Assiste.Forums

de **superviseur55** » 15 04 2012

Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org

Version de la base de données: v2012.04.15.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Christian :: SUPERVISEUR-HP [administrateur]

Protection: Activé

15/04/2012 15:38:38
mbam-log-2012-04-15 (15-38-38).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 196556
Temps écoulé: 30 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)

de **superviseur55** » 15 04 2012

OTL logfile created on: 15/04/2012 15:43:28 - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Christian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

5,95 Gb Total Physical Memory | 3,58 Gb Available Physical Memory | 60,13% Memory free
11,90 Gb Paging File | 9,33 Gb Available in Paging File | 78,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673,85 Gb Total Space | 183,42 Gb Free Space | 27,22% Space Free | Partition Type: NTFS
Drive D: | 1,89 Gb Total Space | 0,01 Gb Free Space | 0,30% Space Free | Partition Type: FAT
Drive E: | 20,62 Gb Total Space | 2,20 Gb Free Space | 10,68% Space Free | Partition Type: NTFS
Drive F: | 3,96 Gb Total Space | 1,08 Gb Free Space | 27,20% Space Free | Partition Type: FAT32

Computer Name: SUPERVISEUR-HP | User Name: Christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/15 15:18:09 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
PRC - [2012/04/07 06:25:47 | 000,109,296 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/04/01 20:56:28 | 000,025,984 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2012/03/28 18:19:03 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/03/28 18:18:22 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012/03/28 18:18:14 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012/03/28 18:18:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/03/28 18:18:11 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/03/28 18:18:10 | 000,616,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2012/02/15 12:58:00 | 000,034,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/14 13:02:04 | 000,435,672 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2011/10/05 20:18:50 | 001,051,760 | ---- | M] (Badoo) -- C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe
PRC - [2011/09/28 16:42:14 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/09/12 18:55:46 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/08/19 06:44:30 | 000,260,424 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/08/19 06:44:12 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/08/19 06:43:46 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/05/24 13:52:44 | 002,752,416 | ---- | M] (OrdinarySoft) -- C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe
PRC - [2011/04/30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/02/24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/02/01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/11/21 05:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/09/22 17:25:34 | 000,191,600 | ---- | M] (LULU software) -- C:\Program Files (x86)\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO Service.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/07/04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/14 13:02:08 | 000,202,712 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2011/11/14 13:02:06 | 000,063,960 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2011/11/14 13:01:52 | 007,964,160 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtGui4.dll
MOD - [2011/11/14 13:01:52 | 002,648,064 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXmlPatterns4.dll
MOD - [2011/11/14 13:01:52 | 002,302,464 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtCore4.dll
MOD - [2011/11/14 13:01:52 | 000,980,480 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtNetwork4.dll
MOD - [2011/11/14 13:01:52 | 000,357,888 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXml4.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/08 15:42:28 | 000,305,152 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:64bit: - [2011/08/18 08:12:52 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/02/16 23:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010/10/11 03:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/04/14 08:27:27 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/28 18:19:03 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/03/28 18:18:22 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/03/28 18:18:14 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012/03/28 18:18:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/03/28 18:18:10 | 000,616,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/15 12:58:00 | 000,034,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/09/12 18:55:46 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/09/01 07:11:00 | 002,425,960 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/08/19 06:44:30 | 000,260,424 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/04/30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011/02/24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service) Intel(R)
SRV - [2011/02/01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011/02/01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/10/25 14:53:46 | 000,145,920 | ---- | M] (HP) [Auto | Stopped] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2010/09/22 17:25:34 | 000,191,600 | ---- | M] (LULU software) [Auto | Running] -- C:\Program Files (x86)\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO Service.exe -- (FIXIO Service)
SRV - [2010/06/25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2008/07/04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/28 18:19:25 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/03/28 18:19:23 | 000,139,512 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avfwot.sys -- (avfwot)
DRV:64bit: - [2012/03/28 18:19:23 | 000,113,768 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avfwim.sys -- (avfwim)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/01 17:55:27 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/12/01 17:55:27 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/11/05 00:04:16 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/11/05 00:04:16 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/09/08 15:42:28 | 000,535,040 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/09/02 21:46:00 | 000,339,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/08/24 07:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/08/18 11:40:56 | 009,981,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/08/18 07:34:48 | 000,310,272 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/08/17 12:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/08/17 12:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/08/17 12:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/08/17 12:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/08/09 18:32:02 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011/07/19 11:19:16 | 001,492,992 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/06/10 04:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/04/26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/14 10:26:56 | 000,022,040 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hppdbulkio.sys -- (HPFXBULKLEDM)
DRV:64bit: - [2010/12/14 10:26:44 | 000,023,576 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hppdfaxio.sys -- (HPFXFAX)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/10/15 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Son Intel(R)
DRV:64bit: - [2010/07/28 10:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/03/17 11:06:14 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2005/09/23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/3
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/709-11107 ... html?_nkw={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{E2F3799C-66D3-4E63-A94A-852705019087}: "URL" = http://www.amazon.fr/s/ref=azs_osd_ieaf ... -keywords={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/3
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/709-11107 ... html?_nkw={searchTerms}
IE - HKLM\..\SearchScopes\{E2F3799C-66D3-4E63-A94A-852705019087}: "URL" = http://www.amazon.fr/s/ref=azs_osd_ieaf ... -keywords={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGNI_frFR477
IE - HKU\S-1-5-21-3813990618-657574580-487364974-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_7.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2012/03/28 23:33:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2012/03/28 23:33:13 | 000,000,000 | ---D | M]

[2012/03/28 21:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\extensions
[2012/03/28 21:30:14 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.152\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.152\gcswf32.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmogjcijkfeahcajecmmegieipfbdcc\1.0_0\npwebsitelogon.dll
CHR - plugin: (Enabled) = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: Website Logon = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmogjcijkfeahcajecmmegieipfbdcc\1.0_0\
CHR - Extension: YouTube = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Recherche Google = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/04/05 21:46:45 | 000,000,843 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\Toolbar\WebBrowser: (no name) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-3813990618-657574580-487364974-1000\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP LaserJet Professional M1530 MFP Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe (Badoo)
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3813990618-657574580-487364974-1000..\Run: [VistaStartMenu] C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe (OrdinarySoft)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-3813990618-657574580-487364974-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9:64bit: - Extra Button: Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Sauvegarder - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Enregistrer les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Afficher la barret d'outils - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Remplir les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Sauvegarder - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Enregistrer les formulaires - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Afficher la barret d'outils - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EEB652E5-80C5-4940-9B16-AEBC17A800C6}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4f4c9720-7a85-11e1-a3dd-ec9a7456ab0d}\Shell - "" = AutoRun
O33 - MountPoints2\{4f4c9720-7a85-11e1-a3dd-ec9a7456ab0d}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4f4c9727-7a85-11e1-a3dd-ec9a7456ab0d}\Shell - "" = AutoRun
O33 - MountPoints2\{4f4c9727-7a85-11e1-a3dd-ec9a7456ab0d}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

de **superviseur55** » 15 04 2012

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/04/15 15:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/04/15 15:29:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/04/15 15:18:09 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
[2012/04/15 11:20:40 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{74ED5A67-31B4-4B18-84FA-585C86DFF2CB}
[2012/04/15 11:20:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{D2491F16-196D-41EE-A56C-5B2A5B071613}
[2012/04/15 09:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/04/15 09:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/04/15 09:59:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/04/14 22:59:46 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{E6872BE4-1792-47D4-84B7-89EE2261496D}
[2012/04/14 22:59:35 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{69D77470-B2A7-4D9E-A0A9-0DA93BCA57A5}
[2012/04/14 16:03:30 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{6A59EFC0-8B78-4EFA-AA44-954E1F586A4D}
[2012/04/14 12:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Badoo
[2012/04/14 08:27:20 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/13 23:53:39 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{7238293E-D00C-43B9-A194-1EAFA53BF70C}
[2012/04/13 23:53:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{1F29C955-BD4C-4E86-B705-9D7A2FB9D959}
[2012/04/13 23:52:49 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{EC0C3C93-BD76-4321-9BB2-E9E3A743E148}
[2012/04/13 23:52:38 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{E65F1CD4-D598-4D6F-9B77-B08E3A288BF2}
[2012/04/12 20:39:06 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{23676AA9-6D86-4A1D-A602-EC3E376704E3}
[2012/04/12 20:38:54 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{55D1AEDB-A6C4-4F7D-A1E7-61E904F5B054}
[2012/04/12 15:21:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Microsoft Games
[2012/04/12 11:46:24 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Diagnostics
[2012/04/12 08:41:20 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
[2012/04/12 08:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2012/04/12 08:41:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2012/04/12 08:28:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{B44AA780-E798-4863-8910-85394F422E4C}
[2012/04/12 08:28:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{346049D0-A011-431A-9BF8-1288AC4C5FFC}
[2012/04/12 07:56:25 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/12 07:56:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/12 07:56:24 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/12 07:56:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/12 07:56:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/12 07:56:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/12 07:56:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/12 07:56:22 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/12 07:56:22 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/12 07:56:22 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/12 07:56:22 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/12 07:56:05 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/12 07:56:04 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/12 07:56:04 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/12 07:49:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/12 07:49:05 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/12 07:49:04 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/11 15:40:31 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{B8ACB72B-7BF0-4AA4-A898-65B675C66788}
[2012/04/11 15:40:20 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{62740ABA-C222-4E8D-93D8-1DD83EA60484}
[2012/04/10 20:16:33 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{EE2713BB-E927-46B0-9493-2C7FD72B75E9}
[2012/04/10 20:16:21 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{2EE104A6-D61B-4299-8A43-1D3CB0D6ECE6}
[2012/04/10 07:30:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{0BBB39F1-C2AF-4EE6-A09B-5C927F9FCEC8}
[2012/04/10 07:30:29 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{DA7BCEF5-9108-4F68-925E-230D346BCB88}
[2012/04/09 15:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/04/09 15:06:25 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/09 07:56:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{F5B10482-6D76-4344-9B27-681B38213295}
[2012/04/09 07:55:46 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{8CA52709-22EA-4307-B96B-4E952D0FFCB5}
[2012/04/09 07:44:04 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{AE5B8C06-53D9-4461-BE97-C27428EC7184}
[2012/04/09 07:43:52 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{93A4749D-E656-4B83-AB07-D5E5A1A6DD7F}
[2012/04/08 11:29:11 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{1256C65B-468E-4C6E-ABF0-0D9ACA4C1AD6}
[2012/04/08 11:29:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{8F990778-21D8-4EA3-9063-DD11D2F17912}
[2012/04/08 10:41:04 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012/04/08 10:40:55 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Facebook
[2012/04/07 21:55:12 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{887E20E7-0B39-4049-BB62-7D75E59D4D12}
[2012/04/07 09:07:48 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{20C8B1F8-5E75-41A7-A12D-CD6A68C48250}
[2012/04/07 09:07:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{8B5AF968-7980-46D8-9ABE-B03C82A4EBBA}
[2012/04/06 09:26:44 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{951AF614-AC19-4A51-831E-A9A12477FFE9}
[2012/04/05 23:57:16 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/04/05 23:57:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/04/05 23:57:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/04/05 23:55:13 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TubeMaster++
[2012/04/05 20:44:04 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Malwarebytes
[2012/04/05 20:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/05 20:43:57 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/05 20:43:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/05 20:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/05 20:43:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{6346F745-4E79-41F4-88E5-959D6485CFF0}
[2012/04/05 20:43:02 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{834F29A1-BF3C-4A0F-A1A4-F5F286DCF168}
[2012/04/05 19:56:29 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{7A090F26-6F24-45EC-8262-BBDB48EA7393}
[2012/04/05 19:56:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{CECF066D-2BDF-4753-98C1-667E530EC6A0}
[2012/04/05 19:56:17 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{62431264-21D4-4154-BC6F-F3240B0B7E31}
[2012/04/05 19:00:46 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{02A400BD-DD97-4ECD-A90C-26FF6D8903EF}
[2012/04/05 19:00:34 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{DE62E55F-BE4E-4445-BFE0-0D905C1FB175}
[2012/04/05 19:00:34 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{63A7978A-C219-451A-B4F9-EDBB9FF61997}
[2012/04/05 11:05:20 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Tracker Software
[2012/04/05 07:46:43 | 000,000,000 | R--D | C] -- C:\Users\Christian\Documents\Scanned Documents
[2012/04/05 07:46:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\Fax
[2012/04/04 20:57:03 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{CC1538C9-7B5D-4125-94F9-51D3F6F479C5}
[2012/04/04 20:56:52 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{E949FD73-4CD8-4E7E-8A61-A56039998AE8}
[2012/04/04 20:21:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/04/03 20:11:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{742C73CF-3237-464D-87EE-9F6027D85C38}
[2012/04/03 20:11:07 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{B08E5309-FD14-40A0-9BDF-5A36AC336500}
[2012/04/03 19:35:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{F931B273-2D24-4D27-B42C-F6AB3FCBF09F}
[2012/04/03 19:35:40 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{9AC64421-A215-4F04-A35A-A187965E2906}
[2012/04/03 11:34:16 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\TomTom
[2012/04/03 11:34:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2012/04/03 11:34:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom International B.V
[2012/04/03 11:34:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyTomTom 3
[2012/04/03 06:54:25 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{1598D104-9D91-4285-9670-B6122574CD49}
[2012/04/03 06:54:12 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{C8FFE6EE-CADB-4C42-AFED-1CE92E8FC5E7}
[2012/04/02 22:12:24 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\PlayerTuto.com
[2012/04/02 17:28:39 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{E0199454-D13E-41B2-9808-F987B3901EA8}
[2012/04/02 17:28:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{4AC7715C-6144-4C0E-A9FF-6256B963D558}
[2012/04/02 13:42:35 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\HpUpdate
[2012/04/02 13:42:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\HP_LaserJet_Fax_0_6
[2012/04/02 13:42:05 | 000,027,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hppfaxprintermon5.dll
[2012/04/02 13:42:05 | 000,022,072 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hppfaxprintermonui5.dll
[2012/04/02 13:39:48 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Hewlett-Packard Company
[2012/04/02 13:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012/04/02 13:38:44 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
[2012/04/02 13:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012/04/02 13:36:35 | 001,150,520 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpptsp06_x64.dll
[2012/04/02 13:36:35 | 000,976,440 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpxp1530_x64.dll
[2012/04/02 13:36:35 | 000,751,160 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysWow64\hpptsp06.dll
[2012/04/02 13:36:35 | 000,217,656 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\hppscancoins64.dll
[2012/04/02 13:36:28 | 000,235,520 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\hpmldmfax02.dll
[2012/04/02 13:36:28 | 000,023,576 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\drivers\hppdfaxio.sys
[2012/04/02 13:36:27 | 000,059,928 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysWow64\hppcfaxcompio.dll
[2012/04/02 13:36:25 | 000,235,008 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\hpmldm02.dll
[2012/04/02 13:36:25 | 000,031,768 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\drivers\hppdgenio.sys
[2012/04/02 13:36:25 | 000,022,040 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\drivers\hppdbulkio.sys
[2012/04/02 13:36:22 | 000,311,296 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpbcoins64.dll
[2012/04/02 13:36:11 | 000,193,592 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppdcompio.dll
[2012/04/02 13:36:11 | 000,167,480 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysWow64\hppccompio.dll
[2012/04/02 13:36:04 | 000,176,128 | ---- | C] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\hpcpn101.dll
[2012/04/02 13:35:56 | 000,491,008 | ---- | C] (HP) -- C:\Windows\SysWow64\hpcdmc32.dll
[2012/04/02 13:35:56 | 000,305,664 | ---- | C] (Hewlett Packard Corporation) -- C:\Windows\SysWow64\hpcc3101.dll
[2012/04/02 13:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2012/04/01 23:21:20 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Nokia Suite
[2012/04/01 23:21:19 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Nokia
[2012/04/01 22:01:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Evernote
[2012/04/01 20:40:21 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/04/01 20:25:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\OpenOffice.org
[2012/04/01 20:24:53 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2012/04/01 20:24:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2012/04/01 14:09:53 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{8F7FEF90-4A35-4983-A646-8EA4F199F4CA}
[2012/04/01 14:09:42 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{1EED4E41-0042-45B3-9CCF-E26D61553D70}
[2012/04/01 01:16:10 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{463A8329-3F07-4B2B-910D-DB833644E10A}
[2012/04/01 01:15:58 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{7164B01A-8A01-41EC-8C62-87EFD825F086}
[2012/03/31 21:09:38 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Anthropics
[2012/03/31 19:35:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Nikon
[2012/03/31 19:35:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Nikon
[2012/03/31 12:00:19 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{CE0771DB-F79A-4F8D-AE83-5580ADA00F28}
[2012/03/31 12:00:07 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{CEEBF3E3-8224-47FF-B468-D5B93480B1E6}
[2012/03/31 11:51:10 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\NokiaAccount
[2012/03/31 11:48:19 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Pinnacle
[2012/03/31 11:46:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Instant DVD Recorder
[2012/03/31 11:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2012/03/31 11:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pinnacle
[2012/03/31 11:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2012/03/31 11:32:02 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Vodafone
[2012/03/31 11:32:00 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2012/03/31 11:31:57 | 000,115,328 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012/03/31 11:31:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2012/03/31 11:31:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2012/03/31 11:31:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vodafone
[2012/03/31 11:30:58 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{D53238E8-3427-491E-A57E-097FA966AAC1}
[2012/03/30 23:49:38 | 000,000,000 | ---D | C] -- C:\Users\Christian\W9 - Hits 2012 - 2CD [CdRip - MP3 - 320kbps]
[2012/03/30 21:07:38 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{34EA9907-F7D9-46AB-A151-9ED33E9EE19B}
[2012/03/30 21:07:26 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{5E327949-88F1-459A-8D3B-15D1DBA14389}
[2012/03/30 18:29:26 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Epson
[2012/03/30 15:20:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2012/03/30 15:12:55 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\ABBYY
[2012/03/30 15:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
[2012/03/30 15:12:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
[2012/03/30 15:12:26 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY
[2012/03/30 15:12:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ABBYY
[2012/03/30 15:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2012/03/30 15:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2012/03/30 15:07:49 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\InstallShield
[2012/03/30 15:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2012/03/30 15:06:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epson Software
[2012/03/30 15:05:38 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2012/03/30 15:05:23 | 000,118,784 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMHJE.DLL
[2012/03/30 15:05:19 | 000,088,064 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBHJE.DLL
[2012/03/30 15:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2012/03/30 15:04:54 | 000,464,384 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxw2ud.dll
[2012/03/30 15:04:54 | 000,132,560 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esdevapp.exe
[2012/03/30 15:04:54 | 000,013,824 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxcdev.dll
[2012/03/30 15:04:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2012/03/30 15:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2012/03/30 13:43:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByeBye
[2012/03/30 13:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ByeBye
[2012/03/30 08:42:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{7966AEED-0C4C-4C06-B761-CAEA59DC5DC9}
[2012/03/30 08:42:22 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{C3ADD385-B97F-4CCF-9207-83A32F4DA767}
[2012/03/29 23:40:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/03/29 23:40:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/03/29 23:24:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/03/29 23:03:04 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Google
[2012/03/29 23:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/03/29 23:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/03/29 22:57:22 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/03/29 22:57:22 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/03/29 22:57:07 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/03/29 22:57:07 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/03/29 22:57:07 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/03/29 22:57:07 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/03/29 22:56:43 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/03/29 22:56:28 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/03/29 22:56:28 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/03/29 22:56:28 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/03/29 22:56:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/03/29 22:56:28 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/03/29 22:56:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/03/29 22:55:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/03/29 22:55:41 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/03/29 22:55:41 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/03/29 22:55:29 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/29 22:25:08 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\vlc
[2012/03/29 21:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/03/29 21:58:02 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\Youcam
[2012/03/29 21:58:02 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\CyberLink
[2012/03/29 21:58:02 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\CyberLink
[2012/03/29 21:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Software
[2012/03/29 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/03/29 20:33:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Nikon
[2012/03/29 20:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics
[2012/03/29 20:30:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VisiPics
[2012/03/29 20:13:42 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/03/29 20:13:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nikon
[2012/03/29 20:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2
[2012/03/29 20:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2012/03/29 20:12:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nikon
[2012/03/29 20:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon
[2012/03/29 20:12:55 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ATL71.DLL
[2012/03/29 20:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15
[2012/03/29 20:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp
[2012/03/29 18:04:19 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Autodesk
[2012/03/29 17:08:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{76ECD492-A58D-41BA-A28F-B16AFDE415A4}
[2012/03/29 17:07:40 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/03/29 17:07:00 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/03/29 17:05:32 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2012/03/29 16:58:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowserCompanion
[2012/03/29 15:13:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{949C5E72-7189-4F8B-825A-355A7C970AEF}
[2012/03/29 13:12:14 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/03/29 13:12:14 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/03/29 13:12:12 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/03/29 13:12:12 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/03/29 13:12:12 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/03/29 13:12:12 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/03/29 13:11:51 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/03/29 13:11:50 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/03/29 13:11:50 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/03/29 13:11:49 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/03/29 13:11:49 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/03/29 13:11:40 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/03/29 13:11:39 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/03/29 13:11:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/03/29 00:04:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\HP
[2012/03/28 23:58:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/03/28 23:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/03/28 23:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Files
[2012/03/28 23:54:29 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Skype
[2012/03/28 23:47:57 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\pdfforge
[2012/03/28 23:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012/03/28 23:47:55 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2012/03/28 23:47:55 | 000,065,024 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012/03/28 23:47:54 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCFR.DLL
[2012/03/28 23:47:54 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2FR.DLL
[2012/03/28 23:47:54 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2012/03/28 23:47:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012/03/28 23:47:54 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\OpenCandy
[2012/03/28 23:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/03/28 23:36:34 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Weecast
[2012/03/28 23:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayerTuto.com
[2012/03/28 23:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayerTuto.com
[2012/03/28 23:33:54 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Nokia
[2012/03/28 23:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012/03/28 23:33:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\PC Suite
[2012/03/28 23:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012/03/28 23:33:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2012/03/28 23:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2012/03/28 23:32:46 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2012/03/28 23:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/03/28 23:32:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/03/28 23:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012/03/28 23:32:29 | 000,057,856 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll
[2012/03/28 23:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2012/03/28 23:32:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2012/03/28 23:27:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/03/28 23:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/03/28 23:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/03/28 23:22:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/03/28 23:22:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/28 23:22:04 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/03/28 23:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/03/28 23:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2012/03/28 23:21:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2012/03/28 23:20:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TubeMaster++
[2012/03/28 23:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012/03/28 23:18:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Google
[2012/03/28 23:18:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/03/28 23:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoZoom Pro 3
[2012/03/28 23:13:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoZoom Pro 3
[2012/03/28 23:10:34 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\FIXIO PC Utilities
[2012/03/28 23:09:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIXIO PC Utilities
[2012/03/28 23:09:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FIXIO PC Utilities
[2012/03/28 23:05:37 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2012/03/28 23:05:37 | 000,597,834 | ---- | C] (Cyotek) -- C:\Windows\SysWow64\AS-IFce1.ocx
[2012/03/28 23:05:37 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.ocx
[2012/03/28 23:05:37 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL
[2012/03/28 23:05:37 | 000,058,938 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atlu.dll
[2012/03/28 22:57:58 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Uniblue
[2012/03/28 22:57:42 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\PackageAware
[2012/03/28 22:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portrait Professional 10
[2012/03/28 22:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Portrait Professional 10
[2012/03/28 22:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
[2012/03/28 22:35:52 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2012/03/28 22:32:30 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Software
[2012/03/28 22:32:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Software
[2012/03/28 22:30:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\ACD Systems
[2012/03/28 22:30:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\ACD Systems
[2012/03/28 22:28:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2012/03/28 22:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ACD Systems
[2012/03/28 22:28:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ACD Systems
[2012/03/28 22:28:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ACD Systems
[2012/03/28 22:26:22 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Downloaded Installations
[2012/03/28 22:05:22 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/03/28 22:05:22 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/03/28 22:05:19 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/03/28 22:05:19 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/03/28 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Mozilla
[2012/03/28 21:30:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/03/28 21:30:12 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Conduit
[2012/03/28 21:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2012/03/28 21:19:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2012/03/28 21:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Video Codec
[2012/03/28 21:02:36 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/03/28 20:25:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\WinRAR
[2012/03/28 20:25:00 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/28 20:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/28 20:24:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012/03/28 20:23:45 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\GetRightToGo
[2012/03/28 20:08:50 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\CrashDumps
[2012/03/28 20:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/03/28 19:58:36 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/03/28 19:56:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/03/28 19:55:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/03/28 19:51:48 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Adobe
[2012/03/28 19:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\Photoshop CS5
[2012/03/28 19:28:56 | 001,397,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win_utilman.exe
[2012/03/28 19:28:54 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\_MDLogs
[2012/03/28 19:25:46 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\My Received Files
[2012/03/28 19:20:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Windows Live
[2012/03/28 19:20:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{CF86CA14-90C2-46FF-AF19-08772A23A2C1}
[2012/03/28 19:20:26 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{016380D2-29FD-4747-8DB9-0D02804813B6}
[2012/03/28 19:20:12 | 000,000,000 | ---D | C] -- C:\Users\Christian\Tracing
[2012/03/28 19:12:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/03/28 19:07:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2012/03/28 19:04:59 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\Fichiers Outlook
[2012/03/28 18:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/03/28 18:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/03/28 18:55:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/03/28 18:54:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/03/28 18:53:44 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2012/03/28 18:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/03/28 18:53:28 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Microsoft Help
[2012/03/28 18:53:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/03/28 18:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/03/28 18:53:14 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/03/28 18:40:10 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Vista Start Menu
[2012/03/28 18:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vista Start Menu
[2012/03/28 18:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vista Start Menu
[2012/03/28 18:29:36 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\RoboForm
[2012/03/28 18:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2012/03/28 18:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
[2012/03/28 18:28:17 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\My RoboForm Data
[2012/03/28 18:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2012/03/28 18:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/03/28 18:21:43 | 000,139,512 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwot.sys
[2012/03/28 18:21:43 | 000,113,768 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwim.sys
[2012/03/28 18:13:52 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Avira
[2012/03/28 18:08:17 | 000,132,320 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012/03/28 18:08:17 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012/03/28 18:08:17 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012/03/28 18:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/03/28 18:08:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012/03/28 17:57:16 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Macromedia
[2012/03/28 17:57:13 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Adobe
[2012/03/28 17:52:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\ATI
[2012/03/28 17:52:43 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\ATI
[2012/03/28 17:51:42 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Synaptics
[2012/03/28 17:51:24 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/03/28 17:51:24 | 000,000,000 | R--D | C] -- C:\Users\Christian\Searches
[2012/03/28 17:51:24 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/03/28 17:51:24 | 000,000,000 | ---D | C] -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/03/28 17:51:16 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Identities
[2012/03/28 17:51:14 | 000,000,000 | R--D | C] -- C:\Users\Christian\Contacts
[2012/03/28 17:50:09 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Hewlett-Packard
[2012/03/28 17:48:33 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/28 17:48:33 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/28 17:48:33 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/28 17:48:32 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/28 17:48:32 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/28 17:48:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\hpqlog
[2012/03/28 17:48:11 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Hewlett-Packard
[2012/03/28 16:48:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
[2012/03/28 16:48:11 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\RemEngine
[2012/03/28 16:48:09 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Hewlett-Packard_Company
[2012/03/28 16:47:40 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\AuthenTec
[2012/03/28 16:47:01 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Symantec
[2012/03/28 16:46:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\VirtualStore
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Voisinage réseau
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Voisinage d'impression
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\AppData\Local\Temporary Internet Files
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\SendTo
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Recent
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Modèles
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Documents\Mes vidéos
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Documents\Mes images
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Mes documents
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Menu Démarrer
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Documents\Ma musique
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Local Settings
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\AppData\Local\Historique
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Cookies
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Application Data
[2012/03/28 16:46:16 | 000,000,000 | -HSD | C] -- C:\Users\Christian\AppData\Local\Application Data
[2012/03/28 16:46:15 | 000,000,000 | --SD | C] -- C:\Users\Christian\AppData\Roaming\Microsoft
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Videos
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Saved Games
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Pictures
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Music
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Links
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Favorites
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Downloads
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Documents
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\Desktop
[2012/03/28 16:46:15 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/03/28 16:46:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Temp
[2012/03/28 16:46:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Microsoft
[2012/03/28 16:46:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Media Center Programs
[2012/03/28 16:46:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2012/03/28 16:46:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2012/03/22 21:12:12 | 004,435,968 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr

de **superviseur55** » 15 04 2012

========== Files - Modified Within 30 Days ==========

[2012/04/15 15:45:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/04/15 15:29:19 | 000,000,884 | ---- | M] () -- C:\Users\Christian\Desktop\NTREGOPT.lnk
[2012/04/15 15:29:19 | 000,000,865 | ---- | M] () -- C:\Users\Christian\Desktop\ERUNT.lnk
[2012/04/15 15:28:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/15 15:27:04 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/15 15:18:09 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
[2012/04/15 15:16:59 | 000,271,360 | ---- | M] () -- C:\Users\Christian\Documents\Outlook.pst
[2012/04/15 15:10:08 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/04/15 13:29:57 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/15 13:29:57 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/15 13:22:33 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/15 13:22:25 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2012/04/15 13:22:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/15 13:22:02 | 495,865,855 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/15 13:09:34 | 000,007,368 | ---- | M] () -- C:\Users\Christian\Documents\cc_20120415_130929.reg
[2012/04/15 10:20:09 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForChristian.job
[2012/04/15 10:16:53 | 000,000,772 | ---- | M] () -- C:\Windows\wininit.ini
[2012/04/15 09:59:27 | 000,001,258 | ---- | M] () -- C:\Users\Christian\Desktop\Spybot - Search & Destroy.lnk
[2012/04/15 09:44:13 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/15 09:44:13 | 000,704,480 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/04/15 09:44:13 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/15 09:44:13 | 000,130,754 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/04/15 09:44:13 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/14 12:11:50 | 000,001,008 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Badoo.Desktop.lnk
[2012/04/14 09:21:37 | 000,635,634 | ---- | M] () -- C:\Users\Christian\Desktop\4550251_xxl.jpg
[2012/04/14 08:27:27 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/14 08:27:27 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/14 08:27:20 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/14 00:34:09 | 000,453,815 | ---- | M] () -- C:\Users\Christian\Desktop\Oeuf__1_4b21145d94340.jpg
[2012/04/13 17:31:24 | 000,500,845 | ---- | M] () -- C:\Users\Christian\Desktop\Calendrier 2012.JPG
[2012/04/12 08:41:20 | 000,001,800 | ---- | M] () -- C:\Users\Christian\Desktop\Uniblue RegistryBooster.lnk
[2012/04/12 08:41:20 | 000,001,790 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/04/12 08:26:32 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSUPERVISEUR-HP$.job
[2012/04/10 22:41:54 | 000,004,096 | ---- | M] () -- C:\Users\Christian\AppData\Local\keyfile3.drm
[2012/04/10 11:37:26 | 000,070,298 | ---- | M] () -- C:\Users\Christian\Desktop\bourricot-face.jpg
[2012/04/10 11:16:43 | 000,095,635 | ---- | M] () -- C:\Users\Christian\Desktop\dyn004_original_420_560_jpeg_2507134_8cf8f060964233b70c065f126d6d76fe.jpg
[2012/04/09 09:16:03 | 000,001,133 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/08 10:45:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3813990618-657574580-487364974-1000Core.job
[2012/04/06 07:35:57 | 000,001,013 | ---- | M] () -- C:\Users\Christian\Desktop\TubeMaster++.lnk
[2012/04/05 21:46:45 | 000,000,843 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120415-111954.backup
[2012/04/05 21:46:45 | 000,000,843 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120415-111938.backup
[2012/04/05 21:46:45 | 000,000,843 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/04/05 20:20:12 | 000,002,532 | ---- | M] () -- C:\Users\Christian\Documents\cc_20120405_202005.reg
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/02 22:30:59 | 005,012,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/02 13:42:04 | 000,000,608 | -HS- | M] () -- C:\Windows\SysNative\winzvprt5.sys
[2012/04/02 13:42:04 | 000,000,242 | ---- | M] () -- C:\Windows\SysNative\hppfaxprinter5.ini
[2012/04/01 22:13:48 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012/04/01 22:02:17 | 000,000,452 | ---- | M] () -- C:\Windows\tasks\FIXIOPCCleaner.job
[2012/03/31 19:35:44 | 000,000,020 | ---- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2012/03/31 11:47:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_wpdcomp_01_09_00.Wdf
[2012/03/31 11:47:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/03/31 11:47:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012/03/30 15:08:02 | 000,000,306 | ---- | M] () -- C:\Windows\setup.iss
[2012/03/30 09:27:28 | 000,023,915 | ---- | M] () -- C:\Users\Christian\Documents\33.jpg
[2012/03/29 22:05:55 | 000,000,363 | ---- | M] () -- C:\Users\Christian\Desktop\Ordinateur.lnk
[2012/03/29 20:13:26 | 000,000,268 | R--- | M] () -- C:\ProgramData\Smooth Strings
[2012/03/29 20:13:26 | 000,000,268 | R--- | M] () -- C:\Users\Christian\AppData\Roaming\Screen Savers
[2012/03/29 20:13:26 | 000,000,020 | ---- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2012/03/29 20:13:26 | 000,000,012 | R--- | M] () -- C:\ProgramData\StatusSheet
[2012/03/29 20:12:48 | 000,000,268 | R--- | M] () -- C:\ProgramData\Solid Colors
[2012/03/29 20:12:48 | 000,000,268 | R--- | M] () -- C:\ProgramData\SingleFiles
[2012/03/29 20:12:48 | 000,000,268 | R--- | M] () -- C:\Users\Christian\AppData\Roaming\Scripts Menu
[2012/03/29 20:12:48 | 000,000,268 | R--- | M] () -- C:\Users\Christian\AppData\Roaming\Screen Saver
[2012/03/29 20:12:48 | 000,000,020 | ---- | M] () -- C:\ProgramData\PKP_DLev.DAT
[2012/03/29 20:12:48 | 000,000,012 | R--- | M] () -- C:\ProgramData\String Comparison
[2012/03/29 20:12:48 | 000,000,012 | R--- | M] () -- C:\ProgramData\StartupItems
[2012/03/29 20:12:36 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ATL71.DLL
[2012/03/29 16:58:46 | 000,001,492 | ---- | M] () -- C:\user.js
[2012/03/28 23:23:49 | 000,002,239 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/28 23:21:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/03/28 23:21:55 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/03/28 23:21:55 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/03/28 23:21:55 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/03/28 19:05:00 | 000,001,131 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/03/28 18:40:07 | 000,001,117 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Vista Start Menu.lnk
[2012/03/28 18:19:25 | 000,132,320 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012/03/28 18:19:23 | 000,139,512 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwot.sys
[2012/03/28 18:19:23 | 000,113,768 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwim.sys
[2012/03/28 17:58:47 | 000,001,024 | ---- | M] () -- C:\Users\Christian\Desktop\Internet Explorer.lnk
[2012/03/28 17:56:38 | 000,001,453 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/28 16:44:07 | 000,206,462 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/03/28 16:44:07 | 000,206,462 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/03/28 16:43:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/03/22 21:12:12 | 004,435,968 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr

========== Files Created - No Company Name ==========

[2012/04/15 15:45:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/04/15 15:29:19 | 000,000,884 | ---- | C] () -- C:\Users\Christian\Desktop\NTREGOPT.lnk
[2012/04/15 15:29:19 | 000,000,865 | ---- | C] () -- C:\Users\Christian\Desktop\ERUNT.lnk
[2012/04/15 15:10:08 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/04/15 15:10:08 | 000,001,979 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/04/15 13:09:32 | 000,007,368 | ---- | C] () -- C:\Users\Christian\Documents\cc_20120415_130929.reg
[2012/04/15 10:16:51 | 000,000,772 | ---- | C] () -- C:\Windows\wininit.ini
[2012/04/15 09:59:27 | 000,001,258 | ---- | C] () -- C:\Users\Christian\Desktop\Spybot - Search & Destroy.lnk
[2012/04/14 12:09:50 | 000,001,138 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Badoo Desktop.lnk
[2012/04/14 12:09:50 | 000,001,008 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Badoo.Desktop.lnk
[2012/04/14 09:21:37 | 000,635,634 | ---- | C] () -- C:\Users\Christian\Desktop\4550251_xxl.jpg
[2012/04/14 00:29:40 | 000,453,815 | ---- | C] () -- C:\Users\Christian\Desktop\Oeuf__1_4b21145d94340.jpg
[2012/04/12 08:41:20 | 000,001,800 | ---- | C] () -- C:\Users\Christian\Desktop\Uniblue RegistryBooster.lnk
[2012/04/10 11:35:10 | 000,070,298 | ---- | C] () -- C:\Users\Christian\Desktop\bourricot-face.jpg
[2012/04/10 11:17:36 | 000,095,635 | ---- | C] () -- C:\Users\Christian\Desktop\dyn004_original_420_560_jpeg_2507134_8cf8f060964233b70c065f126d6d76fe.jpg
[2012/04/09 15:06:26 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/09 09:16:03 | 000,001,133 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/08 10:40:58 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3813990618-657574580-487364974-1000Core.job
[2012/04/07 06:20:29 | 000,004,096 | ---- | C] () -- C:\Users\Christian\AppData\Local\keyfile3.drm
[2012/04/05 23:55:13 | 000,001,013 | ---- | C] () -- C:\Users\Christian\Desktop\TubeMaster++.lnk
[2012/04/05 20:20:07 | 000,002,532 | ---- | C] () -- C:\Users\Christian\Documents\cc_20120405_202005.reg
[2012/04/02 22:56:21 | 000,271,360 | ---- | C] () -- C:\Users\Christian\Documents\Outlook.pst
[2012/04/02 13:42:04 | 000,000,608 | -HS- | C] () -- C:\Windows\SysNative\winzvprt5.sys
[2012/04/02 13:42:04 | 000,000,242 | ---- | C] () -- C:\Windows\SysNative\hppfaxprinter5.ini
[2012/04/02 13:39:54 | 000,000,994 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement OCR I.R.I.S..lnk
[2012/04/02 13:36:35 | 000,003,211 | ---- | C] () -- C:\Windows\SysNative\hppls1530.spf
[2012/03/31 11:47:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_wpdcomp_01_09_00.Wdf
[2012/03/31 11:47:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/03/31 11:47:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012/03/31 11:46:22 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012/03/30 15:07:50 | 000,000,306 | ---- | C] () -- C:\Windows\setup.iss
[2012/03/30 09:30:02 | 000,023,915 | ---- | C] () -- C:\Users\Christian\Documents\33.jpg
[2012/03/30 08:59:21 | 000,000,452 | ---- | C] () -- C:\Windows\tasks\FIXIOPCCleaner.job
[2012/03/29 22:05:55 | 000,000,363 | ---- | C] () -- C:\Users\Christian\Desktop\Ordinateur.lnk
[2012/03/29 20:13:26 | 000,000,268 | R--- | C] () -- C:\ProgramData\Smooth Strings
[2012/03/29 20:13:26 | 000,000,268 | R--- | C] () -- C:\Users\Christian\AppData\Roaming\Screen Savers
[2012/03/29 20:13:26 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/03/29 20:13:26 | 000,000,012 | R--- | C] () -- C:\ProgramData\StatusSheet
[2012/03/29 20:12:48 | 000,000,268 | R--- | C] () -- C:\ProgramData\Solid Colors
[2012/03/29 20:12:48 | 000,000,268 | R--- | C] () -- C:\ProgramData\SingleFiles
[2012/03/29 20:12:48 | 000,000,268 | R--- | C] () -- C:\Users\Christian\AppData\Roaming\Scripts Menu
[2012/03/29 20:12:48 | 000,000,268 | R--- | C] () -- C:\Users\Christian\AppData\Roaming\Screen Saver
[2012/03/29 20:12:48 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/03/29 20:12:48 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/03/29 20:12:48 | 000,000,012 | R--- | C] () -- C:\ProgramData\String Comparison
[2012/03/29 20:12:48 | 000,000,012 | R--- | C] () -- C:\ProgramData\StartupItems
[2012/03/29 16:58:45 | 000,001,492 | ---- | C] () -- C:\user.js
[2012/03/29 12:58:35 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForSUPERVISEUR-HP$.job
[2012/03/28 23:23:49 | 000,002,239 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/28 23:23:20 | 000,001,074 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/28 23:23:19 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/28 22:57:59 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2012/03/28 22:57:58 | 000,001,790 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/03/28 21:19:04 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/03/28 21:19:04 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/03/28 21:19:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2012/03/28 19:58:18 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2012/03/28 19:05:00 | 000,001,131 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/03/28 18:40:07 | 000,001,117 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Vista Start Menu.lnk
[2012/03/28 17:58:47 | 000,001,024 | ---- | C] () -- C:\Users\Christian\Desktop\Internet Explorer.lnk
[2012/03/28 17:56:38 | 000,001,453 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/28 17:51:33 | 000,001,459 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/03/28 17:51:11 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForChristian.job
[2012/03/28 16:46:15 | 000,000,290 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/03/28 16:46:15 | 000,000,272 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/03/28 16:43:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/12/29 10:25:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/12/29 10:21:04 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011/12/29 10:16:59 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/12/29 10:11:53 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/11/04 15:47:57 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011/09/06 13:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/08/17 23:43:18 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/08/09 18:30:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/08/09 18:30:02 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/08/09 18:30:02 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/08/09 18:23:26 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/08/09 17:58:38 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/06/10 04:17:36 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/03/17 23:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/06/25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

========== LOP Check ==========

[2012/03/28 22:30:00 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ACD Systems
[2012/03/31 21:09:38 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Anthropics
[2012/03/29 18:04:19 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Autodesk
[2012/04/02 22:21:36 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Epson
[2012/03/28 23:10:34 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\FIXIO PC Utilities
[2012/04/15 09:58:34 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\GetRightToGo
[2012/03/31 19:35:37 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Nikon
[2012/04/01 23:21:19 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Nokia
[2012/04/01 23:21:20 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Nokia Suite
[2012/03/28 23:47:55 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\OpenCandy
[2012/04/01 20:25:28 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\OpenOffice.org
[2012/04/01 23:24:47 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\PC Suite
[2012/03/28 23:47:57 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\pdfforge
[2012/03/28 18:29:36 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\RoboForm
[2012/03/28 21:02:36 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/03/28 17:51:42 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Synaptics
[2012/04/05 11:05:20 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Tracker Software
[2012/03/28 22:57:58 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Uniblue
[2012/04/15 08:46:59 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Vista Start Menu
[2012/03/31 11:32:02 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Vodafone
[2012/03/28 23:36:34 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Weecast
[2012/03/28 19:28:54 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\_MDLogs
[2012/04/08 10:45:00 | 000,000,922 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3813990618-657574580-487364974-1000Core.job
[2012/04/01 22:02:17 | 000,000,452 | ---- | M] () -- C:\Windows\Tasks\FIXIOPCCleaner.job
[2012/04/15 13:22:25 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2009/07/14 07:08:49 | 000,013,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CTFMON.EXE >
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

< MD5 for: EXPLORER.EXE >
[2011/11/04 23:57:32 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/11/04 23:57:32 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/11/04 23:57:32 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/11/04 23:57:32 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/11/04 23:57:32 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/11/04 23:57:32 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: IASTOR.SYS >
[2011/04/26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/04/26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_16d1c1de1eca8452\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/11/05 00:04:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/11/05 00:04:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/11/05 00:04:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/11/05 00:04:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2011/11/05 00:04:16 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/11/05 00:04:16 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/11/05 00:04:16 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/11/05 00:04:16 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2012/02/28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2010/11/21 05:24:28 | 001,236,992 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msxml3.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< End of report >

de **superviseur55** » 15 04 2012

Error: Unable to interpret <%SYSTEMDRIVE%\*.exe> in the current context!
Error: Unable to interpret </md5start> in the current context!
Error: Unable to interpret <ctfmon.exe> in the current context!
Error: Unable to interpret <explorer.exe> in the current context!
Error: Unable to interpret <userinit.exe> in the current context!
Error: Unable to interpret <wininit.exe> in the current context!
Error: Unable to interpret <winlogon.exe> in the current context!
Error: Unable to interpret <eventlog.dll> in the current context!
Error: Unable to interpret <scecli.dll> in the current context!
Error: Unable to interpret <netlogon.dll> in the current context!
Error: Unable to interpret <cngaudit.dll> in the current context!
Error: Unable to interpret <sceclt.dll> in the current context!
Error: Unable to interpret <ntelogon.dll> in the current context!
Error: Unable to interpret <logevent.dll> in the current context!
Error: Unable to interpret <iaStor.sys> in the current context!
Error: Unable to interpret <nvstor.sys> in the current context!
Error: Unable to interpret <atapi.sys> in the current context!
Error: Unable to interpret <IdeChnDr.sys> in the current context!
Error: Unable to interpret <viasraid.sys> in the current context!
Error: Unable to interpret <AGP440.sys> in the current context!
Error: Unable to interpret <vaxscsi.sys> in the current context!
Error: Unable to interpret <nvatabus.sys> in the current context!
Error: Unable to interpret <viamraid.sys> in the current context!
Error: Unable to interpret <nvata.sys> in the current context!
Error: Unable to interpret <nvgts.sys> in the current context!
Error: Unable to interpret <iastorv.sys> in the current context!
Error: Unable to interpret <ViPrt.sys> in the current context!
Error: Unable to interpret <eNetHook.dll> in the current context!
Error: Unable to interpret <ahcix86.sys> in the current context!
Error: Unable to interpret <KR10N.sys> in the current context!
Error: Unable to interpret <nvstor32.sys> in the current context!
Error: Unable to interpret <ahcix86s.sys> in the current context!
Error: Unable to interpret <nvrd32.sys> in the current context!
Error: Unable to interpret </md5stop> in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles> in the current context!
Error: Unable to interpret <%systemroot%\Tasks\*.job /lockedfiles> in the current context!

OTL by OldTimer - Version 3.2.39.2 log created on 04152012_160913

de **superviseur55** » 15 04 2012

# AdwCleaner v1.600 - Rapport créé le 15/04/2012 à 16:24:07
# Mis à jour le 15/04/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Christian - SUPERVISEUR-HP
# Exécuté depuis : C:\Users\Christian\Downloads\adwcleaner.exe
# Option [Recherche]

***** [Services] *****

***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Users\Christian\AppData\Local\Conduit
Dossier Présent : C:\Users\Christian\AppData\Local\Software
Dossier Présent : C:\Users\Christian\AppData\LocalLow\Conduit
Dossier Présent : C:\Users\Christian\AppData\LocalLow\PriceGong
Dossier Présent : C:\Users\Christian\AppData\Roaming\GetRightToGo
Dossier Présent : C:\Users\Christian\AppData\Roaming\OpenCandy
Dossier Présent : C:\Users\Christian\AppData\Roaming\pdfforge
Dossier Présent : C:\ProgramData\Software
Dossier Présent : C:\Program Files (x86)\BrowserCompanion
Dossier Présent : C:\Program Files (x86)\Conduit
Dossier Présent : C:\Program Files (x86)\Software

***** [H. Navipromo] *****

***** [Registre] *****

Clé Présente : HKCU\Software\BrowserCompanion
Clé Présente : HKCU\Software\Softonic
Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
Clé Présente : HKCU\Software\AppDataLow\Software\PriceGong
Clé Présente : HKLM\SOFTWARE\Conduit
Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
[x64] Clé Présente : HKCU\Software\BrowserCompanion
[x64] Clé Présente : HKCU\Software\Softonic
[x64] Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
[x64] Clé Présente : HKCU\Software\AppDataLow\Software\PriceGong
[x64] Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

***** [Registre - GUID] *****

Clé Présente : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{64C54209-175C-454D-9291-AC46D4D952CF}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
[x64] Clé Présente : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[x64] Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

## Fichier : C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [2990 octets] - [15/04/2012 16:24:07]

########## EOF - C:\AdwCleaner[R1].txt - [3118 octets] ##########

de **nickW** » 16 04 2012

Bonsoir

Il existe des gens qui disent bonjour;
Il existe des gens qui disent au revoir;
Il existe des gens qui disent s'il vous plaît et merci;
Il existe des gens qui savent décrire leur config et leur problème;

Il existe aussi, malheureusement, d'autres gens.

Salut

Assiste.Forums

Demandes d'étude de rapport d'analyse

Demandes d'étude de rapport d'analyse

Re: Demandes d'étude de rapport d'analyse

Re: Demandes d'étude de rapport d'analyse

Re: Demandes d'étude de rapport d'analyse

Re: Demandes d'étude de rapport d'analyse

Re: Demandes d'étude de rapport d'analyse

Re: Demandes d'étude de rapport d'analyse

Qui est en ligne