}
[2011/08/26 03:05:02 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\FileZilla
[2011/08/26 03:04:35 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2011/08/26 03:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2011/08/26 02:58:01 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Emoticon
[2011/08/26 02:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emoticon
[2011/08/25 20:08:44 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{8A228B02-9130-46A3-8ED7-8A56B9C7B657}
[2011/08/25 20:08:19 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7756DE91-92DE-40BC-9581-D6B98B267337}
[2011/08/24 18:16:09 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{FBB2BDF4-CDEA-485E-9278-65FEEEEDA416}
[2011/08/24 18:15:10 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{E5F501B6-FE2D-460B-BC48-D97A0E795342}
[2011/08/24 03:33:52 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{74F1B219-F43C-4044-955A-F74C1EC27C6B}
[2011/08/24 03:33:29 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{57A589B6-8413-4BE4-B85A-8AA4924CB920}
[2011/08/23 16:38:08 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\IDM
[2011/08/23 15:58:14 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2011/08/23 15:32:51 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{AE6AC7C4-7263-45E6-BFD6-8CA51E8F386B}
[2011/08/23 15:32:27 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{FAA8FFAD-2D44-4173-9AD0-B2285D1C239D}
[2011/08/23 02:21:42 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{7219F85B-82C4-43B3-8570-EB3A84CB7703}
[2011/08/23 02:21:20 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{2D34C6ED-50F9-4033-B499-2EEE7B51C1C0}
[2011/08/22 14:20:39 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{CAFBCFFB-C86A-4AD4-BF8E-A63ADF465D54}
[2011/08/22 14:20:18 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{163759A1-FEAD-4842-ACAB-72EFE326E114}
[2011/08/21 23:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011/08/21 23:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth
[2011/08/21 23:51:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2011/08/21 23:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/08/21 23:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/08/21 23:07:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011/08/21 23:07:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Pro Control Center
[2011/08/21 20:09:40 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{0D7EF49F-F7FA-4343-9ABB-6689C891F796}
[2011/08/21 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{C2F1A167-6847-4886-AADE-6CBA70BFA098}
[2011/08/20 23:55:47 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{9E225B50-7DE8-46E9-8E96-73660C76F32C}
[2011/08/20 23:55:24 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{28EC91D1-860D-4F10-96B2-78ED4B9DFAB1}
[2011/08/20 11:54:40 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{18189845-CD14-43EB-9520-70E9F5563336}
[2011/08/20 11:54:00 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{B5D243F3-80D3-4CAC-86D0-2CA61634F181}
[2011/08/20 02:51:24 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{582F0914-E156-4561-A07C-BF4E2EEA024F}
[2011/08/19 14:50:09 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{EAF7C90B-1834-4961-A683-5F1D26602EF6}
[2011/08/19 14:49:44 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{E878218C-C41C-48C6-8EF1-4C1A74FF0908}
[2011/08/19 02:36:50 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{3B0E850F-37F8-4CF4-9238-F12435CCBEA5}
[2011/08/19 02:36:28 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{F5468D55-CDBB-48E6-AE2B-387E52F99DF5}
[2011/08/18 14:35:49 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{156BBFAA-B341-45BB-AA0C-5919235EF874}
[2011/08/18 14:35:24 | 000,000,000 | ---D | C] -- C:\Users\Ezzina Olfi\AppData\Local\{DACA1198-0A07-465C-BAF4-17B0D4278205}
[2010/08/07 16:39:32 | 002,734,688 | ---- | C] (Conduit Ltd.) -- C:\Program Files (x86)\tbmyBa.dll
[2010/07/28 19:51:34 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczpmui.dll
[2010/07/28 19:51:34 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczinpa.dll
[2010/07/28 19:51:34 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcziesc.dll
[2010/07/28 19:51:33 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczserv.dll
[2010/07/28 19:51:33 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczusb1.dll
[2010/07/28 19:51:33 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczhbn3.dll
[2010/07/28 19:51:33 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcomc.dll
[2010/07/28 19:51:33 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczlmpm.dll
[2010/07/28 19:51:33 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcoms.exe
[2010/07/28 19:51:33 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcomm.dll
[2010/07/28 19:51:33 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczih.exe
[2010/07/28 19:51:33 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcfg.exe
[2010/07/28 19:51:33 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczppls.exe
[2010/07/28 19:51:33 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczprox.dll
[2010/07/28 19:51:33 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczpplc.dll
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Ezzina Olfi\AppData\Local\*.tmp files -> C:\Users\Ezzina Olfi\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/17 01:47:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/16 20:19:51 | 002,049,024 | ---- | M] () -- C:\Users\Ezzina Olfi\Documents\Outlook.pst
[2011/09/16 12:58:09 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/16 12:57:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/16 12:57:36 | 3195,420,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/15 18:19:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/09/14 08:52:50 | 000,001,093 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/09/14 08:52:50 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/13 19:17:13 | 000,459,264 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\CKScanner.exe
[2011/09/13 19:01:43 | 000,471,194 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\adwcleaner0.exe
[2011/09/13 18:22:21 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Ezzina Olfi\Desktop\OTL.exe
[2011/09/12 18:33:50 | 000,001,064 | ---- | M] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/12 18:33:49 | 000,000,884 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\NTREGOPT.lnk
[2011/09/12 18:33:48 | 000,000,865 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\ERUNT.lnk
[2011/09/12 18:02:43 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Ezzina Olfi\Desktop\erunt-setup.exe
[2011/09/09 21:43:31 | 000,084,810 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\44.pdf
[2011/09/08 08:54:12 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011/09/07 18:52:56 | 000,002,155 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/09/07 18:52:56 | 000,002,155 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 9.lnk
[2011/09/07 08:45:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/09/06 21:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/09/06 21:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/05 19:56:23 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2011/09/03 21:23:19 | 000,001,091 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/09/03 20:42:23 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/08/31 01:48:08 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2011/08/31 01:47:16 | 000,001,937 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/08/28 21:26:43 | 000,002,172 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/08/28 16:06:57 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\Wallpapers by IncrediMail.lnk
[2011/08/28 16:06:57 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2011/08/28 16:06:57 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\Speed up your computer!.lnk
[2011/08/28 16:06:57 | 000,001,965 | ---- | M] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk
[2011/08/27 20:37:30 | 000,002,687 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2011/08/27 02:58:19 | 000,002,201 | ---- | M] () -- C:\Users\Public\Desktop\7 Dictionnaires Utiles.lnk
[2011/08/26 11:44:35 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/26 04:08:55 | 000,001,401 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\FS_Salah - Raccourci.lnk
[2011/08/26 03:04:43 | 000,001,960 | ---- | M] () -- C:\Users\Ezzina Olfi\Desktop\FileZilla Client.lnk
[2011/08/24 18:37:56 | 000,002,197 | ---- | M] () -- C:\Users\Ezzina Olfi\Documents\wmndata.xn
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Ezzina Olfi\AppData\Local\*.tmp files -> C:\Users\Ezzina Olfi\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/14 08:52:50 | 000,001,093 | ---- | C] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/09/13 19:17:11 | 000,459,264 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\CKScanner.exe
[2011/09/13 19:01:39 | 000,471,194 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\adwcleaner0.exe
[2011/09/12 21:54:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/09/12 18:33:50 | 000,001,064 | ---- | C] () -- C:\Users\Ezzina Olfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/12 18:33:48 | 000,000,884 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\NTREGOPT.lnk
[2011/09/12 18:33:48 | 000,000,865 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\ERUNT.lnk
[2011/09/12 02:26:11 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/09 21:43:30 | 000,084,810 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\44.pdf
[2011/09/05 19:56:23 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2011/08/31 01:48:08 | 000,001,913 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2011/08/31 01:47:16 | 000,001,937 | ---- | C] () -- C:\Users\Ezzina Olfi\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/08/28 21:26:43 | 000,002,172 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/08/27 20:37:30 | 000,002,687 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2011/08/27 02:58:19 | 000,002,201 | ---- | C] () -- C:\Users\Public\Desktop\7 Dictionnaires Utiles.lnk
[2011/08/26 11:44:35 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/26 04:08:55 | 000,001,401 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\FS_Salah - Raccourci.lnk
[2011/08/26 03:04:43 | 000,001,960 | ---- | C] () -- C:\Users\Ezzina Olfi\Desktop\FileZilla Client.lnk
[2011/08/24 18:37:56 | 000,002,197 | ---- | C] () -- C:\Users\Ezzina Olfi\Documents\wmndata.xn
[2011/08/22 22:54:25 | 000,002,173 | ---- | C] () -- C:\Users\Public\Desktop\Wallpapers by IncrediMail.lnk
[2011/07/28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/07/06 01:51:09 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\KleiaHook.dll
[2011/06/19 11:31:49 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dvdtest10024.dat
[2011/05/06 22:38:58 | 000,004,305 | ---- | C] () -- C:\Windows\jdxgtf_x64.ini
[2011/05/06 22:38:58 | 000,001,441 | ---- | C] () -- C:\Windows\cqmf_mz16.ini
[2011/05/06 22:14:55 | 000,446,464 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll
[2011/05/06 22:14:55 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\ic32.ini
[2011/04/27 14:19:32 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/04/27 14:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/04/27 14:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/04/27 14:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/04/27 14:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/03/05 20:09:20 | 000,001,854 | ---- | C] () -- C:\Users\Ezzina Olfi\AppData\Roaming\GhostObjGAFix.xml
[2010/12/29 19:36:29 | 000,024,064 | ---- | C] () -- C:\Users\Ezzina Olfi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/27 00:28:52 | 000,000,026 | ---- | C] () -- C:\Windows\grwin.ini
[2010/11/27 20:38:02 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2010/10/10 10:09:40 | 000,635,392 | ---- | C] () -- C:\Windows\SysWow64\Bescherelle_Conjugaison.exe
[2010/08/07 16:39:31 | 000,153,088 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE
[2010/07/30 00:14:11 | 000,000,244 | ---- | C] () -- C:\Users\Ezzina Olfi\AppData\Roaming\wklnhst.dat
[2010/07/28 19:51:34 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxczutil.dll
[2010/07/28 19:51:34 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXCZinst.dll
[2010/07/28 18:16:59 | 000,000,092 | ---- | C] () -- C:\Windows\Lexstat.ini
[2010/07/20 16:57:13 | 000,000,045 | -H-- | C] () -- C:\Windows\dsez7537.dat
[2010/07/17 15:16:47 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\drivers\GameNT.sys
[2010/05/06 03:22:57 | 001,603,532 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/04/07 18:08:42 | 000,006,848 | ---- | C] () -- C:\Windows\SysWow64\drivers\cvintdrv.sys
[2010/03/18 23:03:41 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/02/20 21:40:22 | 000,000,436 | ---- | C] () -- C:\Windows\BAssoc.ini
[2010/01/06 11:50:12 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\vidalhelper.dll
[2009/08/20 20:45:12 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009/08/20 18:32:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/15 16:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/17 11:13:30 | 000,508,224 | ---- | C] () -- C:\Windows\SysWow64\ICCProfiles.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[1999/09/25 17:03:10 | 000,014,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\SECDRV.SYS
[1997/06/14 08:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll

========== LOP Check ==========

[2010/10/28 17:30:36 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Absolutist.com
[2010/10/18 02:31:20 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Audacity
[2010/12/22 15:44:55 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Autodesk
[2011/07/06 01:53:12 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\ChemTable Software
[2010/03/16 03:29:46 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/10/05 21:48:10 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\com.prakaz.project.photogettr.FBAB9E68ED32BC183252F597C39DBF71CF315A79.1
[2011/01/02 18:14:38 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\com.w3i.FlipToast
[2011/09/16 12:43:35 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\DMCache
[2011/06/10 23:07:38 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Downloaded Installations
[2010/03/14 23:36:02 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\EDrawings
[2011/08/26 03:08:29 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\FileZilla
[2010/10/02 01:15:18 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\FinalTorrent
[2010/06/19 22:45:49 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Foxit
[2010/07/28 02:49:41 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Foxit Software
[2011/01/02 21:00:51 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\FreeFileViewer
[2011/02/11 22:20:36 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\gl2lblezejt1dvhbav31mfkehlkdb2s2
[2011/07/28 14:09:54 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\go
[2010/05/20 13:35:28 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\HideIPEasy
[2010/10/17 15:44:05 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\HomeNetworkSoft
[2011/09/01 01:41:37 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\IDM
[2011/09/17 02:20:48 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Metacafe
[2010/12/12 15:18:15 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\MiseAjourSystem
[2011/09/14 00:15:10 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Nitro PDF
[2010/05/06 03:39:51 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Nokia
[2010/03/12 07:58:47 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Nokia Ovi Suite
[2010/04/03 20:22:44 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\PC Suite
[2010/11/24 14:16:33 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Raccourcis applicatifs
[2011/08/31 01:46:15 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Samsung
[2010/05/29 00:42:53 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Subversion
[2010/12/04 16:23:16 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Temp
[2010/07/30 00:14:13 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Template
[2010/03/18 14:05:36 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\TuneUp Software
[2010/09/17 00:34:05 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\TypingMaster7
[2010/04/17 08:39:27 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Ulead Systems
[2010/12/04 17:37:05 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Uniblue
[2011/05/08 20:53:27 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\VOS
[2010/10/21 21:04:05 | 000,000,000 | ---D | M] -- C:\Users\Ezzina Olfi\AppData\Roaming\Windows Live Writer
[2011/09/05 21:28:05 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/05/10 17:59:13 | 000,023,552 | ---- | M] ()(C:\Users\Ezzina Olfi\Documents\? ?? ??????? ?? ????.doc) -- C:\Users\Ezzina Olfi\Documents\إ ني اخترُتك يا وطني.doc
[2011/05/10 17:59:12 | 000,023,552 | ---- | C] ()(C:\Users\Ezzina Olfi\Documents\? ?? ??????? ?? ????.doc) -- C:\Users\Ezzina Olfi\Documents\إ ني اخترُتك يا وطني.doc
[2011/05/10 17:57:54 | 000,024,576 | ---- | M] ()(C:\Users\Ezzina Olfi\Documents\?????? ??? ???.doc) -- C:\Users\Ezzina Olfi\Documents\تصبحون على وطن.doc
[2011/05/10 17:57:53 | 000,024,576 | ---- | C] ()(C:\Users\Ezzina Olfi\Documents\?????? ??? ???.doc) -- C:\Users\Ezzina Olfi\Documents\تصبحون على وطن.doc

========== Alternate Data Streams ==========

@Alternate Data Stream - 157 bytes -> C:\ProgramData\Temp:635FFD7D

< End of report >
Olfi
 
Messages: 35
Inscription: 13 Sep 2011, 09:45

PrécédenteSuivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 7 invités

cron