SOSVirus : Dépannage PC Gratuit Forums Aide à la désinfection – Forum Virus Sécurité Aider moi a trouver une solution pour désinfecter mon flash

15 sujets de 1 à 15 (sur un total de 22)
  • Auteur
    Messages
  • kazanastra
    Nombre d'articles : 0

    Bonsoir,
    J’ai placé mon flash disque sur un autre PC. Depuis, quand j’enregistre des fichiers sur disque amovible quelqu’un se transforme en d’autre fichiers nommé par des symboles et de date de création bizarres (exp:01/09/ 2051) . Je ne sait pas si c’est un virus car les antivirus ne le détectent pas (ni avast ni kasperski ni bitdefendre). Je croit même qu’il infecté mon PC puisque désormais, n’importe quel flash disque que je branche présente les mêmes symptôme !
    Merci de m’indiquer comment régler ce problème
    j ai essayé avec d’autre flashs et d’autre pcs , le meme probleme , il parait que le flash infect les pcs , les pcs infectent les flashs , moi je l’utilise pour enregistrer des musiques , il y a des dossiers la plus par du temps s’enregistre sans aucun prob , mais d’autre quand j’enlève le flash et j l’ouvrir je les trouve vides ou des musiques sans supprimer et d’autre sons répéter plusieurs fois ou ne s’ouvrent pas ou ils sons remplacés par des fichiers (je les trouve pas mnt quand j enregistre un dossier soit j le trouve vide ou remplier par quelque musique qui sont pas de ce dossier originalmais je pense comme ça U¬U¬.lfm la date:06/01/2051) par fois je peux les effacer par fois nn
    merci ..

    Anonyme
    Nombre d'articles : 0

    Hello ,

    :welcome:

    C’est toi qui vient du forum Comment ça marche.net :)

    Je colle ton lien de discussion là-bas pour les autres Helper : http://www.commentcamarche.net/forum/affich-28600434-aider-moi-a-trouver-une-solution-pour-desinfecter-mon-flash#top” onclick=”window.open(this.href);return false;

    Ils sont étranges ces symptômes. Mais c’est pas la première fois que j’en entend parler.

    Relance UsbFix avec les flash disk “infectés” connecté , choisi l’option Listing.

    Fais moi ensuite parvenir le rapport dans ta prochaine réponse en utilisant le BBCode Spoiler stp ;)

    @ Te lire

    kazanastra
    Nombre d'articles : 0

    saluut ouii oui c’est moi , en fait merci bien et je veux dire que mon pc s’arrête parfois (écran bleu écriture blanche)
    [spoiler:1a98ba40]############################## | UsbFix V 7.133 | [Listing]

    Utilisateur: Administrateur (Administrateur) # USER-TOSH
    Mis à jour le 27/08/2013 par El Desaparecido
    Lancé à 00:42:37 | 05/09/2013

    Site Web: https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: https://www.sosvirus.net/viewtopic.php?f=6&t=489” onclick=”window.open(this.href);return false;
    Contact: eldesaparecido@sosvirus.net

    PC: TOSHIBA (Satellite c855) (x64-based PC)
    CPU: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz (2500)
    RAM -> [Total : 6104 | Free : 3341]
    BIOS: InsydeH2O Version 03.72.011.50
    BOOT: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
    WB: Windows Internet Explorer 10.0.9200.16660

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: Kaspersky Anti-Virus [Enabled | (!) Outdated]
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 450 Go (325 Go libre(s) – 72%) [] # NTFS
    D: -> CD-ROM
    F: -> Disque amovible # 4 Go (2 Go libre(s) – 57%) [] # FAT32

    ################## | Listing |

    [19/05/2013 – 00:36:11 | SHD ] C:$Recycle.Bin
    [01/09/2013 – 07:32:28 | D ] C:AdwCleaner
    [26/08/2013 – 22:34:51 | RASHD ] C:Autorun.inf
    [28/08/2013 – 18:41:46 | A | 2691] C:bdlog.txt
    [15/03/2012 – 20:26:46 | SHD ] C:Boot
    [21/11/2010 – 04:23:51 | RASH | 383786] C:bootmgr
    [15/03/2012 – 20:26:49 | N | 8192] C:BOOTSECT.BAK
    [11/01/2013 – 14:17:16 | D ] C:c60592a295c769f4d1820b14e0f0d2
    [14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
    [19/05/2013 – 15:04:24 | D ] C:EasyPHP
    [04/09/2013 – 04:14:52 | ASH | 4800225280] C:hiberfil.sys
    [10/11/2012 – 08:25:46 | D ] C:IDE
    [07/04/2012 – 16:58:15 | D ] C:Intel
    [10/11/2012 – 08:24:40 | RHD ] C:MSOCache
    [04/09/2013 – 04:14:52 | ASH | 6400303104] C:pagefile.sys
    [02/09/2013 – 17:55:08 | A | 512] C:PhysicalDisk0_MBR.bin
    [28/08/2013 – 02:27:54 | D ] C:Program Files
    [01/09/2013 – 12:54:21 | D ] C:Program Files (x86)
    [01/09/2013 – 12:54:22 | HD ] C:ProgramData
    [01/09/2013 – 16:27:10 | D ] C:Sounds
    [03/09/2013 – 18:59:02 | SHD ] C:System Volume Information
    [16/05/2013 – 09:44:46 | D ] C:temp
    [28/06/2012 – 11:12:04 | D ] C:Toshiba
    [05/09/2013 – 00:42:38 | D ] C:UsbFix
    [26/08/2013 – 22:33:21 | N | 12060] C:UsbFix [Clean 3] USER-TOSH.txt
    [26/08/2013 – 22:35:03 | N | 2944] C:UsbFix [Listing 1 ] USER-TOSH.txt
    [05/09/2013 – 00:42:38 | A | 2362] C:UsbFix [Listing 2 ] USER-TOSH.txt
    [25/08/2013 – 23:35:12 | N | 10964] C:UsbFix [Scan 1] USER-TOSH.txt
    [26/08/2013 – 22:21:47 | N | 10191] C:UsbFix [Scan 2] USER-TOSH.txt
    [28/08/2013 – 01:36:31 | A | 10853] C:UsbFix [Scan 5] USER-TOSH.txt
    [30/08/2013 – 02:24:24 | A | 9829] C:UsbFix [Scan 6] USER-TOSH.txt
    [19/05/2013 – 00:37:41 | D ] C:Users
    [04/09/2013 – 04:14:52 | D ] C:Windows
    [03/09/2013 – 00:51:52 | D ] C:ZHP
    [19/04/2013 – 12:52:02 | A | 3332838] F:Project X soundtrack – Beamer Benz Or Bentley.mp3
    [19/06/2013 – 14:20:10 | A | 3438289] F:YP Bitches Money Weed (BMW).mp3
    [21/01/2013 – 21:13:58 | D ] F:lil wayn
    [01/09/2013 – 14:51:50 | D ] F:Booba
    [20/08/2013 – 11:32:34 | D ] F:la fouine
    [01/09/2013 – 17:28:44 | D ] F:emino
    [02/05/2011 – 07:41:08 | A | 5113785] F:eminem – superman.mp3
    [20/08/2012 – 01:53:56 | A | 4489258] F:eminen_lose your self .mp3
    [26/12/2012 – 02:08:54 | A | 2778741] F:SEFYU – MOLOTOV 4.mp3
    [01/01/2013 – 05:14:20 | A | 3621230] F:Sefyu – Turbo.mp3
    [27/02/2012 – 12:52:50 | A | 4619316] F:Wiz Khalifa – Black And Yellow [G-Mix] ft. Snoop Dogg, Juicy J T-Pain – YouTube.flv.MP3
    [19/08/2013 – 15:17:12 | D ] F:best of trance
    [01/09/2013 – 17:41:58 | D ] F:deep
    [06/11/2012 – 23:18:34 | A | 3245442] F:Lee Foss & MK feat. Anabel Englund – Electricity.mp3
    [20/03/2013 – 23:12:14 | A | 3349138] F:Lana Del Rey – Summertime Sadness (Lee Foss & MK Remix).mp3
    [03/09/2012 – 23:39:48 | A | 4524293] F:Phonique- Our Time Our Chance (feat. Ian Whitelaw) (Official music video).mp3
    [31/05/2013 – 00:41:54 | A | 7677088] F:Tennis – Make It Good (Larry Heard Vocal Remix).mp3
    [20/10/2012 – 16:12:10 | A | 5726014] F:Otto Knows – Million Voices (Original Mix) FULL VERSION.mp3
    [24/12/2010 – 18:15:36 | A | 6141649] F:Yeah Yeah Yeahs – Heads Will Roll (A-Trak Remix) [BO Projet X HQ].mp3
    [23/08/2012 – 02:27:04 | A | 6175335] F:Phonique – Feel What You Want Feat. Rebecca.mp3
    [01/10/2012 – 00:16:46 | A | 9059297] F:Top 10 Female Vocal Trance.mp3
    [01/09/2013 – 17:39:00 | A | 0] F:ABOVE&~1.MP3

    ################## | E.O.F |[/spoiler:1a98ba40]

    Anonyme
    Nombre d'articles : 0

    Hello ,

    C’est plutôt étrange ton affaire ;(

    J’ai placé mon flash disque sur un autre PC. Depuis, quand j’enregistre des fichiers sur disque amovible quelqu’un se transforme en d’autre fichiers nommé par des symboles et de date de création bizarres (exp:01/09/ 2051) .

    Quand je regarde les fichiers et dossier contenu dans le lecteur F on a :

    [19/04/2013 – 12:52:02 | A | 3332838] F:Project X soundtrack – Beamer Benz Or Bentley.mp3
    [19/06/2013 – 14:20:10 | A | 3438289] F:YP Bitches Money Weed (BMW).mp3
    [21/01/2013 – 21:13:58 | D ] F:lil wayn
    [01/09/2013 – 14:51:50 | D ] F:Booba
    [20/08/2013 – 11:32:34 | D ] F:la fouine
    [01/09/2013 – 17:28:44 | D ] F:emino
    [02/05/2011 – 07:41:08 | A | 5113785] F:eminem – superman.mp3
    [20/08/2012 – 01:53:56 | A | 4489258] F:eminen_lose your self .mp3
    [26/12/2012 – 02:08:54 | A | 2778741] F:SEFYU – MOLOTOV 4.mp3
    [01/01/2013 – 05:14:20 | A | 3621230] F:Sefyu – Turbo.mp3
    [27/02/2012 – 12:52:50 | A | 4619316] F:Wiz Khalifa – Black And Yellow [G-Mix] ft. Snoop Dogg, Juicy J T-Pain – YouTube.flv.MP3
    [19/08/2013 – 15:17:12 | D ] F:best of trance
    [01/09/2013 – 17:41:58 | D ] F:deep
    [06/11/2012 – 23:18:34 | A | 3245442] F:Lee Foss & MK feat. Anabel Englund – Electricity.mp3
    [20/03/2013 – 23:12:14 | A | 3349138] F:Lana Del Rey – Summertime Sadness (Lee Foss & MK Remix).mp3
    [03/09/2012 – 23:39:48 | A | 4524293] F:Phonique- Our Time Our Chance (feat. Ian Whitelaw) (Official music video).mp3
    [31/05/2013 – 00:41:54 | A | 7677088] F:Tennis – Make It Good (Larry Heard Vocal Remix).mp3
    [20/10/2012 – 16:12:10 | A | 5726014] F:Otto Knows – Million Voices (Original Mix) FULL VERSION.mp3
    [24/12/2010 – 18:15:36 | A | 6141649] F:Yeah Yeah Yeahs – Heads Will Roll (A-Trak Remix) [BO Projet X HQ].mp3
    [23/08/2012 – 02:27:04 | A | 6175335] F:Phonique – Feel What You Want Feat. Rebecca.mp3
    [01/10/2012 – 00:16:46 | A | 9059297] F:Top 10 Female Vocal Trance.mp3
    [01/09/2013 – 17:39:00 | A | 0] F:ABOVE&~1.MP3

    Donc toi tu ne vois pas ces fichiers et dossiers ?

    Si c’est bien ça , va dans menu démarrer -> ordinateur -> clic sur le disque F pour l’ouvrir. Ensuite fais une capture du contenu.

    Fais moi parvenir cette capture via SosUpload : https://antimalware.top/” onclick=”window.open(this.href);return false;
    Ensuite fais un clic droit sur l’un de ces fichiers “bizarre”, choisi propriété , fais une capture de l’onglet général et de l’onglet détails. Transmet moi également ces deux captures via SosUpload :)

    @Te lire

    kazanastra
    Nombre d'articles : 0

    ouii ouii , voila ce dossier nrml il contient des musiques mais voila ce qu il contient ( je pense qu il y a d autres fichiers comme selui la mais j l ai effacer)
    https://antimalware.top/images/2013/09/06/Sans_titre4.png” onclick=”window.open(this.href);return false;
    https://antimalware.top/images/2013/09/06/Sans_titre3.png” onclick=”window.open(this.href);return false;
    https://antimalware.top/images/2013/09/06/Sans_titre2.png” onclick=”window.open(this.href);return false;
    @ +

    Anonyme
    Nombre d'articles : 0

    Hello ,

    Milles excuses, je n’avais pas vu que tu avais répondu :(

    Je vais demander l’avis d’un autre helper Evasion60 :)

    @ plus tard.

    Evasion60
    Participant
    Nombre d'articles : 1559

    :hello: Bonjour

    A la lecture des deux sujets, ici SoSVirus & CCM :
    Je pense que c’est le PC qui réinjecte des infections sur ton disque dur USB !

    /! Peux-tu me confirmer, comme tu as écrit =>

    J’ai formaté mon disque dur USB, et cela est revenu

    Branche ton disque dur USB, sans l’ouvrir

    Passe cet outil =>

    • Télécharge OTL (by OldTimer) sur ton bureau.
      ~ Comment Télécharger sur son Bureau ?

    • Lance OTL, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche les cases suivantes :
      • Tous les utilisateurs
      • Recherche Lop
      • Recherche Purity
      • Avec Analyses 64 bit Uniquement pour les systèmes en 64 bit

    • Copie et colle le Script dans le lien ci dessous dans la partie inférieure d’OTL “Personnalisation”

      [glow=red:3osqp121]~ Le Script à copier est[/glow:3osqp121] >> ici <<

    • Clique sur Analyse

    • Une fois le scan terminé 1 ou 2 rapports vont s’ouvrir OTL.txt et Extras.txt.
    • Héberge les rapports OTL.txt et Extras.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

      Note : Au cas où, tu peux les retrouver dans le dossier C:OTL ou sur ton bureau en fonction des cas rencontrés

    Reviens avec une réponse à ma question & les deux rapports demandés avec OTL ;)

    kazanastra
    Nombre d'articles : 0

    merci bien , sosupload ne peux pas heberger mes rapports …
    https://forums-fec.be/upload/www/?a=d&i=6893683567” onclick=”window.open(this.href);return false;
    https://forums-fec.be/upload/www/?a=d&i=7668009952” onclick=”window.open(this.href);return false;
    @ +

    Evasion60
    Participant
    Nombre d'articles : 1559

    :hello: Bonjour kazanastra

    Toutes mes excuses pour ce retard de réponse
    J’ai oublié de basculer ton sujet à mon pseudo, donc une notification eMail que je n’ai pas vu/lu !

    Je regarde tes deux logs OTL dans la journée ;)

    Evasion60
    Participant
    Nombre d'articles : 1559

    :hello: Re

    /! Pas du tout évident, car nbreux inutiles, mais pas vraiment d’infections !
    Par contre, il y a des erreurs disque dur

    • Lance OTL, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche les cases suivantes :
      • Tous les utilisateurs
      • Rapport minimal

    • Copie et colle le Script Helper dans la partie inférieure d’OTL “Personnalisation”
      :OTL
      IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Secondary Start Pages = Reg Error: Value error.
      IE - HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC => Toolbar.Bing
      FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:windowssystem32MacromedFlashNPSWF64_11_7_700_224.dll File not found
      FF - HKLMSoftwareMozillaPlugins@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegisteredNP_wtapp.dll () => WildTangent Games
      O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) => Toolbar.Google
      O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll File not found
      O3 - HKLM..Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll File not found
      O4 - HKUS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe File not found
      O4 - HKUS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe File not found
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:windowssystem32GPhotos.scr/200 File not found
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      [2013/08/28 02:27:54 | 000,000,000 | ---D | C] -- C:Program FilesBitdefender
      [2013/08/28 02:17:27 | 000,000,000 | ---D | C] -- C:Program FilesCommon FilesBitdefender
      [2013/09/10 22:59:02 | 000,000,964 | ---- | M] () -- C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500UA.job => Facebook Update Task User
      [2013/09/10 22:46:00 | 000,000,924 | ---- | M] () -- C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000UA.job => Facebook Update Task User
      [2013/09/10 19:59:01 | 000,000,942 | ---- | M] () -- C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500Core.job => Facebook Update Task User
      [2013/09/10 19:46:00 | 000,000,902 | ---- | M] () -- C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000Core.job => Facebook Update Task User
      [2013/08/27 01:23:47 | 000,005,120 | -HS- | M] () -- C:windowssystem32configsystemprofileNtUser.dat.LOG1 => Fichiers de rapport (Log)
      [2013/08/27 01:23:47 | 000,000,000 | -HS- | M] () -- C:windowssystem32configsystemprofileNtUser.dat.LOG2 => Fichiers de rapport (Log)
      [2013/09/01 08:53:59 | 000,118,378 | ---- | M] () -- C:windowsServiceProfilesNetworkServiceAppDataLocalTempMpCmdRun.log => Fichiers de rapport (Log)
      [2012/11/30 19:41:37 | 000,000,902 | ---- | C] () -- C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000Core.job => Facebook Update Task User
      [2012/11/30 19:41:38 | 000,000,924 | ---- | C] () -- C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000UA.job => Facebook Update Task User
      [2013/06/09 19:54:14 | 000,000,942 | ---- | C] () -- C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500Core.job => Facebook Update Task User
      [2013/06/09 19:54:15 | 000,000,964 | ---- | C] () -- C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500UA.job => Facebook Update Task User
      CLSID{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
      "{4DABD610-3B48-4571-A458-6828314BC363}" = protocol=17 | dir=in | app=c:program files (x86)goforfilesgoforfilesdl.exe | => Peer2Peer.GoforFiles
      "{5FA31665-3E66-4220-85A5-0C9BA627A14D}" = protocol=6 | dir=in | app=c:program files (x86)goforfilesgoforfilesdl.exe | => Peer2Peer.GoforFiles
      "{AA963096-F3BC-4368-BAA0-7E239935E4A4}" = protocol=6 | dir=in | app=c:program files (x86)utorrentutorrent.exe | => P2P.µTorrent*
      "{AEF5129C-0FC3-4689-B079-5A405AE5F8F2}" = protocol=17 | dir=in | app=c:program files (x86)utorrentutorrent.exe | => P2P.µTorrent*
      "{C6D80F91-5525-40DC-A9DA-CE1E2178ED30}" = protocol=6 | dir=in | app=c:program files (x86)utorrentutorrent.exe | => P2P.µTorrent*
      "{C9C9FB32-734D-43F5-A330-24F763A9F2A0}" = protocol=17 | dir=in | app=c:program files (x86)utorrentutorrent.exe | => P2P.µTorrent*
      "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java 6 Update 30 => Oracle
      :Commands
      [emptytemp]
      [emptyflash]
      [purity]
      [reboot]
      [resethost]
      [CREATERESTOREPOINT]

    • Clique sur Correction

    • OTL peut te demander de redémarrer, si c’est le cas fait le immédiatement !
    • Une fois le scan terminé 1 rapport va s’ouvrir ¤¤¤¤¤¤¤¤¤¤¤.log.
    • Copie et colle le contenu du rapport sur le forum.

      Note : Au cas où, tu peux les retrouver dans le dossier C:OTL ou sur ton bureau en fonction des cas rencontrés

    A te lire avec son rapport ;)

    kazanastra
    Nombre d'articles : 0

    OTL logfile created on: 10/09/2013 23:59:08 – Run 1
    OTL by OldTimer – Version 3.2.69.0 Folder = C:UsersAdministrateurDesktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) – Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16660)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    5,96 Gb Total Physical Memory | 3,15 Gb Available Physical Memory | 52,90% Memory free
    11,92 Gb Paging File | 8,05 Gb Available in Paging File | 67,50% Paging File free
    Paging file location(s): ?:pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:windows | %ProgramFiles% = C:Program Files (x86)
    Drive C: | 449,65 Gb Total Space | 324,07 Gb Free Space | 72,07% Space Free | Partition Type: NTFS
    Drive F: | 3,90 Gb Total Space | 0,79 Gb Free Space | 20,16% Space Free | Partition Type: FAT32

    Computer Name: USER-TOSH | User Name: Administrateur | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC – File not found —
    PRC – [2013/09/09 14:31:56 | 000,602,112 | —- | M] (OldTimer Tools) — C:UsersAdministrateurDesktopOTL.exe
    PRC – [2013/09/02 21:35:59 | 000,829,392 | —- | M] (Google Inc.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    PRC – [2013/08/30 03:41:32 | 000,356,376 | —- | M] (Kaspersky Lab ZAO) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013avp.exe
    PRC – [2013/07/13 04:47:29 | 000,217,992 | —- | M] (Google Inc.) — C:Program Files (x86)GoogleUpdate1.3.21.153GoogleCrashHandler.exe
    PRC – [2013/04/04 14:50:32 | 000,701,512 | —- | M] (Malwarebytes Corporation) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe
    PRC – [2013/04/04 14:50:32 | 000,532,040 | —- | M] (Malwarebytes Corporation) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe
    PRC – [2013/04/04 14:50:32 | 000,418,376 | —- | M] (Malwarebytes Corporation) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamscheduler.exe
    PRC – [2013/02/26 02:28:44 | 000,357,456 | —- | M] (VMware, Inc.) — C:WindowsSysWOW64vmnetdhcp.exe
    PRC – [2013/02/26 02:28:26 | 000,436,304 | —- | M] (VMware, Inc.) — C:WindowsSysWOW64vmnat.exe
    PRC – [2013/02/26 01:30:42 | 000,087,120 | —- | M] (VMware, Inc.) — C:Program Files (x86)VMwareVMware Playervmware-authd.exe
    PRC – [2012/10/23 18:42:06 | 000,347,120 | —- | M] () — C:Program Files (x86)InternetEverywhereInternetEverywhere_Service.exe
    PRC – [2012/10/23 18:41:44 | 001,739,760 | —- | M] () — C:Program Files (x86)InternetEverywhereInternetEverywhere.exe
    PRC – [2012/10/23 18:41:41 | 000,637,936 | —- | M] () — C:Program Files (x86)InternetEverywhereInternetEverywhere_Launcher.exe
    PRC – [2012/02/05 05:41:10 | 000,231,328 | —- | M] (TOSHIBA CORPORATION) — C:Program Files (x86)TOSHIBABluetooth Toshiba StackTosLeSrvUseMng.exe
    PRC – [2012/02/05 05:40:56 | 000,219,048 | —- | M] (TOSHIBA CORPORATION) — C:Program Files (x86)TOSHIBABluetooth Toshiba StackTosLeSrvProvider.exe
    PRC – [2012/02/04 21:47:54 | 000,251,808 | —- | M] (TOSHIBA CORPORATION) — C:Program Files (x86)TOSHIBABluetooth Toshiba StackTosLeBtMng.exe
    PRC – [2012/02/04 21:16:54 | 002,824,104 | —- | M] (TOSHIBA CORPORATION.) — C:Program Files (x86)TOSHIBABluetooth Toshiba StackTosBtMng.exe
    PRC – [2012/01/21 00:29:26 | 000,277,784 | —- | M] (Intel Corporation) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    PRC – [2011/11/04 14:40:06 | 000,687,400 | —- | M] (Nero AG) — C:Program Files (x86)NeroUpdateNASvc.exe
    PRC – [2011/08/08 21:43:00 | 000,690,072 | —- | M] (TOSHIBA CORPORATION.) — C:Program Files (x86)TOSHIBABluetooth Toshiba StackTosA2dp.exe
    PRC – [2011/08/08 21:36:00 | 000,087,960 | —- | M] (TOSHIBA CORPORATION.) — C:Program Files (x86)TOSHIBABluetooth Toshiba StackTosBtHid.exe
    PRC – [2011/06/06 12:55:28 | 000,064,952 | —- | M] (Adobe Systems Incorporated) — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    PRC – [2011/03/14 16:27:28 | 000,236,384 | —- | M] (Huawei Technologies Co., Ltd.) — C:ProgramDataDatacardServiceDCSHelper.exe
    PRC – [2011/02/03 23:18:00 | 000,742,800 | —- | M] (TOSHIBA CORPORATION.) — C:Program Files (x86)TOSHIBABluetooth Toshiba StackTosAVRC.exe
    PRC – [2010/11/21 04:25:10 | 000,164,864 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Windows Media Playerwmplayer.exe
    PRC – [2010/09/07 00:18:00 | 000,746,384 | —- | M] (TOSHIBA CORPORATION.) — C:Program Files (x86)TOSHIBABluetooth Toshiba StackTosBtHSP.exe

    ========== Modules (No Company Name) ==========

    MOD – [2013/09/02 21:35:56 | 000,410,576 | —- | M] () — C:Program Files (x86)GoogleChromeApplication29.0.1547.66ppgooglenaclpluginchrome.dll
    MOD – [2013/09/02 21:35:55 | 013,599,184 | —- | M] () — C:Program Files (x86)GoogleChromeApplication29.0.1547.66PepperFlashpepflashplayer.dll
    MOD – [2013/09/02 21:35:54 | 004,053,456 | —- | M] () — C:Program Files (x86)GoogleChromeApplication29.0.1547.66pdf.dll
    MOD – [2013/09/02 21:35:04 | 000,709,584 | —- | M] () — C:Program Files (x86)GoogleChromeApplication29.0.1547.66libglesv2.dll
    MOD – [2013/09/02 21:35:03 | 000,099,792 | —- | M] () — C:Program Files (x86)GoogleChromeApplication29.0.1547.66libegl.dll
    MOD – [2013/09/02 21:35:01 | 001,604,560 | —- | M] () — C:Program Files (x86)GoogleChromeApplication29.0.1547.66ffmpegsumo.dll
    MOD – [2012/10/23 18:41:44 | 001,739,760 | —- | M] () — C:Program Files (x86)InternetEverywhereInternetEverywhere.exe
    MOD – [2012/10/23 18:41:41 | 000,637,936 | —- | M] () — C:Program Files (x86)InternetEverywhereInternetEverywhere_Launcher.exe
    MOD – [2012/10/23 18:40:44 | 000,249,344 | —- | M] () — C:Program Files (x86)InternetEverywhereWtgMobileBroadband7.dll
    MOD – [2012/10/23 18:38:48 | 000,606,208 | —- | M] () — C:Program Files (x86)InternetEverywhereWtgCore.dll
    MOD – [2012/10/23 18:38:04 | 000,204,800 | —- | M] () — C:Program Files (x86)InternetEverywhereLiveBoxCM.dll
    MOD – [2012/10/23 18:37:38 | 000,073,728 | —- | M] () — C:Program Files (x86)InternetEverywhereWtgDriverInstall.dll
    MOD – [2012/10/23 18:37:27 | 000,376,832 | —- | M] () — C:Program Files (x86)InternetEverywhereWTGSMSPCClient.dll
    MOD – [2012/10/23 18:37:18 | 000,139,264 | —- | M] () — C:Program Files (x86)InternetEverywhereWtgBluetooth.dll
    MOD – [2012/10/23 18:37:10 | 000,212,992 | —- | M] () — C:Program Files (x86)InternetEverywhereWtgDetection.dll
    MOD – [2012/10/23 18:36:57 | 000,126,976 | —- | M] () — C:Program Files (x86)InternetEverywhereWtgWiFi.dll
    MOD – [2012/10/23 18:36:46 | 000,081,920 | —- | M] () — C:Program Files (x86)InternetEverywhereWtgDialup.dll
    MOD – [2012/10/23 18:36:29 | 000,102,400 | —- | M] () — C:Program Files (x86)InternetEverywhereWtgDatabase.dll
    MOD – [2012/10/23 18:36:22 | 000,159,744 | —- | M] () — C:Program Files (x86)InternetEverywhereWtgPorts.dll
    MOD – [2012/10/23 18:36:16 | 000,106,496 | —- | M] () — C:Program Files (x86)InternetEverywhereWtgUtil.dll
    MOD – [2012/10/23 18:35:54 | 000,602,112 | —- | M] () — C:Program Files (x86)InternetEverywhereWTGXMLUtil.dll
    MOD – [2012/08/17 21:40:16 | 000,068,024 | —- | M] () — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013QtWebKitqmlwebkitplugin4.dll
    MOD – [2012/08/17 21:38:56 | 000,479,160 | —- | M] () — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013dblite.dll
    MOD – [2012/01/25 18:57:12 | 000,172,032 | —- | M] () — C:Program Files (x86)TOSHIBABluetooth Toshiba StackTosGatt.dll
    MOD – [2011/11/10 08:48:48 | 001,105,920 | —- | M] () — C:Program Files (x86)InternetEverywhereNDISAPI.dll
    MOD – [2007/02/27 19:44:00 | 000,823,296 | —- | M] () — C:Program Files (x86)InternetEverywherelibeay32.dll

    ========== Services (SafeList) ==========

    SRV:64bit: – [2013/05/27 06:50:47 | 001,011,712 | —- | M] (Microsoft Corporation) [Auto | Running] — C:Program FilesWindows DefenderMpSvc.dll — (WinDefend)
    SRV:64bit: – [2012/01/20 12:27:28 | 000,235,520 | —- | M] (AMD) [Auto | Running] — C:WindowsSysNativeatiesrxx.exe — (AMD External Events Utility)
    SRV:64bit: – [2011/12/16 07:16:48 | 000,583,088 | —- | M] (TOSHIBA Corporation) [Auto | Running] — C:Program FilesTOSHIBAPower SaverTosCoSrv.exe — (TosCoSrv)
    SRV:64bit: – [2011/12/14 23:11:38 | 000,833,976 | —- | M] (TOSHIBA Corporation) [On_Demand | Running] — C:Program FilesTOSHIBATPHMTPCHSrv.exe — (TPCHSrv)
    SRV:64bit: – [2011/11/26 02:52:36 | 000,138,152 | —- | M] (TOSHIBA Corporation) [On_Demand | Running] — C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe — (TOSHIBA HDD SSD Alert Service)
    SRV:64bit: – [2011/11/24 21:20:38 | 000,294,848 | —- | M] (TOSHIBA Corporation) [Auto | Running] — C:Program FilesTOSHIBATECOTecoService.exe — (TOSHIBA eco Utility Service)
    SRV:64bit: – [2010/10/20 22:41:00 | 000,138,656 | —- | M] (TOSHIBA Corporation) [Auto | Running] — C:WindowsSysNativeTODDSrv.exe — (TODDSrv)
    SRV:64bit: – [2010/09/22 18:10:10 | 000,057,184 | —- | M] (Microsoft Corporation) [Disabled | Stopped] — C:Program FilesWindows LiveMeshwlcrasvc.exe — (wlcrasvc)
    SRV:64bit: – [2010/09/10 01:26:34 | 000,162,824 | —- | M] () [Auto | Running] — C:WindowsSysNativeGFNEXSrv.exe — (GFNEXSrv)
    SRV:64bit: – [2009/12/16 16:44:44 | 003,750,400 | —- | M] (SafeNet Inc.) [Auto | Running] — C:WindowsSysNativehasplms.exe — (hasplms)
    SRV – [2013/08/30 03:41:32 | 000,356,376 | —- | M] (Kaspersky Lab ZAO) [Auto | Running] — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013avp.exe — (AVP)
    SRV – [2013/04/04 14:50:32 | 000,701,512 | —- | M] (Malwarebytes Corporation) [Auto | Running] — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe — (MBAMService)
    SRV – [2013/04/04 14:50:32 | 000,418,376 | —- | M] (Malwarebytes Corporation) [Auto | Running] — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamscheduler.exe — (MBAMScheduler)
    SRV – [2013/02/26 02:28:44 | 000,357,456 | —- | M] (VMware, Inc.) [Auto | Running] — C:WindowsSysWOW64vmnetdhcp.exe — (VMnetDHCP)
    SRV – [2013/02/26 02:28:26 | 000,436,304 | —- | M] (VMware, Inc.) [Auto | Running] — C:WindowsSysWOW64vmnat.exe — (VMware NAT Service)
    SRV – [2013/02/26 01:30:42 | 000,087,120 | —- | M] (VMware, Inc.) [Auto | Running] — C:Program Files (x86)VMwareVMware Playervmware-authd.exe — (VMAuthdService)
    SRV – [2012/10/23 18:42:06 | 000,347,120 | —- | M] () [Auto | Running] — C:Program Files (x86)InternetEverywhereInternetEverywhere_Service.exe — (InternetEverywhere_Service)
    SRV – [2012/10/11 16:15:30 | 000,918,680 | —- | M] (VMware, Inc.) [Auto | Running] — C:Program Files (x86)Common FilesVMwareUSBvmware-usbarbitrator64.exe — (VMUSBArbService)
    SRV – [2012/07/13 13:28:36 | 000,160,944 | —- | M] (Skype Technologies) [Auto | Stopped] — C:Program Files (x86)SkypeUpdaterUpdater.exe — (SkypeUpdate)
    SRV – [2012/01/21 00:29:26 | 000,277,784 | —- | M] (Intel Corporation) [Auto | Running] — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe — (LMS)
    SRV – [2011/11/04 14:40:06 | 000,687,400 | —- | M] (Nero AG) [Auto | Running] — C:Program Files (x86)NeroUpdateNASvc.exe — (NAUpdate)
    SRV – [2011/07/12 01:16:06 | 000,057,216 | —- | M] (TOSHIBA Corporation) [On_Demand | Stopped] — C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe — (TMachInfo)
    SRV – [2011/06/06 12:55:28 | 000,064,952 | —- | M] (Adobe Systems Incorporated) [Auto | Running] — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe — (AdobeARMservice)
    SRV – [2011/04/02 01:42:00 | 000,198,064 | —- | M] (TOSHIBA CORPORATION) [On_Demand | Running] — C:Program Files (x86)TOSHIBABluetooth Toshiba StackTosBtSrv.exe — (TOSHIBA Bluetooth Service)
    SRV – [2011/03/14 16:27:34 | 000,346,976 | —- | M] () [Auto | Running] — C:ProgramDataDatacardServiceHWDeviceService64.exe — (HWDeviceService64.exe)
    SRV – [2011/02/10 09:25:36 | 000,112,080 | —- | M] (Toshiba Europe GmbH) [Auto | Running] — C:Program Files (x86)Toshiba TEMPROTemproSvc.exe — (TemproMonitoringService)
    SRV – [2010/10/12 18:59:12 | 000,206,072 | —- | M] (WildTangent, Inc.) [On_Demand | Stopped] — C:Program Files (x86)WildTangent GamesAppGamesAppService.exe — (GamesAppService)
    SRV – [2010/03/18 13:16:28 | 000,130,384 | —- | M] (Microsoft Corporation) [Auto | Stopped] — C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe — (clr_optimization_v4.0.30319_32)
    SRV – [2010/02/19 13:37:14 | 000,517,096 | —- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] — C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe — (SwitchBoard)
    SRV – [2009/06/10 22:23:09 | 000,066,384 | —- | M] (Microsoft Corporation) [Disabled | Stopped] — C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_32)

    ========== Driver Services (SafeList) ==========

    DRV:64bit: – [2013/08/30 04:22:17 | 000,178,448 | —- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] — C:WindowsSysNativedriverskneps.sys — (kneps)
    DRV:64bit: – [2013/08/30 04:22:17 | 000,054,368 | —- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] — C:WindowsSysNativedriverskltdi.sys — (kltdi)
    DRV:64bit: – [2013/08/30 04:22:17 | 000,029,528 | —- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversklmouflt.sys — (klmouflt)
    DRV:64bit: – [2013/08/30 04:22:16 | 000,620,128 | —- | M] (Kaspersky Lab ZAO) [File_System | System | Running] — C:WindowsSysNativedriversklif.sys — (KLIF)
    DRV:64bit: – [2013/08/30 04:22:16 | 000,029,016 | —- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversklkbdflt.sys — (klkbdflt)
    DRV:64bit: – [2013/04/30 09:51:09 | 000,040,616 | —- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriverstap0901.sys — (tap0901)
    DRV:64bit: – [2013/04/15 10:50:30 | 000,127,384 | —- | M] (Power Software Ltd) [Kernel | System | Running] — C:windowsSysNativedriversscdemu.sys — (SCDEmu)
    DRV:64bit: – [2013/04/04 14:50:32 | 000,025,928 | —- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] — C:WindowsSysNativedriversmbam.sys — (MBAMProtector)
    DRV:64bit: – [2013/02/26 02:28:48 | 000,067,664 | —- | M] (VMware, Inc.) [Kernel | Auto | Running] — C:WindowsSysNativedriversvmx86.sys — (vmx86)
    DRV:64bit: – [2013/02/26 02:28:14 | 000,030,800 | —- | M] (VMware, Inc.) [Kernel | Auto | Running] — C:WindowsSysNativedriversvmnetuserif.sys — (VMnetuserif)
    DRV:64bit: – [2013/02/26 02:27:48 | 000,045,720 | —- | M] (VMware, Inc.) [Kernel | Auto | Running] — C:WindowsSysNativedriversvmnetbridge.sys — (VMnetBridge)
    DRV:64bit: – [2013/02/26 02:27:44 | 000,033,360 | —- | M] (VMware, Inc.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversVMkbd.sys — (vmkbd2)
    DRV:64bit: – [2013/01/01 17:11:02 | 000,422,400 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversewusbwwan.sys — (ewusbmbb)
    DRV:64bit: – [2012/12/25 15:37:54 | 000,223,232 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversewusbmdm.sys — (hwdatacard)
    DRV:64bit: – [2012/12/25 15:37:54 | 000,117,248 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversew_hwusbdev.sys — (ew_hwusbdev)
    DRV:64bit: – [2012/12/25 15:37:54 | 000,098,304 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversew_jucdcacm.sys — (huawei_cdcacm)
    DRV:64bit: – [2012/12/25 15:37:54 | 000,087,040 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversew_jubusenum.sys — (huawei_enumerator)
    DRV:64bit: – [2012/12/25 15:37:54 | 000,072,192 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversew_jucdcecm.sys — (huawei_cdcecm)
    DRV:64bit: – [2012/12/25 15:37:54 | 000,028,672 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversew_juextctrl.sys — (huawei_ext_ctrl)
    DRV:64bit: – [2012/12/25 15:37:54 | 000,013,952 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversew_usbenumfilter.sys — (ew_usbenumfilter)
    DRV:64bit: – [2012/11/30 17:35:28 | 000,112,896 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversewsercd.sys — (ewsercd)
    DRV:64bit: – [2012/10/24 14:17:14 | 000,070,296 | —- | M] (VMware, Inc.) [Kernel | Boot | Running] — C:WindowsSysNativedriversvsock.sys — (vsock)
    DRV:64bit: – [2012/10/24 14:17:10 | 000,085,104 | —- | M] (VMware, Inc.) [Kernel | Boot | Running] — C:WindowsSysNativedriversvmci.sys — (vmci)
    DRV:64bit: – [2012/10/11 16:15:32 | 000,052,376 | —- | M] (VMware, Inc.) [Kernel | Auto | Running] — C:WindowsSysNativedrivershcmon.sys — (hcmon)
    DRV:64bit: – [2012/10/11 16:15:06 | 000,037,680 | —- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversvmusb.sys — (vmusb)
    DRV:64bit: – [2012/08/02 15:09:34 | 000,028,504 | —- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] — C:WindowsSysNativedriversklim6.sys — (KLIM6)
    DRV:64bit: – [2012/06/29 20:39:02 | 000,004,608 | —- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversvncmirror.sys — (vncmirror)
    DRV:64bit: – [2012/06/19 17:28:12 | 000,458,584 | —- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] — C:WindowsSysNativedriverskl1.sys — (kl1)
    DRV:64bit: – [2012/03/01 07:46:16 | 000,023,408 | —- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] — C:windowsSysNativedriversfs_rec.sys — (Fs_Rec)
    DRV:64bit: – [2012/01/30 22:14:00 | 000,304,696 | —- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] — C:WindowsSysNativedriverstosrfbd.sys — (tosrfbd)
    DRV:64bit: – [2012/01/20 12:53:32 | 010,731,520 | —- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversatikmdag.sys — (amdkmdag)
    DRV:64bit: – [2012/01/20 11:34:36 | 000,328,192 | —- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversatikmpag.sys — (amdkmdap)
    DRV:64bit: – [2012/01/17 01:20:38 | 001,082,472 | —- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversrtwlane.sys — (RTL8192Ce)
    DRV:64bit: – [2012/01/05 21:42:32 | 000,021,096 | —- | M] (Realtek Microelectronics) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversRtkBtfilter.sys — (RtkBtFilter)
    DRV:64bit: – [2012/01/05 11:58:50 | 000,786,200 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversiusb3xhc.sys — (iusb3xhc)
    DRV:64bit: – [2012/01/05 11:58:50 | 000,355,096 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversiusb3hub.sys — (iusb3hub)
    DRV:64bit: – [2012/01/05 11:58:50 | 000,016,152 | —- | M] (Intel Corporation) [Kernel | Boot | Running] — C:WindowsSysNativedriversiusb3hcs.sys — (iusb3hcs)
    DRV:64bit: – [2011/12/19 20:15:10 | 000,411,920 | —- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversSynTP.sys — (SynTP)
    DRV:64bit: – [2011/12/17 01:24:00 | 000,079,040 | —- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] — C:WindowsSysNativedriverstosrfusb.sys — (Tosrfusb)
    DRV:64bit: – [2011/12/01 11:42:44 | 000,072,240 | —- | M] (Nero AG) [Kernel | Boot | Running] — C:WindowsSysNativedriversNBVol.sys — (NBVol)
    DRV:64bit: – [2011/12/01 11:42:44 | 000,015,920 | —- | M] (Nero AG) [Kernel | Boot | Running] — C:WindowsSysNativedriversNBVolUp.sys — (NBVolUp)
    DRV:64bit: – [2011/11/30 03:40:32 | 000,568,600 | —- | M] (Intel Corporation) [Kernel | Boot | Running] — C:WindowsSysNativedriversiaStor.sys — (iaStor)
    DRV:64bit: – [2011/11/10 09:04:14 | 000,060,184 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversHECIx64.sys — (MEIx64)
    DRV:64bit: – [2011/10/17 20:40:50 | 000,093,712 | —- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversAtihdW76.sys — (AtiHDAudioService)
    DRV:64bit: – [2011/08/24 05:57:24 | 000,565,352 | —- | M] (Realtek ) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversRt64win7.sys — (RTL8167)
    DRV:64bit: – [2011/08/17 22:27:06 | 000,251,496 | —- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversRtsUStor.sys — (RSUSBSTOR)
    DRV:64bit: – [2011/03/18 23:03:18 | 000,482,384 | —- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] — C:WindowsSysNativedriverstos_sps64.sys — (tos_sps64)
    DRV:64bit: – [2011/03/11 07:41:12 | 000,107,904 | —- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversamdsata.sys — (amdsata)
    DRV:64bit: – [2011/03/11 07:41:12 | 000,027,008 | —- | M] (Advanced Micro Devices) [Kernel | Boot | Running] — C:WindowsSysNativedriversamdxata.sys — (amdxata)
    DRV:64bit: – [2011/02/09 03:07:00 | 000,038,096 | —- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversPGEffect.sys — (PGEffect)
    DRV:64bit: – [2010/11/29 19:47:00 | 000,082,224 | —- | M] (TOSHIBA Corporation) [Kernel | System | Running] — C:WindowsSysNativedriverstosrfcom.sys — (Tosrfcom)
    DRV:64bit: – [2010/11/21 04:24:33 | 000,059,392 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversTsUsbFlt.sys — (TsUsbFlt)
    DRV:64bit: – [2010/11/21 04:23:47 | 000,078,720 | —- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversHpSAMD.sys — (HpSAMD)
    DRV:64bit: – [2010/11/21 04:23:47 | 000,031,232 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversTsUsbGD.sys — (TsUsbGD)
    DRV:64bit: – [2010/11/11 18:27:00 | 000,050,864 | —- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriverstosrfbnp.sys — (tosrfbnp)
    DRV:64bit: – [2010/08/30 18:48:00 | 000,094,528 | —- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversTosrfhid.sys — (Tosrfhid)
    DRV:64bit: – [2010/06/19 00:45:00 | 000,018,872 | —- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriverstosrfec.sys — (tosrfec)
    DRV:64bit: – [2010/04/26 19:48:00 | 000,063,488 | —- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversTosRfSnd.sys — (TosRfSnd)
    DRV:64bit: – [2009/09/23 02:46:18 | 000,066,304 | —- | M] (Microsoft Corporation) [Kernel | System | Running] — C:WindowsSysNativedriversvpcnfltr.sys — (vpcnfltr)
    DRV:64bit: – [2009/09/23 02:46:17 | 000,359,552 | —- | M] (Microsoft Corporation) [Kernel | System | Running] — C:WindowsSysNativedriversvpcvmm.sys — (vpcvmm)
    DRV:64bit: – [2009/09/23 02:32:39 | 000,095,232 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversvpcusb.sys — (vpcusb)
    DRV:64bit: – [2009/09/23 02:32:33 | 000,187,904 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversvpchbus.sys — (vpcbus)
    DRV:64bit: – [2009/09/21 08:07:26 | 000,071,040 | —- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] — C:WindowsSysNativedriversaksdf.sys — (aksdf)
    DRV:64bit: – [2009/08/20 07:02:06 | 000,130,816 | —- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] — C:WindowsSysNativedriversaksfridge.sys — (aksfridge)
    DRV:64bit: – [2009/07/31 04:22:04 | 000,027,784 | —- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriverstdcmdpst.sys — (tdcmdpst)
    DRV:64bit: – [2009/07/24 19:33:00 | 000,026,472 | —- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] — C:WindowsSysNativedriverstosrfnds.sys — (tosrfnds)
    DRV:64bit: – [2009/07/15 00:31:18 | 000,026,840 | —- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] — C:WindowsSysNativedriversTVALZ_O.SYS — (TVALZ)
    DRV:64bit: – [2009/07/14 02:52:20 | 000,194,128 | —- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversamdsbs.sys — (amdsbs)
    DRV:64bit: – [2009/07/14 02:48:04 | 000,065,600 | —- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriverslsi_sas2.sys — (LSI_SAS2)
    DRV:64bit: – [2009/07/14 02:45:55 | 000,024,656 | —- | M] (Promise Technology) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversstexstor.sys — (stexstor)
    DRV:64bit: – [2009/07/14 01:10:47 | 000,011,264 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversrootmdm.sys — (ROOTMODEM)
    DRV:64bit: – [2009/06/20 03:15:22 | 000,014,472 | —- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] — C:WindowsSysNativedriversTVALZFL.sys — (TVALZFL)
    DRV:64bit: – [2009/06/17 20:01:00 | 000,054,664 | —- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriverstosporte.sys — (tosporte)
    DRV:64bit: – [2009/06/10 21:34:33 | 003,286,016 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversevbda.sys — (ebdrv)
    DRV:64bit: – [2009/06/10 21:34:28 | 000,468,480 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversbxvbda.sys — (b06bdrv)
    DRV:64bit: – [2009/06/10 21:34:23 | 000,270,848 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversb57nd60a.sys — (b57nd60a)
    DRV:64bit: – [2009/06/10 21:31:59 | 000,031,232 | —- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedrivershcw85cir.sys — (hcw85cir)
    DRV:64bit: – [2009/03/13 10:55:38 | 000,318,464 | —- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] — C:WindowsSysNativedrivershardlock.sys — (hardlock)
    DRV – [2013/01/01 17:11:03 | 000,098,304 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] — C:WindowsSysWOW64driversew_jucdcacm.sys — (huawei_cdcacm)
    DRV – [2013/01/01 17:11:03 | 000,087,040 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] — C:WindowsSysWOW64driversew_jubusenum.sys — (huawei_enumerator)
    DRV – [2013/01/01 17:11:03 | 000,072,192 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] — C:WindowsSysWOW64driversew_jucdcecm.sys — (huawei_cdcecm)
    DRV – [2013/01/01 17:11:03 | 000,028,672 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] — C:WindowsSysWOW64driversew_juextctrl.sys — (huawei_ext_ctrl)
    DRV – [2013/01/01 17:11:03 | 000,013,952 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] — C:WindowsSysWOW64driversew_usbenumfilter.sys — (ew_usbenumfilter)
    DRV – [2013/01/01 17:11:02 | 000,422,400 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSysWOW64driversewusbwwan.sys — (ewusbmbb)
    DRV – [2013/01/01 17:11:02 | 000,274,944 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSysWOW64driversewusbnet.sys — (ewusbnet)
    DRV – [2013/01/01 17:11:02 | 000,223,232 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSysWOW64driversewusbmdm.sys — (hwdatacard)
    DRV – [2013/01/01 17:11:02 | 000,117,248 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSysWOW64driversew_hwusbdev.sys — (ew_hwusbdev)
    DRV – [2009/07/14 02:19:10 | 000,019,008 | —- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] — C:WindowsSysWOW64driverswimmount.sys — (WIMMount)

    ========== Standard Registry (SafeList) ==========

    ========== Internet Explorer ==========

    IE:64bit: – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    IE:64bit: – HKLM..SearchScopes,DefaultScope = {207A80BF-3A4A-4226-B000-87445381F153}
    IE:64bit: – HKLM..SearchScopes{207A80BF-3A4A-4226-B000-87445381F153}: “URL” = http://www.google.com/search?sourceid=ie7&q=” onclick=”window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search bar = http://search.msn.com/spbasic.htm” onclick=”window.open(this.href);return false;
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Secondary Start Pages = Reg Error: Value error.
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    IE – HKLM..URLSearchHook: – No CLSID value found
    IE – HKLM..SearchScopes,DefaultScope =
    IE – HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&FORM=IE8SRC
    IE – HKLM..SearchScopes{207A80BF-3A4A-4226-B000-87445381F153}: “URL” = http://www.google.com/search?sourceid=ie7&q=” onclick=”window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;

    IE – HKU.DEFAULT..SearchScopes,DefaultScope =
    IE – HKU.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyEnable” = 0

    IE – HKUS-1-5-18..SearchScopes,DefaultScope =
    IE – HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyEnable” = 0

    IE – HKUS-1-5-19..SearchScopes,DefaultScope =

    IE – HKUS-1-5-20..SearchScopes,DefaultScope =

    IE – HKUS-1-5-21-3799678134-1094475672-2913924675-500SOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    IE – HKUS-1-5-21-3799678134-1094475672-2913924675-500..SearchScopes,DefaultScope = {207A80BF-3A4A-4226-B000-87445381F153}
    IE – HKUS-1-5-21-3799678134-1094475672-2913924675-500..SearchScopes${searchCLSID}: “URL” = http://search.live.com/results.aspx?q=” onclick=”window.open(this.href);return false;{searchTerms}&src={referrer:source?}
    IE – HKUS-1-5-21-3799678134-1094475672-2913924675-500..SearchScopes{207A80BF-3A4A-4226-B000-87445381F153}: “URL” = http://www.google.com/search?sourceid=ie7&q=” onclick=”window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA_frTN490
    IE – HKUS-1-5-21-3799678134-1094475672-2913924675-500SoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyEnable” = 0

    ========== FireFox ==========

    FF:64bit:HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:windowssystem32MacromedFlashNPSWF64_11_7_700_224.dll File not found
    FF:64bit:HKLMSoftwareMozillaPlugins@microsoft.com/GENUINE: disabled File not found
    FF:64bit:HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: c:Program FilesMicrosoft Silverlight5.1.20513.0npctrl.dll ( Microsoft Corporation)
    FF – HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:windowsSysWOW64MacromedFlashNPSWF32_11_7_700_224.dll ()
    FF – HKLMSoftwareMozillaPlugins@adobe.com/ShockwavePlayer: C:windowsSysWOW64AdobeDirectornp32dsw_1202122.dll (Adobe Systems, Inc.)
    FF – HKLMSoftwareMozillaPlugins@google.com/npPicasa3,version=3.0.0: C:Program Files (x86)GooglePicasa3npPicasa3.dll (Google, Inc.)
    FF – HKLMSoftwareMozillaPlugins@java.com/JavaPlugin: C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll (Sun Microsystems, Inc.)
    FF – HKLMSoftwareMozillaPlugins@microsoft.com/GENUINE: disabled File not found
    FF – HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: c:Program Files (x86)Microsoft Silverlight5.1.20513.0npctrl.dll ( Microsoft Corporation)
    FF – HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=15.4.3502.0922: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)
    FF – HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=15.4.3538.0513: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)
    FF – HKLMSoftwareMozillaPlugins@Nero.com/KM: C:PROGRA~2COMMON~1NeroBROWSE~1NPBROW~1.DLL (Nero AG)
    FF – HKLMSoftwareMozillaPlugins@real.com/nppl3260;version=15.0.6.14: C:Program Files (x86)RealRealPlayerNetscape6nppl3260.dll (RealNetworks, Inc.)
    FF – HKLMSoftwareMozillaPlugins@real.com/nprjplug;version=15.0.6.14: C:Program Files (x86)RealRealPlayerNetscape6nprjplug.dll (RealNetworks, Inc.)
    FF – HKLMSoftwareMozillaPlugins@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF – HKLMSoftwareMozillaPlugins@real.com/nprphtml5videoshim;version=15.0.6.14: C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll (RealNetworks, Inc.)
    FF – HKLMSoftwareMozillaPlugins@real.com/nprpplugin;version=15.0.6.14: C:Program Files (x86)RealRealPlayerNetscape6nprpplugin.dll (RealPlayer)
    FF – HKLMSoftwareMozillaPlugins@richmediaplayer.com/nppluginrichmediaplayer: C:Program Files (x86)Mozilla Firefoxpluginsnppluginrichmediaplayer.dll ()
    FF – HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:Program Files (x86)GoogleUpdate1.3.21.153npGoogleUpdate3.dll (Google Inc.)
    FF – HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:Program Files (x86)GoogleUpdate1.3.21.153npGoogleUpdate3.dll (Google Inc.)
    FF – HKLMSoftwareMozillaPlugins@videolan.org/vlc,version=2.0.4: C:Program Files (x86)VideoLANVLCnpvlc.dll (VideoLAN)
    FF – HKLMSoftwareMozillaPlugins@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegisteredNP_wtapp.dll ()
    FF – HKLMSoftwareMozillaPluginsAdobe Reader: C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dll (Adobe Systems Inc.)
    FF – HKCUSoftwareMozillaPlugins@Skype Limited.com/Facebook Video Calling Plugin: C:UsersAdministrateurAppDataLocalFacebookVideoSkypenpFacebookVideoCalling.dll (Skype Limited)
    FF – HKCUSoftwareMozillaPlugins@unity3d.com/UnityPlayer,version=1.0: C:UsersAdministrateurAppDataLocalLowUnityWebPlayerloadernpUnity3D32.dll (Unity Technologies ApS)

    FF – HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions\{0153E448-190B-4987-BDE1-F256CADA672F}: C:ProgramDataRealRealPlayerBrowserRecordPluginFirefoxExt [2012/12/08 17:23:23 | 000,000,000 | —D | M]
    FF – HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions\{3DF4B26D-DB19-45DF-962A-6719D071245B}: C:UsersAdministrateurAppDataLocalRich Media PlayerBrowserExtensionsFirefox{3DF4B26D-DB19-45DF-962A-6719D071245B} [2013/08/28 18:51:18 | 000,000,000 | —D | M]
    FF – HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions\url_advisor@kaspersky.com: C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013FFExturl_advisor@kaspersky.com [2013/08/30 04:22:25 | 000,000,000 | —D | M]
    FF – HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions\virtual_keyboard@kaspersky.com: C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013FFExtvirtual_keyboard@kaspersky.com [2013/08/30 04:22:25 | 000,000,000 | —D | M]
    FF – HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions\content_blocker@kaspersky.com: C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013FFExtcontent_blocker@kaspersky.com [2013/08/30 04:22:25 | 000,000,000 | —D | M]

    [2013/01/03 18:45:41 | 000,000,000 | —D | M] (No name found) — C:Program Files (x86)Mozilla Firefoxextensions
    [2013/03/12 09:27:46 | 000,093,976 | —- | M] () — C:Program Files (x86)mozilla firefoxpluginsnppluginrichmediaplayer.dll

    ========== Chrome ==========

    CHR – default_search_provider: google (Enabled)
    CHR – default_search_provider: search_url = http://www.google.fr/search?q=” onclick=”window.open(this.href);return false;{searchTerms}
    CHR – default_search_provider: suggest_url =
    CHR – plugin: Shockwave Flash (Enabled) = C:Program Files (x86)GoogleChromeApplication29.0.1547.66PepperFlashpepflashplayer.dll
    CHR – plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR – plugin: Native Client (Enabled) = C:Program Files (x86)GoogleChromeApplication29.0.1547.66ppGoogleNaClPluginChrome.dll
    CHR – plugin: Chrome PDF Viewer (Enabled) = C:Program Files (x86)GoogleChromeApplication29.0.1547.66pdf.dll
    CHR – plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:Program Files (x86)Javajre6binnew_pluginnpdeployJava1.dll
    CHR – plugin: Nero Kwik Media Helper (Enabled) = C:PROGRA~2COMMON~1NeroBROWSE~1NPBROW~1.DLL
    CHR – plugin: Adobe Acrobat (Enabled) = C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dll
    CHR – plugin: Picasa (Enabled) = C:Program Files (x86)GooglePicasa3npPicasa3.dll
    CHR – plugin: Google Update (Enabled) = C:Program Files (x86)GoogleUpdate1.3.21.153npGoogleUpdate3.dll
    CHR – plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll
    CHR – plugin: PluginRichmediaplayer (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnppluginrichmediaplayer.dll
    CHR – plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:Program Files (x86)RealRealPlayerNetscape6nppl3260.dll
    CHR – plugin: RealJukebox NS Plugin (Enabled) = C:Program Files (x86)RealRealPlayerNetscape6nprjplug.dll
    CHR – plugin: RealPlayer Download Plugin (Enabled) = C:Program Files (x86)RealRealPlayerNetscape6nprpplugin.dll
    CHR – plugin: VLC Web Plugin (Enabled) = C:Program Files (x86)VideoLANVLCnpvlc.dll
    CHR – plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegisteredNP_wtapp.dll
    CHR – plugin: Windows Liveu0099 Photo Gallery (Enabled) = C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll
    CHR – plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll
    CHR – plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll
    CHR – plugin: Unity Player (Enabled) = C:UsersAdministrateurAppDataLocalLowUnityWebPlayerloadernpUnity3D32.dll
    CHR – plugin: Facebook Video Calling Plugin (Enabled) = C:UsersAdministrateurAppDataLocalFacebookVideoSkypenpFacebookVideoCalling.dll
    CHR – plugin: Shockwave for Director (Enabled) = C:windowsSysWOW64AdobeDirectornp32dsw_1202122.dll
    CHR – plugin: Shockwave Flash (Enabled) = C:windowsSysWOW64MacromedFlashNPSWF32_11_7_700_224.dll
    CHR – plugin: Silverlight Plug-In (Enabled) = c:Program Files (x86)Microsoft Silverlight5.1.20513.0npctrl.dll
    CHR – Extension: Documents Google = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake.0.0.6_0
    CHR – Extension: Documents Google = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake.5_0
    CHR – Extension: Googleu00A0Drive = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf6.2_0
    CHR – Extension: Googleu00A0Drive = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf6.3_0
    CHR – Extension: YouTube = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo4.2.5_0
    CHR – Extension: YouTube = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo4.2.6_0
    CHR – Extension: Recherche Google = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf.0.0.19_0
    CHR – Extension: Recherche Google = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf.0.0.20_0
    CHR – Extension: Kaspersky URL Advisor = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsdchlnpcodkpfdpacogkljefecpegganj13.0.1.4190_0
    CHR – Extension: Download Video = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsdoagiokpgboiomffjfhaiimafndmmpni1.3.1_0
    CHR – Extension: RealPlayer HTML5Video Downloader Extension = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsjfmjfhklogoienhpfnppmbcbjfjnkonk1.5_0
    CHR – Extension: RealPlayer HTML5Video Downloader Extension = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsjfmjfhklogoienhpfnppmbcbjfjnkonk1.5_1
    CHR – Extension: Chrome In-App Payments service = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda.0.4.10_0
    CHR – Extension: Chrome In-App Payments service = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda.0.4.10_1
    CHR – Extension: Gmail = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia7_0
    CHR – Extension: Gmail = C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia7_1

    O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | —- | M]) – C:WindowsSysNativedriversetchosts
    O2:64bit: – BHO: (Content Blocker Plugin) – {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} – C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013x64IEExtContentBlockerie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: – BHO: (Virtual Keyboard Plugin) – {73455575-E40C-433C-9784-C78DC7761455} – C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013x64IEExtVirtualKeyboardie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: – BHO: (Google Toolbar Helper) – {AA58ED58-01DD-4d91-8333-CF10577473F7} – C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.)
    O2:64bit: – BHO: (URL Advisor Plugin) – {E33CF602-D945-461A-83F0-819F76A199F8} – C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013x64IEExtUrlAdvisorklwtbbho.dll (Kaspersky Lab ZAO)
    O2:64bit: – BHO: (TOSHIBA Media Controller Plug-in) – {F3C88694-EFFA-4d78-B409-54B7B2535B14} – C:Program Files (x86)TOSHIBATOSHIBA Media Controller Plug-inx64TOSHIBAMediaControllerIE.dll ()
    O2 – BHO: (RealPlayer Download and Record Plugin for Internet Explorer) – {3049C3E9-B461-4BC5-8870-4C09146192CA} – C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll (RealPlayer)
    O2 – BHO: (Content Blocker Plugin) – {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} – C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013IEExtContentBlockerie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2 – BHO: (Virtual Keyboard Plugin) – {73455575-E40C-433C-9784-C78DC7761455} – C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013IEExtVirtualKeyboardie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2 – BHO: (Java(tm) Plug-In SSV Helper) – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:Program Files (x86)Javajre6binssv.dll (Sun Microsystems, Inc.)
    O2 – BHO: (Rich Media Downloader) – {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} – C:UsersAdministrateurAppDataLocalRich Media PlayerBrowserExtensionsIERichMediaDownloader.dll (Radiocom CJSC)
    O2 – BHO: (Google Toolbar Helper) – {AA58ED58-01DD-4d91-8333-CF10577473F7} – C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll File not found
    O2 – BHO: (URL Advisor Plugin) – {E33CF602-D945-461A-83F0-819F76A199F8} – C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013IEExtUrlAdvisorklwtbbho.dll (Kaspersky Lab ZAO)
    O2 – BHO: (TOSHIBA Media Controller Plug-in) – {F3C88694-EFFA-4d78-B409-54B7B2535B14} – C:Program Files (x86)TOSHIBATOSHIBA Media Controller Plug-inTOSHIBAMediaControllerIE.dll ()
    O2 – BHO: (Rich Media Player) – {FEB703F7-E7B2-4AB0-9566-87658AC70095} – C:UsersAdministrateurAppDataLocalRich Media PlayerBrowserExtensionsIEPluginRichmediaplayer.dll ()
    O3:64bit: – HKLM..Toolbar: (no name) – Locked – No CLSID value found.
    O3 – HKLM..Toolbar: (Google Toolbar) – {2318C2B1-4965-11d4-9B18-009027A5CD4F} – C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll File not found
    O3 – HKLM..Toolbar: (no name) – Locked – No CLSID value found.
    O4:64bit: – HKLM..Run: [] File not found
    O4:64bit: – HKLM..Run: [AdobeAAMUpdater-1.0] C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: – HKLM..Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: – HKLM..Run: [SRS Premium Sound HD] C:Program FilesSRS LabsSRS Control PanelSRSPanel_64.exe (SRS Labs, Inc.)
    O4:64bit: – HKLM..Run: [TCrdMain] C:Program FilesTOSHIBAFlashCardsTCrdMain.exe (TOSHIBA Corporation)
    O4:64bit: – HKLM..Run: [Teco] C:Program FilesTOSHIBATECOTeco.exe (TOSHIBA Corporation)
    O4:64bit: – HKLM..Run: [Toshiba Registration] C:Program FilesTOSHIBARegistrationToshibaReminder.exe (Toshiba Europe GmbH)
    O4:64bit: – HKLM..Run: [Toshiba TEMPRO] C:Program Files (x86)Toshiba TEMPROTemproTray.exe (Toshiba Europe GmbH)
    O4:64bit: – HKLM..Run: [TosSENotify] C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe (TOSHIBA Corporation)
    O4:64bit: – HKLM..Run: [TosVolRegulator] C:Program FilesTOSHIBATosVolRegulatorTosVolRegulator.exe (TOSHIBA Corporation)
    O4:64bit: – HKLM..Run: [TosWaitSrv] C:Program FilesTOSHIBATPHMTosWaitSrv.exe (TOSHIBA Corporation)
    O4:64bit: – HKLM..Run: [TPwrMain] C:Program FilesTOSHIBAPower SaverTPwrMain.exe (TOSHIBA Corporation)
    O4 – HKLM..Run: [AdobeCS6ServiceManager] C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe (Adobe Systems Incorporated)
    O4 – HKLM..Run: [AVP] C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013avp.exe (Kaspersky Lab ZAO)
    O4 – HKLM..Run: [NBAgent] C:Program Files (x86)NeroNero 11Nero BackItUpNBAgent.exe (Nero AG)
    O4 – HKLM..Run: [StartCCC] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe (Advanced Micro Devices, Inc.)
    O4 – HKLM..Run: [SwitchBoard] C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe (Adobe Systems Incorporated)
    O4 – HKLM..Run: [TkBellExe] C:Program Files (x86)RealRealPlayerupdaterealsched.exe (RealNetworks, Inc.)
    O4 – HKU.DEFAULT..Run: [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe (TOSHIBA)
    O4 – HKUS-1-5-18..Run: [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe (TOSHIBA)
    O4 – HKUS-1-5-19..Run: [Sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)
    O4 – HKUS-1-5-19..Run: [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe (TOSHIBA)
    O4 – HKUS-1-5-20..Run: [Sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)
    O4 – HKUS-1-5-20..Run: [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe (TOSHIBA)
    O4 – HKUS-1-5-21-3799678134-1094475672-2913924675-500..Run: [Facebook Update] C:UsersAdministrateurAppDataLocalFacebookUpdateFacebookUpdate.exe (Facebook Inc.)
    O4 – HKUS-1-5-21-3799678134-1094475672-2913924675-500..Run: [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe (TOSHIBA)
    O4 – HKUS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe File not found
    O4 – HKUS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe File not found
    O4 – Startup: C:UsersDefaultAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupTRDCReminder.lnk = C:Program Files (x86)TOSHIBATRDCReminderTRDCReminder.exe (TOSHIBA Europe)
    O4 – Startup: C:UsersDefault UserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupTRDCReminder.lnk = C:Program Files (x86)TOSHIBATRDCReminderTRDCReminder.exe (TOSHIBA Europe)
    O4 – Startup: C:UsersInvitéAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupTRDCReminder.lnk = C:Program Files (x86)TOSHIBATRDCReminderTRDCReminder.exe (TOSHIBA Europe)
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 3
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 0
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 0
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: PromptOnSecureDesktop = 0
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: EnableLinkedConnections = 1
    O7 – HKUS-1-5-21-3799678134-1094475672-2913924675-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 0
    O7 – HKUS-1-5-21-3799678134-1094475672-2913924675-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 3
    O8:64bit: – Extra context menu item: Add to Google Photos Screensa&ver – res://C” onclick=”window.open(this.href);return false;:windowssystem32GPhotos.scr/200 File not found
    O8 – Extra context menu item: Add to Google Photos Screensa&ver – C:windowsSysWow64GPhotos.scr (Google Inc.)
    O9:64bit: – Extra Button: Virtual Keyboard – {0C4CC089-D306-440D-9772-464E226F6539} – C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013x64IEExtVirtualKeyboardie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9:64bit: – Extra Button: URLs check – {CCF151D8-D089-449F-A5A4-D9909053F20F} – C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013x64IEExtUrlAdvisorklwtbbho.dll (Kaspersky Lab ZAO)
    O9 – Extra Button: Virtual Keyboard – {0C4CC089-D306-440D-9772-464E226F6539} – C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013IEExtVirtualKeyboardie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9 – Extra Button: Rich Media Downloader – {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} – C:UsersAdministrateurAppDataLocalRich Media PlayerBrowserExtensionsIERichMediaDownloader.dll (Radiocom CJSC)
    O9 – Extra Button: URLs check – {CCF151D8-D089-449F-A5A4-D9909053F20F} – C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2013IEExtUrlAdvisorklwtbbho.dll (Kaspersky Lab ZAO)
    O10:64bit: – Protocol_Catalog9Catalog_Entries6400000000012 – C:WindowsSysNativevsocklib.dll (VMware, Inc.)
    O10:64bit: – Protocol_Catalog9Catalog_Entries6400000000013 – C:WindowsSysNativevsocklib.dll (VMware, Inc.)
    O10 – Protocol_Catalog9Catalog_Entries00000000012 – C:WindowsSysWOW64vsocklib.dll (VMware, Inc.)
    O10 – Protocol_Catalog9Catalog_Entries00000000013 – C:WindowsSysWOW64vsocklib.dll (VMware, Inc.)
    O1364bit: – gopher Prefix: missing
    O13 – gopher Prefix: missing
    O16 – DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab” onclick=”window.open(this.href);return false; (Java Plug-in 1.6.0_30)
    O16 – DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab” onclick=”window.open(this.href);return false; (Java Plug-in 1.6.0_30)
    O16 – DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab” onclick=”window.open(this.href);return false; (Java Plug-in 1.6.0_30)
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 10.47.9.34 193.95.122.30
    O17 – HKLMSystemCCSServicesTcpipParametersInterfaces{3AA4AC40-DE5B-46A7-88FD-F8AF6C06778D}: DhcpNameServer = 192.1.1.13 192.1.1.28
    O17 – HKLMSystemCCSServicesTcpipParametersInterfaces{424CAE7A-7FF0-4B70-AB48-BCB9F861625E}: NameServer = 196.203.80.4 196.203.82.4
    O17 – HKLMSystemCCSServicesTcpipParametersInterfaces{7CD145E9-81AC-4AB6-87AF-8A3CBD8285B1}: DhcpNameServer = 10.47.9.34 193.95.122.30
    O17 – HKLMSystemCCSServicesTcpipParametersInterfaces{8AFC0B4A-8564-41F5-901F-9DD8D667FAAC}: DhcpNameServer = 10.47.9.34 193.95.122.30
    O17 – HKLMSystemCCSServicesTcpipParametersInterfaces{94886D77-FC1C-4772-AA76-EA2FE0E2A52D}: DhcpNameServer = 10.47.9.34 193.95.122.30
    O17 – HKLMSystemCCSServicesTcpipParametersInterfaces{F9508140-3B1F-4982-9E10-5A25E921B693}: NameServer = 196.203.80.4 196.203.82.4
    O18:64bit: – ProtocolHandlerlivecall – No CLSID value found
    O18:64bit: – ProtocolHandlermsdaipp – No CLSID value found
    O18:64bit: – ProtocolHandlermsdaippx00000001 – No CLSID value found
    O18:64bit: – ProtocolHandlermsdaippoledb – No CLSID value found
    O18:64bit: – ProtocolHandlerms-help – No CLSID value found
    O18:64bit: – ProtocolHandlermsnim – No CLSID value found
    O18:64bit: – ProtocolHandlermso-offdap11 – No CLSID value found
    O18:64bit: – ProtocolHandlerskype4com – No CLSID value found
    O18:64bit: – ProtocolHandlerwlmailhtml – No CLSID value found
    O18:64bit: – ProtocolHandlerwlpg – No CLSID value found
    O18 – ProtocolHandlermsdaippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} – C:Program Files (x86)Common FilesSystemOle DBMSDAIPP.DLL (Microsoft Corporation)
    O18 – ProtocolHandlermsdaippoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} – C:Program Files (x86)Common FilesSystemOle DBMSDAIPP.DLL (Microsoft Corporation)
    O18 – ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} – C:Program Files (x86)Common FilesSkypeSkype4COM.dll (Skype Technologies)
    O20:64bit: – HKLM Winlogon: Shell – (Explorer.exe) – C:windowsexplorer.exe (Microsoft Corporation)
    O20:64bit: – HKLM Winlogon: UserInit – (C:windowssystem32userinit.exe) – C:WindowsSysNativeuserinit.exe (Microsoft Corporation)
    O20 – HKLM Winlogon: Shell – (Explorer.exe) – C:windowsSysWow64explorer.exe (Microsoft Corporation)
    O20 – HKLM Winlogon: UserInit – (userinit.exe) – C:windowsSysWow64userinit.exe (Microsoft Corporation)
    O21:64bit: – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – No CLSID value found.
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – No CLSID value found.
    O32 – HKLM CDRom: AutoRun – 0
    O32 – AutoRun File – [2013/08/26 22:34:51 | 000,000,000 | RHSD | M] – C:Autorun.inf — [ NTFS ]
    O34 – HKLM BootExecute: (autocheck autochk *)
    O35:64bit: – HKLM..comfile [open] — “%1” %*
    O35:64bit: – HKLM..exefile [open] — “%1” %*
    O35 – HKLM..comfile [open] — “%1” %*
    O35 – HKLM..exefile [open] — “%1” %*
    O37:64bit: – HKLM…com [@ = comfile] — “%1” %*
    O37:64bit: – HKLM…exe [@ = exefile] — “%1” %*
    O37 – HKLM…com [@ = comfile] — “%1” %*
    O37 – HKLM…exe [@ = exefile] — “%1” %*
    O38 – SubSystems\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 – SubSystems\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 – SubSystems\Windows: (ServerDll=sxssrv,4)

    kazanastra
    Nombre d'articles : 0

    SafeBootMin:64bit: AppMgmt – Service
    SafeBootMin:64bit: Base – Driver Group
    SafeBootMin:64bit: Boot Bus Extender – Driver Group
    SafeBootMin:64bit: Boot file system – Driver Group
    SafeBootMin:64bit: File system – Driver Group
    SafeBootMin:64bit: Filter – Driver Group
    SafeBootMin:64bit: HelpSvc – Service
    SafeBootMin:64bit: MCODS – Reg Error: Value error.
    SafeBootMin:64bit: PCI Configuration – Driver Group
    SafeBootMin:64bit: PNP Filter – Driver Group
    SafeBootMin:64bit: Primary disk – Driver Group
    SafeBootMin:64bit: sacsvr – Service
    SafeBootMin:64bit: SCSI Class – Driver Group
    SafeBootMin:64bit: System Bus Extender – Driver Group
    SafeBootMin:64bit: vmms – Service
    SafeBootMin:64bit: WinDefend – C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)
    SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} – Universal Serial Bus controllers
    SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} – CD-ROM Drive
    SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} – DiskDrive
    SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} – Standard floppy disk controller
    SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} – Hdc
    SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} – Keyboard
    SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} – Mouse
    SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} – PCMCIA Adapters
    SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} – SCSIAdapter
    SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} – System
    SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} – Floppy disk drive
    SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} – Volume shadow copy
    SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} – IEEE 1394 Bus host controllers
    SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} – Volume
    SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} – Human Interface Devices
    SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} – SBP2 IEEE 1394 Devices
    SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} – SecurityDevices
    SafeBootMin: AppMgmt – Service
    SafeBootMin: Base – Driver Group
    SafeBootMin: Boot Bus Extender – Driver Group
    SafeBootMin: Boot file system – Driver Group
    SafeBootMin: File system – Driver Group
    SafeBootMin: Filter – Driver Group
    SafeBootMin: HelpSvc – Service
    SafeBootMin: MCODS – Reg Error: Value error.
    SafeBootMin: PCI Configuration – Driver Group
    SafeBootMin: PNP Filter – Driver Group
    SafeBootMin: Primary disk – Driver Group
    SafeBootMin: sacsvr – Service
    SafeBootMin: SCSI Class – Driver Group
    SafeBootMin: System Bus Extender – Driver Group
    SafeBootMin: vmms – Service
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} – Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} – CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} – DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} – Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} – Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} – Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} – Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} – PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} – SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} – System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} – Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} – Volume shadow copy
    SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} – IEEE 1394 Bus host controllers
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} – Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} – Human Interface Devices
    SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} – SBP2 IEEE 1394 Devices
    SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} – SecurityDevices

    SafeBootNet:64bit: AppMgmt – Service
    SafeBootNet:64bit: Base – Driver Group
    SafeBootNet:64bit: Boot Bus Extender – Driver Group
    SafeBootNet:64bit: Boot file system – Driver Group
    SafeBootNet:64bit: File system – Driver Group
    SafeBootNet:64bit: Filter – Driver Group
    SafeBootNet:64bit: HelpSvc – Service
    SafeBootNet:64bit: MCODS – Reg Error: Value error.
    SafeBootNet:64bit: Messenger – Service
    SafeBootNet:64bit: NDIS Wrapper – Driver Group
    SafeBootNet:64bit: NetBIOSGroup – Driver Group
    SafeBootNet:64bit: NetDDEGroup – Driver Group
    SafeBootNet:64bit: Network – Driver Group
    SafeBootNet:64bit: NetworkProvider – Driver Group
    SafeBootNet:64bit: PCI Configuration – Driver Group
    SafeBootNet:64bit: PNP Filter – Driver Group
    SafeBootNet:64bit: PNP_TDI – Driver Group
    SafeBootNet:64bit: Primary disk – Driver Group
    SafeBootNet:64bit: rdsessmgr – Service
    SafeBootNet:64bit: sacsvr – Service
    SafeBootNet:64bit: SCSI Class – Driver Group
    SafeBootNet:64bit: Streams Drivers – Driver Group
    SafeBootNet:64bit: System Bus Extender – Driver Group
    SafeBootNet:64bit: TDI – Driver Group
    SafeBootNet:64bit: vmms – Service
    SafeBootNet:64bit: WinDefend – C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)
    SafeBootNet:64bit: WudfUsbccidDriver – Driver
    SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} – Universal Serial Bus controllers
    SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} – CD-ROM Drive
    SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} – DiskDrive
    SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} – Standard floppy disk controller
    SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} – Hdc
    SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} – Keyboard
    SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} – Mouse
    SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} – Net
    SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} – NetClient
    SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} – NetService
    SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} – NetTrans
    SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} – PCMCIA Adapters
    SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} – SCSIAdapter
    SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} – System
    SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} – Floppy disk drive
    SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} – Smart card readers
    SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} – Volume shadow copy
    SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} – IEEE 1394 Bus host controllers
    SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} – Volume
    SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} – Human Interface Devices
    SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} – SBP2 IEEE 1394 Devices
    SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} – SecurityDevices
    SafeBootNet: AppMgmt – Service
    SafeBootNet: Base – Driver Group
    SafeBootNet: Boot Bus Extender – Driver Group
    SafeBootNet: Boot file system – Driver Group
    SafeBootNet: File system – Driver Group
    SafeBootNet: Filter – Driver Group
    SafeBootNet: HelpSvc – Service
    SafeBootNet: MCODS – Reg Error: Value error.
    SafeBootNet: Messenger – Service
    SafeBootNet: NDIS Wrapper – Driver Group
    SafeBootNet: NetBIOSGroup – Driver Group
    SafeBootNet: NetDDEGroup – Driver Group
    SafeBootNet: Network – Driver Group
    SafeBootNet: NetworkProvider – Driver Group
    SafeBootNet: PCI Configuration – Driver Group
    SafeBootNet: PNP Filter – Driver Group
    SafeBootNet: PNP_TDI – Driver Group
    SafeBootNet: Primary disk – Driver Group
    SafeBootNet: rdsessmgr – Service
    SafeBootNet: sacsvr – Service
    SafeBootNet: SCSI Class – Driver Group
    SafeBootNet: Streams Drivers – Driver Group
    SafeBootNet: System Bus Extender – Driver Group
    SafeBootNet: TDI – Driver Group
    SafeBootNet: vmms – Service
    SafeBootNet: WudfUsbccidDriver – Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} – Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} – CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} – DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} – Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} – Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} – Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} – Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} – Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} – NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} – NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} – NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} – PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} – SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} – System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} – Floppy disk drive
    SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} – Smart card readers
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} – Volume shadow copy
    SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} – IEEE 1394 Bus host controllers
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} – Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} – Human Interface Devices
    SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} – SBP2 IEEE 1394 Devices
    SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} – SecurityDevices

    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} – Microsoft Windows Media Player 12.0
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} – %SystemRoot%system32regsvr32.exe /s /n /i:/UserInstall %SystemRoot%system32themeui.dll
    ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} – C:windowssystem32cmd.exe /D /C start C:windowssystem32ie4uinit.exe -ClearIconCache
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} – Offline Browsing Pack
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} – “%ProgramFiles%Windows MailWinMail.exe” OCInstallUserConfigOE
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} – DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} – Internet Explorer Help
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} – Microsoft Windows Script 5.6
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} – Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} – Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} – Microsoft Windows Media Player
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} – MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} – Address Book 7
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} – regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} – C:windowsSystem32ie4uinit.exe -UserConfig
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} – C:Windowssystem32Rundll32.exe C:Windowssystem32mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} – Dynamic HTML Data Binding
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} – Internet Explorer Core Fonts
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} – HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} – Active Directory Service Interface
    ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} – .NET Framework
    ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} – .NET Framework
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} – %SystemRoot%system32unregmp2.exe /ShowWMP
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} – Java (Sun)
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} – Microsoft Windows Media Player 12.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} – %SystemRoot%system32regsvr32.exe /s /n /i:/UserInstall %SystemRoot%system32themeui.dll
    ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} – C:windowssystem32cmd.exe /D /C start C:windowssystem32ie4uinit.exe -ClearIconCache
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} – Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} – “%ProgramFiles(x86)%Windows MailWinMail.exe” OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} – DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} – Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} – Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} – Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} – Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} – Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} – MSN Site Access
    ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} – Dossiers Web
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} – Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} – .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} – regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} –
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} – C:WindowsSysWOW64Rundll32.exe C:WindowsSysWOW64mscories.dll,Install
    ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} – “C:Program Files (x86)GoogleChromeApplication29.0.1547.66Installerchrmstp.exe” –configure-user-settings –verbose-logging –system-level –multi-install –chrome
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} – Dynamic HTML Data Binding
    ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} – .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} – Internet Explorer Core Fonts
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} – Macromedia Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} – HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} – Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} – .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} – %SystemRoot%system32unregmp2.exe /ShowWMP

    Drivers32:64bit: msacm.l3acm – C:WindowsSystem32l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3acm – C:WindowsSysWOW64l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid – C:windowsSysWow64iccvid.dll (Radius Inc.)
    Drivers32: VIDC.VMnc – C:windowsSysWow64vmnc.dll (VMware, Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders – Created Within 30 Days ==========

    [2013/09/09 14:31:49 | 000,602,112 | —- | C] (OldTimer Tools) — C:UsersAdministrateurDesktopOTL.exe
    [2013/09/01 16:27:04 | 000,000,000 | —D | C] — C:Sounds
    [2013/09/01 12:54:25 | 000,000,000 | —D | C] — C:UsersAdministrateurAppDataRoamingMalwarebytes
    [2013/09/01 12:54:23 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes’ Anti-Malware
    [2013/09/01 12:54:22 | 000,025,928 | —- | C] (Malwarebytes Corporation) — C:windowsSysNativedriversmbam.sys
    [2013/09/01 12:54:22 | 000,000,000 | —D | C] — C:ProgramDataMalwarebytes
    [2013/09/01 12:54:21 | 000,000,000 | —D | C] — C:Program Files (x86)Malwarebytes’ Anti-Malware
    [2013/09/01 12:54:11 | 000,000,000 | —D | C] — C:UsersAdministrateurAppDataLocalPrograms
    [2013/09/01 07:40:26 | 000,000,000 | —D | C] — C:windowsERUNT
    [2013/09/01 07:31:14 | 000,000,000 | —D | C] — C:AdwCleaner
    [2013/08/31 04:21:33 | 000,000,000 | —D | C] — C:Program Files (x86)ZHPDiag
    [2013/08/31 04:21:33 | 000,000,000 | —D | C] — C:ZHP
    [2013/08/29 22:02:10 | 000,000,000 | —D | C] — C:UsersAdministrateurAppDataRoamingRadiocom
    [2013/08/29 22:02:05 | 000,000,000 | —D | C] — C:UsersAdministrateurRichMedia
    [2013/08/29 22:02:05 | 000,000,000 | —D | C] — C:UsersAdministrateurAppDataLocalRadiocom
    [2013/08/28 19:51:21 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsKaspersky Anti-Virus 2013
    [2013/08/28 19:50:59 | 000,064,856 | —- | C] (Kaspersky Lab) — C:windowsSysNativeklfphc.dll
    [2013/08/28 19:50:00 | 000,000,000 | —D | C] — C:windowsELAMBKUP
    [2013/08/28 19:49:54 | 000,000,000 | —D | C] — C:ProgramDataKaspersky Lab
    [2013/08/28 19:49:54 | 000,000,000 | —D | C] — C:Program Files (x86)Kaspersky Lab
    [2013/08/28 19:49:21 | 000,620,128 | —- | C] (Kaspersky Lab ZAO) — C:windowsSysNativedriversklif.sys
    [2013/08/28 19:49:21 | 000,090,208 | —- | C] (Kaspersky Lab ZAO) — C:windowsSysNativedriversklflt.sys
    [2013/08/28 18:51:18 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsRich Media Player
    [2013/08/28 18:50:55 | 000,000,000 | —D | C] — C:UsersAdministrateurAppDataLocalRich Media Player
    [2013/08/28 03:45:25 | 000,000,000 | —D | C] — C:ProgramDataBDLogging
    [2013/08/28 03:45:14 | 000,511,328 | —- | C] (Microsoft Corporation) — C:windowscapicom.dll
    [2013/08/28 02:32:01 | 000,000,000 | —D | C] — C:UsersAdministrateurAppDataRoamingQuickScan
    [2013/08/28 02:27:54 | 000,000,000 | —D | C] — C:Program FilesBitdefender
    [2013/08/28 02:17:27 | 000,000,000 | —D | C] — C:Program FilesCommon FilesBitdefender
    [2013/08/27 01:23:34 | 000,000,000 | –SD | C] — C:windowsSysWow64Microsoft
    [2013/08/26 22:34:51 | 000,000,000 | RHSD | C] — C:Autorun.inf
    [2013/08/25 20:07:42 | 000,000,000 | —D | C] — C:UsbFix
    [2013/08/14 16:46:34 | 000,391,168 | —- | C] (Microsoft Corporation) — C:windowsSysWow64ieui.dll
    [2013/08/14 16:46:33 | 000,526,336 | —- | C] (Microsoft Corporation) — C:windowsSysNativeieui.dll
    [2013/08/14 16:46:30 | 000,109,056 | —- | C] (Microsoft Corporation) — C:windowsSysWow64iesysprep.dll
    [2013/08/14 16:46:30 | 000,089,600 | —- | C] (Microsoft Corporation) — C:windowsSysNativeRegisterIEPKEYs.exe
    [2013/08/14 16:46:30 | 000,071,680 | —- | C] (Microsoft Corporation) — C:windowsSysWow64RegisterIEPKEYs.exe
    [2013/08/14 16:46:30 | 000,067,072 | —- | C] (Microsoft Corporation) — C:windowsSysNativeiesetup.dll
    [2013/08/14 16:46:30 | 000,061,440 | —- | C] (Microsoft Corporation) — C:windowsSysWow64iesetup.dll
    [2013/08/14 16:46:30 | 000,051,712 | —- | C] (Microsoft Corporation) — C:windowsSysNativeie4uinit.exe
    [2013/08/14 16:46:30 | 000,039,936 | —- | C] (Microsoft Corporation) — C:windowsSysNativeiernonce.dll
    [2013/08/14 16:46:30 | 000,033,280 | —- | C] (Microsoft Corporation) — C:windowsSysWow64iernonce.dll
    [2013/08/14 16:46:29 | 000,136,704 | —- | C] (Microsoft Corporation) — C:windowsSysNativeiesysprep.dll
    [2013/08/14 16:46:24 | 000,855,552 | —- | C] (Microsoft Corporation) — C:windowsSysNativejscript.dll
    [2013/08/14 16:46:24 | 000,603,136 | —- | C] (Microsoft Corporation) — C:windowsSysNativemsfeeds.dll
    [2013/08/14 16:46:23 | 003,958,784 | —- | C] (Microsoft Corporation) — C:windowsSysNativejscript9.dll
    [2013/08/14 16:46:23 | 000,690,688 | —- | C] (Microsoft Corporation) — C:windowsSysWow64jscript.dll
    [2013/08/13 21:29:09 | 001,472,512 | —- | C] (Microsoft Corporation) — C:windowsSysNativecrypt32.dll
    [2013/08/13 21:29:08 | 000,224,256 | —- | C] (Microsoft Corporation) — C:windowsSysNativewintrust.dll
    [2013/08/13 21:29:07 | 000,139,776 | —- | C] (Microsoft Corporation) — C:windowsSysNativecryptnet.dll
    [2013/08/13 21:27:41 | 001,888,768 | —- | C] (Microsoft Corporation) — C:windowsSysNativeWMVDECOD.DLL
    [2013/08/13 21:27:40 | 001,620,992 | —- | C] (Microsoft Corporation) — C:windowsSysWow64WMVDECOD.DLL
    [2013/08/13 21:27:39 | 001,217,024 | —- | C] (Microsoft Corporation) — C:windowsSysNativerpcrt4.dll
    [2013/08/13 21:27:34 | 003,913,664 | —- | C] (Microsoft Corporation) — C:windowsSysWow64ntoskrnl.exe
    [2013/08/13 21:27:32 | 003,968,960 | —- | C] (Microsoft Corporation) — C:windowsSysWow64ntkrnlpa.exe
    [2013/08/13 21:27:31 | 005,550,528 | —- | C] (Microsoft Corporation) — C:windowsSysNativentoskrnl.exe
    [2013/08/13 21:27:31 | 001,732,032 | —- | C] (Microsoft Corporation) — C:windowsSysNativentdll.dll
    [2013/08/13 21:27:30 | 000,243,712 | —- | C] (Microsoft Corporation) — C:windowsSysNativewow64.dll
    [2013/08/13 21:27:29 | 000,014,336 | —- | C] (Microsoft Corporation) — C:windowsSysWow64ntvdm64.dll
    [2013/08/13 21:27:28 | 000,025,600 | —- | C] (Microsoft Corporation) — C:windowsSysWow64setup16.exe
    [2013/08/13 21:27:28 | 000,005,120 | —- | C] (Microsoft Corporation) — C:windowsSysWow64wow32.dll
    [2013/08/13 21:27:27 | 000,007,680 | —- | C] (Microsoft Corporation) — C:windowsSysWow64instnm.exe
    [2013/08/13 21:27:27 | 000,002,048 | —- | C] (Microsoft Corporation) — C:windowsSysWow64user.exe
    [1 C:windows*.tmp files -> C:windows*.tmp -> ]

    ========== Files – Modified Within 30 Days ==========

    [2013/09/10 23:59:56 | 001,566,088 | —- | M] () — C:windowsSysNativePerfStringBackup.INI
    [2013/09/10 23:59:56 | 000,712,096 | —- | M] () — C:windowsSysNativeperfh00C.dat
    [2013/09/10 23:59:56 | 000,622,464 | —- | M] () — C:windowsSysNativeperfh009.dat
    [2013/09/10 23:59:56 | 000,133,806 | —- | M] () — C:windowsSysNativeperfc00C.dat
    [2013/09/10 23:59:56 | 000,109,310 | —- | M] () — C:windowsSysNativeperfc009.dat
    [2013/09/10 23:52:00 | 000,001,082 | —- | M] () — C:windowstasksGoogleUpdateTaskMachineUA.job
    [2013/09/10 23:14:00 | 000,000,830 | —- | M] () — C:windowstasksAdobe Flash Player Updater.job
    [2013/09/10 22:59:02 | 000,000,964 | —- | M] () — C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500UA.job
    [2013/09/10 22:46:00 | 000,000,924 | —- | M] () — C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000UA.job
    [2013/09/10 21:58:11 | 000,067,584 | –S- | M] () — C:windowsbootstat.dat
    [2013/09/10 19:59:01 | 000,000,942 | —- | M] () — C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500Core.job
    [2013/09/10 19:46:00 | 000,000,902 | —- | M] () — C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000Core.job
    [2013/09/09 14:31:56 | 000,602,112 | —- | M] (OldTimer Tools) — C:UsersAdministrateurDesktopOTL.exe
    [2013/09/09 14:11:32 | 000,001,078 | —- | M] () — C:windowstasksGoogleUpdateTaskMachineCore.job
    [2013/09/09 01:50:14 | 000,038,784 | -H– | M] () — C:windowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/09/09 01:50:14 | 000,038,784 | -H– | M] () — C:windowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/09/09 01:42:11 | 623,069,829 | —- | M] () — C:windowsMEMORY.DMP
    [2013/09/09 01:42:10 | 505,257,983 | -HS- | M] () — C:hiberfil.sys
    [2013/09/02 17:55:08 | 000,000,512 | —- | M] () — C:PhysicalDisk0_MBR.bin
    [2013/08/30 04:22:17 | 000,178,448 | —- | M] (Kaspersky Lab ZAO) — C:windowsSysNativedriverskneps.sys
    [2013/08/30 04:22:17 | 000,054,368 | —- | M] (Kaspersky Lab ZAO) — C:windowsSysNativedriverskltdi.sys
    [2013/08/30 04:22:17 | 000,029,528 | —- | M] (Kaspersky Lab) — C:windowsSysNativedriversklmouflt.sys
    [2013/08/30 04:22:16 | 000,620,128 | —- | M] (Kaspersky Lab ZAO) — C:windowsSysNativedriversklif.sys
    [2013/08/30 04:22:16 | 000,029,016 | —- | M] (Kaspersky Lab) — C:windowsSysNativedriversklkbdflt.sys
    [2013/08/30 04:22:15 | 000,090,208 | —- | M] (Kaspersky Lab ZAO) — C:windowsSysNativedriversklflt.sys
    [2013/08/28 18:42:38 | 000,230,495 | —- | M] () — C:ProgramData1377711683.bdinstall.bin
    [2013/08/28 03:46:34 | 000,354,473 | —- | M] () — C:ProgramData1377657701.bdinstall.bin
    [2013/08/28 03:46:20 | 000,000,385 | —- | M] () — C:windowsSysNativeuser_gensett.xml
    [2013/08/28 03:45:37 | 000,000,000 | -H– | M] () — C:windowsSysNativedriversMsft_Kernel_avchv_01009.Wdf
    [2013/08/28 03:40:23 | 000,370,476 | —- | M] () — C:ProgramData1377653102.bdinstall.bin
    [1 C:windows*.tmp files -> C:windows*.tmp -> ]

    ========== Files Created – No Company Name ==========

    [2013/08/31 04:31:50 | 000,000,512 | —- | C] () — C:PhysicalDisk0_MBR.bin
    [2013/08/28 18:42:38 | 000,230,495 | —- | C] () — C:ProgramData1377711683.bdinstall.bin
    [2013/08/28 03:46:34 | 000,354,473 | —- | C] () — C:ProgramData1377657701.bdinstall.bin
    [2013/08/28 03:46:20 | 000,000,385 | —- | C] () — C:windowsSysNativeuser_gensett.xml
    [2013/08/28 03:45:37 | 000,000,000 | -H– | C] () — C:windowsSysNativedriversMsft_Kernel_avchv_01009.Wdf
    [2013/08/28 03:40:23 | 000,370,476 | —- | C] () — C:ProgramData1377653102.bdinstall.bin
    [2013/07/27 10:22:55 | 000,000,708 | —- | C] () — C:UsersAdministrateurBibliothèques – Raccourci.lnk
    [2013/03/20 16:29:00 | 001,590,564 | —- | C] () — C:windowsSysWow64PerfStringBackup.INI
    [2013/03/12 18:52:42 | 000,000,382 | —- | C] () — C:windowsODBC.INI
    [2013/01/06 22:55:35 | 000,000,293 | —- | C] () — C:windowsgame.ini
    [2012/11/30 18:23:17 | 000,000,000 | —- | C] () — C:windowsToDisc.INI
    [2012/04/07 17:14:14 | 000,128,312 | —- | C] () — C:windowsSysWow64GFNEX.dll
    [2012/04/07 17:12:39 | 000,028,528 | —- | C] () — C:windowsrlt8723a_chip_bt40_fw_asic_rom_patch.dll
    [2012/04/07 17:09:55 | 000,451,072 | —- | C] () — C:windowsSysWow64ISSRemoveSP.exe
    [2012/04/07 17:03:23 | 000,000,000 | —- | C] () — C:windowsativpsrm.bin
    [2012/04/07 17:00:51 | 000,204,960 | —- | C] () — C:windowsSysWow64ativvsvl.dat
    [2012/04/07 17:00:51 | 000,157,152 | —- | C] () — C:windowsSysWow64ativvsva.dat
    [2012/04/07 17:00:51 | 000,003,917 | —- | C] () — C:windowsSysWow64atipblag.dat
    [2012/01/20 12:49:58 | 000,059,904 | —- | C] () — C:windowsSysWow64OpenVideo.dll
    [2012/01/20 12:49:48 | 000,054,784 | —- | C] () — C:windowsSysWow64OVDecode.dll

    ========== ZeroAccess Check ==========

    [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () — C:windowsassemblyDesktop.ini

    [HKEY_CURRENT_USERSoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32] /64

    [HKEY_CURRENT_USERSoftwareClassesWow6432nodeclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]

    [HKEY_CURRENT_USERSoftwareClassesclsid{fbeb8a05-beee-4442-804e-409d6c4515e9}InProcServer32] /64

    [HKEY_CURRENT_USERSoftwareClassesWow6432nodeclsid{fbeb8a05-beee-4442-804e-409d6c4515e9}InProcServer32]

    [HKEY_LOCAL_MACHINESoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32] /64
    “” = C:WindowsSysNativeshell32.dll — [2013/02/27 06:52:56 | 014,172,672 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Apartment

    [HKEY_LOCAL_MACHINESoftwareWow6432NodeClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]
    “” = %SystemRoot%system32shell32.dll — [2013/02/27 05:55:05 | 012,872,704 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Apartment

    [HKEY_LOCAL_MACHINESoftwareClassesclsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}InProcServer32] /64
    “” = C:WindowsSysNativewbemfastprox.dll — [2009/07/14 02:40:51 | 000,909,312 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Free

    [HKEY_LOCAL_MACHINESoftwareWow6432NodeClassesclsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}InProcServer32]
    “” = %systemroot%system32wbemfastprox.dll — [2010/11/21 04:24:25 | 000,606,208 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Free

    [HKEY_LOCAL_MACHINESoftwareClassesclsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InProcServer32] /64
    “” = C:WindowsSysNativewbemwbemess.dll — [2009/07/14 02:41:56 | 000,505,856 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Both

    [HKEY_LOCAL_MACHINESoftwareWow6432NodeClassesclsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InProcServer32]

    ========== LOP Check ==========

    [2013/09/10 21:58:36 | 000,000,000 | —D | M] — C:UsersAdministrateurAppDataRoamingInternetEverywhere
    [2013/05/17 12:52:12 | 000,000,000 | —D | M] — C:UsersAdministrateurAppDataRoamingNotepad++
    [2013/05/19 20:13:30 | 000,000,000 | —D | M] — C:UsersAdministrateurAppDataRoamingPowerISO
    [2013/08/28 02:32:01 | 000,000,000 | —D | M] — C:UsersAdministrateurAppDataRoamingQuickScan
    [2013/08/29 22:02:10 | 000,000,000 | —D | M] — C:UsersAdministrateurAppDataRoamingRadiocom
    [2013/07/24 07:37:14 | 000,000,000 | —D | M] — C:UsersAdministrateurAppDataRoamingTheta
    [2013/06/03 14:08:48 | 000,000,000 | —D | M] — C:UsersAdministrateurAppDataRoamingToshiba
    [2013/07/04 04:51:53 | 000,000,000 | —D | M] — C:UsersAdministrateurAppDataRoamingUnity
    [2013/07/20 12:30:21 | 000,000,000 | —D | M] — C:UsersAdministrateurAppDataRoamingWildTangent
    [2013/01/01 15:25:14 | 000,000,000 | —D | M] — C:UsersInvitéAppDataRoamingInternetEverywhere
    [2012/12/15 17:40:50 | 000,000,000 | —D | M] — C:UsersInvitéAppDataRoamingToshiba

    ========== Purity Check ==========

    ========== Custom Scans ==========


    [2011/12/28 04:59:24 | 000,498,688 | —- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 — C:windowsSysNativedriversafd.sys
    [2011/12/28 04:59:24 | 000,498,688 | —- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 — C:Windowswinsxsamd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5afd.sys
    [2011/12/28 05:01:36 | 000,498,176 | —- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB — C:Windowswinsxsamd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345afd.sys
    [2010/11/21 04:24:08 | 000,499,712 | —- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C — C:Windowswinsxsamd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991afd.sys
    [2011/04/25 03:34:03 | 000,499,200 | —- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 — C:Windowswinsxsamd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170afd.sys
    [2011/04/25 04:09:35 | 000,499,200 | —- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 — C:Windowswinsxsamd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4afd.sys


    [2011/02/26 06:19:21 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 — C:Windowswinsxswow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652dexplorer.exe
    [2011/02/25 07:19:30 | 002,871,808 | —- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 — C:Windowsexplorer.exe
    [2011/02/25 07:19:30 | 002,871,808 | —- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 — C:Windowswinsxsamd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0baexplorer.exe
    [2011/02/26 07:14:34 | 002,871,808 | —- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 — C:Windowswinsxsamd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332explorer.exe
    [2010/11/21 04:24:25 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 — C:Windowswinsxswow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafbexplorer.exe
    [2011/02/25 06:30:54 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E — C:WindowsSysWOW64explorer.exe
    [2011/02/25 06:30:54 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E — C:Windowswinsxswow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5explorer.exe
    [2010/11/21 04:24:11 | 002,872,320 | —- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 — C:Windowswinsxsamd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900explorer.exe


    [2009/07/14 00:19:57 | 000,105,472 | —- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 — C:windowsSysNativedriversi8042prt.sys
    [2009/07/14 00:19:57 | 000,105,472 | —- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 — C:windowsSysNativeDriverStoreFileRepositorykeyboard.inf_amd64_neutral_0684fdc43059f486i8042prt.sys
    [2009/07/14 00:19:57 | 000,105,472 | —- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 — C:windowsSysNativeDriverStoreFileRepositorymsmouse.inf_amd64_neutral_7a5f47d3150cc0ebi8042prt.sys
    [2009/07/14 00:19:57 | 000,105,472 | —- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 — C:Windowswinsxsamd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bfi8042prt.sys
    [2009/07/14 00:19:57 | 000,105,472 | —- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 — C:Windowswinsxsamd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9i8042prt.sys


    [2009/07/14 02:39:16 | 000,031,232 | —- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA — C:Windowswinsxsamd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277lsass.exe
    [2011/11/17 07:20:34 | 000,031,232 | —- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 — C:Windowswinsxsamd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3flsass.exe
    [2012/06/04 08:51:10 | 000,031,232 | —- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 — C:Windowswinsxsamd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279clsass.exe
    [2011/11/17 07:33:55 | 000,031,232 | —- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 — C:windowsSysNativelsass.exe
    [2011/11/17 07:33:55 | 000,031,232 | —- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 — C:Windowswinsxsamd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20dlsass.exe
    [2011/11/17 07:33:55 | 000,031,232 | —- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 — C:Windowswinsxsamd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5elsass.exe


    [2010/11/21 04:23:51 | 000,261,632 | —- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 — C:windowsSysNativedriversnetbt.sys
    [2010/11/21 04:23:51 | 000,261,632 | —- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 — C:Windowswinsxsamd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6netbt.sys


    [2009/07/14 02:14:41 | 000,020,992 | —- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 — C:Windowswinsxsx86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356svchost.exe
    [2011/03/01 09:10:51 | 000,027,648 | —- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED — C:Windowswinsxsamd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391svchost.exe
    [2011/03/01 09:07:49 | 000,027,648 | —- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 — C:windowsSysNativesvchost.exe
    [2011/03/01 09:07:49 | 000,027,648 | —- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 — C:Windowswinsxsamd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937svchost.exe
    [2011/03/01 09:07:49 | 000,021,504 | —- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 — C:Windowswinsxsx86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25bsvchost.exe
    [2013/04/04 14:50:32 | 000,218,184 | —- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC — C:Program Files (x86)Malwarebytes’ Anti-MalwareChameleonsvchost.exe
    [2009/07/14 02:39:46 | 000,027,136 | —- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D — C:Windowswinsxsamd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48csvchost.exe
    [2011/03/01 09:05:31 | 000,021,504 | —- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 — C:WindowsSysWOW64svchost.exe
    [2011/03/01 09:05:31 | 000,021,504 | —- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 — C:Windowswinsxsx86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801svchost.exe


    [2012/10/03 18:56:54 | 001,914,248 | —- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88tcpip.sys
    [2011/09/29 18:41:37 | 001,912,176 | —- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69ctcpip.sys
    [2013/05/08 07:14:42 | 001,900,392 | —- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0tcpip.sys
    [2010/11/21 04:24:08 | 001,924,480 | —- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37tcpip.sys
    [2012/08/22 19:06:13 | 001,901,936 | —- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145tcpip.sys
    [2012/03/30 11:26:36 | 001,901,424 | —- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23atcpip.sys
    [2011/04/25 06:33:51 | 001,923,968 | —- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316tcpip.sys
    [2013/05/08 07:39:01 | 001,910,632 | —- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96btcpip.sys
    [2012/03/30 12:35:47 | 001,918,320 | —- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740dtcpip.sys
    [2013/07/06 06:20:38 | 001,900,992 | —- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2ftcpip.sys
    [2013/01/03 07:00:54 | 001,913,192 | —- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143atcpip.sys
    [2011/04/25 07:16:34 | 001,927,552 | —- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357atcpip.sys
    [2013/01/04 06:47:43 | 001,901,416 | —- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8tcpip.sys
    [2011/03/19 08:45:16 | 001,927,552 | —- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9dtcpip.sys
    [2012/10/03 18:44:29 | 001,902,472 | —- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0tcpip.sys
    [2013/07/06 07:03:53 | 001,910,208 | —- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 — C:windowsSysNativedriverstcpip.sys
    [2013/07/06 07:03:53 | 001,910,208 | —- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81btcpip.sys
    [2011/03/19 08:39:54 | 001,924,480 | —- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20tcpip.sys
    [2012/08/22 19:12:50 | 001,913,200 | —- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668tcpip.sys
    [2011/09/29 17:29:28 | 001,923,952 | —- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 — C:Windowswinsxsamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3ebtcpip.sys


    [2010/11/21 04:23:55 | 000,026,624 | —- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 — C:WindowsSysWOW64userinit.exe
    [2010/11/21 04:23:55 | 000,026,624 | —- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 — C:Windowswinsxsx86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116userinit.exe
    [2010/11/21 04:24:28 | 000,030,720 | —- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 — C:windowsSysNativeuserinit.exe
    [2010/11/21 04:24:28 | 000,030,720 | —- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 — C:Windowswinsxsamd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824cuserinit.exe


    [2010/11/21 04:23:47 | 000,295,808 | —- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 — C:windowsSysNativeDriverStoreFileRepositoryvolume.inf_amd64_neutral_df8bea40ac96ca21volsnap.sys
    [2010/11/21 04:23:47 | 000,295,808 | —- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 — C:Windowswinsxsamd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850evolsnap.sys
    [2011/02/25 07:28:30 | 000,296,320 | —- | M] (Microsoft Corporation) MD5=879CE6AEA3FE874AD4C500B6B6198EB0 — C:Windowswinsxsamd64_volume.inf_31bf3856ad364e35_6.1.7601.21668_none_74344b472bf715e9volsnap.sys
    [2011/02/25 07:25:38 | 000,296,320 | —- | M] (Microsoft Corporation) MD5=DF8126BD41180351A093A3AD2FC8903B — C:windowsSysNativedriversvolsnap.sys
    [2011/02/25 07:25:38 | 000,296,320 | —- | M] (Microsoft Corporation) MD5=DF8126BD41180351A093A3AD2FC8903B — C:windowsSysNativeDriverStoreFileRepositoryvolume.inf_amd64_neutral_e7c4cd5b40e03494volsnap.sys
    [2011/02/25 07:25:38 | 000,296,320 | —- | M] (Microsoft Corporation) MD5=DF8126BD41180351A093A3AD2FC8903B — C:Windowswinsxsamd64_volume.inf_31bf3856ad364e35_6.1.7601.17567_none_73a9ae3212da5cc8volsnap.sys


    [2009/07/14 02:39:52 | 000,129,024 | —- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA — C:windowsSysNativewininit.exe
    [2009/07/14 02:39:52 | 000,129,024 | —- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA — C:Windowswinsxsamd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49wininit.exe
    [2009/07/14 02:14:45 | 000,096,256 | —- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 — C:WindowsSysWOW64wininit.exe
    [2009/07/14 02:14:45 | 000,096,256 | —- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 — C:Windowswinsxsx86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13wininit.exe


    [2010/11/21 04:24:29 | 000,390,656 | —- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 — C:windowsSysNativewinlogon.exe
    [2010/11/21 04:24:29 | 000,390,656 | —- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 — C:Windowswinsxsamd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636winlogon.exe
    [2013/04/04 14:50:32 | 000,218,184 | —- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC — C:Program Files (x86)Malwarebytes’ Anti-MalwareChameleonwinlogon.exe


    [2013/07/20 12:30:29 | 001,012,600 | —- | M] (WildTangent) — C:UsersAdministrateurAppDataRoamingWildTangentWildTangent GamesAppDPConfigInstallTouchpoints-toshiba.exe
    [2013/07/20 12:30:03 | 001,012,592 | —- | M] (WildTangent) — C:UsersAdministrateurAppDataRoamingWildTangentWildTangent GamesAppDPConfigInstallTouchpoints-wildgames.exe
    [2013/07/20 12:29:51 | 000,000,179 | —- | M] () — C:UsersAdministrateurAppDataRoamingWildTangentWildTangent GamesAppDPConfigInstallTouchpoints-wildgames.exe_filedata
    [2013/07/20 12:30:23 | 000,000,177 | —- | M] () — C:UsersAdministrateurAppDataRoamingWildTangentWildTangent GamesAppDPConfigInstallTouchpoints-toshiba.exe_filedata


    [2013/08/28 03:40:23 | 000,370,476 | —- | M] () — C:ProgramData1377653102.bdinstall.bin
    [2013/08/28 03:46:34 | 000,354,473 | —- | M] () — C:ProgramData1377657701.bdinstall.bin
    [2013/08/28 18:42:38 | 000,230,495 | —- | M] () — C:ProgramData1377711683.bdinstall.bin
    [2013/08/28 02:22:25 | 000,262,144 | —- | M] () — C:ProgramDatantuser.dat
    [2013/08/28 02:22:37 | 000,005,120 | -HS- | M] () — C:ProgramDatantuser.dat.LOG1
    [2013/08/28 02:22:25 | 000,000,000 | -HS- | M] () — C:ProgramDatantuser.dat.LOG2
    [2013/08/28 02:22:26 | 000,065,536 | -HS- | M] () — C:ProgramDatantuser.dat{c2a52f38-0f23-11e3-9eb3-24ec99122cd8}.TM.blf
    [2013/08/28 02:22:26 | 000,524,288 | -HS- | M] () — C:ProgramDatantuser.dat{c2a52f38-0f23-11e3-9eb3-24ec99122cd8}.TMContainer00000000000000000001.regtrans-ms
    [2013/08/28 02:22:26 | 000,524,288 | -HS- | M] () — C:ProgramDatantuser.dat{c2a52f38-0f23-11e3-9eb3-24ec99122cd8}.TMContainer00000000000000000002.regtrans-ms
    [2013/08/28 02:22:36 | 000,065,536 | -HS- | M] () — C:ProgramDatantuser.dat{c2a52f4d-0f23-11e3-9eb3-24ec99122cd8}.TM.blf
    [2013/08/28 02:22:36 | 000,524,288 | -HS- | M] () — C:ProgramDatantuser.dat{c2a52f4d-0f23-11e3-9eb3-24ec99122cd8}.TMContainer00000000000000000001.regtrans-ms
    [2013/08/28 02:22:36 | 000,524,288 | -HS- | M] () — C:ProgramDatantuser.dat{c2a52f4d-0f23-11e3-9eb3-24ec99122cd8}.TMContainer00000000000000000002.regtrans-ms


    [2013/08/28 18:41:46 | 000,002,691 | —- | M] () — C:bdlog.txt
    [2010/11/21 04:23:51 | 000,383,786 | RHS- | M] () — C:bootmgr
    [2012/03/15 20:26:49 | 000,008,192 | —- | M] () — C:BOOTSECT.BAK
    [2013/09/09 01:42:10 | 505,257,983 | -HS- | M] () — C:hiberfil.sys
    [2013/09/09 01:42:11 | 2105,335,807 | -HS- | M] () — C:pagefile.sys
    [2013/09/02 17:55:08 | 000,000,512 | —- | M] () — C:PhysicalDisk0_MBR.bin
    [2013/08/26 22:33:21 | 000,012,060 | —- | M] () — C:UsbFix [Clean 3] USER-TOSH.txt
    [2013/08/26 22:35:03 | 000,002,944 | —- | M] () — C:UsbFix [Listing 1 ] USER-TOSH.txt
    [2013/09/05 00:42:38 | 000,004,534 | —- | M] () — C:UsbFix [Listing 2 ] USER-TOSH.txt
    [2013/08/25 23:35:12 | 000,010,964 | —- | M] () — C:UsbFix [Scan 1] USER-TOSH.txt
    [2013/08/26 22:21:47 | 000,010,191 | —- | M] () — C:UsbFix [Scan 2] USER-TOSH.txt
    [2013/08/28 01:36:31 | 000,010,853 | —- | M] () — C:UsbFix [Scan 5] USER-TOSH.txt
    [2013/08/30 02:24:24 | 000,009,829 | —- | M] () — C:UsbFix [Scan 6] USER-TOSH.txt


    [2009/07/14 05:54:24 | 000,000,174 | -HS- | M] () — C:Program Files (x86)desktop.ini


    [2012/11/07 09:27:01 | 000,002,446 | —- | M] () — C:Program Files (x86)Internet Explorerdebug.log
    [2013/06/23 03:11:56 | 000,024,576 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet ExplorerExtExport.exe
    [2013/06/23 03:11:56 | 000,002,843 | —- | M] () — C:Program Files (x86)Internet Explorerie9props.propdesc
    [2013/06/23 03:11:56 | 000,697,344 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Exploreriedvtool.dll
    [2013/06/23 03:11:56 | 000,467,456 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerieinstal.exe
    [2013/06/23 03:11:56 | 000,222,208 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerielowutil.exe
    [2013/07/26 04:11:59 | 000,257,536 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerieproxy.dll
    [2013/07/26 04:12:00 | 000,236,032 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet ExplorerIEShims.dll
    [2013/07/26 04:49:06 | 000,770,648 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Exploreriexplore.exe
    [2013/06/23 03:11:56 | 000,440,320 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerjsdbgui.dll
    [2013/07/26 04:12:04 | 000,108,032 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerjsdebuggeride.dll
    [2013/06/23 03:11:56 | 000,052,224 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet ExplorerJSProfilerCore.dll
    [2013/06/23 03:11:56 | 000,147,456 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerjsprofilerui.dll
    [2013/06/23 03:11:56 | 000,285,080 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorermsdbg2.dll
    [2013/06/23 03:11:56 | 000,294,400 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorernetworkinspection.dll
    [2013/06/23 03:11:56 | 000,392,080 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerpdm.dll
    [2013/06/23 03:11:56 | 000,070,568 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerpdmproxy100.dll
    [2013/07/26 04:13:06 | 000,218,112 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorersqmapi.dll

    kazanastra
    Nombre d'articles : 0


    [2013/07/27 10:22:55 | 000,000,708 | —- | M] () — C:UsersAdministrateurBibliothèques – Raccourci.lnk
    [2013/09/11 00:08:45 | 003,670,016 | -HS- | M] () — C:UsersAdministrateurNTUSER.DAT
    [2013/09/11 00:08:45 | 000,262,144 | -HS- | M] () — C:UsersAdministrateurntuser.dat.LOG1
    [2013/05/15 21:41:56 | 000,000,000 | -HS- | M] () — C:UsersAdministrateurntuser.dat.LOG2
    [2013/05/15 21:59:41 | 000,065,536 | -HS- | M] () — C:UsersAdministrateurNTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
    [2013/05/15 21:59:41 | 000,524,288 | -HS- | M] () — C:UsersAdministrateurNTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
    [2013/05/15 21:59:41 | 000,524,288 | -HS- | M] () — C:UsersAdministrateurNTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
    [2013/05/15 21:41:56 | 000,000,020 | -HS- | M] () — C:UsersAdministrateurntuser.ini


    [2013/08/27 01:23:47 | 000,262,144 | —- | M] () — C:windowssystem32configsystemprofileNtUser.dat
    [2013/08/27 01:23:47 | 000,005,120 | -HS- | M] () — C:windowssystem32configsystemprofileNtUser.dat.LOG1
    [2013/08/27 01:23:47 | 000,000,000 | -HS- | M] () — C:windowssystem32configsystemprofileNtUser.dat.LOG2
    [2013/08/27 01:23:47 | 000,065,536 | -HS- | M] () — C:windowssystem32configsystemprofileNtUser.dat{419fcbad-0ea9-11e3-8a4f-24ec99122cd8}.TM.blf
    [2013/08/27 01:23:47 | 000,524,288 | -HS- | M] () — C:windowssystem32configsystemprofileNtUser.dat{419fcbad-0ea9-11e3-8a4f-24ec99122cd8}.TMContainer00000000000000000001.regtrans-ms
    [2013/08/27 01:23:47 | 000,524,288 | -HS- | M] () — C:windowssystem32configsystemprofileNtUser.dat{419fcbad-0ea9-11e3-8a4f-24ec99122cd8}.TMContainer00000000000000000002.regtrans-ms


    [1 C:windows*.tmp files -> C:windows*.tmp -> ]


    [2013/06/23 03:02:47 | 000,010,752 | -H– | M] (Microsoft Corporation) — C:windowssystem32api-ms-win-downlevel-advapi32-l1-1-0.dll
    [2013/06/23 03:02:47 | 000,003,584 | -H– | M] (Microsoft Corporation) — C:windowssystem32api-ms-win-downlevel-advapi32-l2-1-0.dll
    [2013/06/23 03:02:47 | 000,002,560 | -H– | M] (Microsoft Corporation) — C:windowssystem32api-ms-win-downlevel-normaliz-l1-1-0.dll
    [2013/06/23 03:02:47 | 000,005,632 | -H– | M] (Microsoft Corporation) — C:windowssystem32api-ms-win-downlevel-ole32-l1-1-0.dll
    [2013/06/23 03:02:47 | 000,003,072 | -H– | M] (Microsoft Corporation) — C:windowssystem32api-ms-win-downlevel-shell32-l1-1-0.dll
    [2013/06/23 03:02:47 | 000,009,728 | -H– | M] (Microsoft Corporation) — C:windowssystem32api-ms-win-downlevel-shlwapi-l1-1-0.dll
    [2013/06/23 03:02:47 | 000,005,632 | -H– | M] (Microsoft Corporation) — C:windowssystem32api-ms-win-downlevel-shlwapi-l2-1-0.dll
    [2013/06/23 03:02:47 | 000,004,096 | -H– | M] (Microsoft Corporation) — C:windowssystem32api-ms-win-downlevel-user32-l1-1-0.dll
    [2013/06/23 03:02:47 | 000,003,072 | -H– | M] (Microsoft Corporation) — C:windowssystem32api-ms-win-downlevel-version-l1-1-0.dll
    [2013/07/09 05:46:31 | 001,166,848 | —- | M] (Microsoft Corporation) — C:windowssystem32crypt32.dll
    [2013/07/09 05:46:31 | 000,103,936 | —- | M] (Microsoft Corporation) — C:windowssystem32cryptnet.dll
    [2013/07/09 05:46:31 | 000,140,288 | —- | M] (Microsoft Corporation) — C:windowssystem32cryptsvc.dll
    [2013/06/23 03:02:47 | 003,419,136 | —- | M] (Microsoft Corporation) — C:windowssystem32d2d1.dll
    [2013/06/23 03:02:47 | 001,080,832 | —- | M] (Microsoft Corporation) — C:windowssystem32d3d10.dll
    [2013/06/23 03:02:47 | 000,220,160 | —- | M] (Microsoft Corporation) — C:windowssystem32d3d10core.dll
    [2013/06/23 03:02:47 | 000,604,160 | —- | M] (Microsoft Corporation) — C:windowssystem32d3d10level9.dll
    [2013/06/23 03:02:47 | 001,988,096 | —- | M] (Microsoft Corporation) — C:windowssystem32d3d10warp.dll
    [2013/06/23 03:02:47 | 000,161,792 | —- | M] (Microsoft Corporation) — C:windowssystem32d3d10_1.dll
    [2013/06/23 03:02:47 | 000,249,856 | —- | M] (Microsoft Corporation) — C:windowssystem32d3d10_1core.dll
    [2013/06/23 03:02:47 | 000,293,376 | —- | M] (Microsoft Corporation) — C:windowssystem32dxgi.dll
    [2013/06/23 03:11:56 | 000,357,888 | —- | M] (Microsoft Corporation) — C:windowssystem32dxtmsft.dll
    [2013/06/23 03:11:56 | 000,226,816 | —- | M] (Microsoft Corporation) — C:windowssystem32dxtrans.dll
    [2013/06/23 03:11:56 | 000,185,344 | —- | M] (Microsoft Corporation) — C:windowssystem32elshyph.dll
    [2013/06/23 03:11:56 | 000,069,120 | —- | M] (Microsoft Corporation) — C:windowssystem32icardie.dll
    [2013/06/23 03:11:56 | 000,110,592 | —- | M] (Microsoft Corporation) — C:windowssystem32IEAdvpack.dll
    [2013/06/23 03:11:56 | 000,629,248 | —- | M] (Microsoft Corporation) — C:windowssystem32ieapfltr.dll
    [2013/06/23 03:11:56 | 000,242,200 | —- | M] (Microsoft Corporation) — C:windowssystem32iedkcs32.dll
    [2013/07/26 04:11:59 | 013,761,024 | —- | M] (Microsoft Corporation) — C:windowssystem32ieframe.dll
    [2013/06/23 03:11:56 | 000,117,248 | —- | M] (Microsoft Corporation) — C:windowssystem32iepeers.dll
    [2013/07/26 04:11:59 | 000,033,280 | —- | M] (Microsoft Corporation) — C:windowssystem32iernonce.dll
    [2013/07/26 04:12:00 | 002,048,512 | —- | M] (Microsoft Corporation) — C:windowssystem32iertutil.dll
    [2013/07/26 04:12:00 | 000,061,440 | —- | M] (Microsoft Corporation) — C:windowssystem32iesetup.dll
    [2013/07/26 04:12:00 | 000,109,056 | —- | M] (Microsoft Corporation) — C:windowssystem32iesysprep.dll
    [2013/07/26 04:12:00 | 000,391,168 | —- | M] (Microsoft Corporation) — C:windowssystem32ieui.dll
    [2013/06/23 03:11:56 | 000,038,400 | —- | M] (Microsoft Corporation) — C:windowssystem32imgutil.dll
    [2013/06/23 03:11:56 | 000,082,432 | —- | M] (Microsoft Corporation) — C:windowssystem32inseng.dll
    [2013/07/26 04:12:04 | 000,690,688 | —- | M] (Microsoft Corporation) — C:windowssystem32jscript.dll
    [2013/07/26 04:12:04 | 002,877,440 | —- | M] (Microsoft Corporation) — C:windowssystem32jscript9.dll
    [2013/07/26 04:12:05 | 000,039,936 | —- | M] (Microsoft Corporation) — C:windowssystem32jsproxy.dll
    [2013/06/23 03:11:56 | 000,023,040 | —- | M] (Microsoft Corporation) — C:windowssystem32licmgr10.dll
    [2013/07/26 04:12:22 | 000,493,056 | —- | M] (Microsoft Corporation) — C:windowssystem32msfeeds.dll
    [2013/06/23 03:11:56 | 000,041,984 | —- | M] (Microsoft Corporation) — C:windowssystem32msfeedsbs.dll
    [2013/07/26 04:12:23 | 014,329,344 | —- | M] (Microsoft Corporation) — C:windowssystem32mshtml.dll
    [2013/06/23 03:11:56 | 000,079,872 | —- | M] (Microsoft Corporation) — C:windowssystem32mshtmled.dll
    [2013/06/23 03:11:56 | 000,048,640 | —- | M] (Microsoft Corporation) — C:windowssystem32mshtmler.dll
    [2013/06/23 03:11:56 | 000,719,360 | —- | M] (Microsoft Corporation) — C:windowssystem32mshtmlmedia.dll
    [2013/06/23 03:11:56 | 000,158,720 | —- | M] (Microsoft Corporation) — C:windowssystem32msls31.dll
    [2013/06/23 03:02:47 | 002,284,544 | —- | M] (Microsoft Corporation) — C:windowssystem32msmpeg2vdec.dll
    [2013/06/23 03:11:56 | 000,163,840 | —- | M] (Microsoft Corporation) — C:windowssystem32msrating.dll
    [2013/07/09 05:53:47 | 001,292,192 | —- | M] (Microsoft Corporation) — C:windowssystem32ntdll.dll
    [2013/07/09 03:49:39 | 000,014,336 | —- | M] (Microsoft Corporation) — C:windowssystem32ntvdm64.dll
    [2013/06/23 03:11:56 | 000,125,440 | —- | M] (Microsoft Corporation) — C:windowssystem32occache.dll
    [2013/06/23 03:11:56 | 000,057,344 | —- | M] (Microsoft Corporation) — C:windowssystem32pngfilt.dll
    [2013/07/09 05:52:33 | 000,663,552 | —- | M] (Microsoft Corporation) — C:windowssystem32rpcrt4.dll
    [2013/07/19 02:41:01 | 000,002,048 | —- | M] (Microsoft Corporation) — C:windowssystem32tzres.dll
    [2013/06/23 03:02:46 | 000,187,392 | —- | M] (Microsoft Corporation) — C:windowssystem32UIAnimation.dll
    [2013/06/23 03:11:56 | 000,232,960 | —- | M] (Microsoft Corporation) — C:windowssystem32url.dll
    [2013/07/26 04:13:14 | 001,141,248 | —- | M] (Microsoft Corporation) — C:windowssystem32urlmon.dll
    [2013/06/23 03:11:56 | 000,523,264 | —- | M] (Microsoft Corporation) — C:windowssystem32vbscript.dll
    [2013/06/23 03:11:56 | 000,204,800 | —- | M] (Microsoft Corporation) — C:windowssystem32webcheck.dll
    [2013/06/23 03:02:47 | 000,207,872 | —- | M] (Microsoft Corporation) — C:windowssystem32WindowsCodecsExt.dll
    [2013/07/26 04:13:24 | 001,767,936 | —- | M] (Microsoft Corporation) — C:windowssystem32wininet.dll
    [2013/07/09 05:52:10 | 000,175,104 | —- | M] (Microsoft Corporation) — C:windowssystem32wintrust.dll
    [2013/06/23 03:02:47 | 000,417,792 | —- | M] (Microsoft Corporation) — C:windowssystem32WMPhoto.dll
    [2013/07/25 09:57:27 | 001,620,992 | —- | M] (Microsoft Corporation) — C:windowssystem32WMVDECOD.DLL
    [2013/07/09 05:52:33 | 000,005,120 | —- | M] (Microsoft Corporation) — C:windowssystem32wow32.dll
    [2013/06/23 03:02:47 | 000,364,544 | —- | M] (Microsoft Corporation) — C:windowssystem32XpsGdiConverter.dll
    [2013/06/23 03:02:47 | 001,158,144 | —- | M] (Microsoft Corporation) — C:windowssystem32XpsPrint.dll


    [2013/06/13 01:17:56 | 000,692,104 | —- | M] (Adobe Systems Incorporated) — C:windowssystem32FlashPlayerApp.exe
    [2013/06/23 03:11:56 | 000,137,216 | —- | M] (Microsoft Corporation) — C:windowssystem32ieUnatt.exe
    [2013/06/23 03:11:56 | 000,150,528 | —- | M] (Microsoft Corporation) — C:windowssystem32iexpress.exe
    [2013/07/09 03:49:41 | 000,007,680 | —- | M] (Microsoft Corporation) — C:windowssystem32instnm.exe
    [2013/06/23 03:11:56 | 000,011,776 | —- | M] (Microsoft Corporation) — C:windowssystem32msfeedssync.exe
    [2013/06/23 03:11:56 | 000,012,800 | —- | M] (Microsoft Corporation) — C:windowssystem32mshta.exe
    [2013/07/09 06:03:34 | 003,968,960 | —- | M] (Microsoft Corporation) — C:windowssystem32ntkrnlpa.exe
    [2013/07/09 06:03:34 | 003,913,664 | —- | M] (Microsoft Corporation) — C:windowssystem32ntoskrnl.exe
    [2013/07/26 02:59:38 | 000,071,680 | —- | M] (Microsoft Corporation) — C:windowssystem32RegisterIEPKEYs.exe
    [2013/06/23 03:11:56 | 000,073,728 | —- | M] (Microsoft Corporation) — C:windowssystem32SetIEInstalledDate.exe
    [2013/07/09 03:49:42 | 000,025,600 | —- | M] (Microsoft Corporation) — C:windowssystem32setup16.exe
    [2013/07/09 03:49:38 | 000,002,048 | —- | M] (Microsoft Corporation) — C:windowssystem32user.exe
    [2013/06/23 03:11:56 | 000,138,752 | —- | M] (Microsoft Corporation) — C:windowssystem32wextract.exe


    [2010/11/21 04:25:07 | 000,238,080 | —- | M] () MD5=D6D26A698BCCD17AB0761E6221C5F3C4 — C:windowsassemblyGAC_32BDATunePIA6.1.0.0__31bf3856ad364e35BDATunePIA.dll
    [2010/11/21 04:24:01 | 000,069,120 | —- | M] () MD5=C80DA476BFBAD97D874A0EFE037D7113 — C:windowsassemblyGAC_32CustomMarshalers2.0.0.0__b03f5f7f11d50a3aCustomMarshalers.dll
    [2009/07/14 02:22:13 | 000,139,264 | —- | M] () MD5=3723B29BBFE648380ED9B70B164E33A2 — C:windowsassemblyGAC_32ehexthost326.1.0.0__31bf3856ad364e35ehexthost32.exe
    [2009/07/13 22:04:37 | 000,002,274 | —- | M] () MD5=C343B566A3B8DA7743C30796BE0A54D7 — C:windowsassemblyGAC_32ehexthost326.1.0.0__31bf3856ad364e35ehexthost32.exe.config
    [2010/11/21 04:24:26 | 000,072,192 | —- | M] () MD5=D58D4E4AA8D6146D838BE02500F50B27 — C:windowsassemblyGAC_32ISymWrapper2.0.0.0__b03f5f7f11d50a3aISymWrapper.dll
    [2010/11/21 04:25:07 | 000,134,656 | —- | M] () MD5=7D8676EC6A6ABCF57E1F6CA5372E56EE — C:windowsassemblyGAC_32mcstoredb6.1.0.0__31bf3856ad364e35mcstoredb.dll
    [2009/07/14 02:24:14 | 000,507,904 | —- | M] () MD5=269691AFEE6C44C52CDCA23C24BDBB0C — C:windowsassemblyGAC_32Microsoft.Ink6.1.0.0__31bf3856ad364e35Microsoft.Ink.dll
    [2009/07/14 02:24:28 | 000,077,824 | —- | M] () MD5=BB2BB7BFE455562249E922A7AA4493A5 — C:windowsassemblyGAC_32Microsoft.Interop.Security.AzRoles2.0.0.0__31bf3856ad364e35Microsoft.Interop.Security.AzRoles.dll
    [2012/12/14 09:10:13 | 000,117,160 | —- | M] () MD5=569124F95660007F8C470D00A96CBD7D — C:windowsassemblyGAC_32Microsoft.Office.InfoPath.Client.Internal.Host.Interop12.0.0.0__71e9bce111e9429cMicrosoft.Office.Infopath.Client.Internal.Host.Interop.dll
    [2010/11/21 04:25:11 | 000,163,840 | —- | M] () MD5=059B857CCA35C20F06B5DEBD51C4FB38 — C:windowsassemblyGAC_32Microsoft.Transactions.Bridge.Dtc3.0.0.0__b03f5f7f11d50a3aMicrosoft.Transactions.Bridge.Dtc.dll
    [2012/11/10 08:29:16 | 000,367,400 | —- | M] () MD5=6CAD87F2BE4A4BC31D3FD5C923741418 — C:windowsassemblyGAC_32Microsoft.VisualStudio.Tools.Applications.InteropAdapter8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualStudio.Tools.Applications.InteropAdapter.dll
    [2009/07/14 02:26:31 | 000,008,192 | —- | M] () MD5=FA44A672F1C12791984D9ECAB7DC3177 — C:windowsassemblyGAC_32Microsoft.Windows.Diagnosis.SDEngine6.1.0.0__31bf3856ad364e35Microsoft.Windows.Diagnosis.SDEngine.dll
    [2009/06/10 22:14:52 | 000,087,888 | —- | M] () MD5=2E5F1CF69F92392F8829FC9C9263AE9B — C:windowsassemblyGAC_32MSBuild3.5.0.0__b03f5f7f11d50a3aMSBuild.exe
    [2009/06/10 22:14:53 | 000,001,581 | —- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 — C:windowsassemblyGAC_32MSBuild3.5.0.0__b03f5f7f11d50a3amsbuild.exe.config
    [2012/11/10 08:29:07 | 001,662,976 | —- | M] () MD5=2148068617A9D2B5E08520CAD7014E64 — C:windowsassemblyGAC_32mscorcfg2.0.0.0__b03f5f7f11d50a3amscorcfg.dll
    [2009/06/10 22:22:47 | 000,066,728 | —- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089big5.nlp
    [2009/06/10 22:22:47 | 000,082,172 | —- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089bopomofo.nlp
    [2009/06/10 22:22:58 | 000,116,756 | —- | M] () MD5=F6DFDA5A31162D848634504565F6D321 — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089ksc.nlp
    [2013/04/23 23:57:26 | 004,554,752 | —- | M] () MD5=F90B255442B7DF136ABE99D15036ACAB — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089mscorlib.dll
    [2009/06/10 22:23:13 | 000,059,342 | —- | M] () MD5=DA5748A89E22A3932387E65694B25BBB — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089normidna.nlp
    [2009/06/10 22:23:13 | 000,045,794 | —- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089normnfc.nlp
    [2009/06/10 22:23:13 | 000,039,284 | —- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089normnfd.nlp
    [2009/06/10 22:23:13 | 000,066,384 | —- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089normnfkc.nlp
    [2009/06/10 22:23:13 | 000,060,294 | —- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089normnfkd.nlp
    [2009/06/10 22:23:14 | 000,083,748 | —- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089prc.nlp
    [2009/06/10 22:23:14 | 000,083,748 | —- | M] () MD5=901863C68E6523336CAC602FE9320ABC — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089prcp.nlp
    [2009/06/10 22:23:17 | 000,262,148 | —- | M] () MD5=FB59D247F7143C3B9683A547E808A88B — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089sortkey.nlp
    [2009/06/10 22:23:17 | 000,020,320 | —- | M] () MD5=FF13BA175F0013D2311827E0D438C60B — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089sorttbls.nlp
    [2009/06/10 22:23:23 | 000,028,288 | —- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 — C:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089xjis.nlp
    [2010/11/21 04:24:32 | 000,046,080 | —- | M] () MD5=93C4029DABC19166076BE347283AB969 — C:windowsassemblyGAC_32napcrypt6.1.0.0__31bf3856ad364e35NAPCRYPT.DLL
    [2010/11/21 04:23:48 | 000,107,008 | —- | M] () MD5=E9CFC1884D1E579E82073103827FA62B — C:windowsassemblyGAC_32naphlpr6.1.0.0__31bf3856ad364e35NAPHLPR.DLL
    [2009/07/13 23:04:07 | 000,000,442 | —- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B — C:windowsassemblyGAC_32Policy.1.0.Microsoft.Ink6.1.0.0__31bf3856ad364e35Policy.1.0.Microsoft.Ink.config
    [2009/07/14 02:25:25 | 000,005,632 | —- | M] () MD5=608232474C33C71F863B0866E5165C1C — C:windowsassemblyGAC_32Policy.1.0.Microsoft.Ink6.1.0.0__31bf3856ad364e35Policy.1.0.Microsoft.Ink.dll
    [2009/06/10 22:32:22 | 000,000,494 | —- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 — C:windowsassemblyGAC_32Policy.1.0.Microsoft.Interop.Security.AzRoles6.1.7600.16385__31bf3856ad364e35Microsoft.Interop.Security.AzRoles.config
    [2009/07/14 02:26:15 | 000,005,632 | —- | M] () MD5=2641880E8C12BEE37DDC2813908A2A0F — C:windowsassemblyGAC_32Policy.1.0.Microsoft.Interop.Security.AzRoles6.1.7600.16385__31bf3856ad364e35Policy.1.0.Microsoft.Interop.Security.AzRoles.dll
    [2009/06/10 22:32:22 | 000,000,494 | —- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 — C:windowsassemblyGAC_32Policy.1.2.Microsoft.Interop.Security.AzRoles6.1.7600.16385__31bf3856ad364e35Policy.1.2.Microsoft.Interop.Security.AzRoles.config
    [2009/07/14 02:23:30 | 000,005,632 | —- | M] () MD5=D6C077082EAA747911C212A9EB64A813 — C:windowsassemblyGAC_32Policy.1.2.Microsoft.Interop.Security.AzRoles6.1.7600.16385__31bf3856ad364e35Policy.1.2.Microsoft.Interop.Security.AzRoles.dll
    [2009/07/13 23:04:07 | 000,000,442 | —- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B — C:windowsassemblyGAC_32Policy.1.7.Microsoft.Ink6.1.0.0__31bf3856ad364e35Policy.1.7.Microsoft.Ink.config
    [2009/07/14 02:22:54 | 000,005,632 | —- | M] () MD5=331021DA8B00A9ADCDD54B5782943204 — C:windowsassemblyGAC_32Policy.1.7.Microsoft.Ink6.1.0.0__31bf3856ad364e35Policy.1.7.Microsoft.Ink.dll
    [2009/07/13 23:04:08 | 000,000,442 | —- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B — C:windowsassemblyGAC_32Policy.6.0.Microsoft.Ink6.1.0.0__31bf3856ad364e35Policy.6.0.Microsoft.Ink.config
    [2009/07/14 02:23:04 | 000,005,632 | —- | M] () MD5=B3DB67C90DBBB75BFE110A86E951C2EC — C:windowsassemblyGAC_32Policy.6.0.Microsoft.Ink6.1.0.0__31bf3856ad364e35Policy.6.0.Microsoft.Ink.dll
    [2013/04/15 23:56:15 | 004,218,880 | —- | M] () MD5=8DFB5078508924FA725C203CE179B10C — C:windowsassemblyGAC_32PresentationCore3.0.0.0__31bf3856ad364e35PresentationCore.dll
    [2009/06/10 22:14:51 | 000,000,161 | —- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 — C:windowsassemblyGAC_32PresentationCore3.0.0.0__31bf3856ad364e35PresentationFontCache.exe.config
    [2013/04/19 23:55:09 | 001,737,376 | —- | M] () MD5=E0E5BB58A4C43F7DBB83352785F32DEF — C:windowsassemblyGAC_32PresentationCore3.0.0.0__31bf3856ad364e35wpfgfx_v0300.dll
    [2010/11/21 04:24:15 | 000,486,400 | —- | M] () MD5=ED40D020A6A82748394F1653CE324CE4 — C:windowsassemblyGAC_32System.Data.OracleClient2.0.0.0__b77a5c561934e089System.Data.OracleClient.dll
    [2010/11/21 04:24:08 | 002,927,616 | —- | M] () MD5=35CAB7CF3754C41AEB69DCE1D5ACA5A4 — C:windowsassemblyGAC_32System.Data2.0.0.0__b77a5c561934e089System.Data.dll
    [2010/11/21 04:24:07 | 000,258,048 | —- | M] () MD5=6DB969DF540BC71722848940D180AC08 — C:windowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.dll
    [2010/11/21 04:24:07 | 000,113,664 | —- | M] () MD5=C865DC05ADE0B41A9E14DD585E0CDF94 — C:windowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.Wrapper.dll
    [2013/04/15 23:56:16 | 000,372,736 | —- | M] () MD5=962108F1B42E442AF55588CC14F4794F — C:windowsassemblyGAC_32System.Printing3.0.0.0__31bf3856ad364e35System.Printing.dll
    [2009/06/10 22:23:19 | 000,261,632 | —- | M] () MD5=5F3F1BF5F5B43293953FC915845910C4 — C:windowsassemblyGAC_32System.Transactions2.0.0.0__b77a5c561934e089System.Transactions.dll
    [2013/04/19 23:55:06 | 005,283,840 | —- | M] () MD5=2D9D6335997928AE65B3DE25609CD9F0 — C:windowsassemblyGAC_32System.Web2.0.0.0__b03f5f7f11d50a3aSystem.Web.dll


    [2010/11/21 04:24:42 | 000,249,344 | —- | M] () MD5=0EB9F2F8649FC0DE0DB55AFF18093E1C — C:windowsassemblyGAC_64BDATunePIA6.1.0.0__31bf3856ad364e35BDATunePIA.dll
    [2010/11/21 04:23:56 | 000,080,896 | —- | M] () MD5=28D0AAEB2F5D05629B287E3534FCAFB3 — C:windowsassemblyGAC_64CustomMarshalers2.0.0.0__b03f5f7f11d50a3aCustomMarshalers.dll
    [2010/11/21 04:24:22 | 000,089,600 | —- | M] () MD5=8658D501224F8EAA18BCF8104F07AA29 — C:windowsassemblyGAC_64ISymWrapper2.0.0.0__b03f5f7f11d50a3aISymWrapper.dll
    [2010/11/21 04:24:42 | 000,139,264 | —- | M] () MD5=D32088C67317F5B64C13352E6EB5FFB1 — C:windowsassemblyGAC_64mcstoredb6.1.0.0__31bf3856ad364e35mcstoredb.dll
    [2010/11/21 04:24:42 | 000,198,656 | —- | M] () MD5=073C37CEFEB4D5CD86646171C5D999F2 — C:windowsassemblyGAC_64mcupdate6.1.0.0__31bf3856ad364e35mcupdate.exe
    [2010/11/21 04:24:42 | 000,133,120 | —- | M] () MD5=948ECE6043513473FF26B6A43DCD67C8 — C:windowsassemblyGAC_64Mcx2Dvcs6.1.0.0__31bf3856ad364e35Mcx2Dvcs.dll
    [2009/07/14 02:51:37 | 000,507,904 | —- | M] () MD5=80BC35C4CA953CCACFECEE0EDBA14F5A — C:windowsassemblyGAC_64Microsoft.Ink6.1.0.0__31bf3856ad364e35Microsoft.Ink.dll
    [2009/07/14 02:51:13 | 000,077,824 | —- | M] () MD5=ADE7BDD9DFFFB5A965DF204114F36951 — C:windowsassemblyGAC_64Microsoft.Interop.Security.AzRoles2.0.0.0__31bf3856ad364e35Microsoft.Interop.Security.AzRoles.dll
    [2011/08/17 06:28:23 | 000,315,392 | —- | M] () MD5=063FDD306A93B988CBEC9C6987EB2960 — C:windowsassemblyGAC_64Microsoft.MediaCenter.Interop6.1.0.0__31bf3856ad364e35Microsoft.MediaCenter.Interop.dll
    [2010/11/21 04:24:42 | 000,147,968 | —- | M] () MD5=9453A71711D51C31DD607EC19CA604B0 — C:windowsassemblyGAC_64Microsoft.MediaCenter.iTV.Media6.1.0.0__31bf3856ad364e35Microsoft.MediaCenter.iTV.Media.dll
    [2010/11/21 04:24:42 | 000,056,320 | —- | M] () MD5=6B365422C9E1417C9C99FD1234C42F48 — C:windowsassemblyGAC_64Microsoft.MediaCenter.Mheg6.1.0.0__31bf3856ad364e35Microsoft.MediaCenter.Mheg.dll
    [2010/11/21 04:24:42 | 000,114,688 | —- | M] () MD5=2920CBCE0700F34AC9E27423CBD87798 — C:windowsassemblyGAC_64Microsoft.MediaCenter.Playback6.1.0.0__31bf3856ad364e35Microsoft.MediaCenter.Playback.dll
    [2010/11/21 04:24:42 | 000,327,168 | —- | M] () MD5=2288CBDEBF5D78E0CB9158D251DE4016 — C:windowsassemblyGAC_64Microsoft.MediaCenter.TV.Tuners.Interop6.1.0.0__31bf3856ad364e35Microsoft.MediaCenter.TV.Tuners.Interop.dll
    [2010/11/21 04:24:53 | 000,163,840 | —- | M] () MD5=DAC8353CA6D1919C7FF87C00672FBF2E — C:windowsassemblyGAC_64Microsoft.Transactions.Bridge.Dtc3.0.0.0__b03f5f7f11d50a3aMicrosoft.Transactions.Bridge.Dtc.dll
    [2012/11/10 08:29:15 | 000,454,440 | —- | M] () MD5=78D01EA9CE232F25ACE9024E12950853 — C:windowsassemblyGAC_64Microsoft.VisualStudio.Tools.Applications.InteropAdapter8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualStudio.Tools.Applications.InteropAdapter.dll
    [2009/07/14 02:49:27 | 000,008,192 | —- | M] () MD5=6790FBD2C832CBB26A694E1046F7F2BA — C:windowsassemblyGAC_64Microsoft.Windows.Diagnosis.SDEngine6.1.0.0__31bf3856ad364e35Microsoft.Windows.Diagnosis.SDEngine.dll
    [2010/11/21 04:24:49 | 000,019,968 | —- | M] () MD5=DBE659C5CE6689D009D9414CB27FD110 — C:windowsassemblyGAC_64Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop6.1.0.0__31bf3856ad364e35Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.dll
    [2010/11/21 04:24:59 | 000,083,792 | —- | M] () MD5=15885A86E87CC4291EF628E4F8A9BD6D — C:windowsassemblyGAC_64MSBuild3.5.0.0__b03f5f7f11d50a3aMSBuild.exe
    [2009/06/10 21:31:02 | 000,001,581 | —- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 — C:windowsassemblyGAC_64MSBuild3.5.0.0__b03f5f7f11d50a3amsbuild.exe.config
    [2009/06/10 21:39:44 | 000,066,728 | —- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089big5.nlp
    [2009/06/10 21:39:44 | 000,082,172 | —- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089bopomofo.nlp
    [2009/06/10 21:39:54 | 000,116,756 | —- | M] () MD5=F6DFDA5A31162D848634504565F6D321 — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089ksc.nlp
    [2013/04/23 23:56:10 | 004,567,040 | —- | M] () MD5=32B844F1DAA7912FBBB119047303E73F — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089mscorlib.dll
    [2009/06/10 21:40:01 | 000,059,342 | —- | M] () MD5=DA5748A89E22A3932387E65694B25BBB — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089normidna.nlp
    [2009/06/10 21:40:01 | 000,045,794 | —- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089normnfc.nlp
    [2009/06/10 21:40:01 | 000,039,284 | —- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089normnfd.nlp
    [2009/06/10 21:40:01 | 000,066,384 | —- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089normnfkc.nlp
    [2009/06/10 21:40:01 | 000,060,294 | —- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089normnfkd.nlp
    [2009/06/10 21:40:01 | 000,083,748 | —- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089prc.nlp
    [2009/06/10 21:40:01 | 000,083,748 | —- | M] () MD5=901863C68E6523336CAC602FE9320ABC — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089prcp.nlp
    [2009/06/10 21:40:02 | 000,262,148 | —- | M] () MD5=FB59D247F7143C3B9683A547E808A88B — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089sortkey.nlp
    [2009/06/10 21:40:02 | 000,020,320 | —- | M] () MD5=FF13BA175F0013D2311827E0D438C60B — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089sorttbls.nlp
    [2009/06/10 21:40:10 | 000,028,288 | —- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 — C:windowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089xjis.nlp
    [2010/11/21 04:24:16 | 000,050,176 | —- | M] () MD5=E0773633E4193B183FB396192581BD86 — C:windowsassemblyGAC_64napcrypt6.1.0.0__31bf3856ad364e35NAPCRYPT.DLL
    [2010/11/21 04:24:24 | 000,133,632 | —- | M] () MD5=A302DA1404664CEF1D416ED4DE49EA2B — C:windowsassemblyGAC_64naphlpr6.1.0.0__31bf3856ad364e35NAPHLPR.DLL
    [2009/06/10 21:51:13 | 000,000,494 | —- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 — C:windowsassemblyGAC_64Policy.1.0.Microsoft.Interop.Security.AzRoles6.1.7600.16385__31bf3856ad364e35Microsoft.Interop.Security.AzRoles.config
    [2009/07/14 02:52:10 | 000,005,120 | —- | M] () MD5=C3554C9F9650380CD6A292CD5E7F02C6 — C:windowsassemblyGAC_64Policy.1.0.Microsoft.Interop.Security.AzRoles6.1.7600.16385__31bf3856ad364e35Policy.1.0.Microsoft.Interop.Security.AzRoles.dll
    [2009/06/10 21:51:13 | 000,000,494 | —- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 — C:windowsassemblyGAC_64Policy.1.2.Microsoft.Interop.Security.AzRoles6.1.7600.16385__31bf3856ad364e35Policy.1.2.Microsoft.Interop.Security.AzRoles.config
    [2009/07/14 02:50:32 | 000,005,120 | —- | M] () MD5=265830B968EC5512E923C5482A5F5EEB — C:windowsassemblyGAC_64Policy.1.2.Microsoft.Interop.Security.AzRoles6.1.7600.16385__31bf3856ad364e35Policy.1.2.Microsoft.Interop.Security.AzRoles.dll
    [2009/07/13 22:54:48 | 000,000,442 | —- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B — C:windowsassemblyGAC_64Policy.6.0.Microsoft.Ink6.1.0.0__31bf3856ad364e35Policy.6.0.Microsoft.Ink.config
    [2009/07/14 02:50:49 | 000,005,120 | —- | M] () MD5=6162FCE93CE4C29318C179E457CFE656 — C:windowsassemblyGAC_64Policy.6.0.Microsoft.Ink6.1.0.0__31bf3856ad364e35Policy.6.0.Microsoft.Ink.dll
    [2013/04/15 23:55:18 | 003,998,208 | —- | M] () MD5=AE098D9D3BD83440C59A0C3386F4F5DD — C:windowsassemblyGAC_64PresentationCore3.0.0.0__31bf3856ad364e35PresentationCore.dll
    [2009/06/10 21:30:59 | 000,000,161 | —- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 — C:windowsassemblyGAC_64PresentationCore3.0.0.0__31bf3856ad364e35PresentationFontCache.exe.config
    [2013/04/19 23:54:21 | 002,256,032 | —- | M] () MD5=6E656C325A5519A3A9D951709958CF6F — C:windowsassemblyGAC_64PresentationCore3.0.0.0__31bf3856ad364e35wpfgfx_v0300.dll
    [2010/11/21 04:24:09 | 000,502,272 | —- | M] () MD5=2D8090F04B14059E23FE68F9FF3E318C — C:windowsassemblyGAC_64System.Data.OracleClient2.0.0.0__b77a5c561934e089System.Data.OracleClient.dll
    [2010/11/21 04:24:02 | 003,095,552 | —- | M] () MD5=98D53BB2DB8E11762D30C3CF41FA140B — C:windowsassemblyGAC_64System.Data2.0.0.0__b77a5c561934e089System.Data.dll
    [2010/11/21 04:24:01 | 000,245,760 | —- | M] () MD5=B395F8BE6E578FAB80A1D568911857D7 — C:windowsassemblyGAC_64System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.dll
    [2010/11/21 04:24:01 | 000,133,120 | —- | M] () MD5=D9C192B9CD25DC5C9C05DF98C945E3F1 — C:windowsassemblyGAC_64System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.Wrapper.dll
    [2013/04/15 23:55:19 | 000,358,912 | —- | M] () MD5=D5B9510CA085D4E04BEBD2C47CD50925 — C:windowsassemblyGAC_64System.Printing3.0.0.0__31bf3856ad364e35System.Printing.dll
    [2009/06/10 21:40:06 | 000,283,136 | —- | M] () MD5=E4806AC8BE2D890193252D4BEE7EA95C — C:windowsassemblyGAC_64System.Transactions2.0.0.0__b77a5c561934e089System.Transactions.dll
    [2013/04/19 23:54:20 | 005,292,032 | —- | M] () MD5=EB0E4FD11A19D25ED65ACE37277BFC7B — C:windowsassemblyGAC_64System.Web2.0.0.0__b03f5f7f11d50a3aSystem.Web.dll


    [2013/05/27 15:14:34 | 000,000,000 | -H– | M] () — C:windowsServiceProfilesNetworkServiceAppDataLocalTempMpCmdRun-1E-421CFC91-A93E-42AB-A35C-F06F127FCC44.lock
    [2013/09/01 08:53:59 | 000,118,378 | —- | M] () — C:windowsServiceProfilesNetworkServiceAppDataLocalTempMpCmdRun.log


    [1 C:windows*.tmp files -> C:windows*.tmp -> ]


    “DefaultConnectionSettings” = 46 00 00 00 7D 0B 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 CC D6 29 E0 A3 68 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 17 00 00 00 00 00 00 00 20 02 C5 1C 0C 96 00 00 00 00 00 00 C5 1C 0C 96 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 C5 1C 0C 96 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 5E F5 79 FD 3C 55 39 82 3A E3 F3 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
    “SavedLegacySettings” = 46 00 00 00 20 07 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 CC D6 29 E0 A3 68 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 17 00 00 00 00 00 00 00 20 02 C5 1C 0C 96 00 00 00 00 00 00 C5 1C 0C 96 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 C5 1C 0C 96 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 5E F5 79 FD 3C 55 39 82 3A E3 F3 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
    “Connexion r�seau” = 46 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data]


    Invalid Switch:


    [2009/07/14 06:08:49 | 000,000,006 | -H– | C] () — C:windowsTasksSA.DAT
    [2009/07/14 06:08:49 | 000,032,496 | —- | C] () — C:windowsTasksSCHEDLGU.TXT
    [2012/03/14 21:17:22 | 000,000,830 | —- | C] () — C:windowsTasksAdobe Flash Player Updater.job
    [2012/03/14 21:22:55 | 000,001,078 | —- | C] () — C:windowsTasksGoogleUpdateTaskMachineCore.job
    [2012/03/14 21:22:57 | 000,001,082 | —- | C] () — C:windowsTasksGoogleUpdateTaskMachineUA.job
    [2012/11/30 19:41:37 | 000,000,902 | —- | C] () — C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000Core.job
    [2012/11/30 19:41:38 | 000,000,924 | —- | C] () — C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000UA.job
    [2013/06/09 19:54:14 | 000,000,942 | —- | C] () — C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500Core.job
    [2013/06/09 19:54:15 | 000,000,964 | —- | C] () — C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500UA.job

    Evasion60
    Participant
    Nombre d'articles : 1559

    :hello: Bonsoir

    *** Une infection doit être réglée le plus rapidement possible, pour éviter sa propagation dans le PC ***

    C’est une plaisanterie =>
    par kazanastra » 04 Sep 2013 04:48

    Pour info, nous sommes le 09/10/2013 !

    Edité =>
    De plus le script de correction, n’a pas été appliqué :faché15:
    SoSVirus n’est pas un Super-Marché !

    kazanastra
    Nombre d'articles : 0

    salut , désolé j avais pas de connexion sur mon pc d’apres ce temps la , mon clé orange a été endommagé ,.. bref ;
    All processes killed
    ========== OTL ==========
    HKLMSOFTWAREMicrosoftInternet ExplorerMain\Secondary Start Pages| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} not found.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} not found.
    Registry key HKEY_LOCAL_MACHINESoftwareMozillaPlugins@adobe.com/FlashPlayer not found.
    Registry key HKEY_LOCAL_MACHINESoftwareMozillaPlugins@WildTangent.com/GamesAppPresenceDetector,Version=1.0 not found.
    File C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegisteredNP_wtapp.dll () => WildTangent Games not found.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7} not found.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{AA58ED58-01DD-4d91-8333-CF10577473F7} not found.
    File C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) => Toolbar.Google not found.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7} not found.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{AA58ED58-01DD-4d91-8333-CF10577473F7} not found.
    Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar\{2318C2B1-4965-11d4-9B18-009027A5CD4F} not found.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2318C2B1-4965-11d4-9B18-009027A5CD4F} not found.
    Registry value HKEY_USERSS-1-5-19\SoftwareMicrosoftWindowsCurrentVersionRunOnce\mctadmin not found.
    Registry value HKEY_USERSS-1-5-20\SoftwareMicrosoftWindowsCurrentVersionRunOnce\mctadmin not found.
    Registry key HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExtAdd to Google Photos Screensa&ver not found.
    Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad\WebCheck not found.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{E6FB5E20-DE35-11CF-9C87-00AA005127ED} not found.
    Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad\WebCheck not found.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{E6FB5E20-DE35-11CF-9C87-00AA005127ED} not found.
    Folder C:Program FilesBitdefender not found.
    Folder C:Program FilesCommon FilesBitdefender not found.
    File C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500UA.job => Facebook Update Task User not found.
    File C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000UA.job => Facebook Update Task User not found.
    File C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500Core.job => Facebook Update Task User not found.
    File C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000Core.job => Facebook Update Task User not found.
    File C:windowssystem32configsystemprofileNtUser.dat.LOG1 => Fichiers de rapport (Log) not found.
    File C:windowssystem32configsystemprofileNtUser.dat.LOG2 => Fichiers de rapport (Log) not found.
    C:windowsServiceProfilesNetworkServiceAppDataLocalTempMpCmdRun.log moved successfully.
    File C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000Core.job => Facebook Update Task User not found.
    File C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000UA.job => Facebook Update Task User not found.
    File C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500Core.job => Facebook Update Task User not found.
    File C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500UA.job => Facebook Update Task User not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrateur
    ->Temp folder emptied: 6884286 bytes
    ->Temporary Internet Files folder emptied: 1266770 bytes
    ->Java cache emptied: 0 bytes
    ->Google Chrome cache emptied: 619168556 bytes
    ->Flash cache emptied: 492 bytes

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Invité
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public

    User: USER

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%System32 .tmp files removed: 0 bytes
    %systemroot%System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%System32drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 8657771 bytes
    %systemroot%sysnativeconfigsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet Files folder emptied: 128 bytes
    RecycleBin emptied: 2382041669 bytes

    Total Files Cleaned = 2 878,00 mb

    [EMPTYFLASH]

    User: Administrateur
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default

    User: Default User

    User: Invité

    User: Public

    User: USER

    Total Flash Files Cleaned = 0,00 mb

    Error: Unable to interpret in the current context!
    Restore point Set: OTL Restore Point

    OTL by OldTimer – Version 3.2.69.0 log created on 10092013_234205

    FilesFolders moved on Reboot…
    C:UsersAdministrateurAppDataLocalTempFXSAPIDebugLogFile.txt moved successfully.
    C:UsersAdministrateurAppDataLocalMicrosoftWindowsTemporary Internet Filescounters.dat moved successfully.
    File move failed. C:windowstempvmware-Systèmevmauthd.log scheduled to be moved on reboot.
    C:windowstempvmware-Systèmevmware-usbarb-3280.log moved successfully.
    File move failed. C:windowstempTmpFile1 scheduled to be moved on reboot.

    PendingFileRenameOperations files…

    Registry entries deleted on Reboot…

15 sujets de 1 à 15 (sur un total de 22)
  • Vous devez être connecté pour répondre à ce sujet.