Demandes d'étude de rapport d'analyse

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Demandes d'étude de rapport d'analyse

Messagede superviseur55 » 15 Avr 2012, 14:55

Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org

Version de la base de données: v2012.04.15.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Christian :: SUPERVISEUR-HP [administrateur]

Protection: Activé

15/04/2012 15:38:38
mbam-log-2012-04-15 (15-38-38).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 196556
Temps écoulé: 30 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)
superviseur55
 
Messages: 6
Inscription: 15 Avr 2012, 14:50

Re: Demandes d'étude de rapport d'analyse

Messagede superviseur55 » 15 Avr 2012, 15:03

OTL logfile created on: 15/04/2012 15:43:28 - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Christian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

5,95 Gb Total Physical Memory | 3,58 Gb Available Physical Memory | 60,13% Memory free
11,90 Gb Paging File | 9,33 Gb Available in Paging File | 78,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673,85 Gb Total Space | 183,42 Gb Free Space | 27,22% Space Free | Partition Type: NTFS
Drive D: | 1,89 Gb Total Space | 0,01 Gb Free Space | 0,30% Space Free | Partition Type: FAT
Drive E: | 20,62 Gb Total Space | 2,20 Gb Free Space | 10,68% Space Free | Partition Type: NTFS
Drive F: | 3,96 Gb Total Space | 1,08 Gb Free Space | 27,20% Space Free | Partition Type: FAT32

Computer Name: SUPERVISEUR-HP | User Name: Christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/15 15:18:09 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
PRC - [2012/04/07 06:25:47 | 000,109,296 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/04/01 20:56:28 | 000,025,984 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2012/03/28 18:19:03 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/03/28 18:18:22 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012/03/28 18:18:14 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012/03/28 18:18:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/03/28 18:18:11 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/03/28 18:18:10 | 000,616,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2012/02/15 12:58:00 | 000,034,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/14 13:02:04 | 000,435,672 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2011/10/05 20:18:50 | 001,051,760 | ---- | M] (Badoo) -- C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe
PRC - [2011/09/28 16:42:14 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/09/12 18:55:46 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/08/19 06:44:30 | 000,260,424 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/08/19 06:44:12 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/08/19 06:43:46 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/05/24 13:52:44 | 002,752,416 | ---- | M] (OrdinarySoft) -- C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe
PRC - [2011/04/30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/02/24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/02/01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/11/21 05:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/09/22 17:25:34 | 000,191,600 | ---- | M] (LULU software) -- C:\Program Files (x86)\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO Service.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/07/04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/14 13:02:08 | 000,202,712 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2011/11/14 13:02:06 | 000,063,960 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2011/11/14 13:01:52 | 007,964,160 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtGui4.dll
MOD - [2011/11/14 13:01:52 | 002,648,064 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXmlPatterns4.dll
MOD - [2011/11/14 13:01:52 | 002,302,464 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtCore4.dll
MOD - [2011/11/14 13:01:52 | 000,980,480 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtNetwork4.dll
MOD - [2011/11/14 13:01:52 | 000,357,888 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXml4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/08 15:42:28 | 000,305,152 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:64bit: - [2011/08/18 08:12:52 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/02/16 23:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010/10/11 03:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/04/14 08:27:27 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/28 18:19:03 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/03/28 18:18:22 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/03/28 18:18:14 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012/03/28 18:18:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/03/28 18:18:10 | 000,616,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/15 12:58:00 | 000,034,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/09/12 18:55:46 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/09/01 07:11:00 | 002,425,960 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/08/19 06:44:30 | 000,260,424 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/04/30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011/02/24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service) Intel(R)
SRV - [2011/02/01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011/02/01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/10/25 14:53:46 | 000,145,920 | ---- | M] (HP) [Auto | Stopped] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2010/09/22 17:25:34 | 000,191,600 | ---- | M] (LULU software) [Auto | Running] -- C:\Program Files (x86)\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO Service.exe -- (FIXIO Service)
SRV - [2010/06/25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2008/07/04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/28 18:19:25 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/03/28 18:19:23 | 000,139,512 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avfwot.sys -- (avfwot)
DRV:64bit: - [2012/03/28 18:19:23 | 000,113,768 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avfwim.sys -- (avfwim)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/01 17:55:27 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/12/01 17:55:27 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/11/05 00:04:16 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/11/05 00:04:16 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/09/08 15:42:28 | 000,535,040 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/09/02 21:46:00 | 000,339,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/08/24 07:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/08/18 11:40:56 | 009,981,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/08/18 07:34:48 | 000,310,272 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/08/17 12:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/08/17 12:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/08/17 12:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/08/17 12:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/08/09 18:32:02 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011/07/19 11:19:16 | 001,492,992 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/06/10 04:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/04/26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/14 10:26:56 | 000,022,040 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hppdbulkio.sys -- (HPFXBULKLEDM)
DRV:64bit: - [2010/12/14 10:26:44 | 000,023,576 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hppdfaxio.sys -- (HPFXFAX)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/10/15 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Son Intel(R)
DRV:64bit: - [2010/07/28 10:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/03/17 11:06:14 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2005/09/23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/3
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/709-11107 ... html?_nkw={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{E2F3799C-66D3-4E63-A94A-852705019087}: "URL" = http://www.amazon.fr/s/ref=azs_osd_ieaf ... -keywords={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/3
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/709-11107 ... html?_nkw={searchTerms}
IE - HKLM\..\SearchScopes\{E2F3799C-66D3-4E63-A94A-852705019087}: "URL" = http://www.amazon.fr/s/ref=azs_osd_ieaf ... -keywords={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGNI_frFR477
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_7.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2012/03/28 23:33:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2012/03/28 23:33:13 | 000,000,000 | ---D | M]

[2012/03/28 21:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\extensions
[2012/03/28 21:30:14 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.152\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.152\gcswf32.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmogjcijkfeahcajecmmegieipfbdcc\1.0_0\npwebsitelogon.dll
CHR - plugin: (Enabled) = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: Website Logon = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmogjcijkfeahcajecmmegieipfbdcc\1.0_0\
CHR - Extension: YouTube = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Recherche Google = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/04/05 21:46:45 | 000,000,843 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\Toolbar\WebBrowser: (no name) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP LaserJet Professional M1530 MFP Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe (Badoo)
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [VistaStartMenu] C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe (OrdinarySoft)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9:64bit: - Extra Button: Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Sauvegarder - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Enregistrer les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Afficher la barret d'outils - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Sauvegarder - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Enregistrer les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Afficher la barret d'outils - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EEB652E5-80C5-4940-9B16-AEBC17A800C6}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4f4c9720-7a85-11e1-a3dd-ec9a7456ab0d}\Shell - "" = AutoRun
O33 - MountPoints2\{4f4c9720-7a85-11e1-a3dd-ec9a7456ab0d}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4f4c9727-7a85-11e1-a3dd-ec9a7456ab0d}\Shell - "" = AutoRun
O33 - MountPoints2\{4f4c9727-7a85-11e1-a3dd-ec9a7456ab0d}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
superviseur55
 
Messages: 6
Inscription: 15 Avr 2012, 14:50

Re: Demandes d'étude de rapport d'analyse

Messagede superviseur55 » 15 Avr 2012, 15:04

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/04/15 15:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/04/15 15:29:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/04/15 15:18:09 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
[2012/04/15 11:20:40 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{74ED5A67-31B4-4B18-84FA-585C86DFF2CB}
[2012/04/15 11:20:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{D2491F16-196D-41EE-A56C-5B2A5B071613}
[2012/04/15 09:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/04/15 09:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/04/15 09:59:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/04/14 22:59:46 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{E6872BE4-1792-47D4-84B7-89EE2261496D}
[2012/04/14 22:59:35 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{69D77470-B2A7-4D9E-A0A9-0DA93BCA57A5}
[2012/04/14 16:03:30 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{6A59EFC0-8B78-4EFA-AA44-954E1F586A4D}
[2012/04/14 12:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Badoo
[2012/04/14 08:27:20 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/13 23:53:39 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{7238293E-D00C-43B9-A194-1EAFA53BF70C}
[2012/04/13 23:53:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{1F29C955-BD4C-4E86-B705-9D7A2FB9D959}
[2012/04/13 23:52:49 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{EC0C3C93-BD76-4321-9BB2-E9E3A743E148}
[2012/04/13 23:52:38 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{E65F1CD4-D598-4D6F-9B77-B08E3A288BF2}
[2012/04/12 20:39:06 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{23676AA9-6D86-4A1D-A602-EC3E376704E3}
[2012/04/12 20:38:54 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{55D1AEDB-A6C4-4F7D-A1E7-61E904F5B054}
[2012/04/12 15:21:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Microsoft Games
[2012/04/12 11:46:24 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Diagnostics
[2012/04/12 08:41:20 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
[2012/04/12 08:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2012/04/12 08:41:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2012/04/12 08:28:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{B44AA780-E798-4863-8910-85394F422E4C}
[2012/04/12 08:28:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{346049D0-A011-431A-9BF8-1288AC4C5FFC}
[2012/04/12 07:56:25 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/12 07:56:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/12 07:56:24 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/12 07:56:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/12 07:56:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/12 07:56:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/12 07:56:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/12 07:56:22 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/12 07:56:22 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/12 07:56:22 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/12 07:56:22 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/12 07:56:05 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/12 07:56:04 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/12 07:56:04 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/12 07:49:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/12 07:49:05 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/12 07:49:04 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/11 15:40:31 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{B8ACB72B-7BF0-4AA4-A898-65B675C66788}
[2012/04/11 15:40:20 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{62740ABA-C222-4E8D-93D8-1DD83EA60484}
[2012/04/10 20:16:33 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{EE2713BB-E927-46B0-9493-2C7FD72B75E9}
[2012/04/10 20:16:21 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{2EE104A6-D61B-4299-8A43-1D3CB0D6ECE6}
[2012/04/10 07:30:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{0BBB39F1-C2AF-4EE6-A09B-5C927F9FCEC8}
[2012/04/10 07:30:29 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{DA7BCEF5-9108-4F68-925E-230D346BCB88}
[2012/04/09 15:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/04/09 15:06:25 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/09 07:56:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{F5B10482-6D76-4344-9B27-681B38213295}
[2012/04/09 07:55:46 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{8CA52709-22EA-4307-B96B-4E952D0FFCB5}
[2012/04/09 07:44:04 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{AE5B8C06-53D9-4461-BE97-C27428EC7184}
[2012/04/09 07:43:52 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{93A4749D-E656-4B83-AB07-D5E5A1A6DD7F}
[2012/04/08 11:29:11 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{1256C65B-468E-4C6E-ABF0-0D9ACA4C1AD6}
[2012/04/08 11:29:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{8F990778-21D8-4EA3-9063-DD11D2F17912}
[2012/04/08 10:41:04 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012/04/08 10:40:55 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Facebook
[2012/04/07 21:55:12 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{887E20E7-0B39-4049-BB62-7D75E59D4D12}
[2012/04/07 09:07:48 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{20C8B1F8-5E75-41A7-A12D-CD6A68C48250}
[2012/04/07 09:07:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{8B5AF968-7980-46D8-9ABE-B03C82A4EBBA}
[2012/04/06 09:26:44 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{951AF614-AC19-4A51-831E-A9A12477FFE9}
[2012/04/05 23:57:16 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/04/05 23:57:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/04/05 23:57:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/04/05 23:55:13 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TubeMaster++
[2012/04/05 20:44:04 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Malwarebytes
[2012/04/05 20:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/05 20:43:57 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/05 20:43:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/05 20:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/05 20:43:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{6346F745-4E79-41F4-88E5-959D6485CFF0}
[2012/04/05 20:43:02 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{834F29A1-BF3C-4A0F-A1A4-F5F286DCF168}
[2012/04/05 19:56:29 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{7A090F26-6F24-45EC-8262-BBDB48EA7393}
[2012/04/05 19:56:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{CECF066D-2BDF-4753-98C1-667E530EC6A0}
[2012/04/05 19:56:17 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{62431264-21D4-4154-BC6F-F3240B0B7E31}
[2012/04/05 19:00:46 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{02A400BD-DD97-4ECD-A90C-26FF6D8903EF}
[2012/04/05 19:00:34 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{DE62E55F-BE4E-4445-BFE0-0D905C1FB175}
[2012/04/05 19:00:34 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{63A7978A-C219-451A-B4F9-EDBB9FF61997}
[2012/04/05 11:05:20 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Tracker Software
[2012/04/05 07:46:43 | 000,000,000 | R--D | C] -- C:\Users\Christian\Documents\Scanned Documents
[2012/04/05 07:46:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\Fax
[2012/04/04 20:57:03 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{CC1538C9-7B5D-4125-94F9-51D3F6F479C5}
[2012/04/04 20:56:52 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{E949FD73-4CD8-4E7E-8A61-A56039998AE8}
[2012/04/04 20:21:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/04/03 20:11:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{742C73CF-3237-464D-87EE-9F6027D85C38}
[2012/04/03 20:11:07 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{B08E5309-FD14-40A0-9BDF-5A36AC336500}
[2012/04/03 19:35:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{F931B273-2D24-4D27-B42C-F6AB3FCBF09F}
[2012/04/03 19:35:40 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{9AC64421-A215-4F04-A35A-A187965E2906}
[2012/04/03 11:34:16 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\TomTom
[2012/04/03 11:34:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2012/04/03 11:34:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom International B.V
[2012/04/03 11:34:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyTomTom 3
[2012/04/03 06:54:25 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{1598D104-9D91-4285-9670-B6122574CD49}
[2012/04/03 06:54:12 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{C8FFE6EE-CADB-4C42-AFED-1CE92E8FC5E7}
[2012/04/02 22:12:24 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\PlayerTuto.com
[2012/04/02 17:28:39 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{E0199454-D13E-41B2-9808-F987B3901EA8}
[2012/04/02 17:28:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{4AC7715C-6144-4C0E-A9FF-6256B963D558}
[2012/04/02 13:42:35 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\HpUpdate
[2012/04/02 13:42:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\HP_LaserJet_Fax_0_6
[2012/04/02 13:42:05 | 000,027,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hppfaxprintermon5.dll
[2012/04/02 13:42:05 | 000,022,072 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hppfaxprintermonui5.dll
[2012/04/02 13:39:48 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Hewlett-Packard Company
[2012/04/02 13:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012/04/02 13:38:44 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
[2012/04/02 13:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012/04/02 13:36:35 | 001,150,520 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpptsp06_x64.dll
[2012/04/02 13:36:35 | 000,976,440 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpxp1530_x64.dll
[2012/04/02 13:36:35 | 000,751,160 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysWow64\hpptsp06.dll
[2012/04/02 13:36:35 | 000,217,656 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\hppscancoins64.dll
[2012/04/02 13:36:28 | 000,235,520 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\hpmldmfax02.dll
[2012/04/02 13:36:28 | 000,023,576 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\drivers\hppdfaxio.sys
[2012/04/02 13:36:27 | 000,059,928 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysWow64\hppcfaxcompio.dll
[2012/04/02 13:36:25 | 000,235,008 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\hpmldm02.dll
[2012/04/02 13:36:25 | 000,031,768 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\drivers\hppdgenio.sys
[2012/04/02 13:36:25 | 000,022,040 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\drivers\hppdbulkio.sys
[2012/04/02 13:36:22 | 000,311,296 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpbcoins64.dll
[2012/04/02 13:36:11 | 000,193,592 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppdcompio.dll
[2012/04/02 13:36:11 | 000,167,480 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysWow64\hppccompio.dll
[2012/04/02 13:36:04 | 000,176,128 | ---- | C] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\hpcpn101.dll
[2012/04/02 13:35:56 | 000,491,008 | ---- | C] (HP) -- C:\Windows\SysWow64\hpcdmc32.dll
[2012/04/02 13:35:56 | 000,305,664 | ---- | C] (Hewlett Packard Corporation) -- C:\Windows\SysWow64\hpcc3101.dll
[2012/04/02 13:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2012/04/01 23:21:20 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Nokia Suite
[2012/04/01 23:21:19 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Nokia
[2012/04/01 22:01:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Evernote
[2012/04/01 20:40:21 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/04/01 20:25:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\OpenOffice.org
[2012/04/01 20:24:53 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2012/04/01 20:24:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2012/04/01 14:09:53 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{8F7FEF90-4A35-4983-A646-8EA4F199F4CA}
[2012/04/01 14:09:42 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{1EED4E41-0042-45B3-9CCF-E26D61553D70}
[2012/04/01 01:16:10 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{463A8329-3F07-4B2B-910D-DB833644E10A}
[2012/04/01 01:15:58 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{7164B01A-8A01-41EC-8C62-87EFD825F086}
[2012/03/31 21:09:38 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Anthropics
[2012/03/31 19:35:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Nikon
[2012/03/31 19:35:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Nikon
[2012/03/31 12:00:19 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{CE0771DB-F79A-4F8D-AE83-5580ADA00F28}
[2012/03/31 12:00:07 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{CEEBF3E3-8224-47FF-B468-D5B93480B1E6}
[2012/03/31 11:51:10 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\NokiaAccount
[2012/03/31 11:48:19 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Pinnacle
[2012/03/31 11:46:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Instant DVD Recorder
[2012/03/31 11:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2012/03/31 11:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pinnacle
[2012/03/31 11:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2012/03/31 11:32:02 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Vodafone
[2012/03/31 11:32:00 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2012/03/31 11:31:57 | 000,115,328 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012/03/31 11:31:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2012/03/31 11:31:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2012/03/31 11:31:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vodafone
[2012/03/31 11:30:58 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{D53238E8-3427-491E-A57E-097FA966AAC1}
[2012/03/30 23:49:38 | 000,000,000 | ---D | C] -- C:\Users\Christian\W9 - Hits 2012 - 2CD [CdRip - MP3 - 320kbps]
[2012/03/30 21:07:38 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{34EA9907-F7D9-46AB-A151-9ED33E9EE19B}
[2012/03/30 21:07:26 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{5E327949-88F1-459A-8D3B-15D1DBA14389}
[2012/03/30 18:29:26 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Epson
[2012/03/30 15:20:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2012/03/30 15:12:55 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\ABBYY
[2012/03/30 15:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
[2012/03/30 15:12:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
[2012/03/30 15:12:26 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY
[2012/03/30 15:12:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ABBYY
[2012/03/30 15:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2012/03/30 15:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2012/03/30 15:07:49 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\InstallShield
[2012/03/30 15:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2012/03/30 15:06:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epson Software
[2012/03/30 15:05:38 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2012/03/30 15:05:23 | 000,118,784 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMHJE.DLL
[2012/03/30 15:05:19 | 000,088,064 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBHJE.DLL
[2012/03/30 15:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2012/03/30 15:04:54 | 000,464,384 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxw2ud.dll
[2012/03/30 15:04:54 | 000,132,560 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esdevapp.exe
[2012/03/30 15:04:54 | 000,013,824 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxcdev.dll
[2012/03/30 15:04:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2012/03/30 15:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2012/03/30 13:43:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByeBye
[2012/03/30 13:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ByeBye
[2012/03/30 08:42:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{7966AEED-0C4C-4C06-B761-CAEA59DC5DC9}
[2012/03/30 08:42:22 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{C3ADD385-B97F-4CCF-9207-83A32F4DA767}
[2012/03/29 23:40:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/03/29 23:40:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/03/29 23:24:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/03/29 23:03:04 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Google
[2012/03/29 23:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/03/29 23:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/03/29 22:57:22 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/03/29 22:57:22 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/03/29 22:57:07 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/03/29 22:57:07 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/03/29 22:57:07 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/03/29 22:57:07 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/03/29 22:56:43 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/03/29 22:56:28 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/03/29 22:56:28 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/03/29 22:56:28 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/03/29 22:56:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/03/29 22:56:28 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/03/29 22:56:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/03/29 22:55:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/03/29 22:55:41 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/03/29 22:55:41 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/03/29 22:55:29 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/29 22:25:08 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\vlc
[2012/03/29 21:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/03/29 21:58:02 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\Youcam
[2012/03/29 21:58:02 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\CyberLink
[2012/03/29 21:58:02 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\CyberLink
[2012/03/29 21:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Software
[2012/03/29 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/03/29 20:33:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Nikon
[2012/03/29 20:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics
[2012/03/29 20:30:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VisiPics
[2012/03/29 20:13:42 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/03/29 20:13:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nikon
[2012/03/29 20:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2
[2012/03/29 20:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2012/03/29 20:12:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nikon
[2012/03/29 20:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon
[2012/03/29 20:12:55 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ATL71.DLL
[2012/03/29 20:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15
[2012/03/29 20:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp
[2012/03/29 18:04:19 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Autodesk
[2012/03/29 17:08:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{76ECD492-A58D-41BA-A28F-B16AFDE415A4}
[2012/03/29 17:07:40 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/03/29 17:07:00 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/03/29 17:05:32 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2012/03/29 16:58:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowserCompanion
[2012/03/29 15:13:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{949C5E72-7189-4F8B-825A-355A7C970AEF}
[2012/03/29 13:12:14 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/03/29 13:12:14 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/03/29 13:12:12 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/03/29 13:12:12 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/03/29 13:12:12 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/03/29 13:12:12 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/03/29 13:11:51 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/03/29 13:11:50 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/03/29 13:11:50 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/03/29 13:11:49 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/03/29 13:11:49 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/03/29 13:11:40 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/03/29 13:11:39 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/03/29 13:11:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/03/29 00:04:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\HP
[2012/03/28 23:58:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/03/28 23:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/03/28 23:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Files
[2012/03/28 23:54:29 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Skype
[2012/03/28 23:47:57 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\pdfforge
[2012/03/28 23:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012/03/28 23:47:55 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2012/03/28 23:47:55 | 000,065,024 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012/03/28 23:47:54 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCFR.DLL
[2012/03/28 23:47:54 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2FR.DLL
[2012/03/28 23:47:54 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2012/03/28 23:47:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012/03/28 23:47:54 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\OpenCandy
[2012/03/28 23:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/03/28 23:36:34 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Weecast
[2012/03/28 23:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayerTuto.com
[2012/03/28 23:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayerTuto.com
[2012/03/28 23:33:54 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Nokia
[2012/03/28 23:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012/03/28 23:33:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\PC Suite
[2012/03/28 23:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012/03/28 23:33:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2012/03/28 23:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2012/03/28 23:32:46 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2012/03/28 23:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/03/28 23:32:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/03/28 23:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012/03/28 23:32:29 | 000,057,856 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll
[2012/03/28 23:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2012/03/28 23:32:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2012/03/28 23:27:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/03/28 23:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/03/28 23:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/03/28 23:22:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/03/28 23:22:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/28 23:22:04 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/03/28 23:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/03/28 23:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2012/03/28 23:21:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2012/03/28 23:20:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TubeMaster++
[2012/03/28 23:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012/03/28 23:18:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Google
[2012/03/28 23:18:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/03/28 23:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoZoom Pro 3
[2012/03/28 23:13:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoZoom Pro 3
[2012/03/28 23:10:34 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\FIXIO PC Utilities
[2012/03/28 23:09:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIXIO PC Utilities
[2012/03/28 23:09:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FIXIO PC Utilities
[2012/03/28 23:05:37 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2012/03/28 23:05:37 | 000,597,834 | ---- | C] (Cyotek) -- C:\Windows\SysWow64\AS-IFce1.ocx
[2012/03/28 23:05:37 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.ocx
[2012/03/28 23:05:37 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL
[2012/03/28 23:05:37 | 000,058,938 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atlu.dll
[2012/03/28 22:57:58 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Uniblue
[2012/03/28 22:57:42 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\PackageAware
[2012/03/28 22:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portrait Professional 10
[2012/03/28 22:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Portrait Professional 10
[2012/03/28 22:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
[2012/03/28 22:35:52 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2012/03/28 22:32:30 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Software
[2012/03/28 22:32:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Software
[2012/03/28 22:30:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\ACD Systems
[2012/03/28 22:30:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\ACD Systems
[2012/03/28 22:28:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2012/03/28 22:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ACD Systems
[2012/03/28 22:28:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ACD Systems
[2012/03/28 22:28:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ACD Systems
[2012/03/28 22:26:22 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Downloaded Installations
[2012/03/28 22:05:22 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/03/28 22:05:22 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/03/28 22:05:19 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/03/28 22:05:19 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/03/28 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Mozilla
[2012/03/28 21:30:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/03/28 21:30:12 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Conduit
[2012/03/28 21:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2012/03/28 21:19:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2012/03/28 21:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Video Codec
[2012/03/28 21:02:36 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/03/28 20:25:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\WinRAR
[2012/03/28 20:25:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/28 20:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/28 20:24:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012/03/28 20:23:45 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\GetRightToGo
[2012/03/28 20:08:50 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\CrashDumps
[2012/03/28 20:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/03/28 19:58:36 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/03/28 19:56:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/03/28 19:55:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/03/28 19:51:48 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Adobe
[2012/03/28 19:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\Photoshop CS5
[2012/03/28 19:28:56 | 001,397,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win_utilman.exe
[2012/03/28 19:28:54 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\_MDLogs
[2012/03/28 19:25:46 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\My Received Files
[2012/03/28 19:20:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Windows Live
[2012/03/28 19:20:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{CF86CA14-90C2-46FF-AF19-08772A23A2C1}
[2012/03/28 19:20:26 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{016380D2-29FD-4747-8DB9-0D02804813B6}
[2012/03/28 19:20:12 | 000,000,000 | ---D | C] -- C:\Users\Christian\Tracing
[2012/03/28 19:12:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/03/28 19:07:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2012/03/28 19:04:59 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\Fichiers Outlook
[2012/03/28 18:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/03/28 18:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/03/28 18:55:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/03/28 18:54:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/03/28 18:53:44 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2012/03/28 18:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/03/28 18:53:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Microsoft Help
[2012/03/28 18:53:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/03/28 18:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/03/28 18:53:14 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/03/28 18:40:10 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Vista Start Menu
[2012/03/28 18:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vista Start Menu
[2012/03/28 18:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vista Start Menu
[2012/03/28 18:29:36 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\RoboForm
[2012/03/28 18:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2012/03/28 18:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
[2012/03/28 18:28:17 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\My RoboForm Data
[2012/03/28 18:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2012/03/28 18:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/03/28 18:21:43 | 000,139,512 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwot.sys
[2012/03/28 18:21:43 | 000,113,768 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwim.sys
[2012/03/28 18:13:52 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Avira
[2012/03/28 18:08:17 | 000,132,320 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012/03/28 18:08:17 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012/03/28 18:08:17 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012/03/28 18:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/03/28 18:08:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012/03/28 17:57:16 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Macromedia
[2012/03/28 17:57:13 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Adobe
[2012/03/28 17:52:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\ATI
[2012/03/28 17:52:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\ATI
[2012/03/28 17:51:42 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Synaptics
[2012/03/28 17:51:24 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/03/28 17:51:24 | 000,000,000 | R--D | C] -- C:\Users\Christian\Searches
[2012/03/28 17:51:24 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/03/28 17:51:24 | 000,000,000 | ---D | C] -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/03/28 17:51:16 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Identities
[2012/03/28 17:51:14 | 000,000,000 | R--D | C] -- C:\Users\Christian\Contacts
[2012/03/28 17:50:09 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Hewlett-Packard
[2012/03/28 17:48:33 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/28 17:48:33 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/28 17:48:33 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/28 17:48:32 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/28 17:48:32 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/28 17:48:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\hpqlog
[2012/03/28 17:48:11 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Hewlett-Packard
[2012/03/28 16:48:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
[2012/03/28 16:48:11 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\RemEngine
[2012/03/28 16:48:09 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Hewlett-Packard_Company
[2012/03/28 16:47:40 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\AuthenTec
[2012/03/28 16:47:01 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Symantec
[2012/03/28 16:46:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\VirtualStore
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Voisinage réseau
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Voisinage d'impression
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\AppData\Local\Temporary Internet Files
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\SendTo
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Recent
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Modèles
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Documents\Mes vidéos
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Documents\Mes images
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Mes documents
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Menu Démarrer
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Documents\Ma musique
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Local Settings
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\AppData\Local\Historique
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Cookies
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Application Data
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\AppData\Local\Application Data
[2012/03/28 16:46:15 | 000,000,000 | --SD | C] -- C:\Users\Christian\AppData\Roaming\Microsoft
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Videos
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Saved Games
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Pictures
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Music
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Links
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Favorites
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Downloads
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Documents
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Desktop
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/03/28 16:46:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Temp
[2012/03/28 16:46:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Microsoft
[2012/03/28 16:46:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Media Center Programs
[2012/03/28 16:46:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2012/03/22 21:12:12 | 004,435,968 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
superviseur55
 
Messages: 6
Inscription: 15 Avr 2012, 14:50

Re: Demandes d'étude de rapport d'analyse

Messagede superviseur55 » 15 Avr 2012, 15:05

========== Files - Modified Within 30 Days ==========

[2012/04/15 15:45:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/04/15 15:29:19 | 000,000,884 | ---- | M] () -- C:\Users\Christian\Desktop\NTREGOPT.lnk
[2012/04/15 15:29:19 | 000,000,865 | ---- | M] () -- C:\Users\Christian\Desktop\ERUNT.lnk
[2012/04/15 15:28:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/15 15:27:04 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/15 15:18:09 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
[2012/04/15 15:16:59 | 000,271,360 | ---- | M] () -- C:\Users\Christian\Documents\Outlook.pst
[2012/04/15 15:10:08 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/04/15 13:29:57 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/15 13:29:57 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/15 13:22:33 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/15 13:22:25 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2012/04/15 13:22:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/15 13:22:02 | 495,865,855 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/15 13:09:34 | 000,007,368 | ---- | M] () -- C:\Users\Christian\Documents\cc_20120415_130929.reg
[2012/04/15 10:20:09 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForChristian.job
[2012/04/15 10:16:53 | 000,000,772 | ---- | M] () -- C:\Windows\wininit.ini
[2012/04/15 09:59:27 | 000,001,258 | ---- | M] () -- C:\Users\Christian\Desktop\Spybot - Search & Destroy.lnk
[2012/04/15 09:44:13 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/15 09:44:13 | 000,704,480 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/04/15 09:44:13 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/15 09:44:13 | 000,130,754 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/04/15 09:44:13 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/14 12:11:50 | 000,001,008 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Badoo.Desktop.lnk
[2012/04/14 09:21:37 | 000,635,634 | ---- | M] () -- C:\Users\Christian\Desktop\4550251_xxl.jpg
[2012/04/14 08:27:27 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/14 08:27:27 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/14 08:27:20 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/14 00:34:09 | 000,453,815 | ---- | M] () -- C:\Users\Christian\Desktop\Oeuf__1_4b21145d94340.jpg
[2012/04/13 17:31:24 | 000,500,845 | ---- | M] () -- C:\Users\Christian\Desktop\Calendrier 2012.JPG
[2012/04/12 08:41:20 | 000,001,800 | ---- | M] () -- C:\Users\Christian\Desktop\Uniblue RegistryBooster.lnk
[2012/04/12 08:41:20 | 000,001,790 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/04/12 08:26:32 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSUPERVISEUR-HP$.job
[2012/04/10 22:41:54 | 000,004,096 | ---- | M] () -- C:\Users\Christian\AppData\Local\keyfile3.drm
[2012/04/10 11:37:26 | 000,070,298 | ---- | M] () -- C:\Users\Christian\Desktop\bourricot-face.jpg
[2012/04/10 11:16:43 | 000,095,635 | ---- | M] () -- C:\Users\Christian\Desktop\dyn004_original_420_560_jpeg_2507134_8cf8f060964233b70c065f126d6d76fe.jpg
[2012/04/09 09:16:03 | 000,001,133 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/08 10:45:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3813990618-657574580-487364974-1000Core.job
[2012/04/06 07:35:57 | 000,001,013 | ---- | M] () -- C:\Users\Christian\Desktop\TubeMaster++.lnk
[2012/04/05 21:46:45 | 000,000,843 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120415-111954.backup
[2012/04/05 21:46:45 | 000,000,843 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120415-111938.backup
[2012/04/05 21:46:45 | 000,000,843 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/04/05 20:20:12 | 000,002,532 | ---- | M] () -- C:\Users\Christian\Documents\cc_20120405_202005.reg
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/02 22:30:59 | 005,012,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/02 13:42:04 | 000,000,608 | -HS- | M] () -- C:\Windows\SysNative\winzvprt5.sys
[2012/04/02 13:42:04 | 000,000,242 | ---- | M] () -- C:\Windows\SysNative\hppfaxprinter5.ini
[2012/04/01 22:13:48 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012/04/01 22:02:17 | 000,000,452 | ---- | M] () -- C:\Windows\tasks\FIXIOPCCleaner.job
[2012/03/31 19:35:44 | 000,000,020 | ---- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2012/03/31 11:47:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_wpdcomp_01_09_00.Wdf
[2012/03/31 11:47:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/03/31 11:47:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012/03/30 15:08:02 | 000,000,306 | ---- | M] () -- C:\Windows\setup.iss
[2012/03/30 09:27:28 | 000,023,915 | ---- | M] () -- C:\Users\Christian\Documents\33.jpg
[2012/03/29 22:05:55 | 000,000,363 | ---- | M] () -- C:\Users\Christian\Desktop\Ordinateur.lnk
[2012/03/29 20:13:26 | 000,000,268 | R--- | M] () -- C:\ProgramData\Smooth Strings
[2012/03/29 20:13:26 | 000,000,268 | R--- | M] () -- C:\Users\Christian\AppData\Roaming\Screen Savers
[2012/03/29 20:13:26 | 000,000,020 | ---- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2012/03/29 20:13:26 | 000,000,012 | R--- | M] () -- C:\ProgramData\StatusSheet
[2012/03/29 20:12:48 | 000,000,268 | R--- | M] () -- C:\ProgramData\Solid Colors
[2012/03/29 20:12:48 | 000,000,268 | R--- | M] () -- C:\ProgramData\SingleFiles
[2012/03/29 20:12:48 | 000,000,268 | R--- | M] () -- C:\Users\Christian\AppData\Roaming\Scripts Menu
[2012/03/29 20:12:48 | 000,000,268 | R--- | M] () -- C:\Users\Christian\AppData\Roaming\Screen Saver
[2012/03/29 20:12:48 | 000,000,020 | ---- | M] () -- C:\ProgramData\PKP_DLev.DAT
[2012/03/29 20:12:48 | 000,000,012 | R--- | M] () -- C:\ProgramData\String Comparison
[2012/03/29 20:12:48 | 000,000,012 | R--- | M] () -- C:\ProgramData\StartupItems
[2012/03/29 20:12:36 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ATL71.DLL
[2012/03/29 16:58:46 | 000,001,492 | ---- | M] () -- C:\user.js
[2012/03/28 23:23:49 | 000,002,239 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/28 23:21:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/03/28 23:21:55 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/03/28 23:21:55 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/03/28 23:21:55 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/03/28 19:05:00 | 000,001,131 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/03/28 18:40:07 | 000,001,117 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Vista Start Menu.lnk
[2012/03/28 18:19:25 | 000,132,320 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012/03/28 18:19:23 | 000,139,512 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwot.sys
[2012/03/28 18:19:23 | 000,113,768 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwim.sys
[2012/03/28 17:58:47 | 000,001,024 | ---- | M] () -- C:\Users\Christian\Desktop\Internet Explorer.lnk
[2012/03/28 17:56:38 | 000,001,453 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/28 16:44:07 | 000,206,462 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/03/28 16:44:07 | 000,206,462 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/03/28 16:43:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/03/22 21:12:12 | 004,435,968 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr

========== Files Created - No Company Name ==========

[2012/04/15 15:45:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/04/15 15:29:19 | 000,000,884 | ---- | C] () -- C:\Users\Christian\Desktop\NTREGOPT.lnk
[2012/04/15 15:29:19 | 000,000,865 | ---- | C] () -- C:\Users\Christian\Desktop\ERUNT.lnk
[2012/04/15 15:10:08 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/04/15 15:10:08 | 000,001,979 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/04/15 13:09:32 | 000,007,368 | ---- | C] () -- C:\Users\Christian\Documents\cc_20120415_130929.reg
[2012/04/15 10:16:51 | 000,000,772 | ---- | C] () -- C:\Windows\wininit.ini
[2012/04/15 09:59:27 | 000,001,258 | ---- | C] () -- C:\Users\Christian\Desktop\Spybot - Search & Destroy.lnk
[2012/04/14 12:09:50 | 000,001,138 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Badoo Desktop.lnk
[2012/04/14 12:09:50 | 000,001,008 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Badoo.Desktop.lnk
[2012/04/14 09:21:37 | 000,635,634 | ---- | C] () -- C:\Users\Christian\Desktop\4550251_xxl.jpg
[2012/04/14 00:29:40 | 000,453,815 | ---- | C] () -- C:\Users\Christian\Desktop\Oeuf__1_4b21145d94340.jpg
[2012/04/12 08:41:20 | 000,001,800 | ---- | C] () -- C:\Users\Christian\Desktop\Uniblue RegistryBooster.lnk
[2012/04/10 11:35:10 | 000,070,298 | ---- | C] () -- C:\Users\Christian\Desktop\bourricot-face.jpg
[2012/04/10 11:17:36 | 000,095,635 | ---- | C] () -- C:\Users\Christian\Desktop\dyn004_original_420_560_jpeg_2507134_8cf8f060964233b70c065f126d6d76fe.jpg
[2012/04/09 15:06:26 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/09 09:16:03 | 000,001,133 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/08 10:40:58 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3813990618-657574580-487364974-1000Core.job
[2012/04/07 06:20:29 | 000,004,096 | ---- | C] () -- C:\Users\Christian\AppData\Local\keyfile3.drm
[2012/04/05 23:55:13 | 000,001,013 | ---- | C] () -- C:\Users\Christian\Desktop\TubeMaster++.lnk
[2012/04/05 20:20:07 | 000,002,532 | ---- | C] () -- C:\Users\Christian\Documents\cc_20120405_202005.reg
[2012/04/02 22:56:21 | 000,271,360 | ---- | C] () -- C:\Users\Christian\Documents\Outlook.pst
[2012/04/02 13:42:04 | 000,000,608 | -HS- | C] () -- C:\Windows\SysNative\winzvprt5.sys
[2012/04/02 13:42:04 | 000,000,242 | ---- | C] () -- C:\Windows\SysNative\hppfaxprinter5.ini
[2012/04/02 13:39:54 | 000,000,994 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement OCR I.R.I.S..lnk
[2012/04/02 13:36:35 | 000,003,211 | ---- | C] () -- C:\Windows\SysNative\hppls1530.spf
[2012/03/31 11:47:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_wpdcomp_01_09_00.Wdf
[2012/03/31 11:47:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/03/31 11:47:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012/03/31 11:46:22 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012/03/30 15:07:50 | 000,000,306 | ---- | C] () -- C:\Windows\setup.iss
[2012/03/30 09:30:02 | 000,023,915 | ---- | C] () -- C:\Users\Christian\Documents\33.jpg
[2012/03/30 08:59:21 | 000,000,452 | ---- | C] () -- C:\Windows\tasks\FIXIOPCCleaner.job
[2012/03/29 22:05:55 | 000,000,363 | ---- | C] () -- C:\Users\Christian\Desktop\Ordinateur.lnk
[2012/03/29 20:13:26 | 000,000,268 | R--- | C] () -- C:\ProgramData\Smooth Strings
[2012/03/29 20:13:26 | 000,000,268 | R--- | C] () -- C:\Users\Christian\AppData\Roaming\Screen Savers
[2012/03/29 20:13:26 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/03/29 20:13:26 | 000,000,012 | R--- | C] () -- C:\ProgramData\StatusSheet
[2012/03/29 20:12:48 | 000,000,268 | R--- | C] () -- C:\ProgramData\Solid Colors
[2012/03/29 20:12:48 | 000,000,268 | R--- | C] () -- C:\ProgramData\SingleFiles
[2012/03/29 20:12:48 | 000,000,268 | R--- | C] () -- C:\Users\Christian\AppData\Roaming\Scripts Menu
[2012/03/29 20:12:48 | 000,000,268 | R--- | C] () -- C:\Users\Christian\AppData\Roaming\Screen Saver
[2012/03/29 20:12:48 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/03/29 20:12:48 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/03/29 20:12:48 | 000,000,012 | R--- | C] () -- C:\ProgramData\String Comparison
[2012/03/29 20:12:48 | 000,000,012 | R--- | C] () -- C:\ProgramData\StartupItems
[2012/03/29 16:58:45 | 000,001,492 | ---- | C] () -- C:\user.js
[2012/03/29 12:58:35 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForSUPERVISEUR-HP$.job
[2012/03/28 23:23:49 | 000,002,239 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/28 23:23:20 | 000,001,074 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/28 23:23:19 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/28 22:57:59 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2012/03/28 22:57:58 | 000,001,790 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/03/28 21:19:04 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/03/28 21:19:04 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/03/28 21:19:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2012/03/28 19:58:18 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2012/03/28 19:05:00 | 000,001,131 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/03/28 18:40:07 | 000,001,117 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Vista Start Menu.lnk
[2012/03/28 17:58:47 | 000,001,024 | ---- | C] () -- C:\Users\Christian\Desktop\Internet Explorer.lnk
[2012/03/28 17:56:38 | 000,001,453 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/28 17:51:33 | 000,001,459 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/03/28 17:51:11 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForChristian.job
[2012/03/28 16:46:15 | 000,000,290 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/03/28 16:46:15 | 000,000,272 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/03/28 16:43:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/12/29 10:25:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/12/29 10:21:04 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011/12/29 10:16:59 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/12/29 10:11:53 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/11/04 15:47:57 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011/09/06 13:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/08/17 23:43:18 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/08/09 18:30:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/08/09 18:30:02 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/08/09 18:30:02 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/08/09 18:23:26 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/08/09 17:58:38 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/06/10 04:17:36 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/03/17 23:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/06/25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

========== LOP Check ==========

[2012/03/28 22:30:00 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ACD Systems
[2012/03/31 21:09:38 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Anthropics
[2012/03/29 18:04:19 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Autodesk
[2012/04/02 22:21:36 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Epson
[2012/03/28 23:10:34 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\FIXIO PC Utilities
[2012/04/15 09:58:34 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\GetRightToGo
[2012/03/31 19:35:37 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Nikon
[2012/04/01 23:21:19 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Nokia
[2012/04/01 23:21:20 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Nokia Suite
[2012/03/28 23:47:55 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\OpenCandy
[2012/04/01 20:25:28 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\OpenOffice.org
[2012/04/01 23:24:47 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\PC Suite
[2012/03/28 23:47:57 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\pdfforge
[2012/03/28 18:29:36 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\RoboForm
[2012/03/28 21:02:36 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/03/28 17:51:42 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Synaptics
[2012/04/05 11:05:20 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Tracker Software
[2012/03/28 22:57:58 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Uniblue
[2012/04/15 08:46:59 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Vista Start Menu
[2012/03/31 11:32:02 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Vodafone
[2012/03/28 23:36:34 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Weecast
[2012/03/28 19:28:54 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\_MDLogs
[2012/04/08 10:45:00 | 000,000,922 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3813990618-657574580-487364974-1000Core.job
[2012/04/01 22:02:17 | 000,000,452 | ---- | M] () -- C:\Windows\Tasks\FIXIOPCCleaner.job
[2012/04/15 13:22:25 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2009/07/14 07:08:49 | 000,013,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CTFMON.EXE >
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

< MD5 for: EXPLORER.EXE >
[2011/11/04 23:57:32 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/11/04 23:57:32 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/11/04 23:57:32 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/11/04 23:57:32 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/11/04 23:57:32 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/11/04 23:57:32 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: IASTOR.SYS >
[2011/04/26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/04/26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_16d1c1de1eca8452\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/11/05 00:04:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/11/05 00:04:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/11/05 00:04:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/11/05 00:04:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2011/11/05 00:04:16 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/11/05 00:04:16 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/11/05 00:04:16 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/11/05 00:04:16 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2012/02/28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2010/11/21 05:24:28 | 001,236,992 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msxml3.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< End of report >
superviseur55
 
Messages: 6
Inscription: 15 Avr 2012, 14:50

Re: Demandes d'étude de rapport d'analyse

Messagede superviseur55 » 15 Avr 2012, 15:10

Error: Unable to interpret <%SYSTEMDRIVE%\*.exe> in the current context!
Error: Unable to interpret </md5start> in the current context!
Error: Unable to interpret <ctfmon.exe> in the current context!
Error: Unable to interpret <explorer.exe> in the current context!
Error: Unable to interpret <userinit.exe> in the current context!
Error: Unable to interpret <wininit.exe> in the current context!
Error: Unable to interpret <winlogon.exe> in the current context!
Error: Unable to interpret <eventlog.dll> in the current context!
Error: Unable to interpret <scecli.dll> in the current context!
Error: Unable to interpret <netlogon.dll> in the current context!
Error: Unable to interpret <cngaudit.dll> in the current context!
Error: Unable to interpret <sceclt.dll> in the current context!
Error: Unable to interpret <ntelogon.dll> in the current context!
Error: Unable to interpret <logevent.dll> in the current context!
Error: Unable to interpret <iaStor.sys> in the current context!
Error: Unable to interpret <nvstor.sys> in the current context!
Error: Unable to interpret <atapi.sys> in the current context!
Error: Unable to interpret <IdeChnDr.sys> in the current context!
Error: Unable to interpret <viasraid.sys> in the current context!
Error: Unable to interpret <AGP440.sys> in the current context!
Error: Unable to interpret <vaxscsi.sys> in the current context!
Error: Unable to interpret <nvatabus.sys> in the current context!
Error: Unable to interpret <viamraid.sys> in the current context!
Error: Unable to interpret <nvata.sys> in the current context!
Error: Unable to interpret <nvgts.sys> in the current context!
Error: Unable to interpret <iastorv.sys> in the current context!
Error: Unable to interpret <ViPrt.sys> in the current context!
Error: Unable to interpret <eNetHook.dll> in the current context!
Error: Unable to interpret <ahcix86.sys> in the current context!
Error: Unable to interpret <KR10N.sys> in the current context!
Error: Unable to interpret <nvstor32.sys> in the current context!
Error: Unable to interpret <ahcix86s.sys> in the current context!
Error: Unable to interpret <nvrd32.sys> in the current context!
Error: Unable to interpret </md5stop> in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles> in the current context!
Error: Unable to interpret <%systemroot%\Tasks\*.job /lockedfiles> in the current context!

OTL by OldTimer - Version 3.2.39.2 log created on 04152012_160913
superviseur55
 
Messages: 6
Inscription: 15 Avr 2012, 14:50

Re: Demandes d'étude de rapport d'analyse

Messagede superviseur55 » 15 Avr 2012, 15:26

# AdwCleaner v1.600 - Rapport créé le 15/04/2012 à 16:24:07
# Mis à jour le 15/04/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Christian - SUPERVISEUR-HP
# Exécuté depuis : C:\Users\Christian\Downloads\adwcleaner.exe
# Option [Recherche]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Users\Christian\AppData\Local\Conduit
Dossier Présent : C:\Users\Christian\AppData\Local\Software
Dossier Présent : C:\Users\Christian\AppData\LocalLow\Conduit
Dossier Présent : C:\Users\Christian\AppData\LocalLow\PriceGong
Dossier Présent : C:\Users\Christian\AppData\Roaming\GetRightToGo
Dossier Présent : C:\Users\Christian\AppData\Roaming\OpenCandy
Dossier Présent : C:\Users\Christian\AppData\Roaming\pdfforge
Dossier Présent : C:\ProgramData\Software
Dossier Présent : C:\Program Files (x86)\BrowserCompanion
Dossier Présent : C:\Program Files (x86)\Conduit
Dossier Présent : C:\Program Files (x86)\Software

***** [H. Navipromo] *****


***** [Registre] *****

Clé Présente : HKCU\Software\BrowserCompanion
Clé Présente : HKCU\Software\Softonic
Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
Clé Présente : HKCU\Software\AppDataLow\Software\PriceGong
Clé Présente : HKLM\SOFTWARE\Conduit
Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
[x64] Clé Présente : HKCU\Software\BrowserCompanion
[x64] Clé Présente : HKCU\Software\Softonic
[x64] Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
[x64] Clé Présente : HKCU\Software\AppDataLow\Software\PriceGong
[x64] Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

***** [Registre - GUID] *****

Clé Présente : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{64C54209-175C-454D-9291-AC46D4D952CF}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
[x64] Clé Présente : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[x64] Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

## Fichier : C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [2990 octets] - [15/04/2012 16:24:07]

########## EOF - C:\AdwCleaner[R1].txt - [3118 octets] ##########
superviseur55
 
Messages: 6
Inscription: 15 Avr 2012, 14:50

Re: Demandes d'étude de rapport d'analyse

Messagede nickW » 16 Avr 2012, 21:14

Bonsoir


Il existe des gens qui disent bonjour;
Il existe des gens qui disent au revoir;
Il existe des gens qui disent s'il vous plaît et merci;
Il existe des gens qui savent décrire leur config et leur problème;


Il existe aussi, malheureusement, d'autres gens.


Salut
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 15 invités