Répondre à : Probleme avec USBFIX 2016-09-08T13:22:33+00:00
Photo du profil de etoile127etoile127
Participant
Nombre d'articles : 13

Resuite
NetSvcs: FastUserSwitchingCompatibility – File not found
NetSvcs: Ias – C:WindowsSystem32ias.dll (Microsoft Corporation)
NetSvcs: Nla – File not found
NetSvcs: Ntmssvc – File not found
NetSvcs: NWCWorkstation – File not found
NetSvcs: Nwsapagent – File not found
NetSvcs: SRService – File not found
NetSvcs: WmdmPmSp – File not found
NetSvcs: LogonHours – File not found
NetSvcs: PCAudit – File not found
NetSvcs: helpsvc – File not found
NetSvcs: uploadmgr – File not found

MsConfig – StartUpReg: SpybotSD TeaTimer – hkey= – key= – Reg Error: Value error. File not found
MsConfig – StartUpReg: swg – hkey= – key= – c:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (Google Inc.)
MsConfig – StartUpReg: vProt – hkey= – key= – Reg Error: Value error. File not found
MsConfig – State: “startup” – 2

SafeBootMin: 77267374.sys – File not found
SafeBootMin: Base – Driver Group
SafeBootMin: Boot Bus Extender – Driver Group
SafeBootMin: Boot file system – Driver Group
SafeBootMin: File system – Driver Group
SafeBootMin: Filter – Driver Group
SafeBootMin: HelpSvc – Service
SafeBootMin: IMFservice – C:Program FilesIObitIObit Malware FighterIMFsrv.exe (IObit)
SafeBootMin: MsMpSvc – c:Program FilesMicrosoft Security ClientMsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS – File not found
SafeBootMin: PCI Configuration – Driver Group
SafeBootMin: PNP Filter – Driver Group
SafeBootMin: Primary disk – Driver Group
SafeBootMin: sacsvr – Service
SafeBootMin: SCSI Class – Driver Group
SafeBootMin: System Bus Extender – Driver Group
SafeBootMin: vmms – Service
SafeBootMin: WinDefend – C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} – Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} – CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} – DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} – Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} – Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} – Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} – Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} – PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} – SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} – System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} – Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} – Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} – IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} – Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} – Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} – SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} – SecurityDevices

SafeBootNet: 77267374.sys – File not found
SafeBootNet: Base – Driver Group
SafeBootNet: Boot Bus Extender – Driver Group
SafeBootNet: Boot file system – Driver Group
SafeBootNet: File system – Driver Group
SafeBootNet: Filter – Driver Group
SafeBootNet: HelpSvc – Service
SafeBootNet: Messenger – Service
SafeBootNet: MsMpSvc – c:Program FilesMicrosoft Security ClientMsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper – Driver Group
SafeBootNet: NetBIOSGroup – Driver Group
SafeBootNet: NetDDEGroup – Driver Group
SafeBootNet: Network – Driver Group
SafeBootNet: NetworkProvider – Driver Group
SafeBootNet: NTDS – File not found
SafeBootNet: PCI Configuration – Driver Group
SafeBootNet: PNP Filter – Driver Group
SafeBootNet: PNP_TDI – Driver Group
SafeBootNet: Primary disk – Driver Group
SafeBootNet: rdsessmgr – Service
SafeBootNet: sacsvr – Service
SafeBootNet: SCSI Class – Driver Group
SafeBootNet: Streams Drivers – Driver Group
SafeBootNet: System Bus Extender – Driver Group
SafeBootNet: TDI – Driver Group
SafeBootNet: vmms – Service
SafeBootNet: WinDefend – C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver – Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} – Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} – CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} – DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} – Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} – Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} – Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} – Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} – Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} – NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} – NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} – NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} – PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} – SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} – System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} – Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} – Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} – Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} – IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} – Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} – Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} – SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} – SecurityDevices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} – Reg Error: Value error.
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} – Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} – %SystemRoot%system32regsvr32.exe /s /n /i:/UserInstall %SystemRoot%system32themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} – Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} – Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} – Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} – .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} – “%ProgramFiles%Windows MailWinMail.exe” OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} – DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} – Internet Explorer Help
ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} – .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} – Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} – Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} – Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} – Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} – MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} – Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} – .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} – regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} – C:WindowsSystem32ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} – C:Windowssystem32Rundll32.exe C:Windowssystem32mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} – “C:Program FilesGoogleChromeApplication31.0.1650.57Installerchrmstp.exe” –configure-user-settings –verbose-logging –system-level –multi-install –chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} – Dynamic HTML Data Binding
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} – Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} – Reg Error: Value error.
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} – .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} – Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} – HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} – Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} – %SystemRoot%system32unregmp2.exe /ShowWMP

Drivers32: msacm.l3acm – C:WindowsSystem32l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 – C:WindowsSystem32vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid – C:WindowsSystem32iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID – C:WindowsSystem32xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:PhysicalMBR.bin

========== Files/Folders – Created Within 30 Days ==========

[2013/12/02 20:02:42 | 000,000,000 | —D | C] — C:UsbFix
[2013/12/01 18:20:17 | 000,000,000 | —D | C] — C:ProgramDataTEMP
[2013/12/01 18:15:22 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingDealply
[2013/12/01 18:09:57 | 000,000,000 | —D | C] — C:Program FilesIminentToolbar
[2013/12/01 16:52:17 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingNosibay
[2013/12/01 13:35:46 | 000,000,000 | —D | C] — C:UsersSaidaAppDataLocalAVG Secure Search
[2013/11/30 20:12:01 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingTuneUp Software
[2013/11/30 20:10:25 | 000,000,000 | —D | C] — C:ProgramDataAVG Secure Search
[2013/11/30 20:09:56 | 000,000,000 | —D | C] — C:Program FilesCommon FilesAVG Secure Search
[2013/11/30 20:09:32 | 000,000,000 | —D | C] — C:Program FilesAVG Secure Search
[2013/11/28 20:56:13 | 000,000,000 | —D | C] — C:UsersSaidaAppDataLocalSoftware
[2013/11/28 19:45:22 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsFreeMi UPnP Media Server
[2013/11/27 17:03:08 | 000,000,000 | —D | C] — C:WindowsMigration
[2013/11/27 16:46:40 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome
[2013/11/26 17:25:08 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingIDM
[2013/11/26 17:24:57 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Download Manager
[2013/11/26 17:24:57 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsInternet Download Manager
[2013/11/26 17:24:53 | 000,000,000 | —D | C] — C:Program FilesInternet Download Manager
[2013/11/22 17:05:45 | 000,000,000 | —D | C] — C:ProgramData{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2013/11/22 17:05:14 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsIObit Uninstaller
[2013/11/22 17:05:05 | 000,000,000 | —D | C] — C:ProgramDataProductData
[2013/11/22 17:04:33 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsAdvanced SystemCare 7
[2013/11/18 20:55:55 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoaming4shared Desktop
[2013/11/18 20:55:48 | 000,000,000 | —D | C] — C:ProgramData4shared Desktop
[2013/11/18 20:55:34 | 000,000,000 | —D | C] — C:UsersSaida4shared Desktop
[2013/11/18 17:09:07 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingQFX Software
[2013/11/18 17:09:07 | 000,000,000 | —D | C] — C:ProgramDataQFX Software
[2013/11/18 17:08:47 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsKeyScrambler
[2013/11/18 17:08:19 | 000,209,016 | —- | C] (QFX Software Corporation) — C:WindowsSystem32driverskeyscrambler.sys
[2013/11/18 17:07:32 | 000,000,000 | —D | C] — C:Program FilesKeyScrambler
[2013/11/18 15:41:24 | 000,000,000 | —D | C] — C:Program FilesMicrosoft Security Client
[2013/11/13 16:17:56 | 000,220,160 | —- | C] (Microsoft Corporation) — C:WindowsSystem32ncrypt.dll
[2013/11/13 16:17:56 | 000,015,872 | —- | C] (Microsoft Corporation) — C:WindowsSystem32sspisrv.dll
[2013/11/13 16:17:43 | 001,796,096 | —- | C] (Microsoft Corporation) — C:WindowsSystem32authui.dll
[2013/11/13 16:17:43 | 000,152,576 | —- | C] (Microsoft Corporation) — C:WindowsSystem32SmartcardCredentialProvider.dll
[2013/11/13 16:17:40 | 000,656,896 | —- | C] (Microsoft Corporation) — C:WindowsSystem32nshwfp.dll
[2013/11/13 16:17:40 | 000,216,576 | —- | C] (Microsoft Corporation) — C:WindowsSystem32FWPUCLNT.DLL
[2013/11/12 14:56:16 | 000,000,000 | —D | C] — C:IObit
[2013/11/11 20:23:52 | 001,824,000 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32WavesGUILib.dll
[2013/11/11 20:23:51 | 000,819,648 | —- | C] (TOSHIBA Corporation) — C:WindowsSystem32tadefxapo2.dll
[2013/11/11 20:23:51 | 000,058,264 | —- | C] (TOSHIBA CORPORATION.) — C:WindowsSystem32TepeqAPO.dll
[2013/11/11 20:23:50 | 000,604,928 | —- | C] (DTS, Inc.) — C:WindowsSystem32sltech32.dll
[2013/11/11 20:23:49 | 000,218,368 | —- | C] (TODO: ) — C:WindowsSystem32slprp32.dll
[2013/11/11 20:23:47 | 000,938,752 | —- | C] (SRS Labs, Inc.) — C:WindowsSystem32slcnt32.dll
[2013/11/11 20:23:44 | 000,823,040 | —- | C] (DTS, Inc.) — C:WindowsSystem32sl3apo32.dll
[2013/11/11 20:23:43 | 000,912,432 | —- | C] (Sony Corporation) — C:WindowsSystem32SFSS_APO.dll
[2013/11/11 20:23:37 | 001,596,488 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RTSndMgr.cpl
[2013/11/11 20:23:32 | 000,798,520 | —- | C] (ASUSTeKcomputer.Inc Inc) — C:WindowsSystem32RTKSMSettingsIPC.dll
[2013/11/11 20:23:29 | 004,222,104 | —- | C] (ASUSTeKcomputer.Inc Inc) — C:WindowsSystem32RTKSMlfx.dll
[2013/11/11 20:23:26 | 002,546,904 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkPgExt.dll
[2013/11/11 20:23:22 | 000,122,072 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkCoInstII.dll
[2013/11/11 20:23:20 | 000,769,752 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkApoApi.dll
[2013/11/11 20:23:18 | 002,327,768 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkAPO.dll
[2013/11/11 20:22:49 | 032,882,688 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RCoRes.dat
[2013/11/11 20:22:46 | 007,162,128 | —- | C] (Dolby Laboratories) — C:WindowsSystem32R4EEP32A.dll
[2013/11/11 20:22:46 | 000,106,768 | —- | C] (Dolby Laboratories) — C:WindowsSystem32R4EEL32A.dll
[2013/11/11 20:22:45 | 000,352,016 | —- | C] (Dolby Laboratories) — C:WindowsSystem32R4EED32A.dll
[2013/11/11 20:22:45 | 000,091,920 | —- | C] (Dolby Laboratories) — C:WindowsSystem32R4EEA32A.dll
[2013/11/11 20:22:45 | 000,062,224 | —- | C] (Dolby Laboratories) — C:WindowsSystem32R4EEG32A.dll
[2013/11/11 20:22:43 | 000,852,016 | —- | C] (Sony Corporation) — C:WindowsSystem32MISS_APO.dll
[2013/11/11 20:22:36 | 000,509,184 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxVolumeSDAPO.dll
[2013/11/11 20:22:35 | 000,761,088 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxVoiceAPO20.dll
[2013/11/11 20:22:35 | 000,642,304 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxSpeechAPO.dll
[2013/11/11 20:22:34 | 003,443,968 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioVnN.dll
[2013/11/11 20:21:57 | 027,368,704 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioVnA.dll
[2013/11/11 20:21:49 | 001,677,568 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioRealtek2.dll
[2013/11/11 20:21:24 | 013,880,576 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioRealtek.dll
[2013/11/11 20:21:20 | 001,935,104 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioEQ.dll
[2013/11/11 20:21:17 | 000,859,392 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPOShell.dll
[2013/11/11 20:21:16 | 001,097,984 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO50.dll
[2013/11/11 20:21:15 | 000,873,728 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO40.dll
[2013/11/11 20:21:14 | 000,509,184 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO30.dll
[2013/11/11 20:20:36 | 002,395,680 | —- | C] (Fortemedia Corporation) — C:WindowsSystem32FMAPO.dll
[2013/11/11 20:20:35 | 000,346,056 | —- | C] (DTS) — C:WindowsSystem32DTSU2PREC32.dll
[2013/11/11 20:20:34 | 000,426,952 | —- | C] (DTS) — C:WindowsSystem32DTSU2PLFX32.dll
[2013/11/11 20:20:33 | 000,402,888 | —- | C] (DTS) — C:WindowsSystem32DTSU2PGFX32.dll
[2013/11/11 20:20:21 | 006,178,136 | —- | C] (Dolby Laboratories) — C:WindowsSystem32DDPP32A.dll
[2013/11/11 20:20:20 | 000,269,144 | —- | C] (Dolby Laboratories) — C:WindowsSystem32DDPO32A.dll
[2013/11/11 20:20:18 | 001,439,064 | —- | C] (Dolby Laboratories) — C:WindowsSystem32DDPD32A.dll
[2013/11/11 20:20:18 | 000,220,504 | —- | C] (Dolby Laboratories) — C:WindowsSystem32DDPA32.dll
[2013/11/11 20:20:03 | 000,092,584 | —- | C] (Real Sound Lab SIA) — C:WindowsSystem32CONEQMSAPOGUILibrary.dll
[2013/11/11 20:19:35 | 000,181,960 | —- | C] (Andrea Electronics Corporation) — C:WindowsSystem32AERTACap.dll
[2013/11/11 20:19:35 | 000,095,840 | —- | C] (Andrea Electronics Corporation) — C:WindowsSystem32AERTARen.dll
[2013/11/09 06:08:40 | 000,108,000 | —- | C] (Tonec Inc.) — C:WindowsSystem32driversidmwfp.sys

========== Files – Modified Within 30 Days ==========

[2013/12/03 16:15:05 | 000,001,002 | —- | M] () — C:WindowstasksAdobe Flash Player Updater.job
[2013/12/03 16:10:59 | 000,000,512 | —- | M] () — C:PhysicalMBR.bin
[2013/12/03 15:56:02 | 000,001,054 | —- | M] () — C:WindowstasksGoogleUpdateTaskMachineUA.job
[2013/12/03 15:47:32 | 000,065,536 | —- | M] () — C:WindowsSystem32Ikeext.etl
[2013/12/03 15:47:30 | 000,001,814 | —- | M] () — C:WindowstasksDeeal_fr 0.2-firefoxinstaller.job
[2013/12/03 15:47:30 | 000,001,054 | —- | M] () — C:WindowstasksGoogleUpdateTaskMachineCore.job
[2013/12/03 15:47:24 | 000,001,888 | —- | M] () — C:WindowstasksDeeal_fr 0.2-chromeinstaller.job
[2013/12/03 15:47:24 | 000,001,192 | —- | M] () — C:WindowstasksDeeal_fr 0.2-codedownloader.job
[2013/12/03 15:47:24 | 000,000,398 | —- | M] () — C:WindowstasksWise Care 365.job
[2013/12/03 15:46:52 | 000,067,584 | –S- | M] () — C:Windowsbootstat.dat
[2013/12/03 15:46:40 | 1610,260,480 | -HS- | M] () — C:hiberfil.sys
[2013/12/03 15:38:19 | 000,001,607 | —- | M] () — C:UsersSaidaDesktopSFTGC.exe – Raccourci (2).lnk
[2013/12/03 15:36:12 | 000,747,660 | —- | M] () — C:WindowsSystem32perfh00C.dat
[2013/12/03 15:36:12 | 000,654,270 | —- | M] () — C:WindowsSystem32perfh009.dat
[2013/12/03 15:36:12 | 000,150,184 | —- | M] () — C:WindowsSystem32perfc00C.dat
[2013/12/03 15:36:12 | 000,122,142 | —- | M] () — C:WindowsSystem32perfc009.dat
[2013/12/02 20:36:46 | 000,001,587 | —- | M] () — C:UsersSaidaDesktopOTL.exe – Raccourci.lnk
[2013/12/02 20:16:02 | 000,001,607 | —- | M] () — C:UsersSaidaDesktopSFTGC.exe – Raccourci.lnk
[2013/12/02 20:03:35 | 000,001,622 | —- | M] () — C:UsersSaidaDesktopUsbFix.exe – Raccourci.lnk
[2013/12/02 20:00:12 | 000,001,660 | —- | M] () — C:UsersSaidaDesktopadwcleaner.exe – Raccourci.lnk
[2013/12/02 00:14:25 | 000,010,110 | —- | M] () — C:Windowswininit.ini
[2013/12/01 18:25:12 | 000,000,918 | —- | M] () — C:WindowsSystem32InstallUtil.InstallLog
[2013/12/01 18:15:46 | 000,000,290 | —- | M] () — C:WindowstasksDealply.job
[2013/11/30 20:08:55 | 000,037,664 | —- | M] (AVG Technologies) — C:WindowsSystem32driversavgtpx86.sys
[2013/11/30 19:23:29 | 000,300,144 | —- | M] () — C:WindowsSystem32FNTCACHE.DAT
[2013/11/30 18:19:02 | 000,043,920 | -H– | M] () — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/30 18:19:02 | 000,043,920 | -H– | M] () — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/29 15:01:00 | 000,000,262 | —- | M] () — C:WindowstasksWinThruster_DEFAULT.job
[2013/11/28 19:45:21 | 000,001,121 | —- | M] () — C:UsersPublicDesktopFreeMi UPnP Media Server.lnk
[2013/11/27 16:51:50 | 000,000,270 | —- | M] () — C:WindowstasksWinThruster_UPDATES.job
[2013/11/27 16:46:40 | 000,002,163 | —- | M] () — C:UsersPublicDesktopGoogle Chrome.lnk
[2013/11/26 19:03:25 | 000,002,039 | —- | M] () — C:UsersPublicDesktopAdvanced SystemCare 7.lnk
[2013/11/26 17:04:54 | 000,000,117 | —- | M] () — C:UsersSaidaDesktop+ d’astuces sur majax31.ws (2).url
[2013/11/22 17:05:16 | 000,001,059 | —- | M] () — C:UsersPublicDesktopIObit Uninstaller.lnk
[2013/11/19 15:00:39 | 000,000,378 | —- | M] () — C:WindowstasksWise Turbo Checker.job
[2013/11/19 11:21:30 | 000,230,048 | —- | M] (Microsoft Corporation) — C:WindowsSystem32MpSigStub.exe
[2013/11/18 15:41:55 | 000,001,912 | —- | M] () — C:Windowsepplauncher.mif
[2013/11/12 18:13:13 | 000,867,240 | —- | M] (Oracle Corporation) — C:WindowsSystem32npDeployJava1.dll
[2013/11/12 18:13:13 | 000,789,416 | —- | M] (Oracle Corporation) — C:WindowsSystem32deployJava1.dll
[2013/11/11 21:10:54 | 000,000,000 | -H– | M] () — C:ProgramDataDP45977C.lfl
[2013/11/11 20:23:53 | 001,824,000 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32WavesGUILib.dll
[2013/11/11 20:23:51 | 000,819,648 | —- | M] (TOSHIBA Corporation) — C:WindowsSystem32tadefxapo2.dll
[2013/11/11 20:23:51 | 000,058,264 | —- | M] (TOSHIBA CORPORATION.) — C:WindowsSystem32TepeqAPO.dll
[2013/11/11 20:23:50 | 000,604,928 | —- | M] (DTS, Inc.) — C:WindowsSystem32sltech32.dll
[2013/11/11 20:23:49 | 000,218,368 | —- | M] (TODO: ) — C:WindowsSystem32slprp32.dll
[2013/11/11 20:23:48 | 000,938,752 | —- | M] (SRS Labs, Inc.) — C:WindowsSystem32slcnt32.dll
[2013/11/11 20:23:46 | 000,823,040 | —- | M] (DTS, Inc.) — C:WindowsSystem32sl3apo32.dll
[2013/11/11 20:23:44 | 000,912,432 | —- | M] (Sony Corporation) — C:WindowsSystem32SFSS_APO.dll
[2013/11/11 20:23:41 | 005,681,192 | —- | M] () — C:WindowsSystem32driversrtvienna.dat
[2013/11/11 20:23:38 | 001,596,488 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RTSndMgr.cpl
[2013/11/11 20:23:32 | 000,798,520 | —- | M] (ASUSTeKcomputer.Inc Inc) — C:WindowsSystem32RTKSMSettingsIPC.dll
[2013/11/11 20:23:31 | 004,222,104 | —- | M] (ASUSTeKcomputer.Inc Inc) — C:WindowsSystem32RTKSMlfx.dll
[2013/11/11 20:23:29 | 002,546,904 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkPgExt.dll
[2013/11/11 20:23:22 | 000,122,072 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkCoInstII.dll
[2013/11/11 20:23:20 | 002,327,768 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkAPO.dll
[2013/11/11 20:23:20 | 000,769,752 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkApoApi.dll
[2013/11/11 20:22:58 | 000,646,313 | —- | M] () — C:WindowsSystem32driversRTAIODAT.DAT
[2013/11/11 20:22:56 | 032,882,688 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RCoRes.dat
[2013/11/11 20:22:49 | 007,162,128 | —- | M] (Dolby Laboratories) — C:WindowsSystem32R4EEP32A.dll
[2013/11/11 20:22:46 | 000,106,768 | —- | M] (Dolby Laboratories) — C:WindowsSystem32R4EEL32A.dll
[2013/11/11 20:22:45 | 000,352,016 | —- | M] (Dolby Laboratories) — C:WindowsSystem32R4EED32A.dll
[2013/11/11 20:22:45 | 000,091,920 | —- | M] (Dolby Laboratories) — C:WindowsSystem32R4EEA32A.dll
[2013/11/11 20:22:45 | 000,062,224 | —- | M] (Dolby Laboratories) — C:WindowsSystem32R4EEG32A.dll
[2013/11/11 20:22:44 | 000,852,016 | —- | M] (Sony Corporation) — C:WindowsSystem32MISS_APO.dll
[2013/11/11 20:22:37 | 000,509,184 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxVolumeSDAPO.dll
[2013/11/11 20:22:36 | 000,761,088 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxVoiceAPO20.dll
[2013/11/11 20:22:35 | 003,443,968 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioVnN.dll
[2013/11/11 20:22:35 | 000,642,304 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxSpeechAPO.dll
[2013/11/11 20:22:34 | 027,368,704 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioVnA.dll
[2013/11/11 20:21:52 | 001,677,568 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioRealtek2.dll
[2013/11/11 20:21:48 | 013,880,576 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioRealtek.dll
[2013/11/11 20:21:22 | 001,935,104 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioEQ.dll
[2013/11/11 20:21:17 | 001,097,984 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO50.dll
[2013/11/11 20:21:17 | 000,859,392 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPOShell.dll
[2013/11/11 20:21:16 | 000,873,728 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO40.dll
[2013/11/11 20:21:15 | 000,509,184 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO30.dll
[2013/11/11 20:20:38 | 002,395,680 | —- | M] (Fortemedia Corporation) — C:WindowsSystem32FMAPO.dll
[2013/11/11 20:20:36 | 000,346,056 | —- | M] (DTS) — C:WindowsSystem32DTSU2PREC32.dll
[2013/11/11 20:20:35 | 000,426,952 | —- | M] (DTS) — C:WindowsSystem32DTSU2PLFX32.dll
[2013/11/11 20:20:34 | 000,402,888 | —- | M] (DTS) — C:WindowsSystem32DTSU2PGFX32.dll
[2013/11/11 20:20:22 | 006,178,136 | —- | M] (Dolby Laboratories) — C:WindowsSystem32DDPP32A.dll
[2013/11/11 20:20:21 | 000,269,144 | —- | M] (Dolby Laboratories) — C:WindowsSystem32DDPO32A.dll
[2013/11/11 20:20:20 | 001,439,064 | —- | M] (Dolby Laboratories) — C:WindowsSystem32DDPD32A.dll
[2013/11/11 20:20:18 | 000,220,504 | —- | M] (Dolby Laboratories) — C:WindowsSystem32DDPA32.dll
[2013/11/11 20:20:03 | 000,092,584 | —- | M] (Real Sound Lab SIA) — C:WindowsSystem32CONEQMSAPOGUILibrary.dll
[2013/11/11 20:19:37 | 000,502,584 | —- | M] () — C:WindowsSystem32audioLibVc.dll
[2013/11/11 20:19:35 | 000,188,696 | —- | M] () — C:WindowsSystem32AcpiServiceVnA.dll
[2013/11/11 20:19:35 | 000,181,960 | —- | M] (Andrea Electronics Corporation) — C:WindowsSystem32AERTACap.dll
[2013/11/11 20:19:35 | 000,095,840 | —- | M] (Andrea Electronics Corporation) — C:WindowsSystem32AERTARen.dll
[2013/11/09 20:43:26 | 772,743,745 | —- | M] () — C:UsersSaidaDocumentsTrap.For.Cinderella.2013.VOSTFR.FANSUB.BRRiP.XViD-LOLOTE_2hWxRk9V5r.AVI
[2013/11/08 00:41:38 | 000,108,000 | —- | M] (Tonec Inc.) — C:WindowsSystem32driversidmwfp.sys
[2013/11/06 15:52:10 | 000,450,681 | R— | M] () — C:WindowsSystem32driversetchosts
[2013/11/04 19:22:00 | 000,001,078 | —- | M] () — C:WindowstasksGoogleUpdateTaskUserS-1-5-21-4121471940-3825467980-2753460516-1001UA.job

========== Files Created – No Company Name ==========

[2013/12/03 15:37:18 | 000,001,607 | —- | C] () — C:UsersSaidaDesktopSFTGC.exe – Raccourci (2).lnk
[2013/12/02 20:48:07 | 000,000,512 | —- | C] () — C:PhysicalMBR.bin
[2013/12/02 20:35:52 | 000,001,587 | —- | C] () — C:UsersSaidaDesktopOTL.exe – Raccourci.lnk
[2013/12/02 20:15:56 | 000,001,607 | —- | C] () — C:UsersSaidaDesktopSFTGC.exe – Raccourci.lnk
[2013/12/02 20:03:07 | 000,001,622 | —- | C] () — C:UsersSaidaDesktopUsbFix.exe – Raccourci.lnk
[2013/12/02 20:00:12 | 000,001,660 | —- | C] () — C:UsersSaidaDesktopadwcleaner.exe – Raccourci.lnk
[2013/12/01 18:15:46 | 000,000,290 | —- | C] () — C:WindowstasksDealply.job
[2013/12/01 18:13:05 | 000,001,192 | —- | C] () — C:WindowstasksDeeal_fr 0.2-codedownloader.job
[2013/12/01 18:13:00 | 000,001,814 | —- | C] () — C:WindowstasksDeeal_fr 0.2-firefoxinstaller.job
[2013/12/01 18:12:56 | 000,001,888 | —- | C] () — C:WindowstasksDeeal_fr 0.2-chromeinstaller.job
[2013/12/01 18:06:57 | 000,000,918 | —- | C] () — C:WindowsSystem32InstallUtil.InstallLog
[2013/11/30 19:23:05 | 000,300,144 | —- | C] () — C:WindowsSystem32FNTCACHE.DAT
[2013/11/28 19:34:28 | 772,743,745 | —- | C] () — C:UsersSaidaDocumentsTrap.For.Cinderella.2013.VOSTFR.FANSUB.BRRiP.XViD-LOLOTE_2hWxRk9V5r.AVI
[2013/11/27 16:46:40 | 000,002,163 | —- | C] () — C:UsersPublicDesktopGoogle Chrome.lnk
[2013/11/26 17:05:21 | 000,000,117 | —- | C] () — C:UsersSaidaDesktop+ d’astuces sur majax31.ws (2).url
[2013/11/22 17:05:16 | 000,001,059 | —- | C] () — C:UsersPublicDesktopIObit Uninstaller.lnk
[2013/11/22 17:04:35 | 000,002,039 | —- | C] () — C:UsersPublicDesktopAdvanced SystemCare 7.lnk
[2013/11/18 15:41:55 | 000,001,912 | —- | C] () — C:Windowsepplauncher.mif
[2013/11/18 15:41:49 | 000,002,077 | —- | C] () — C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Security Essentials.lnk
[2013/11/11 21:10:54 | 000,000,000 | -H– | C] () — C:ProgramDataDP45977C.lfl
[2013/11/11 20:23:38 | 005,681,192 | —- | C] () — C:WindowsSystem32driversrtvienna.dat
[2013/11/11 20:22:57 | 000,646,313 | —- | C] () — C:WindowsSystem32driversRTAIODAT.DAT
[2013/11/11 20:19:36 | 000,502,584 | —- | C] () — C:WindowsSystem32audioLibVc.dll
[2013/11/11 20:19:34 | 000,188,696 | —- | C] () — C:WindowsSystem32AcpiServiceVnA.dll
[2013/08/24 19:10:02 | 000,000,149 | —- | C] () — C:WindowsAZPR3.INI
[2012/07/22 12:06:40 | 000,000,438 | RHS- | C] () — C:ProgramDatantuser.pol
[2012/05/03 16:12:59 | 000,267,476 | —- | C] () — C:UsersSaidaAppDataLocalcensus.cache
[2012/05/03 16:12:26 | 000,141,606 | —- | C] () — C:UsersSaidaAppDataLocalars.cache
[2012/04/10 12:19:51 | 000,000,097 | —- | C] () — C:ProgramDataMicrosoft.SqlServer.Compact.351.32.bc
[2012/03/05 16:53:10 | 000,163,968 | —- | C] () — C:WindowsSystem32driversTrueSight.sys
[2012/01/19 14:03:39 | 000,010,110 | —- | C] () — C:Windowswininit.ini
[2012/01/10 20:30:05 | 000,383,238 | —- | C] () — C:WindowsSystem32libmp3lame-0.dll
[2011/12/31 16:52:46 | 000,765,952 | —- | C] () — C:WindowsSystem32xvidcore.dll
[2011/12/31 16:52:46 | 000,180,224 | —- | C] () — C:WindowsSystem32xvidvfw.dll
[2011/12/18 18:32:35 | 000,073,728 | —- | C] () — C:WindowsSystem32RtNicProp32.dll
[2011/11/06 12:51:57 | 000,013,824 | —- | C] () — C:UsersSaidaAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () — C:WindowsassemblyDesktop.ini

[HKEY_CURRENT_USERSoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]

[HKEY_CURRENT_USERSoftwareClassesclsid{fbeb8a05-beee-4442-804e-409d6c4515e9}InProcServer32]

[HKEY_LOCAL_MACHINESoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]
“” = %SystemRoot%system32shell32.dll — [2013/07/26 02:55:59 | 012,872,704 | —- | M] (Microsoft Corporation)
“ThreadingModel” = Apartment

[HKEY_LOCAL_MACHINESoftwareClassesclsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}InProcServer32]
“” = %systemroot%system32wbemfastprox.dll — [2010/11/20 13:19:02 | 000,606,208 | —- | M] (Microsoft Corporation)
“ThreadingModel” = Free

[HKEY_LOCAL_MACHINESoftwareClassesclsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InProcServer32]
“” = %systemroot%system32wbemwbemess.dll — [2009/07/14 02:16:17 | 000,342,528 | —- | M] (Microsoft Corporation)
“ThreadingModel” = Both

========== LOP Check ==========

[2013/11/19 14:41:06 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoaming4shared Desktop
[2013/09/10 19:29:37 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAbsolute Uninstaller
[2011/11/07 13:25:23 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingApowersoft
[2012/11/29 17:58:45 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAVG
[2012/11/08 18:39:52 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAVG2013
[2011/12/02 20:24:35 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingCanneverbe Limited
[2013/12/01 18:15:22 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDealply
[2013/09/16 09:56:03 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDiskDefrag
[2013/12/03 15:45:09 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDMCache
[2012/01/01 12:34:39 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDownloaded Installations
[2013/10/01 14:46:31 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingGlarySoft
[2013/12/03 15:42:32 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingIDM
[2013/11/22 17:04:36 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingIObit
[2012/11/12 13:20:06 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingLeadertech
[2013/12/03 15:49:32 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingNitro PDF
[2012/01/14 00:48:45 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingNotepad++
[2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingOrbit
[2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingPDF Software
[2012/01/12 20:37:22 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingProgSense
[2013/11/25 22:37:18 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingQFX Software
[2013/06/26 16:07:02 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingSkyMonk
[2011/12/25 11:58:29 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingSoftware Informer
[2011/12/27 16:42:54 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingthecleaner
[2013/11/30 20:12:01 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingTuneUp Software
[2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingUniblue
[2013/06/26 16:07:02 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingURSoft
[2011/12/07 14:01:43 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingVitySoft
[2012/01/01 17:29:55 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingVS Revo Group
[2012/01/17 21:09:37 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingW3i, LLC
[2012/07/13 16:27:20 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingWindows Live Writer
[2013/12/03 15:48:43 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingWise Care 365
[2012/01/12 22:04:15 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingXi

========== Purity Check ==========

========== Custom Scans ==========


[2013/11/19 14:41:06 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoaming4shared Desktop
[2013/09/10 19:29:37 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAbsolute Uninstaller
[2013/09/07 17:29:28 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAdobe
[2011/11/07 13:25:23 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingApowersoft
[2013/11/11 20:07:24 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingApple Computer
[2012/11/29 17:58:45 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAVG
[2012/11/08 18:39:52 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAVG2013
[2013/09/07 17:29:27 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAVS4YOU
[2011/12/02 20:24:35 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingCanneverbe Limited
[2013/12/01 18:15:22 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDealply
[2013/09/16 09:56:03 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDiskDefrag
[2013/12/03 15:45:09 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDMCache
[2012/01/01 12:34:39 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDownloaded Installations
[2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingdvdcss
[2013/10/01 14:46:31 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingGlarySoft
[2013/09/25 16:05:33 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingGoogle
[2013/12/03 15:42:32 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingIDM
[2013/11/22 17:04:36 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingIObit
[2012/11/12 13:20:06 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingLeadertech
[2013/09/07 19:30:36 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingMacromedia
[2013/10/13 19:16:01 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingMalwarebytes
[2013/11/16 16:30:28 | 000,000,000 | –SD | M] — C:UsersSaidaAppDataRoamingMicrosoft
[2013/09/09 19:45:11 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingMozilla
[2013/12/03 15:49:32 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingNitro PDF
[2013/12/01 18:12:26 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingNosibay
[2012/01/14 00:48:45 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingNotepad++
[2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingOrbit
[2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingPDF Software
[2012/01/12 20:37:22 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingProgSense
[2013/11/25 22:37:18 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingQFX Software
[2013/06/18 19:52:06 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingReal
[2013/06/26 16:07:02 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingSkyMonk
[2011/12/25 11:58:29 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingSoftware Informer
[2011/12/27 16:42:54 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingthecleaner
[2013/11/30 20:12:01 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingTuneUp Software
[2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingUniblue
[2013/06/26 16:07:02 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingURSoft
[2011/12/07 14:01:43 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingVitySoft
[2013/11/29 19:46:56 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingvlc
[2012/01/01 17:29:55 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingVS Revo Group
[2012/01/17 21:09:37 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingW3i, LLC
[2012/07/13 16:27:20 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingWindows Live Writer
[2011/11/05 16:55:11 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingWinRAR
[2013/12/03 15:48:43 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingWise Care 365
[2012/01/12 22:04:15 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingXi


[2013/10/02 17:04:20 | 000,119,808 | R— | M] () — C:UsersSaidaAppDataRoamingMicrosoftInstaller{5F8683B5-5056-411C-B808-B289E29E9BBB}icons.exe
[2012/01/14 13:26:39 | 000,183,096 | —- | M] (Microsoft Corporation) — C:UsersSaidaAppDataRoamingMicrosoftOutil de notification de cadeaux MSNmsnotif.exe
[2012/01/31 17:05:30 | 000,315,512 | —- | M] (RealNetworks, Inc.) — C:UsersSaidaAppDataRoamingRealUpdateUpgradeHelperRealPlayer9.01rnupgagent.exe
[2012/06/09 11:04:18 | 006,985,920 | —- | M] (Uniblue Systems Ltd ) — C:UsersSaidaAppDataRoamingUniblueRegistryBooster_tempub.exe


[2011/02/26 06:19:21 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fcexplorer.exe
[2009/07/14 02:14:20 | 002,613,248 | —- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | —- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | —- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | —- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cefexplorer.exe
[2010/11/20 13:17:09 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87caexplorer.exe
[2011/02/25 06:30:54 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E — C:Windowsexplorer.exe
[2011/02/25 06:30:54 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | —- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | —- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | —- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691explorer.exe


[2009/07/14 02:14:36 | 000,259,072 | —- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 — C:WindowsSystem32services.exe
[2009/07/14 02:14:36 | 000,259,072 | —- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 — C:Windowswinsxsx86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967bservices.exe


[2009/07/14 02:14:45 | 000,096,256 | —- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 — C:WindowsSystem32wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | —- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 — C:Windowswinsxsx86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13wininit.exe


[2009/10/28 07:17:59 | 000,285,696 | —- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD — C:Windowswinsxsx86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | —- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 — C:Windowswinsxsx86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | —- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 — C:WindowsSystem32winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | —- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 — C:Windowswinsxsx86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | —- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF — C:Windowswinsxsx86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166winlogon.exe
[2013/04/04 13:50:32 | 000,218,184 | —- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC — C:Program FilesMalwarebytes’ Anti-MalwareChameleonwinlogon.exe


“” = %systemroot%system32wbemwbemess.dll — [2009/07/14 02:16:17 | 000,342,528 | —- | M] (Microsoft Corporation)
“ThreadingModel” = Both


“Debug” =
“” = mnmsrvc
“Kmode” = SystemRootSystem32win32k.sys
“Optional” = [binary data]
“Required” = DebugWindows [binary data]
“Windows” = %SystemRoot%system32csrss.exe ObjectDirectory=Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystemsCSRSS]
“CsrSrvSharedSectionBase” = 2137980928


“ProfilesDirectory” = %SystemDrive%Users — [2013/09/07 17:28:07 | 000,000,000 | R–D | M]
“Default” = %SystemDrive%UsersDefault — [2013/09/29 19:32:34 | 000,000,000 | RH-D | M]
“Public” = %SystemDrive%UsersPublic — [2013/10/12 17:12:43 | 000,000,000 | R–D | M]
“ProgramData” = %SystemDrive%ProgramData — [2013/12/02 00:14:25 | 000,000,000 | -H-D | M]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-18]
“Flags” = 12
“State” = 0
“RefCount” = 1
“Sid” = 01 01 00 00 00 00 00 05 12 00 00 00 [binary data]
“ProfileImagePath” = %systemroot%system32configsystemprofile — [2013/11/25 22:37:22 | 000,000,000 | —D | M]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-19]
“ProfileImagePath” = C:WindowsServiceProfilesLocalService — [2013/12/03 15:47:04 | 000,000,000 | —D | M]
“Flags” = 0
“State” = 0
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-20]
“ProfileImagePath” = C:WindowsServiceProfilesNetworkService — [2013/12/03 15:46:57 | 000,000,000 | —D | M]
“Flags” = 0
“State” = 0
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-21-4121471940-3825467980-2753460516-1001]
“ProfileImagePath” = C:UsersSaida — [2013/12/01 17:53:44 | 000,000,000 | —D | M]
“Flags” = 0
“State” = 0
“Sid” = 01 05 00 00 00 00 00 05 15 00 00 00 C4 AB A8 F5 4C 02 04 E4 24 79 1E A4 E9 03 00 00 [binary data]
“ProfileLoadTimeLow” = 0
“ProfileLoadTimeHigh” = 0
“RefCount” = 3
“RunLogonScriptSync” = 0
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-21-4121471940-3825467980-2753460516-1003]
“ProfileImagePath” = C:UsersUpdatusUser — [2013/12/03 15:53:03 | 000,000,000 | —D | M]
“Flags” = 0
“State” = 0
“Sid” = 01 05 00 00 00 00 00 05 15 00 00 00 C4 AB A8 F5 4C 02 04 E4 24 79 1E A4 EB 03 00 00 [binary data]
“ProfileLoadTimeLow” = 0
“ProfileLoadTimeHigh” = 0
“RefCount” = 0
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-21-4121471940-3825467980-2753460516-1004]
“ProfileImagePath” = C:UsersUpdatusUser — [2013/12/03 15:53:03 | 000,000,000 | —D | M]
“Flags” = 0
“State” = 0
“Sid” = 01 05 00 00 00 00 00 05 15 00 00 00 C4 AB A8 F5 4C 02 04 E4 24 79 1E A4 EC 03 00 00 [binary data]
“ProfileLoadTimeLow” = 0
“ProfileLoadTimeHigh” = 0
“RefCount” = 1


“CompletionChar” = 64
“DefaultColor” = 0
“EnableExtensions” = 1
“PathCompletionChar” = 64


“CompletionChar” = 9
“DefaultColor” = 0
“EnableExtensions” = 1
“PathCompletionChar” = 9


Serveur : UnKnown
Address: 192.168.0.254


HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\ReinstallCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –make-default-browser [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\HideIconsCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –hide-icons [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\ShowIconsCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –show-icons [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle Chromeshellopencommand\: “C:Program FilesGoogleChromeApplicationchrome.exe” [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\ShowIconsCommand: “C:WindowsSystem32ie4uinit.exe” -show [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\ReinstallCommand: “C:WindowsSystem32ie4uinit.exe” -reinstall [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\HideIconsCommand: “C:WindowsSystem32ie4uinit.exe” -hide [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEshellnaomcommand\: “C:Program FilesInternet Exploreriexplore.exe” -extoff [2013/09/24 19:01:56 | 000,806,080 | —- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEshellopencommand\: C:Program FilesInternet Exploreriexplore.exe [2013/09/24 19:01:56 | 000,806,080 | —- | M] (Microsoft Corporation)


HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\ReinstallCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –make-default-browser [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\HideIconsCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –hide-icons [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\ShowIconsCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –show-icons [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle Chromeshellopencommand\: “C:Program FilesGoogleChromeApplicationchrome.exe” [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\ShowIconsCommand: “C:WindowsSystem32ie4uinit.exe” -show [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\ReinstallCommand: “C:WindowsSystem32ie4uinit.exe” -reinstall [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\HideIconsCommand: “C:WindowsSystem32ie4uinit.exe” -hide [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEshellnaomcommand\: “C:Program FilesInternet Exploreriexplore.exe” -extoff [2013/09/24 19:01:56 | 000,806,080 | —- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEshellopencommand\: C:Program FilesInternet Exploreriexplore.exe [2013/09/24 19:01:56 | 000,806,080 | —- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream – 14 bytes -> C:Windowssystem.ini:c1_encryption_d
@Alternate Data Stream – 126 bytes -> C:ProgramDataTEMP:373E1720